www.getastra.com Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
Submission: On February 19 via manual (February 19th 2022, 3:33:58 am UTC) from US — Scanned from DE

Summary HTTP 139 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 21 domains to perform 139 HTTP transactions. The main IP is 2a06:98c1:3121::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.getastra.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 7th 2021. Valid for: a year.

This is the only time www.getastra.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 88	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
18	2606:4700::68... 2606:4700::6812:1c5b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:91a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:1ec:27::... 2620:1ec:27::cafe:1994	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.66.248.65 18.66.248.65	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:170	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:300... 2606:4700:300a::6813:c31d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
4	52.224.31.34 52.224.31.34	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	108.157.4.127 108.157.4.127	() ()
139	24

88 2a06:98c1:3121::7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.getastra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
go.getastra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dash.getastra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700::6812:1c5b (United States)

ASN13335 (CLOUDFLARENET, US)

client.crisp.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image.crisp.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:91a (United States)

ASN13335 (CLOUDFLARENET, US)

instant.page	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:27::cafe:1994 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-65.dus51.r.cloudfront.net

script.tapfiliate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:170 (United States)

ASN13335 (CLOUDFLARENET, US)

app.convertful.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:300a::6813:c31d (United States)

ASN13335 (CLOUDFLARENET, US)

getastra.cloudflareaccess.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.224.31.34 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

h.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.127 (None, )

ASN- ()

serve.albacross.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
84	getastra.com 1 redirects www.getastra.com go.getastra.com dash.getastra.com	2 MB
18	crisp.chat client.crisp.chat — Cisco Umbrella Rank: 19362 image.crisp.chat — Cisco Umbrella Rank: 59256	265 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1248 h.clarity.ms — Cisco Umbrella Rank: 2011 c.clarity.ms — Cisco Umbrella Rank: 693	24 KB
5	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1582 ka-f.fontawesome.com — Cisco Umbrella Rank: 2933	184 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 401	12 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6342	655 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	565 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 67 googleads.g.doubleclick.net — Cisco Umbrella Rank: 37	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	114 KB
2	convertful.com app.convertful.com — Cisco Umbrella Rank: 81353	33 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	103 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 197	26 KB
1	albacross.com serve.albacross.com	5 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 212	552 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 99	15 KB
1	cloudflareaccess.com getastra.cloudflareaccess.com
1	tapfiliate.com script.tapfiliate.com — Cisco Umbrella Rank: 28700	12 KB
1	instant.page instant.page — Cisco Umbrella Rank: 12690	1 KB
1	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 1579	2 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 610	6 KB
139	21

	Domain	Requested by
79	www.getastra.com	www.getastra.com
12	client.crisp.chat	www.getastra.com client.crisp.chat
6	image.crisp.chat	www.getastra.com
4	h.clarity.ms	www.clarity.ms h.clarity.ms
4	ka-f.fontawesome.com	kit.fontawesome.com www.getastra.com
3	dash.getastra.com	www.getastra.com dash.getastra.com
3	cdn.jsdelivr.net	www.googletagmanager.com
2	www.google.de	www.getastra.com
2	www.google.com	www.getastra.com
2	c.clarity.ms	1 redirects www.getastra.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	www.getastra.com connect.facebook.net
2	app.convertful.com	www.googletagmanager.com app.convertful.com
2	www.googletagmanager.com	www.getastra.com www.googletagmanager.com
2	go.getastra.com	1 redirects www.getastra.com
2	cdnjs.cloudflare.com	www.getastra.com
1	serve.albacross.com	www.getastra.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	c.bing.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googleadservices.com	www.googletagmanager.com
1	getastra.cloudflareaccess.com	www.getastra.com
1	script.tapfiliate.com	www.googletagmanager.com
1	www.clarity.ms	www.googletagmanager.com
1	instant.page	www.getastra.com
1	secure.gravatar.com	www.getastra.com
1	kit.fontawesome.com	www.getastra.com
1	maxcdn.bootstrapcdn.com	www.getastra.com
139	28

This site contains links to these domains. Also see Links.

Domain
securityscan.getastra.com
dash.getastra.com
astra.sh
github.com
wordpress.org
www.facebook.com
twitter.com
www.linkedin.com
fb.com
akismet.com
www.youtube.com
medium.com
www.trustpilot.com
www.capterra.com
whatsnew.getastra.com
m.me
status.getastra.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-01` - `2023-01-01`	a year	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
crisp.chat Cloudflare Inc ECC CA-3	`2021-07-08` - `2022-07-07`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2021-06-01` - `2022-06-01`	a year	crt.sh
tapfiliate.com Amazon	`2021-11-22` - `2022-12-21`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-28` - `2022-02-26`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.albacross.com Amazon	`2021-08-23` - `2022-09-21`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
Frame ID: 7C529460FD5A0B8C3D33DC8902AA0E57
Requests: 143 HTTP requests in this frame

Frame: https://dash.getastra.com/seal/draw/qEmJ5EdfzT16/110
Frame ID: AB038A193BFB3613B6311F83D210A9C4
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

💬1 - Fixing wp-config.php and wp-content/uploads file Hack in WordPress

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Highlight.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.])+/)?highlight(?:\.min)?\.js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

139
Requests

98 %
HTTPS

79 %
IPv6

21
Domains

28
Subdomains

24
IPs

4
Countries

2540 kB
Transfer

5247 kB
Size

22
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://securityscan.getastra.com/security-audit
Title: Start free scan

Search URL Search Domain Scan URL

URL: https://securityscan.getastra.com/
Title: View all free tools

Search URL Search Domain Scan URL

URL: https://dash.getastra.com/hey-there
Title: Sign in

Search URL Search Domain Scan URL

URL: https://astra.sh/web-protection-pricing
Title: Get started

Search URL Search Domain Scan URL

URL: https://astra.sh/free-trial
Title: 7 Days Free Trial

Search URL Search Domain Scan URL

URL: https://astra.sh/home-page
Title: Get Started

Search URL Search Domain Scan URL

URL: https://github.com/WordPress/WordPress
Title: original WordPress files in GitHub

Search URL Search Domain Scan URL

URL: https://wordpress.org/plugins/wp-security-hardening/
Title: WP Hardening Plugin

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/&text=How%20to%20Scan%20%26%20Fix%20Infected%20WordPress%20Files%28wp-config.php%20and%20wp-content%2Fuploads%29%20
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://fb.com/shikhil

Search URL Search Domain Scan URL

URL: https://twitter.com/shikhilsharma

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/profile/view?id=AAIAAAqNLeEB10r2STbDFglJ-6_jrbdJWGyQAUc&trk=nav_responsive_tab_profile_pic

Search URL Search Domain Scan URL

URL: https://akismet.com/privacy/
Title: Learn how your comment data is processed

Search URL Search Domain Scan URL

URL: https://twitter.com/getAstra
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/getAstra
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/CzarSecurities/
Title: YouTube

Search URL Search Domain Scan URL

URL: https://medium.com/astra-security
Title: Medium

Search URL Search Domain Scan URL

URL: https://www.trustpilot.com/review/getastra.com
Title: Trustpilot

Search URL Search Domain Scan URL

URL: https://www.capterra.com/p/162941/Astra-Security/
Title: Capterra

Search URL Search Domain Scan URL

URL: https://whatsnew.getastra.com/
Title: What’s New

Search URL Search Domain Scan URL

URL: https://m.me/183862218654364
Title: Continue on Messenger

Search URL Search Domain Scan URL

URL: https://twitter.com/getastra
Title: Continue on Twitter

Search URL Search Domain Scan URL

URL: https://status.getastra.com/
Title: See our status page

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 104

https://go.getastra.com/media/css/modal.min.css HTTP 302
https://getastra.cloudflareaccess.com/cdn-cgi/access/login/go.getastra.com?kid=31bdf6f5e431cba8f46d94a9f9b9eeda903069427935fcb9d32ef5e1bbd59c19&redirect_url=%2Fmedia%2Fcss%2Fmodal.min.css&meta=eyJraWQiOiIxMmYyMzgxYTM4NWFkZGEyZWFlMzQxZTk1YjFmMWU2N2Q0Yzg3ZDM4ZDA5NDY2Y2FjNGIwMWMyYzcxYTQxNDAxIiwiYWxnIjoiUlMyNTYiLCJ0eXAiOiJKV1QifQ.eyJzZXJ2aWNlX3Rva2VuX3N0YXR1cyI6ZmFsc2UsImlhdCI6MTY0NTI0MTYzMiwic2VydmljZV90b2tlbl9pZCI6IiIsImF1ZCI6IjMxYmRmNmY1ZTQzMWNiYThmNDZkOTRhOWY5YjllZWRhOTAzMDY5NDI3OTM1ZmNiOWQzMmVmNWUxYmJkNTljMTkiLCJob3N0bmFtZSI6ImdvLmdldGFzdHJhLmNvbSIsInR5cGUiOiJtZXRhIiwibmJmIjoxNjQ1MjQxNjMyLCJyZWRpcmVjdF91cmwiOiJcL21lZGlhXC9jc3NcL21vZGFsLm1pbi5jc3MiLCJpc19nYXRld2F5IjpmYWxzZSwiaXNfd2FycCI6ZmFsc2UsImF1dGhfc3RhdHVzIjoiTk9ORSJ9.i6t55z7Fe_i3DZ4VtwnNzVFx7jql7rBlt6ZyNSfGT1qXGV0cizsVDJ3wOTOjuNKQa2ScsEgOvJKx7gxQQxfFzhlp8Xfgffa-bNUg3e-Yn-ENJ9CYsZgAj1ktqLSUxvWlRcIg0PPRlgeX76YEVn5dyZu9QEQaM7Ug6_s0g54zos6tLCdJzfcCTpGVONa2tGv9CDvlWFTlPNl6vcoqvAFtTZDTwhiX2gSJcyFm97Yac9lmEFT9HmWhYNH8ng6-497tkhH__mjvWrZiwFby7yKcZrLUaGgVM4pMyU_wSPDP0hj2xD7dvSzv3TNHGSQNU7vzu_2GZP_JfA2eM3zSNlboKA

Request Chain 110

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=84DB7DD92058481C9D13AA85FF4D87D0&RedC=c.clarity.ms&MXFR=3C0712ACF0C3634E125003FCF4C36D13 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=84DB7DD92058481C9D13AA85FF4D87D0&MUID=3D01869139EF69641F3D97C138846812

139 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/ 127 KB
30 KB 3320ms
3292ms Document
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a14408a600e9a156bb747b5af75691f645fe144cea7e1c9f00574e97a816502

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 19 Feb 2022 03:33:50 GMT
content-type: text/html; charset=UTF-8
x-nitro-cache: MISS
x-nitro-disabled: 1
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate max-age=0, no-cache
pragma: no-cache
x-frame-options: sameorigin, SAMEORIGIN
x-pingback: https://www.getastra.com/blog/xmlrpc.php
link: <https://www.getastra.com/blog/wp-json/>; rel="https://api.w.org/", <https://www.getastra.com/blog/wp-json/wp/v2/posts/3930>; rel="alternate"; type="application/json", <https://www.getastra.com/blog/?p=3930>; rel=shortlink
content-security-policy: upgrade-insecure-requests;
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
x-mod-pagespeed: 1.13.35.2-0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: same-origin
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=is3KQ83GjjMkCuGHmui1GobYbBZ%2Fo4fC9I%2FpakFTnNjPsScjzmbLx8L4oH7hjRi6IL2128Q2ly2XhIx9lbVlBY1JpSVus7O7ZsvrvQVqv2BkZ6zitvchy73sBADeMpU5WuW%2FAj3QXqwiXVCxsdx%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 6dfc6f89adfe9268-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jSscO-IEdbgOmqabm4JqEfVEIAc.js Show response
www.getastra.com/cdn-cgi/apps/head/ 7 KB
3 KB 407ms
405ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/cdn-cgi/apps/head/jSscO-IEdbgOmqabm4JqEfVEIAc.js

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd71a9264f56c0d43f3122826b3c21ee9b41157fc7065d5acba749a045d28802

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: JQVR49826ZB4E8NW
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 3XXTthJIWkDMOzwXzRliOzhLRbahxoRC/mciFgUX28BI726SQpNxf6626hBkVJOgnYRYtjq/5FM=
last-modified: Thu, 19 Aug 2021 13:00:22 GMT
server: cloudflare
etag: W/"b89917619835640b33426f5fad66fd5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=stE9lZLEpbsAzKI2XgFOgshtomp6E1ljybs1O4VscXcHeJ4hfydjirCfj4kwmV3Felf4cCv62aHAL1SQS6RZLwfkuVM%2FBvAqX%2F%2BcHChN2q%2FHnag2m95LrlqR0tsl8yHUgdcD5szjyTcHwS3bBYTn"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: abxbh0KptqvM3rNdnSvV2t_podgV3Fmo
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6dfc6f9e59cb9268-FRA

GET
H2 200 style.min.css
www.getastra.com/blog/wp-includes/css/dist/block-library/ 77 KB
11 KB 1062ms
1059ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b6fef0a63424245b31b293b1a3bfd074c9da482e28fb9e920e1cf306e54e8a2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: same-origin
last-modified: Wed, 26 Jan 2022 07:33:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BwpTJ2jGe0tYN9FN3Wywy8dIsUl88mDtyiIUprvrTEPFjfRu5BKPGuGrqPJxWmYLMM8GjJHMrwflun%2BWtGgEVHdJo2xjyo7iWgBzUg3oGTTTWZW%2BP6boulfYsLOHc0mnBLDLsbXmplhTNgoC5F5r"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6f9e59cd9268-FRA

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 23 KB
6 KB 34ms
14ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617, 617
age: 2137897
cdn-cachedat: 2021-04-13 02:55:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: a4c754a17577d74a872d3c9c794d1a4f
cf-ray: 6dfc6f9e7d459201-FRA
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 style.css
www.getastra.com/blog/wp-content/plugins/wpdiscuz/themes/default/ 114 KB
21 KB 1286ms
1283ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/plugins/wpdiscuz/themes/default/style.css

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffce487df4744525fd529363bd47e310529698170c91084a5099f760fa957569

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 02:53:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BKxJnhxy1ee8SbQ0GyD65tYS5kPram9Js%2BXx0pcxd7HquHpsY8P9Xya%2FJh3UbiFIVba0z8x4aCUiCvxXRsqIfZ%2BzdSqtlMUP0BWj0ftBjZ3DjasXwsabeDGTDblpIy97GUvnK4LblIAMoVExl2Ol"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6f9e59ce9268-FRA

GET
H2 200 fa.min.css
www.getastra.com/blog/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/css/ 11 KB
3 KB 1397ms
1394ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/css/fa.min.css

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

696abb1249ad3aac33060bfed46b870e4a645faf9b96a9b81b3af85a4ef42694

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 02:53:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRrewzWMUfnF88t2zx5UOMuIPO2DRrett4o%2FmAKclVLdEPQoh1FlW%2BwCrMUkBB%2FyCOXAmZi5lk9m1C%2FNxS%2B%2BNvb%2FP5xlMN%2B17hPNHlswoMkhQWfwpmbTvsru%2FJ%2BYp%2FDMQfDT80aFz1KuhNHzyL%2FC"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6f9e59d29268-FRA

GET
H2 200 wpdiscuz-combo.min.css
www.getastra.com/blog/wp-content/plugins/wpdiscuz/assets/css/ 36 KB
7 KB 1474ms
1471ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/plugins/wpdiscuz/assets/css/wpdiscuz-combo.min.css

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a61b8c70c730d778a12ecff9f7a17be9b8d25f04253fd0159f02ada438255853

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 02:53:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZTWAv1GFly4zephk%2BPK2DHbu2aFE8GGg17JPBlt85JD8RMWCZVigiKLOoaEcp%2FRqRN8xpN1f9bKaVEhuAWeN6OP1Uxs8TEekUPz0zmSfsCC7kkisIU2wpm3gX4bxzvS2RGXMqtEqeJ39%2BMVp5Bw"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6f9e59d39268-FRA

GET
H2 200 flat.css
www.getastra.com/blog/wp-content/plugins/helpful/core/assets/themes/ 7 KB
2 KB 1067ms
1064ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/plugins/helpful/core/assets/themes/flat.css

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

669494836ab1e1c80a178955e1e6ec948f5ff069e6b6d5af83e883fde6eafc03

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 02:53:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZVUbgPqnrgg5mno5UVA6VgFo2lprc6%2FzfP%2F2gjQW%2FGSFZEfGssXsG5tJumz4iaqYEAAPd2wW5ikcRnP00j6PTGU8FszSBdtIUairCYrKDGIVpwPJIAvyP9wA4TzcG2PjLw5PWdRJnPytT19gy6J"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6f9e59d69268-FRA

GET
H2 200 bootstrap.min.css
www.getastra.com/blog/wp-content/themes/getastra/css/ 15 KB
3 KB 1432ms
1429ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/css/bootstrap.min.css

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a21591e91fcb2787b973f66f38911e5281fe570d1daa3645157a98a8912ffd58

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 02:53:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BPw3omK%2BPU4WkmeH56HVzUtnQ9P4tz4KC8I74MkrqACt6GILrgKF%2BsbNg8obeJJF%2FViYXGli32jN%2FyL%2BnEPuwBHPcemG8ckOKdzP2kmPQCavyuU0ASMcCfmvQGUWLSfyDVZ%2BoBSiAIBagULOTajF"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6f9e59d79268-FRA

GET
H2 200 fonts.css
www.getastra.com/blog/wp-content/themes/getastra/css/ 5 KB
797 B 1444ms
1442ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/css/fonts.css

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

069c2ed87e1fab1967a71f3159f103565c1284bfac95512f579dfb365b4b69b7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 02:53:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bt4fHPSL%2B%2BxXwjoxlkEQhKmjmUJ6%2FXenT%2B4DSE555%2Bj8j0EkXHbUf9D7zJ10VCzK4fLjPiOTxWh16QPE2rNJSVFMatTKC1JJLPtbE82b38%2F%2BSC9uaysb9B5QSxIr1QtWzaHjwXJFA96ZvjlGcapW"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6f9e59d99268-FRA

GET
H2 200 default.min.css
cdnjs.cloudflare.com/ajax/libs/highlight.js/9.18.1/styles/ 775 B
1 KB 32ms
13ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.18.1/styles/default.min.css

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdcba7a929f59658000da20f172ceb43c5122235f6569bb11f3530622b0ec28f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 118825
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 271
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e7a-307"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BlRDZdTTWbwSS%2B3dzvSlnaEPj1CguMXxNiQ4U1OAj1TjTdRd04NeGTC8sudwK31WSzVARjJtKUsKNwv%2FFGYyXbOBvJhsT7P4GYo8y5Da7EMlIGh81Jt3JjLsO4W5gKy5SZ7pjFMlK8bd2a7g3c4fFmtp"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6dfc6f9e7b9a699f-FRA
expires: Thu, 09 Feb 2023 03:33:50 GMT

GET
H2 200 magnific-popup.css
www.getastra.com/blog/wp-content/themes/getastra/css/ 7 KB
2 KB 1235ms
1233ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/css/magnific-popup.css

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 02:53:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cmhqw3MKtMNLuMMveuYgBRe0mJPMyjxFvW%2BlAUDfU72MGOtt%2BEwgyG%2Fd1F%2FkxsYwFIyImkNVQfHf7yciEeBv8ZOWRv5Ec1%2FwenJ0v%2BkGLwlWipI%2F31efcjO3%2Bez3lJZBJQejK2sZBgFU%2Fp7toANN"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6f9e59da9268-FRA

GET
H2 200 styles.css
www.getastra.com/blog/wp-content/themes/getastra/css/ 27 KB
6 KB 1170ms
1168ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/css/styles.css

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc6a6f6fe1c783a36c5dba6debcff28be438709366326e7a4b921fd6a0bf305d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 02:53:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O4lYwcK98yV3iR5qZXoTpDN6bNHqRFn4%2FhtHrFFnUDrKugux4spZF5TLDY5iXtiGlcWXKPyEHpySGC%2BhBr%2BL8R6sJQxyAMAIe%2FJevXlV%2BKFtvHPWqOFzWfbe9%2Fx5AHM9Cbmy5x1k%2B34isuBKtqDm"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6f9e59dc9268-FRA

GET
H2 200 tablepress-combined.min.css
www.getastra.com/blog/wp-content/ 5 KB
2 KB 1431ms
1430ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/tablepress-combined.min.css

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d23ac8831ac069a1bb46d4049483530a384d563762010bd9f4803b343242e76a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 02:53:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1UfUtS%2BiTfJrAQyLVFSxQ89kFzka6PegP4GFajX9%2B3pHuccn2T6rBJs%2B3IVoOdJ6ob0IjqBPwJXGyOhpxRMaIJeCrVHAiNt3dOUHl9BgWZQUhZwPyP%2BLndOYWoAaLifPr6BdQRJwgh3clPmHUJjj"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6f9e59e29268-FRA

GET
H2 200 jquery.min.js Show response
www.getastra.com/blog/wp-includes/js/jquery/ 87 KB
32 KB 1691ms
1689ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: same-origin
last-modified: Wed, 21 Jul 2021 06:07:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5xIqg4LPaaQsdlz%2FcR2J4733etxPh63bLRVF750mtQNKLmv5jKxbFFJqHnjZHPzahuaSrbEvG8%2BsR%2F%2BWk13mo%2FFVMf9WkSd8bMr6GOZjTWLAhjRk2nJFCePOz22VDGahBrrmc16G72OGGEbm3Nt1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6f9e59e39268-FRA

GET
H2 200 frontend.js Show response
www.getastra.com/blog/wp-content/plugins/stop-user-enumeration/frontend/js/ 486 B
526 B 1427ms
1426ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/plugins/stop-user-enumeration/frontend/js/frontend.js?ver=1.4.3

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bbc0a7737643dd7c2344ba961592632153cb5353c92c5127339627e14b09143

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 02:53:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uYoF%2FlHDMgCvp%2BPvtR67OPpMaEfPcaiK7USZC2MW%2Bgs%2F1vtJJTCqqQTiHQgccReQTY4tcJzc4MPevI%2BcrRCfJqDuMToptrlkevFBcLuHFWhw4jg5PCHTGzG%2FOlMAL7D6xUZP97C8cjPEo%2BavYx%2FS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6f9e59e49268-FRA

GET
H2 200 front.js Show response
www.getastra.com/blog/wp-content/plugins/wp-security-hardening/modules/js/ 59 B
379 B 1456ms
1455ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/plugins/wp-security-hardening/modules/js/front.js?ver=5.9

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c33275705e60d7f9f4ed1667e4ca1ad0ba8acf6036d74538670467be8dad7f81

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 02:53:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHdv6AXu6LYtRWiNseeMG%2FgI%2FbWb9QK6AURR9wH1dYUzxLlSqin0gV2rlpjsk8YJdYr%2FOHBlBEv79xaKx%2BiRtinqUYkErUxSQQHV12tH3N6dQuHowctVRZ7dw0%2BT7P6G8EbWLdqNpyqqN%2B4dDW%2FT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6f9e59e59268-FRA

GET
H3 200 menu-e_commerce.svg
www.getastra.com/blog/wp-content/uploads/2020/03/ 1 KB
1 KB 292ms
285ms Image
image/svg+xml 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/uploads/2020/03/menu-e_commerce.svg

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d93dd5cfabfd4f549843f147463fe06b2e8ce2179c1009bee96de5ba485534d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Fri, 18 Feb 2022 23:01:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iA8WM7gQ3pC9l0ddDcIVWeNk1HCYy1xZvSQlEA4R%2BETyM58IEOxgmvXSvtJGHtQxnzGltCFuJ%2BAjrH3akd6bBVWiy%2BG87wE2izWLCy6uJdgUBeOIXvSWfzKhdOWEY3s7dG7aEFjrrkRtH6u3AgKW"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=691200, immutable, s-maxage=10
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6fa90c89927d-FRA

GET
H3 200 menu-agencies.svg
www.getastra.com/blog/wp-content/uploads/2020/03/ 2 KB
1 KB 242ms
235ms Image
image/svg+xml 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/uploads/2020/03/menu-agencies.svg

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

600d2376d46f5075f7f2a27e013efe08af29a5378eba5b9d079f61c7cdb3aa9b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Fri, 18 Feb 2022 23:01:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zLaUtgKohhcEHEYotFJ6hBwqEJiS9Qgznya7eugxAnPgiCG4tf8LiCU4LbLdKyb6XmdnbVgjMKdCGRBStR8Z61Ex9rqwq2mZJXqbWumGsHE%2BCHi7hfj6E7j7WcZre8dqvQLxXazmqeq2SZiC%2Bj94"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=691200, immutable, s-maxage=10
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6fa90c8a927d-FRA

GET
H3 200 menu-drupal.svg
www.getastra.com/blog/wp-content/uploads/2020/03/ 114 KB
80 KB 454ms
447ms Image
image/svg+xml 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/uploads/2020/03/menu-drupal.svg

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb84923f48302412e24618702c08ec257cb2d4e6717b5e141b02dc1b1666fc06

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Fri, 18 Feb 2022 23:01:05 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZ%2FNnobLNoQoF9Skrtogwzb81l0XA7w%2FzduWDE3V9uQG4XJ6ddfBqhWqjoKLNSj7gkkxXAReaQh1hhzMgK0vjC0MRIkP35vsQKx88aaw3mVsc2wegnoeFfgTl0LofNZpglA1wL%2Bot8pBMscLtqfg"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=691200, immutable, s-maxage=10
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6fa90c8b927d-FRA

GET
H3 200 menu-joomla.svg
www.getastra.com/blog/wp-content/uploads/2020/03/ 52 KB
40 KB 884ms
878ms Image
image/svg+xml 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/uploads/2020/03/menu-joomla.svg

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

540a8767e69d91c97c8e3a021b3c951164cac09c191a6445342dbe6c2cea003f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Fri, 18 Feb 2022 23:01:05 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTA2EuepA%2FQ684bg0xKb4kPnI3PwIA7ZL73SBdizgTNxlviDv0EcBDumgdSqMB%2BsaWsKZ2mub3BSDc85tO1kwDnXrSMV%2F04pj0PpRG1GfXydCqOhGcJ2qt1FqZjOSQ6D%2FPFQhKLOuDwTmLLCIeC6"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=691200, immutable, s-maxage=10
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6fa90c8c927d-FRA

GET
H3 200 menu-wordpress.svg
www.getastra.com/blog/wp-content/uploads/2020/03/ 2 KB
2 KB 233ms
227ms Image
image/svg+xml 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/uploads/2020/03/menu-wordpress.svg

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2aa50913ebfbbfdbbd569065c999e5bf2d706756274063a2d7deca7957360794

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Fri, 18 Feb 2022 23:01:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lUqgx2LnUK%2BH05SUViY4EsAQBWN17bfbhhZtOPYSXpWZj8ZM2tAa4uVAVDquTOR6Yrs626d0%2BQcYWwzoKJdvzLj%2FRogaQ2uPr8uMQvlI4ZSb7zTCzRMEym2P1isFGO0rk5ZV3d%2FMIu2kOOvCY7Ra"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=691200, immutable, s-maxage=10
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6fa90c8d927d-FRA

GET
H3 200 menu-magento.svg
www.getastra.com/blog/wp-content/uploads/2020/03/ 26 KB
19 KB 896ms
889ms Image
image/svg+xml 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/uploads/2020/03/menu-magento.svg

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dde3f6c190360b68bb5d262e11631dafa832e5323d2490edfb61cca91e81afc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Fri, 18 Feb 2022 23:01:18 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lLH1y%2BmKLZpUiV43eC4fj%2FpV7XY%2F1AMn75l%2F0yBPhyYoM80EMYQSCnYRBBSFbeERB5OigSL7BstYmnlcGJ6%2B26S3lGjMvlcXqgKsSqi2wSZyrvL79z%2F5FvxUVwh1916SOxP7JbdI4g9VpSWEtK6i"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=691200, immutable, s-maxage=10
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6fa90c90927d-FRA

GET
H3 200 menu-prestashop.svg
www.getastra.com/blog/wp-content/uploads/2020/03/ 57 KB
44 KB 394ms
388ms Image
image/svg+xml 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/uploads/2020/03/menu-prestashop.svg

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4444bd8b37eede9c585bbea924a250c9c87008832f661f33ab0ec201f4cea620

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 03:33:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SM%2FR5IJ4z31coH7ZtLoLrI1PndRu2CIQVyqfoDFCREz%2Fbu39ebf%2B9h7fdm6KSjq1UQ2ajjbdxfBfbi25NWX4jB%2Bu%2BbPsH%2BBn5wJHkpRakFWAJ9AbvYvpe2SyniHOZNWyPozdrLPFOuqex8c6qJJ1"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=691200, immutable, s-maxage=10
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6fa90c92927d-FRA

GET
H3 200 menu-opencart.svg
www.getastra.com/blog/wp-content/uploads/2020/03/ 79 KB
54 KB 422ms
416ms Image
image/svg+xml 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/uploads/2020/03/menu-opencart.svg

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37747ae89f1e0903a71134d15140cbd1ce0266399bf5b20980aa07e47103ce87

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Fri, 18 Feb 2022 23:01:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ea%2FqQs7hryaC5xI%2BOwHaPPyzC6TTWJjp%2BbiZPDVh7Ikf0NDV4mG15jJjZlGKKEOmJ5XVdjkKonvwawrZ6FXb7jbH4md8bNPozxn7BBG4xJgRAiz%2BPs2CAjsDuxe3Sf2OPemreuuhfXuw354q0VS"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=691200, immutable, s-maxage=10
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6fa90c95927d-FRA

GET
H3 200 nav-firewall.svg
www.getastra.com/blog/wp-content/uploads/2020/04/ 2 KB
2 KB 253ms
247ms Image
image/svg+xml 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/uploads/2020/04/nav-firewall.svg

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58c51fd0e5d65e8619ffb83c061567b4e981afee57973bcf08b13ed323d2c48d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 00:22:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QKr%2BCMDNvD3d%2F2ELtQFK2azPPXRJXfWHc8pBWwOIUAcjNo0Rujpph6bzSL5QBWuaKuMrb%2BxYOgcgiKc8KlreX16r1WuOxG5xNQemEODgjClRu2lF78n7%2FZ6gHxiEUgSUWysNsZPy1wAofizNokqa"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=691200, immutable, s-maxage=10
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6fa90c96927d-FRA

GET
H3 200 security-scan.svg
www.getastra.com/blog/wp-content/uploads/2020/03/ 10 KB
5 KB 198ms
192ms Image
image/svg+xml 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/uploads/2020/03/security-scan.svg

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb7605e3f91149ed0e24954f00a14e80b724520f3d7f81976219842c6ddb7d94

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 00:22:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o9Vzj%2BCXw3i%2BGKUbbXEe4PzwgQj5YsATQJtqs8R7t%2F8UlnmYef%2FCKUT7WUHWt4wUbpk0R8GlMR46K3ziP3Jn%2BqPrnaIvfNUmft7xFWRJrmT6tyhIEKpv4D42sNCcIq%2F1%2FukgAoSRxm78ZW0qnDv8"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=691200, immutable, s-maxage=10
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6fa90c98927d-FRA

GET
H3 200 checklist.svg
www.getastra.com/blog/wp-content/uploads/2022/02/ 10 KB
3 KB 256ms
249ms Image
image/svg+xml 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/uploads/2022/02/checklist.svg

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86043189a35fa4753700ce6bbf6a9bf7a4a77b177cb38991bfbbd4137dbb2422

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 03:33:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QcsZjCveS%2Bf27lo9Tt7QzNfBhAlF546dB3OsYcJxSgsYsepcefwM%2BXzKcsZEMLgiYfnQGrWMVJQ%2BCldncGIfJgENQmJT03wASiChxZYsvqx%2BCQPQIxYLW4aNDihGu5%2FBBxf4AXWSl44V0crVBp4k"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=691200, immutable, s-maxage=10
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6fa90c99927d-FRA

GET
H3 200 Commonly-hacked-wp-files.png
www.getastra.com/blog/wp-content/uploads/2018/10/ 268 KB
268 KB 401ms
395ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/uploads/2018/10/Commonly-hacked-wp-files.png

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3790e60f2c2f04629f17302f91cc4145231038fff3cbad2df20bc91642f56705

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 273922
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 03:33:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b4Q3hbzRiO4wMuXVcPw0bqLHwOdT1gwKNTZh2P0SmuRTRmz2v6lCaEimXqWNyuaxbZ%2B83JLko%2F8jOvWIogu%2BWpv0kYRSbqhcJ4UkiCHtxmluR3Rep7ZGhY6uxZTp%2Bsd2y2vVvWXCdwgY0Oiy48Hr"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6dfc6fa90c9a927d-FRA

GET
H3 200 Wordpress-hacked-1.png
www.getastra.com/blog/wp-content/uploads/2019/04/ 102 KB
103 KB 452ms
446ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/uploads/2019/04/Wordpress-hacked-1.png

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2904d8adb48a8317cdd83ad6a2fbd34e71f698832127ffeb627ebfdf4ff734e5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 104577
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 03:33:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0HrROssf2W8xn7%2B3pMTrcAOxPocZBgANV8dJ2sRd1TYK7rqnUf8GcOgNd5XFa6zfSSO%2F4oRTXAlQLhUqvubg42CQQBmDo4rV7iNXEGQ0eaoXEQzfP1IfE3BoHjveJLXY69sLTinZpEmrf05%2BCk1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6dfc6fa90c9b927d-FRA

GET
H3 200 icon-code.svg
www.getastra.com/blog/wp-content/uploads/2020/04/ 13 KB
4 KB 835ms
829ms Image
image/svg+xml 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/uploads/2020/04/icon-code.svg

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

176f5f51ef011643df76e33a7b6355060203ec4d8511c8aea5e7ed43aa358695

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 03:33:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TlPfEaI3wFuK8px3bfAtpoDCDwjmxpqjWvmEGmMu%2B0Cl47jmDXX%2Bwe%2BxMIStyiUv4aTg5Hj32xmsZXY%2BG9e81Hzh1G2qNLsC13ZSQ8uz4PtLujldMkUMy25IFVBP1fqBG9TCtgOuvkIjcMWAbATI"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=691200, immutable, s-maxage=10
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6fa90c9c927d-FRA

GET
H3 200 facebook.png
www.getastra.com/blog/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ 603 B
1 KB 252ms
246ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/facebook.png

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce51a8242cd7db442e699ae88aed60a8411c521792e72bc744725596b2593d45

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 603
pragma: public
referrer-policy: same-origin
last-modified: Fri, 18 Feb 2022 21:53:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aO6DaeapEZEJ4xq%2BpeJEzgYEfFZ061zYezt8iN61w2XtAIR9f5ekKB1DBwh6ThNEbjc7otgXip7sJxI3RKON6lJv1YpEbfDzIEEGmd6MX%2FsQi%2BtT0wFGNiAOajZUotA1QNR9OQ%2F9qb6TYotowb0A"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6dfc6fa90c9e927d-FRA

GET
H3 200 pinterest.png
www.getastra.com/blog/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ 974 B
2 KB 258ms
252ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/pinterest.png

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fa3782c6c94e24e5430e53c2e6a06b2edc3a280462f8b7b2ff2e15e565f22ef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 974
pragma: public
referrer-policy: same-origin
last-modified: Fri, 18 Feb 2022 21:53:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JAcpdCOjNJ9ueO1qzR8lyeePDeT0Oq%2BMxuyNy33oYk9wGzsfyUe3WWyVcE%2B37JZs1oZbUa5T0Rsqu3abOvLZgi22kcdzLicyEyYEtvjFoTTH5n9kAm6WppkD8GKicWRnynYJUu6pBvcGQb%2FfiT%2B%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6dfc6fa90c9f927d-FRA

GET
H3 200 twitter.png
www.getastra.com/blog/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ 734 B
1 KB 230ms
224ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/twitter.png

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a506bf66d9868a3dc52aa0cdff4065254aa58eb7eee4b937064db6995895303

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 734
pragma: public
referrer-policy: same-origin
last-modified: Fri, 18 Feb 2022 21:53:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j8%2FeDmamF0WVqmbm1TVH%2Bsbom1KVgSFO5O%2Fx0OQQA1%2FCV7JxJrI67e1%2BSZducCoMmG6CoEsmpb2XBbn0LQAzfXW6aHB0fu4tTE%2FzIoai%2BHrp447kk1QG23IQb4vrHgJv36gonQ%2BO%2F8bP80eeVflY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6dfc6fa90ca0927d-FRA

GET
H3 200 linkedin.png
www.getastra.com/blog/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ 676 B
1 KB 251ms
245ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/linkedin.png

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e857e52f3825038a21bb1fd8a89a150038f6d6418f994abb2b315380e0bc36f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 676
pragma: public
referrer-policy: same-origin
last-modified: Fri, 18 Feb 2022 21:53:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rl7xGxxTEFYIuguXEFNPpv0UdQayg1Ncjt3sm59P8ZrNwreuHpsRmVXq%2F3IDjbzGPMpLPFt%2FxRFv0JOzFLmyfDZXdy%2F1Zgbo45ztamkuAqtjgmAfSj32UZYhlQI0I3so4lGKbKrH4BXVnpT%2FkWyq"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6dfc6fa90ca2927d-FRA

GET
H3 200 trackback.png
www.getastra.com/blog/wp-content/plugins/wpdiscuz/assets/img/ 1 KB
2 KB 256ms
251ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/plugins/wpdiscuz/assets/img/trackback.png

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49e63f9c88cd2c6d0c28a9f64e22bd58c8fc031e2b9492c35abac4ed6e27663b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1442
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 00:22:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5jNGaXsi0wLYHoYr0NVwLprXIz0u0Y8x27z%2Bp3pz%2BxcPv0vminBXGrrb7jqPxz3ARpu11HqtEkuZiqX9YG1a2oggCDpLJSKe8XJouRkhnsXylz4qDNOelF44HnD2m0uwTjU1EBvAhsZlqauKpDkk"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6dfc6fa90ca4927d-FRA

GET
H3 200 earth.png
www.getastra.com/blog/wp-content/themes/getastra/img/ 26 KB
26 KB 618ms
612ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/img/earth.png

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f31c0d9e63434b2f7654552360e978bcf8b96affb797fab72cd605dcd8b5861

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26253
pragma: public
referrer-policy: same-origin
last-modified: Fri, 18 Feb 2022 21:53:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=suyvP4K0nMRh9BMGr6Fxneqp5Tg%2BarBH7AyyA1iwidrqYHZuwLUd%2BxBdDQi0AmtVlttxJcJYnyEuH%2Bo825brjbYa0ROU%2FAbf9SXTDboae7u1MEma3vKHTlez5sBrjwGdkeEmvPdfEdd3coeFujC7"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6dfc6fa90ca5927d-FRA

GET
H3 200 spiders.png
www.getastra.com/blog/wp-content/themes/getastra/img/ 2 KB
3 KB 207ms
202ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/img/spiders.png

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a9f72e4c3a0db6c8eeeed5637d94700e327b8e67dc4f95e22a8a27713c9ab85

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2378
pragma: public
referrer-policy: same-origin
last-modified: Fri, 18 Feb 2022 21:53:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BhKMmvzqXFmZdBjHzEwjVMqlkN%2BV1dX7N4NQOhMzUTHyPddE8O4WGm334Nf9P3ROfNvqKvXiNMnHhSNoG5YispWP%2FIgsJrYxogszsjWQWRgUOX1dYVElSHTHelDYtiONttTG5hp9v%2B9%2BIVrMcmpW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6dfc6fa90ca7927d-FRA

GET
H3 200 cards.png
www.getastra.com/blog/wp-content/themes/getastra/img/ 34 KB
34 KB 787ms
782ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/img/cards.png

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b4a983c81a9fc00b15be32936d842568e6c079839734bd01b533125c2400bed

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34403
pragma: public
referrer-policy: same-origin
last-modified: Fri, 18 Feb 2022 21:53:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z9GbK3TIz4TJv0tSP85bB0qBsFmAKFpds0zEfSnM0iOflmjguW7DbxoTQGrrxkyJ6fG7jo56MK87uNryl2zfBPjBlzer0vha9D3S6AG6Z8UzmCooAyC1Tz9LQFJJHl8jzxJl%2FKdfcW4WRBF6mQaP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6dfc6fa90ca9927d-FRA

GET
H3 200 bugs.png
www.getastra.com/blog/wp-content/themes/getastra/img/ 3 KB
3 KB 225ms
220ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/img/bugs.png

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d298bb3a87a8ead150ff6bfd1df24354ab96de4d16b7774ffee259bee5482a55

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2706
pragma: public
referrer-policy: same-origin
last-modified: Fri, 18 Feb 2022 21:53:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=apjrsDAQHBm8p8Wc%2BGK2oKLY%2BhfS1q2Myk0%2FVJrAD1kTOKpl98AuHpT7aYpvEqYj9KpWOf1lCjtm9I0sjdEe2tuvHDdQUF9dbPonWVkIZJJ1TGr4%2Fa19boELoDBf%2BOamEYR5GI04c%2F9RnxX6EadS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6dfc6fa90caa927d-FRA

GET
H3 200 spiders-alt.png
www.getastra.com/blog/wp-content/themes/getastra/img/ 5 KB
6 KB 216ms
212ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/img/spiders-alt.png

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20827b7ad5b97aefb9920008ee31f8291119163aa09d4d271597760058396dd4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5546
pragma: public
referrer-policy: same-origin
last-modified: Fri, 18 Feb 2022 21:53:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=61CrfA2FkZd2m87v0I75ymvfbGl5q7NX7ExQagjyWMofluvq%2FehCmeyx7gRueyPONC%2FHgPAzYgI6sLvZ4UZISdDT9TJ1iOesoVZFkG%2F1H0gZlXekU0TkYkiCZ3WgsQaj9OlO21maJubE7UTRczVt"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6dfc6fa90cab927d-FRA

GET
H3 200 usa.png
www.getastra.com/blog/wp-content/themes/getastra/img/ 4 KB
4 KB 214ms
209ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/img/usa.png

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe734d8bfc7c2ac8b69aea754bd8384403af7ebd9219003b247af0040c7c75e5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3748
pragma: public
referrer-policy: same-origin
last-modified: Fri, 18 Feb 2022 21:53:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PUDxp5CdEwGeIShWZW4z8GsSiSAyGY%2BRp3NIz%2BJxXlyZ9VIDFQ990BcRB%2BbQbnic3ofPxCSN7ZvcRbs5fU21H8qJsJuAU6XWBFmwHTMfcKFPq%2FajMDizZW5BcSThGwOjV3NFxB8ORMbYqEHKcBlU"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6dfc6fa90cac927d-FRA

GET
H3 200 france.png
www.getastra.com/blog/wp-content/themes/getastra/img/ 760 B
1 KB 117ms
113ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/img/france.png

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76517224a46b2a012999bd0cd1ab535001244236d9138fd8184833856df340de

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 760
pragma: public
referrer-policy: same-origin
last-modified: Fri, 18 Feb 2022 21:53:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zilPcxWDyXCsnPACb4zGT5rcJkN8Jmv3n7A%2BGs5eV9NXJPk%2Bod6%2B2bHUxkoljjoyfNSvr6p2c8rdTwnAvMplCuWVK0BPUTi6XjdomWGEmuUoxdDR4hqEnpAAbPkoEXTGfVQcNuB2lxigynmVFx72"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6dfc6fa90cad927d-FRA

GET
H3 200 india.png
www.getastra.com/blog/wp-content/themes/getastra/img/ 2 KB
2 KB 123ms
119ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/img/india.png

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5961769bed095e4abc2daa61e036e1e31c7a157aadb19b183c8913d9a09a298b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1734
pragma: public
referrer-policy: same-origin
last-modified: Fri, 18 Feb 2022 21:53:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9XwOQzyavn1TND2%2FLfojITCky0PMpZc4uQt7ZvvokxK7O2YHh2LNZmBctQ438hyFX4y1NxDyap04DFYBbzdrm9ACeKrmLyrhmOalobf4Kz7xjc45b%2FpxpbQsVYaKoHSmUV563UXOyCI%2FAkqOW9oG"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6dfc6fa90cae927d-FRA

GET
H3 200 germany.png
www.getastra.com/blog/wp-content/themes/getastra/img/ 857 B
2 KB 119ms
114ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/img/germany.png

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea0e02216b4365172bf1ba7c4168fc5e823ed303f46696cf7e469a4525e949a8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 857
pragma: public
referrer-policy: same-origin
last-modified: Fri, 18 Feb 2022 21:53:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQMBLkpyw5wKI3ert9kLTo9H9iuVDnvqPW2lUx4RdhTuoD4bwMbQayeS4DUzXOAVFWtfjO3bPHXusBedby0PjpZad37DlRPwuBWhW7iS%2FJ7ouyuKvv1z%2F0bLgBbHk5Y8%2FvLRmbassAmcjESfSiWj"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6dfc6fa90cb0927d-FRA

GET
H3 200 tw-bs4.css
www.getastra.com/blog/wp-content/plugins/wp-security-hardening/modules/inc/assets/css/ 209 KB
27 KB 323ms
323ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/plugins/wp-security-hardening/modules/inc/assets/css/tw-bs4.css

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

653b40ccb6ed560a39d8f3dc1902b946647a9939b955c6c53116454bdfe4c4e9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 02:53:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7sUe24yQ2mDMw1zVH%2BZOX04vWqGjJSOFq6R%2FdK0fRDPM%2B%2FIwifuwMA7bCVYe2ABpui96QFWB%2Fe4Q%2B1I0Vpi2bVoRD0J1yCX7dMwXLo%2B14skjE7qEZM9qhraNMz16OqWi%2FJIm8qUERGf7xiTn90RL"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6fa79a98927d-FRA

GET
H3 200 font-awesome.min.css
www.getastra.com/blog/wp-content/plugins/wp-security-hardening/modules/inc/fa/css/ 20 KB
5 KB 228ms
227ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/plugins/wp-security-hardening/modules/inc/fa/css/font-awesome.min.css

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 02:53:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGWrVOyWv9%2B7ZmuBN2%2FEPScl3n7MdooFvqn1HJNXD7zcoSprTbhuzKaJUVE5gzI4E%2F5mkMOuQlAr0FnBJWkPGH5bApn0BTLONRasAZeToC9zmJc%2BXeFYNEtwFcHrvV5p7YMFd9tiDUJ9q%2Bz9iNZ6"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6fa8fc50927d-FRA

GET
H3 200 front.css
www.getastra.com/blog/wp-content/plugins/wp-security-hardening/modules/css/ 145 B
788 B 221ms
220ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/plugins/wp-security-hardening/modules/css/front.css

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2de4ae656c0605f0cc9ea54ab32a4508f56fc4f02dcc407d33fd44370afc1cb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 02:53:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5IXbm7cxY8paQV2g8uDlDFAo7P3RNo7pSUaQtQu6Dh4W2qfMRBY6ZgjDWrPeAyd1UAZp05B9PHyXzu5ezcv3K37gaQjZlXZD8iGroT0wNfr0ZYQCd2tTY6hReMeR3DnykU4JAhFNXLr1kN97bDQz"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6fa90c67927d-FRA

GET
H3 200 blocks.css
www.getastra.com/blog/wp-content/themes/getastra/blocks/ 2 KB
1 KB 196ms
194ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/blocks/blocks.css

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e1eac57c3f6b0f4b38bf342196a95e2f4cd910c3c0508639d69bd95d2c4d1b1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 02:53:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Zhvg3vy8dyfWQdv3v8CRqNE%2FSQVko5XNglxWa06b5%2Bo5yVwZn93vqnoyJvLRP9uzYWKpIVhVh0snA1wut%2F1raWUCRassgv93J0x6dN9dNeQsMsPVCCjb7FYTTmE%2Bk%2BZ3cYcb3tcxfg7tzILEOgx"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6fa90c6e927d-FRA

GET
H3 200 main.min.css
www.getastra.com/blog/wp-content/plugins/luckywp-table-of-contents/front/assets/ 3 KB
1 KB 108ms
103ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/plugins/luckywp-table-of-contents/front/assets/main.min.css

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5978d7eee4b0fb37c9409a3315f1ca722ebd7dfd476a42e9efa8cb016c076414

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 02:53:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fP8yuyaW%2FlI6A9CLdshcYwPSLpx%2F%2Bp%2FO%2FOC3eWcMKecpsibYIKvzm18hUxMQAJST8hMkWjvqHnJQBPos9PYxYEAb9IA%2BPLGq0RfvfDpXwO0fyalsIpUlBOIeKO2q9y2rhVllWhWWtPJWOkEhbSbr"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6fa90c76927d-FRA

GET
H3 200 ssba.css
www.getastra.com/blog/wp-content/plugins/simple-share-buttons-adder/css/ 142 KB
12 KB 245ms
239ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/plugins/simple-share-buttons-adder/css/ssba.css

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6071f4e4c890545ad0f59302890def2aebb273acd131ed7ec434b26dfebad1e2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 02:53:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RQOCSN9cP2HFClZBTPWBXWOwQ4d5QlPMxKBDQZf%2B6DwwRraYEm1nsVnOdYo8vg3CECcx8B7iDxVRTAwxgBrGpWwjKRHLxsp5BHOges6T%2B7N4Kb2wdrZ%2F1rlpIzLPG2Dt2vS6YBiDAQ68xqFvmL%2FL"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6fa90c7b927d-FRA

GET
H3 200 frontend.js Show response
www.getastra.com/blog/wp-content/plugins/link-whisper-premium/js/ 9 KB
3 KB 217ms
211ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/plugins/link-whisper-premium/js/frontend.js?ver=1641419192

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b097154b541eccff5cad8e46948eea5cd7effa7cb61c534b1443c253c3ca2eb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 02:53:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HMUGKYSpEwJHgPGqWHCR%2Fb948%2BnnjpU4gu2L6AgsiNaxaPvi3m8vBXKaD0fG09jqQ8HrI6Sonqm9amzepKZonVtRQYXosFUCzMzBgDkQsjahGq9glFgh4u4XcWPTjSHkyWS7kn0aJKjjSgdH%2FRcv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6fa90c7c927d-FRA

GET
H3 200 ssba.js Show response
www.getastra.com/blog/wp-content/plugins/simple-share-buttons-adder/js/ 2 KB
1 KB 246ms
240ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=5.9

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76a18f5f0637e0d73ce1afece898ce8b0fa75bb6b1c1990ae4a7ac6b083045ce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 02:53:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13XDWIgmofJeUt407pn%2BgTSzNgUJ7cmHKKY3DkiDmcHkdphkqlPTCFsUKFRqavLej4H%2B3yLy3Kt9kUhOVewx5JSHlvVeXBfFIH3qD2y6YQxY3mxJad0NF4mVVWYXrlrvvsyNlOxN%2BtN0maTDVUBo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6fa90c7d927d-FRA

GET
H3 200 wpdiscuz-combo.min.js Show response
www.getastra.com/blog/wp-content/plugins/wpdiscuz/assets/js/ 310 KB
70 KB 415ms
408ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/plugins/wpdiscuz/assets/js/wpdiscuz-combo.min.js?ver=7.3.11

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb764228bdf1e9a09dd2c35185d23c7cffbc1e8a6a2f40293202e30adf677e9a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 02:53:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=io8QINDaJOigvindkgS17tcjc34X1FmkVQ0r48u0tCQf%2BylDip70vz0S6ngsGPXfkKMBNRmZbhW%2BIOXblwVFkeE2CkuSzL5MbbpjkDKPPfT3zsIICHdhA8Ynd1SgCp%2B2WOyGG2WB%2FWM%2Bge3g%2B6NJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6fa90c7e927d-FRA

GET
H3 200 helpful.js Show response
www.getastra.com/blog/wp-content/plugins/helpful/core/assets/js/ 5 KB
2 KB 197ms
190ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/plugins/helpful/core/assets/js/helpful.js?ver=4.4.68

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e6b2155ad9148db0cae7de728709f425329c2199b80eba4d273b507e3e38b63

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 02:53:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BJvNgRYuslB3tcxhiLxtTq3ZlxjfNcCfj1OQtvmxDEfirTp1Ob4M9pFFn3ftpZcT8%2BrwrjTdTCoD6QYbPx2byTKJO7IJWpQiSlxTIz0mLPklGgxoM9wOpiQvvMxWZ5rc86%2FuabT6V8wJGGJhOsTA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6fa90c7f927d-FRA

GET
H3 200 highlight.min.js Show response
cdnjs.cloudflare.com/ajax/libs/highlight.js/9.18.1/ 71 KB
25 KB 29ms
15ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.18.1/highlight.min.js

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78e828d0eb4b2f871dabb45dc1152218a2d7f57b0827b9c685610a6e88665404

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1317280
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24893
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e7a-11d9b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wjcUaeW2GnFH0fZp%2BVgo6tTnR%2FU%2FOGFuSN8mO8yt7Z3tlnBurkCK2BxzcbgJRtUxmjSbziv0ajRX5md5%2Fh%2B1UF%2BNpgtEQdT7SAGzJiwhNGsOsHjW%2BudinJfbTKH4huQQhjCxxweMQ56kfcaxmWU851zh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6dfc6fa91ea09061-FRA
expires: Thu, 09 Feb 2023 03:33:52 GMT

GET
H2 200 cf3075be7e.js Show response
kit.fontawesome.com/ 11 KB
4 KB 51ms
27ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/cf3075be7e.js

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e797cefbc2ffe5eed70f532aee1e2a2d99beb2f208d0b3bb469079c17234d2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
cf-ray: 6dfc6fa92e066958-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: Fs11Hb8oS9MEOJ6uJEmB

GET
H3 200 mautic.js Show response
www.getastra.com/blog/wp-content/themes/getastra/js/ 629 B
1010 B 217ms
210ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/js/mautic.js

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cabff488d46b62b355fa1677b6cdde3f63d69682f8cc10fc35f81f5e3773c26e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 02:53:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QyE1GQG0dma2hithDxjs1Do9LytV2zqbkF1Wcxgz9CFI9VDmDqt7yVWa%2BNl1AjcwV3JYv%2BaflNvSKBv4iCEB6VfRBS50so0kXLGoZCkakIK0Oxe3jiuFKPuJTgYdSxPi7wRYcIACuU%2FXxaxryoiR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6fa90c83927d-FRA

GET
H3 200 jquery.magnific-popup.min.js Show response
www.getastra.com/blog/wp-content/themes/getastra/js/ 20 KB
8 KB 211ms
204ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/js/jquery.magnific-popup.min.js

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 02:53:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XDoPG34qM1sJKQIH2RJXbTf9HIj6FuwscE4FbMLn3xf04myECw9wUeDxD9nFkdGGlG0dMzCKaXALAPFgvoN4Oq2GqbtP6pg61uvplq%2FXgyMeQrBQM58%2Bc2H%2Br5wK3mnL6ubjwvZrLX%2F8mQoLC%2FU%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6fa90c85927d-FRA

GET
H3 200 scripts.js Show response
www.getastra.com/blog/wp-content/themes/getastra/js/ 4 KB
2 KB 233ms
226ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/js/scripts.js

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15d52ea91a7e1694cff162cf736c515c6e8c6651e3ced4d3f842cf779f3c2fa3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 02:53:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OmcCeLeAWCsvVAbWngc6kRFxxvTvJy%2BhRbc%2F1FnkcU9ZTxKD4VuhyO2DpV802EnjuFNU838CmJFCWcW2qY9pv3qldI2tTEiTYDPWj1m35y8whTiPDbDFGDgRNX6sZDJGcLSPha%2BVAk19wy%2BPOHC6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6fa90c87927d-FRA

GET
H3 200 main.min.js Show response
www.getastra.com/blog/wp-content/plugins/luckywp-table-of-contents/front/assets/ 4 KB
2 KB 220ms
213ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/plugins/luckywp-table-of-contents/front/assets/main.min.js?ver=2.1.4

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

995456f7211327129612b97dc0a2baa2288f1e3065d1d6ed1882a0eb89d6baac

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 02:53:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzyALoETWc9nnbr8ru4%2FbfzmhhvFwFWI6SU8yTsbdqB%2FC5kpgw4zJY5NGcwdh0jjxzb2hx9xBUhIdHHBqk%2FXYWmDhW6dRYiMHn6OKjcR5sMXxszzTEdKmuWLy%2B3QomA2qjWFjdjFJV%2BoJW%2FiOzUb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6fa90c88927d-FRA

GET
H3 200 HDBaI3TEfOa-RZ1-tgLDoxABaUE.js Show response
www.getastra.com/cdn-cgi/apps/body/ 33 KB
12 KB 347ms
342ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/cdn-cgi/apps/body/HDBaI3TEfOa-RZ1-tgLDoxABaUE.js

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/cdn-cgi/apps/head/jSscO-IEdbgOmqabm4JqEfVEIAc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7cd3e4c127daccac292779eae92b1b8b644772efb0bcdf4ced7ef7a73a8286b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: P4QRY15X85JYSNW9
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Nt9KyaMwBeK5QSr9zMS3Ublw0r0L3K30OZeWxRqELNOauT/a6G9OM0YsM4P3U/1t6AQOUuNTUM4=
last-modified: Thu, 19 Aug 2021 13:00:21 GMT
server: cloudflare
etag: W/"5cdb6552f6a72755b9c180c02d8ed6cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y9nhQYzp5xp%2FMkQU4SeIykKTGQ13j%2FxOSbb0rdQvyz3QtduQOybL90i1md6o7kFlBXj9eMh7p93flHVIAiyBJPXximnPHpC%2Fb6aOsiK%2FoP1w2kNnIP%2Fw1fXvrsY2tRoP9vqGdmVuW0KSsgD6YrGL"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: f12jJHZOrYUnDei4A1SCtU_DfS8Xd8bL
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6dfc6fa90cb1927d-FRA

GET
H3 200 cta-bg.jpg
www.getastra.com/blog/wp-content/uploads/2020/04/ 2 KB
3 KB 280ms
280ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/uploads/2020/04/cta-bg.jpg

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77b81eb119d1b3c4d588a5e90ba655c8f70fd4c93b5fbdd2f5a7b6d7fba539e6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2487
pragma: public
referrer-policy: same-origin
last-modified: Fri, 18 Feb 2022 21:53:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=go2gpgr7ioVXK4P2XjEU4Dfb3xbJDoBKXi8LVUOXld%2B9T36HT9u%2FdUjF6RATrdSmK06jFOWv0yKuFh7RPDaanPetZAQ3aRy%2BYPJGTRAxiBGpoFJYP3PnXYNH3beIR%2BBlTIVsl93hfhp047fmS%2Fj9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6dfc6fa90cb3927d-FRA

GET
H3 200 noise.svg
www.getastra.com/blog/wp-content/themes/getastra/img/ 329 KB
248 KB 1144ms
1144ms Image
image/svg+xml 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/img/noise.svg

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/wp-content/themes/getastra/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42cbe59132abb4cc85b3901a9141bada3dd1ca7a8a833ed2fc6eeb7fc59c1e77

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/wp-content/themes/getastra/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 00:22:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S5i3CmaazgTsiEeyV9Se9yfnzIXQgd%2F97gAJ7ox9WMJvReOKdCHfnd7WpgI%2B3EgfTSEg7csSJmrvnuH%2FjqnzDNy0pVEMmjQI3bwLSzvACvfCoFbCgRJC5oXhbKc9JJaxpsaY2HY%2B7juqduh6pmYB"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=691200, immutable, s-maxage=10
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6fa90cb5927d-FRA

GET
H3 200 chevron.png
www.getastra.com/blog/wp-content/themes/getastra/img/ 261 B
972 B 218ms
218ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/img/chevron.png

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/wp-content/themes/getastra/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c98f424531e7c55ef9e1179eb556d2e5fa04a97ccfe8f847fd71358008239ec4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/wp-content/themes/getastra/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 261
pragma: public
referrer-policy: same-origin
last-modified: Fri, 18 Feb 2022 21:53:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nF6nCRUI5TviQAivaU08BIK7jp7unqfhmHSIpOm7ndvBF0UH3bfHE2kfT606GOcOH0cREZrP13mL6QM7%2Fvofrac22ZeHUFsjFLMgvb7cIqpvFD3W%2FEdyPpdoW5cayXXiKHVSgqT45EA87L7cyX0S"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6dfc6fa90cb6927d-FRA

GET
H3 200 chevron-white.png
www.getastra.com/blog/wp-content/themes/getastra/img/ 247 B
965 B 251ms
251ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/img/chevron-white.png

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/wp-content/themes/getastra/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8195496a719d90d894b0ac2b79a02834aae97e02e2bbdab02537bbe60421594

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/wp-content/themes/getastra/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 247
pragma: public
referrer-policy: same-origin
last-modified: Fri, 18 Feb 2022 21:53:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BxOVI8vPHA78FjO%2Ba8oWf0KhFmo0MHLYo2BVzPWxgId9kW8H1couZG7FmTxJ5m%2FKbQotbxzpKj8VZuv8ZGogK5B%2BtRKyNml47FSrBxPzDb1XmqFvHXNh%2Br1NfwwtH35km3wj95VWEkO63KXu1g4d"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6dfc6fa90cb9927d-FRA

GET
H3 200 twitter.svg
www.getastra.com/blog/wp-content/themes/getastra/img/ 1 KB
1 KB 278ms
278ms Image
image/svg+xml 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/img/twitter.svg

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/wp-content/themes/getastra/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19eac541b697d3d0d920597542de50fdeb3a9e1dc561d108f1fd9ecd7ecc6153

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/wp-content/themes/getastra/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 00:22:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tMlIjGYaaL9r3jTx1JCN5xv4OqHIVJSX6NiEOBfR2YN49MYvKxTEFHayiQaMGi5SqAOqmep3VsaPlHeidn8I9FjoQ8JExqft%2FPP89TadBJUKwEfzhGHnBgLc4fp1zBGKa9BEXfQPDgJOWdEuu3Z6"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=691200, immutable, s-maxage=10
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6fa90cbb927d-FRA

GET
H3 200 facebook.svg
www.getastra.com/blog/wp-content/themes/getastra/img/ 577 B
1 KB 247ms
247ms Image
image/svg+xml 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/img/facebook.svg

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/wp-content/themes/getastra/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2e4bd67d73432ceab50735580a5017599af0c64885c48c1922088cc0b450a84

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/wp-content/themes/getastra/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 00:22:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ujfLVTUEC%2FwWo8j1dygPxp7P%2FRb%2BjxzZNDGMh%2F2LhmG9ooaoz8%2FYVcxoGGKm37zAfhbnwxkfkuWEWnQLs5bwc7X8lCm7UOoop1iK0yeu76jNK0UYrJca2ZTlpq3ox8k%2Fy9ygXuWmB9VxAVslxxgl"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=691200, immutable, s-maxage=10
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6fa90cbc927d-FRA

GET
H3 200 youtube.svg
www.getastra.com/blog/wp-content/themes/getastra/img/ 1 KB
1 KB 824ms
824ms Image
image/svg+xml 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/img/youtube.svg

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/wp-content/themes/getastra/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

110819e44d1ea5e37e914a54b6003ba4af0264549bd3b53be778e81dfb7a62c9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/wp-content/themes/getastra/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 00:22:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fDFZrx%2BbCbxE03KV%2BpY0bhTOfG4QNzV0W4%2FqnCsaJ6l51B9uhjrSGAMrkmcldIU8Vt6dunV021Z0rJ65bM67BjtextwSD6MW1g4OfnThLbpVAvHMjOjuxoZ%2Bnnm7eNJv4D5SbjIJwIS6xgbAFSqv"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=691200, immutable, s-maxage=10
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6fa90cbd927d-FRA

GET
H3 200 wordpress.svg
www.getastra.com/blog/wp-content/themes/getastra/img/ 4 KB
2 KB 117ms
117ms Image
image/svg+xml 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/img/wordpress.svg

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/wp-content/themes/getastra/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

602b5cddd5f26575ce7372dba26a31404bdab5caa5234ca182684407cd413a76

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/wp-content/themes/getastra/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 00:22:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9hZ6sv1n4DOBbph5Dk4MQZ9XGhyfmCTDv7oUBCGWfpbwO5MZfLuHiRl1FgLIFqUkde95wedtsNNw0ljPim%2BkbbbIIEFCVQZ6BpWQEUMAgy%2FVFpG0Xp5W9OiVZWwk9h7dC0bzZ8ZXr7cOBp7VK4Xv"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=691200, immutable, s-maxage=10
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6fa90cbe927d-FRA

GET
H3 200 medium.svg
www.getastra.com/blog/wp-content/themes/getastra/img/ 954 B
1 KB 244ms
243ms Image
image/svg+xml 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/img/medium.svg

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/wp-content/themes/getastra/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40df92ca9e852a8346cbb2e3121706ab4cf0e47e5966d9b0fc1ddd19aad32a86

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/wp-content/themes/getastra/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: same-origin
last-modified: Sat, 19 Feb 2022 00:22:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sCyw2RLp393RkMiKIUSJjoWOMaknlb71yCZlBlIe9jeY0L2r3bdZHNj8hqq1Gx5XDMfcT5K3x3c0ND0iMP6NgrOYczFnBJCxUXdw5dVh25Cuc1UfoL4rmO1P6989qdWY1C1Q1S56EOG9Jhc4v4Ne"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=691200, immutable, s-maxage=10
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
cf-ray: 6dfc6fa90cbf927d-FRA

GET
H3 200 trustpilot.png
www.getastra.com/blog/wp-content/themes/getastra/img/ 284 B
1000 B 295ms
295ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/img/trustpilot.png

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/wp-content/themes/getastra/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4226bbf30631d8b85b97355ef88ed511d6bd0559681ed8cd0c4aa5f6358a6d7e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/wp-content/themes/getastra/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 284
pragma: public
referrer-policy: same-origin
last-modified: Fri, 18 Feb 2022 21:53:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2bxKDZNNaqu9D1igGuRBMfWxCz1VMztFqqvjIZzhIr8vXYmLrLUsIwJYE1gHcau2VwYZ1122%2BPXESFTRf76oTgdLx47zYubM4s%2BZP2wCDBK5AxRV94at8PkboGab9AcS%2B7ZFgLy7Wzue%2FChMPGd8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6dfc6fa90cc1927d-FRA

GET
H3 200 capterra.png
www.getastra.com/blog/wp-content/themes/getastra/img/ 1 KB
2 KB 303ms
303ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/img/capterra.png

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/wp-content/themes/getastra/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7455c4fa04c4a21749e4d1cf5c6bdfd2e8ddad262b0cf4e093868749f9322b19

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/blog/wp-content/themes/getastra/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1232
pragma: public
referrer-policy: same-origin
last-modified: Fri, 18 Feb 2022 21:53:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HCCMqXQr3D929fkXKKXIvoLAKeOihsZcSSlF7hpZZQBRXaLd00zhk2ksUwhmBSbfZVaQpkB8wjKyES3CBvtKGtYWHQ0X8PD1bvz%2B%2Byk90C48MBtpL22JhlM7eHx%2B3yOzUXCK%2FzsZqUOY2a9%2FLK9d"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=691200
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6dfc6fa90cc2927d-FRA

GET
H3 200 AvertaStd-Bold.woff2
www.getastra.com/blog/wp-content/themes/getastra/fonts/ 31 KB
32 KB 356ms
355ms Font
text/plain 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/fonts/AvertaStd-Bold.woff2

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/wp-content/themes/getastra/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22dd6b8a3e38bd625ab4d7b5b705879059cb2b6295fa72c61ddae38e06847e79

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.getastra.com/blog/wp-content/themes/getastra/css/fonts.css
Origin: https://www.getastra.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31612
pragma: public
referrer-policy: same-origin
last-modified: Fri, 18 Feb 2022 21:53:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mjrHrNX%2FbRnPyQkmGXQNerDhV1fbOrdFoYP4nptS34sUz0Z9YhMGmhpxpNrKPfazBh6RXVHUPM7nhic0T7R1ePBw2zd%2FKYOtE%2FgVdY%2FwkEmSctZ3zaraFdMwCOD5KHw2gFe%2FFK1E469WElECGnct"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=691200, immutable
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6dfc6fa90cc5927d-FRA

GET
H3 200 MarkPro.woff2
www.getastra.com/blog/wp-content/themes/getastra/fonts/ 41 KB
41 KB 905ms
904ms Font
text/plain 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/fonts/MarkPro.woff2

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/wp-content/themes/getastra/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec99a8d8b62ed8a184acaa45242c6ff157fb03b14c49f7276bad819172e6a8d7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.getastra.com/blog/wp-content/themes/getastra/css/fonts.css
Origin: https://www.getastra.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:53 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41600
pragma: public
referrer-policy: same-origin
last-modified: Fri, 18 Feb 2022 21:53:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3dfVhKNTxR10t%2BZU9OIs5x%2FKaRpZd1luYKJ1GKDWXiTtZ3KsHiBp%2BLIxDo3xWdyE9PAzqU%2F6t3q9MW0nhGDWlTrO0gEvSJDytF8srfvr8VQotfphJ9E0hYhFL%2Fl2KCz1j2V%2B%2BGDwInBbK6uEFjxq"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=691200, immutable
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6dfc6fa90cc7927d-FRA

GET
H3 200 MarkPro-Black.woff2
www.getastra.com/blog/wp-content/themes/getastra/fonts/ 40 KB
41 KB 372ms
372ms Font
text/plain 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/fonts/MarkPro-Black.woff2

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/wp-content/themes/getastra/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86472d0fce107560589aaaaf665817c9ab005b48434aaeff99489b919f9e0778

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.getastra.com/blog/wp-content/themes/getastra/css/fonts.css
Origin: https://www.getastra.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40784
pragma: public
referrer-policy: same-origin
last-modified: Fri, 18 Feb 2022 21:53:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BDuBAqT0C0VJB4y0WNlKOMZZeiK2QVy5%2FtWYgJpg5zqnsjCq%2BAmS9CNj7ISjAjX9chhGEtQrLxZFP3s4xGdmuvStu%2FYz9VElkSW2%2B2XiulAtjRXhMCnzDgIFWK7FFf%2BrzZCDL9rihaLh3Dcpjvuk"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=691200, immutable
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6dfc6fa90cca927d-FRA

GET
H3 200 MarkPro-Book.woff2
www.getastra.com/blog/wp-content/themes/getastra/fonts/ 41 KB
41 KB 315ms
314ms Font
text/plain 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/fonts/MarkPro-Book.woff2

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/wp-content/themes/getastra/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d992a8874abd45c74a5d19e412ae81cbb70467a4b5a9f51ab868ee2df14d4e4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.getastra.com/blog/wp-content/themes/getastra/css/fonts.css
Origin: https://www.getastra.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41744
pragma: public
referrer-policy: same-origin
last-modified: Fri, 18 Feb 2022 21:53:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJu2WFRidXUUGC9G8mvd%2FBQ3LJmCXpQunmVWgBmMXprltDdtF9RJFfFMBfNFGF%2BGWO66wGWwBBhTAoT1RPZCujaMtfpNfJ%2B18Ra1xRa1XA5dcAT0FHycKDec3bLyP%2F5Qnm5XUUgn3ttxPxWfnerz"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=691200, immutable
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6dfc6fa90ccc927d-FRA

GET
H3 200 AvertaStd-Regular.woff2
www.getastra.com/blog/wp-content/themes/getastra/fonts/ 31 KB
32 KB 531ms
530ms Font
text/plain 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/fonts/AvertaStd-Regular.woff2

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/wp-content/themes/getastra/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

379ef6d4177ed1f21893ae2178d1f82a3852755411ae743059780e118b956bfd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.getastra.com/blog/wp-content/themes/getastra/css/fonts.css
Origin: https://www.getastra.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31908
pragma: public
referrer-policy: same-origin
last-modified: Fri, 18 Feb 2022 21:53:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wOFoQDPQk5G4f4yw%2FRCB4rdojqBSquthpf85w2%2B4j9xQZ19QAelqrPpHek478XSeGlOlTluvSroij7KkTO2O27X3mKt4hQBrOTKxgbKHFR%2F%2FA4FXI5QhwsD%2Fl1cJpv8iJtifZ%2FBGxM87TK6gjsoB"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=691200, immutable
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6dfc6fa90ccf927d-FRA

GET
H3 200 MarkPro-Bold.woff2
www.getastra.com/blog/wp-content/themes/getastra/fonts/ 42 KB
43 KB 929ms
928ms Font
text/plain 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/fonts/MarkPro-Bold.woff2

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/wp-content/themes/getastra/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89b636b8450487b82088374d15698140267e3cc1f447a26b915986e2e8eb422c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.getastra.com/blog/wp-content/themes/getastra/css/fonts.css
Origin: https://www.getastra.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:53 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42856
pragma: public
referrer-policy: same-origin
last-modified: Fri, 18 Feb 2022 21:53:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0IXPX2VsKMozmDdW03uyXo3QM1cdDIqM2Er%2F5gZTzy4V25k0%2B05fIjT3Du5NWnzBPXLGbjOEPCDNMrAPIdggLLpR95piQV5k5HV1jLLIT1McSbb%2FPxgdwe0Q4xN86wb280bXBrq9px97vXye3f1c"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=691200, immutable
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6dfc6fa90cd0927d-FRA

GET
H3 200 fa-brands-400.woff2
www.getastra.com/blog/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/webfonts/ 75 KB
76 KB 433ms
433ms Font
text/plain 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/webfonts/fa-brands-400.woff2

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/css/fa.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac584535e55d9b62eef3d3fcbd0a191c2f8ea48c099000bca98d980fb7ba1cba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.getastra.com/blog/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/css/fa.min.css
Origin: https://www.getastra.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76612
pragma: public
referrer-policy: same-origin
last-modified: Fri, 18 Feb 2022 23:01:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YFPVR%2FlygqDFQLgfblW0WSPq8FbyQ5sUMr94ksbMmpyF8nEhdJ2aXctqFgVR%2BT9iIRi5bMXnSiXdViy3qDU4Txjq1ouqYmbgjqYp9KSpYLDXi9oxV%2FP%2FhmYKe3XRpjbJc7YA9iigBdIIgnP1ROOP"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=691200, immutable
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6dfc6fa90cd2927d-FRA

GET
H3 200 fa-solid-900.woff2
www.getastra.com/blog/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/webfonts/ 78 KB
78 KB 412ms
411ms Font
text/plain 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/webfonts/fa-solid-900.woff2

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/css/fa.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc408eac229b6c8af6e076c9cc316208606bdf78e2b981d2215c1c050dbead5e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.getastra.com/blog/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/css/fa.min.css
Origin: https://www.getastra.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 79444
pragma: public
referrer-policy: same-origin
last-modified: Fri, 18 Feb 2022 21:53:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ok%2FQFDj4SsW%2Bq1mRYxs%2BQeGBEsSw5hIXRPUB%2BgbplmCQwX8k0sV7iIgXc6idUDm4xZG16%2FshgMf4E1R6%2BPdwCQvcPsJJNrleh9lsssbA5Mc7WWIZ3GizqDF1jFLyyvRriFE0Mmrw1AjXcjOiNPX"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=691200, immutable
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6dfc6fa90cd3927d-FRA

GET
H3 200 fa-regular-400.woff2
www.getastra.com/blog/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/webfonts/ 13 KB
14 KB 797ms
797ms Font
text/plain 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/webfonts/fa-regular-400.woff2

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/css/fa.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d83434cda85afa4862ef36bb0fc2bb0d70f87c34f9ff09846248d1237cc475f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.getastra.com/blog/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/css/fa.min.css
Origin: https://www.getastra.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13584
pragma: public
referrer-policy: same-origin
last-modified: Fri, 18 Feb 2022 21:53:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5MFcIRw6KP3qznz6Tzv7bSaA95H3Ff%2Fmj4kFlnRSpMDfEGbH%2FfGQfLKswRd3c2MR%2FBL%2B50ANO7jE0B5fCoAGZFbicb8Xyg1LVzxBAlraEyQQkp0UBI6W%2FFdnx1Q%2FDq2Of2L4zlL%2BJzEiVglAQSSX"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=691200, immutable
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6dfc6fa90cd4927d-FRA

GET
H3 200 MarkPro-MediumItalic.woff2
www.getastra.com/blog/wp-content/themes/getastra/fonts/ 41 KB
41 KB 916ms
916ms Font
text/plain 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/fonts/MarkPro-MediumItalic.woff2

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/wp-content/themes/getastra/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0eebda2c992da6e26d5cd9409c287f5ce92d2d353a92662a9301754172263c9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.getastra.com/blog/wp-content/themes/getastra/css/fonts.css
Origin: https://www.getastra.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:53 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41480
pragma: public
referrer-policy: same-origin
last-modified: Fri, 18 Feb 2022 23:01:15 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iOSSxtgMgVlYwpPIBQzOF0vWJgEkZV9wRMYfQeMpZFHmvGCa7Kur0mNXWcxBGzBTVJQJY10XQqUzMpUDCYArrK%2FG6ZYtVd%2FxUDFuwlPS64tI33SyC0Be%2BJgxX0gQsbwqOay71YpVcTzN1vusSWSn"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=691200, immutable
permissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6dfc6fa90cd5927d-FRA

GET
H2 200 e753cf2ddd1db63e608e5c9317b1a1a9
secure.gravatar.com/avatar/ 2 KB
2 KB 22ms
6ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/e753cf2ddd1db63e608e5c9317b1a1a9?s=40&d=retro&r=g
Requested by: Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 40b2f2f0c8ca4fc71a4ea0c31974dcc133b0b8e135f18d7732265c5a29dfef24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sat, 19 Feb 2022 03:33:52 GMT
last-modified: Mon, 03 May 2021 11:29:44 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="e753cf2ddd1db63e608e5c9317b1a1a9.jpeg"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/e753cf2ddd1db63e608e5c9317b1a1a9?s=40&d=retro&r=g>; rel="canonical"
content-length: 1547
expires: Sat, 19 Feb 2022 03:38:52 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ead9d662556a3bcfddaccb89f85f4877a8c2cd7b8aabc4400aa69fc839ddf2f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 35ms
18ms Fetch
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=cf3075be7e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/cf3075be7e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3874680
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2YzyByCJC23kWK0mHE2G7r25AMS2S%2FfrpSgZZ4%2B03XZ29oJ%2F3WOXjOd9hrWy3G2fxJueDZmxzLf9vTmZ03O8wu6YJcI0k8E7SjSFYQlKDbzdl3ePKGIMYBeS5rGQoF83jbniF9cIGas46AGOE8omx1x48Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA50-C1
cf-ray: 6dfc6fabfc316957-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: A7R1gZg8sNuw-JXrpQRyscFPgB8k8XwZYnx76aY2_vXoVu_I29uPKQ==

GET
H2 200 mautic-form.js Show response
go.getastra.com/media/js/ 20 KB
6 KB 304ms
290ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.getastra.com/media/js/mautic-form.js

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/wp-content/themes/getastra/js/mautic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92d1004698f5834d8769c9b7de37db1fef906b80367d0a6d837037ea5fe74604

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 22 Jul 2020 09:27:14 GMT
server: cloudflare
etag: W/"5f180672-4f7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=THkvSB%2FkyXxaiEfb0cm3chUyebj%2FuK3aL%2BokTqnkj9uqANcbUkmzrJgGXsOZE53gjIoqzhlEHC4RhV2NktsFr%2FL8gZ2jhEfJpQoi2ASb55BQhilqsbYzafQL1NTzok0trDIL2l1EvLeslYdJ8LE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=691200
cf-ray: 6dfc6fabfe819268-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 195 KB
63 KB 141ms
54ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5JQNQC6

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7e29118326cddebcc8c10e1458b84ab5b8db65a32c271cb29a5f147ab6e05cd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64008
x-xss-protection: 0
last-modified: Sat, 19 Feb 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 19 Feb 2022 03:33:52 GMT

GET
H3 200 free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 75 KB
76 KB 66ms
55ms Font
font/woff2 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-brands-400.woff2
Requested by: Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813

Request headers

Referer: https://www.getastra.com/
Origin: https://www.getastra.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
via: 1.1 7787c17f7e39468ee68e2078b8b5894e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2121254
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76736
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "4f5ec865a8274ab291b6a42b5f70639e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N05lRkos8f0MXVq3RqH3fzYyovTIcjEPnn0Zo8%2BrQUawQ89nvcqXkDCsBmIitT%2FbbrgalRm9lBRjlqnOH0qsMqtVccyEkvKFAznMb2PkefWgp9yyt1HSvzRjwN3oVhk%2Bl9WHyJt36NWwi38X%2BoKmbbJvYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: JFK51-C1
accept-ranges: bytes
cf-ray: 6dfc6fac7eb48ffb-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 0J6T3mrtjFtiJyoE0CnwGfCVho7vfCRRanWpLEC5bfsAdNHaZyX8lw==

GET
H3 200 free-fa-regular-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 13 KB
14 KB 20ms
14ms Font
font/woff2 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-regular-400.woff2
Requested by: Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48fb6f0d8ac464d95cbc2df3ffa7bf5066950898c5581f5133d0565abb7f706b

Request headers

Referer: https://www.getastra.com/
Origin: https://www.getastra.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2128224
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13216
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "b8f1c6a3a94d42b082c29f0b1db8ba95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KT3h3ER3c6tibvtVx1Uo3Ntu2%2Bkb3e23Kkm8wBEtdiewlsNtibIz6SNNjb6wdIE0abSqFDs4US3KxoZdvnhS1ZOg4wRRzs3M1saCKegRkxsemokdrmFzfeJjIA0q5%2FMSyXMwHZT6Ou5GWy5opWx3O5twxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 6dfc6fac7eb58ffb-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: JzSqYuGY2cEjq4gnIslU0In5xnJjJVdsUJ61sl4TyXmauzl63wMvag==

GET
H3 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 76 KB
77 KB 30ms
24ms Font
font/woff2 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
Requested by: Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

Referer: https://www.getastra.com/
Origin: https://www.getastra.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2128224
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78168
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "a9fd1225fb2cd32320e2b931dca01089"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iqCvTIygGMua4MT%2BCw7OGoVvJTh6vUmezFJhy0FIG%2Fd5zm2vNOGRNeQND13idSzudVdIjCSMm%2FNdEhCAZCWw0yWuJ87MpkLT8V%2FtziNn58D9CgNjw9uGI5FdUt%2F%2F6p%2BbBQ2eDY1ZOVYMrL1e2WBdDqdkzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 6dfc6fac7eb68ffb-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: r1H3ido9cj7BOnGKWw4kDGRu2DsqsqC_tWUtR3UIxA6l_ZiVRa6Htw==

GET
H2 200 l.js Show response
client.crisp.chat/ 8 KB
3 KB 40ms
16ms Script
application/javascript 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/l.js

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e71d08f626e0c80269671eb376ca9d6741dd81ca6caa5451063f0f2bc9b5c82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 64330
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 18 Jan 2022 08:47:47 GMT
server: cloudflare
etag: W/"61e67eb3-1ebe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=86400
access-control-allow-credentials: false
cf-ray: 6dfc6fad78f49076-FRA
access-control-allow-headers: Content-Type, Origin
expires: Sun, 20 Feb 2022 03:33:52 GMT

GET
H2 200 3.0.0 Show response
instant.page/ 2 KB
1 KB 40ms
14ms Script
text/javascript 2606:4700::6811:91a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://instant.page/3.0.0
Requested by: Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:91a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f0ad9f3ff31904d6a4962296240ac2afa342ab957442389db0d04a33b40ef78

Request headers

Referer
Origin: https://www.getastra.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 6dfc6fad7fdf6973-FRA

GET
H2 200 ajce8znv7o Show response
www.clarity.ms/tag/ 572 B
949 B 265ms
142ms Script
application/x-javascript 2620:1ec:27::cafe:1994
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/ajce8znv7o?ref=gtm
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JQNQC6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1994 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: f8bdf994c1b922a492ae885d799d51a921732dbac352d8c7849b601fe8f4dc84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
x-powered-by: ASP.NET
x-azure-ref: 0IGUQYgAAAADUu2IE/zTfQ6I5crgwyiVHSEVMMDFFREdFMjEwOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 tapfiliate.js Show response
script.tapfiliate.com/ 11 KB
12 KB 50ms
9ms Script
text/javascript 18.66.248.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://script.tapfiliate.com/tapfiliate.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JQNQC6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-65.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 75cdd0cd8782116ba8444dabd993758b1b349843584c9631f4f24a4295b98940

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 03:56:38 GMT
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
last-modified: Fri, 10 Jul 2020 09:38:20 GMT
server: AmazonS3
age: 85037
etag: "3a5177f5482ab61da6a0eb7587446403"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 11599
x-amz-cf-id: MJSJC9TJdAIlEjeh9Uyy1JAazaqC6Bhmq4SVtiO1iGFtoR5fCSmbTw==

GET
H2 200 Convertful.js Show response
app.convertful.com/ 54 KB
18 KB 39ms
14ms Script
application/javascript 2606:4700:20::681a:170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.convertful.com/Convertful.js?owner=4475

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JQNQC6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:170 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cd3a316cbdb203bd2a1addbbf11a78276b986f2ee43e8b015ac85bb316bb76f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1599
cf-polished: origSize=55761
strict-transport-security: max-age=0; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Fri, 18 Feb 2022 17:28:58 GMT
server: cloudflare
etag: W/"620fd75a-d9d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r3XOcr1s7HzMdViAp4enA4kODLOGlz59hInPV707l3SZTt9grMdMI0ky8odEHB4qNPh5MhKbA9xsoST1A2VIwcto7SVMQUTwum30O0o5EBVFo1UgLHgoDSWLIgk%2FXcMyLWgO66%2BSXt7%2FxJFXFyATDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-bgj: minify
cache-control: max-age=1800, public
cf-ray: 6dfc6fad7c9691d8-FRA
expires: Sat, 19 Feb 2022 03:09:56 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 29ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: stQphkC3Td1CmcMNshPUGWLw4AiRhSOlRVc0DCfFbTjEynnW39rEO4vrTaSII3Mo16Gs5oxMO378o6nmDjeu5g==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 19 Feb 2022 03:33:52 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 99ms
52ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-672227654

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JQNQC6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8ab99a38c362457b5b6fdd53fde246e5b5577f1d69d545a1d2541d3d3c8db926

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40722
x-xss-protection: 0
last-modified: Sat, 19 Feb 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 19 Feb 2022 03:33:52 GMT

GET
H2 200 cookieconsent.min.css
cdn.jsdelivr.net/gh/ga-delivr/cookie-consent@latest/ 4 KB
2 KB 31ms
14ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/ga-delivr/cookie-consent@latest/cookieconsent.min.css

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JQNQC6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5697bdf4d0c6463f169f852fd90a1d722f01fe07f5154a33259335dbe5806791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 18305
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19154-FRA
timing-allow-origin: *
x-jsd-version-type: branch
server: cloudflare
etag: W/"100e-gRpRv7eni79UuhXRfgjn/KZ8H9g"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6dfc6fad7f4d5c85-FRA

GET
H2 200 cookieconsent.min.js Show response
cdn.jsdelivr.net/gh/ga-delivr/cookie-consent@latest/ 22 KB
7 KB 32ms
15ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/ga-delivr/cookie-consent@latest/cookieconsent.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JQNQC6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48efdd0fffa872b868edf778aec4cd1bc99afeb30ef2cbee16f762f44ce39bb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10249
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19132-FRA
timing-allow-origin: *
x-jsd-version-type: branch
server: cloudflare
etag: W/"5610-2anIc8m8ei6LNpV9z2HnPgHXbeg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6dfc6fad7f4f5c85-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 118ms
36ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JQNQC6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5340
date: Sat, 19 Feb 2022 02:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 19 Feb 2022 04:04:52 GMT

GET
H3 200 1463527970389398 Show response
connect.facebook.net/signals/config/ 308 KB
87 KB 120ms
112ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1463527970389398?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b519b8f531fea2506c9b536b5787505d503e2ca0971e29c00eef50cccbc7d3c3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: UgA5h97dfTlTMjkSrQQdA4CvD4be6kqWi0wQaWevL+eNTCMgI5B5dsX82TfqU6qQfYh7pM7sGmlLa0dOHwm3rA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 19 Feb 2022 03:33:53 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 client.js Show response
client.crisp.chat/static/javascripts/ 381 KB
89 KB 47ms
36ms Script
application/javascript 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/client.js?14441ec

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13c49ce264224a16b8e2b5daad1b593e25479cc6724b5f7e312d532e898b239f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 64875
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 18 Jan 2022 08:47:47 GMT
server: cloudflare
etag: W/"61e67eb3-5f54e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6dfc6fadea636921-FRA
access-control-allow-headers: Content-Type, Origin
expires: Tue, 17 Feb 2032 03:33:52 GMT

GET
H3 200 client_default.css
client.crisp.chat/static/stylesheets/ 328 KB
40 KB 32ms
23ms Stylesheet
text/css 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/stylesheets/client_default.css?14441ec

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7561e680878d5b0ead8704c157156c65b315bae88ba04b914aee6535f4de00c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 64855
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 18 Jan 2022 08:47:47 GMT
server: cloudflare
etag: W/"61e67eb3-521ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6dfc6fadea646921-FRA
access-control-allow-headers: Content-Type, Origin
expires: Tue, 17 Feb 2032 03:33:52 GMT

GET
H3 200 export Show response
app.convertful.com/api/widget/ 137 KB
15 KB 135ms
123ms XHR
application/json 2606:4700:20::681a:170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.convertful.com/api/widget/export?owner=4475&domain=www.getastra.com&subscriber_uid=null

Requested by

Host: app.convertful.com
URL: https://app.convertful.com/Convertful.js?owner=4475

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:170 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cef35bf3f7d4d5b906343ad8f9a2b252633f71e4fc1783712567c8610b597791

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"d5694c52081c214944a02908753dbfb20bb7e5c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=osDTS2JroCw9zHqSKPOGETJg8kw%2Fk9YTGmV%2BBqbAiJYqmBfwFQKSh%2FFq5VbdNvUFFdHZxkQPqwLm1Ytpyg6d8cNysesFnSiTGdmS%2F82phabBlIvuiXBPXJv6O7S8BU1zHP03R9jAQ7UZwS6gAYpbog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.getastra.com
access-control-expose-headers: ETag
cache-control: private, must-revalidate
access-control-allow-credentials: true
cf-ray: 6dfc6fadf9468fd0-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, ETag, If-None-Match, Cache-Control

GET
H2

200

go.getastra.com
getastra.cloudflareaccess.com/cdn-cgi/access/login/
Redirect Chain

https://go.getastra.com/media/css/modal.min.css
https://getastra.cloudflareaccess.com/cdn-cgi/access/login/go.getastra.com?kid=31bdf6f5e431cba8f46d94a9f9b9eeda903069427935fcb9d32ef5e1bbd59c19&redirect_url=%2Fmedia%2Fcss%2Fmodal.min.css&meta=eyJr...

0
0

212ms
183ms

Stylesheet
text/html

2606:4700:300a::6813:c31d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getastra.cloudflareaccess.com/cdn-cgi/access/login/go.getastra.com?kid=31bdf6f5e431cba8f46d94a9f9b9eeda903069427935fcb9d32ef5e1bbd59c19&redirect_url=%2Fmedia%2Fcss%2Fmodal.min.css&meta=eyJraWQiOiIxMmYyMzgxYTM4NWFkZGEyZWFlMzQxZTk1YjFmMWU2N2Q0Yzg3ZDM4ZDA5NDY2Y2FjNGIwMWMyYzcxYTQxNDAxIiwiYWxnIjoiUlMyNTYiLCJ0eXAiOiJKV1QifQ.eyJzZXJ2aWNlX3Rva2VuX3N0YXR1cyI6ZmFsc2UsImlhdCI6MTY0NTI0MTYzMiwic2VydmljZV90b2tlbl9pZCI6IiIsImF1ZCI6IjMxYmRmNmY1ZTQzMWNiYThmNDZkOTRhOWY5YjllZWRhOTAzMDY5NDI3OTM1ZmNiOWQzMmVmNWUxYmJkNTljMTkiLCJob3N0bmFtZSI6ImdvLmdldGFzdHJhLmNvbSIsInR5cGUiOiJtZXRhIiwibmJmIjoxNjQ1MjQxNjMyLCJyZWRpcmVjdF91cmwiOiJcL21lZGlhXC9jc3NcL21vZGFsLm1pbi5jc3MiLCJpc19nYXRld2F5IjpmYWxzZSwiaXNfd2FycCI6ZmFsc2UsImF1dGhfc3RhdHVzIjoiTk9ORSJ9.i6t55z7Fe_i3DZ4VtwnNzVFx7jql7rBlt6ZyNSfGT1qXGV0cizsVDJ3wOTOjuNKQa2ScsEgOvJKx7gxQQxfFzhlp8Xfgffa-bNUg3e-Yn-ENJ9CYsZgAj1ktqLSUxvWlRcIg0PPRlgeX76YEVn5dyZu9QEQaM7Ug6_s0g54zos6tLCdJzfcCTpGVONa2tGv9CDvlWFTlPNl6vcoqvAFtTZDTwhiX2gSJcyFm97Yac9lmEFT9HmWhYNH8ng6-497tkhH__mjvWrZiwFby7yKcZrLUaGgVM4pMyU_wSPDP0hj2xD7dvSzv3TNHGSQNU7vzu_2GZP_JfA2eM3zSNlboKA
Requested by: Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
Protocol: H2
Server: 2606:4700:300a::6813:c31d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date: Sat, 19 Feb 2022 03:33:52 GMT
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nuS%2FQUHSZ3Xa4M6tRgsYqe0YU%2F%2BFAEWR%2FtNqwoUaLwk7cP%2BQ2O5oL%2BYAMhH%2B9Zpbn2FsNoSjaMVLNuG5j4Nmmu9ZO8NAvvqs14r19%2FWPRfCVIFJwuXXwljV27n73bIwsbQA2Xao71OsCJWUvY5Y%3D"}],"group":"cf-nel","max_age":604800}
location: https://getastra.cloudflareaccess.com/cdn-cgi/access/login/go.getastra.com?kid=31bdf6f5e431cba8f46d94a9f9b9eeda903069427935fcb9d32ef5e1bbd59c19&redirect_url=%2Fmedia%2Fcss%2Fmodal.min.css&meta=eyJraWQiOiIxMmYyMzgxYTM4NWFkZGEyZWFlMzQxZTk1YjFmMWU2N2Q0Yzg3ZDM4ZDA5NDY2Y2FjNGIwMWMyYzcxYTQxNDAxIiwiYWxnIjoiUlMyNTYiLCJ0eXAiOiJKV1QifQ.eyJzZXJ2aWNlX3Rva2VuX3N0YXR1cyI6ZmFsc2UsImlhdCI6MTY0NTI0MTYzMiwic2VydmljZV90b2tlbl9pZCI6IiIsImF1ZCI6IjMxYmRmNmY1ZTQzMWNiYThmNDZkOTRhOWY5YjllZWRhOTAzMDY5NDI3OTM1ZmNiOWQzMmVmNWUxYmJkNTljMTkiLCJob3N0bmFtZSI6ImdvLmdldGFzdHJhLmNvbSIsInR5cGUiOiJtZXRhIiwibmJmIjoxNjQ1MjQxNjMyLCJyZWRpcmVjdF91cmwiOiJcL21lZGlhXC9jc3NcL21vZGFsLm1pbi5jc3MiLCJpc19nYXRld2F5IjpmYWxzZSwiaXNfd2FycCI6ZmFsc2UsImF1dGhfc3RhdHVzIjoiTk9ORSJ9.i6t55z7Fe_i3DZ4VtwnNzVFx7jql7rBlt6ZyNSfGT1qXGV0cizsVDJ3wOTOjuNKQa2ScsEgOvJKx7gxQQxfFzhlp8Xfgffa-bNUg3e-Yn-ENJ9CYsZgAj1ktqLSUxvWlRcIg0PPRlgeX76YEVn5dyZu9QEQaM7Ug6_s0g54zos6tLCdJzfcCTpGVONa2tGv9CDvlWFTlPNl6vcoqvAFtTZDTwhiX2gSJcyFm97Yac9lmEFT9HmWhYNH8ng6-497tkhH__mjvWrZiwFby7yKcZrLUaGgVM4pMyU_wSPDP0hj2xD7dvSzv3TNHGSQNU7vzu_2GZP_JfA2eM3zSNlboKA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
strict-transport-security: max-age=2592000
cf-ray: 6dfc6fadec1b927d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 94ms
49ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=96960590&t=pageview&_s=1&dl=https%3A%2F%2Fwww.getastra.com%2Fblog%2F911%2Fwordpress-files-hacked-wp-config-php-hack%2F&ul=en-us&de=UTF-8&dt=Fixing%20wp-config.php%20and%20wp-content%2Fuploads%20file%20Hack%20in%20WordPress&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=1803550120&gjid=171258057&cid=401264164.1645241633&tid=UA-62532637-1&_gid=887587620.1645241633&_r=1&gtm=2wg2g05JQNQC6&z=278593509

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 03:33:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.getastra.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 139ms
54ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-672227654

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14879
x-xss-protection: 0
server: cafe
etag: 17635014576153706337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 03:33:53 GMT

GET
H3 200 / Show response
client.crisp.chat/settings/website/b13579b1-ab47-49ee-b13a-d933e23722bc/prelude/ 78 B
511 B 53ms
53ms Script
application/javascript 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/settings/website/b13579b1-ab47-49ee-b13a-d933e23722bc/prelude/?callback=window.%24crisp.__spool.website_handler&2022-1-19-3-33

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?14441ec

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5988aa07bdf37b8f259192eebe90e7188b7949cd97d8692587ff1eeed8d98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 19 Feb 2022 03:33:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: false
cf-ray: 6dfc6faeab656921-FRA
access-control-allow-headers: Content-Type, Origin
expires: Sat, 19 Feb 2022 07:33:53 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-62532637-1&cid=401264164.1645241633&jid=1803550120&gjid=171258057&_gid=887587620.1645241633&_u=YGBACEAABAAAAC~&z=107454926

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 19 Feb 2022 03:33:53 GMT
content-type: text/plain
access-control-allow-origin: https://www.getastra.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
h.clarity.ms/s/0.6.32/ 53 KB
23 KB 433ms
93ms Script
application/javascript 52.224.31.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://h.clarity.ms/s/0.6.32/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ajce8znv7o?ref=gtm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:53 GMT
content-encoding: br
etag: "1d8191fe855c690"
last-modified: Thu, 03 Feb 2022 17:03:04 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=84DB7DD92058481C9D13AA85FF4D87D0&RedC=c.clarity.ms&MXFR=3C0712ACF0C3634E125003FCF4C36D13
https://c.clarity.ms/c.gif?CtsSyncId=84DB7DD92058481C9D13AA85FF4D87D0&MUID=3D01869139EF69641F3D97C138846812

42 B
368 B

26ms
26ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=84DB7DD92058481C9D13AA85FF4D87D0&MUID=3D01869139EF69641F3D97C138846812
Requested by: Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 03:33:52 GMT
last-modified: Fri, 18 Feb 2022 21:27:03 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "7f9eac45e25d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 19 Feb 2022 03:33:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BC1604239E7B448987AD4C8B08DD142B Ref B: FRAEDGE1518 Ref C: 2022-02-19T03:33:53Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=84DB7DD92058481C9D13AA85FF4D87D0&MUID=3D01869139EF69641F3D97C138846812
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/672227654/ 2 KB
2 KB 138ms
51ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/672227654/?random=1645241633166&cv=9&fst=1645241633166&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.getastra.com%2Fblog%2F911%2Fwordpress-files-hacked-wp-config-php-hack%2F&tiba=Fixing%20wp-config.php%20and%20wp-content%2Fuploads%20file%20Hack%20in%20WordPress&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a887411cba44f9a6c561c6781c833a40b6c5272752d40b2aeee6f2105770d309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 03:33:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1093
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 135ms
47ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-62532637-1&cid=401264164.1645241633&jid=1803550120&_u=YGBACEAABAAAAC~&z=1146834576

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 03:33:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 141ms
50ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-62532637-1&cid=401264164.1645241633&jid=1803550120&_u=YGBACEAABAAAAC~&z=1146834576

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 03:33:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
client.crisp.chat/settings/website/b13579b1-ab47-49ee-b13a-d933e23722bc/ 30 KB
7 KB 70ms
70ms Script
application/javascript 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/settings/website/b13579b1-ab47-49ee-b13a-d933e23722bc/?callback=window.%24crisp.__spool.website_handler&1644068915156

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?14441ec

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

338cf7ba106df2797f98fc3c3636fde670c31194fe356d9c1aed7b4c052849bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 18 Feb 2022 19:49:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: false
cf-ray: 6dfc6fb02d056921-FRA
access-control-allow-headers: Content-Type, Origin
expires: Sat, 19 Feb 2022 07:33:53 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/672227654/ 42 B
64 B 101ms
53ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/672227654/?random=1645241633166&cv=9&fst=1645239600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.getastra.com%2Fblog%2F911%2Fwordpress-files-hacked-wp-config-php-hack%2F&tiba=Fixing%20wp-config.php%20and%20wp-content%2Fuploads%20file%20Hack%20in%20WordPress&async=1&fmt=3&is_vtc=1&random=3946504596&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 03:33:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/672227654/ 42 B
154 B 52ms
52ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/672227654/?random=1645241633166&cv=9&fst=1645239600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.getastra.com%2Fblog%2F911%2Fwordpress-files-hacked-wp-config-php-hack%2F&tiba=Fixing%20wp-config.php%20and%20wp-content%2Fuploads%20file%20Hack%20in%20WordPress&async=1&fmt=3&is_vtc=1&random=3946504596&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 03:33:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 en.js Show response
client.crisp.chat/static/javascripts/locales/ 6 KB
3 KB 13ms
13ms Script
application/javascript 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/locales/en.js?14441ec

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?14441ec

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ae91dd76ffe339d4668fe648aea2624d7d348c5164d296ccd5edd32d655711e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 64309
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 18 Jan 2022 08:47:47 GMT
server: cloudflare
etag: W/"61e67eb3-1822"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6dfc6fb09d9a6921-FRA
access-control-allow-headers: Content-Type, Origin
expires: Tue, 17 Feb 2032 03:33:53 GMT

GET
DATA 200
OK truncated
/ 881 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 zig-zag.svg
client.crisp.chat/static/images/tiles/ 247 B
608 B 25ms
24ms Image
image/svg+xml 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://client.crisp.chat/static/images/tiles/zig-zag.svg?14441ec

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/stylesheets/client_default.css?14441ec

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

334eab311e74044228a93ffccf895743405c039325dffa4cb2a3c56d2358229c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.crisp.chat/static/stylesheets/client_default.css?14441ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 61973
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 18 Jan 2022 08:47:27 GMT
server: cloudflare
etag: W/"61e67e9f-f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6dfc6fb18ec76921-FRA
access-control-allow-headers: Content-Type, Origin
expires: Tue, 17 Feb 2032 03:33:53 GMT

GET
DATA 200
OK truncated
/ 308 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 626caf211b150d21f5c20b05b378cb99540ae81d719b2af1cb1e29081704238d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 /
image.crisp.chat/process/thumbnail/ 12 KB
12 KB 44ms
35ms Image
image/jpeg 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.crisp.chat/process/thumbnail/?url=https%3A%2F%2Fstorage.crisp.chat%2Fusers%2Favatar%2Foperator%2Fef77e6f57206b800%2Fshikhil-1__01_1gm74f5.jpg&width=240&height=240&1644068915156

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff0a80bbf27545d30c0c602128f801ea154f43c79f07e4a0193ca22ed78bebf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:53 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12487
last-modified: Sat, 19 Feb 2022 03:11:25 GMT
server: cloudflare
etag: W/"30c7-17f0ff679cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6dfc6fb17cf79076-FRA
expires: Tue, 17 Feb 2032 03:33:53 GMT

GET
H2 200 /
image.crisp.chat/process/thumbnail/ 11 KB
11 KB 21ms
13ms Image
image/jpeg 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.crisp.chat/process/thumbnail/?url=https%3A%2F%2Fstorage.crisp.chat%2Fusers%2Favatar%2Foperator%2Fc8ba3a2f2bda6000%2Fman-09-01_1mhfegd.jpg&width=240&height=240&1644068915156

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e88fb5c10610e2973a8b88b1be433a503a5f4b0d1a908978a9a297e03f656d42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 66890
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11136
expires: Tue, 17 Feb 2032 03:33:53 GMT
last-modified: Fri, 18 Feb 2022 08:09:00 GMT
server: cloudflare
etag: W/"2b80-17f0be09002"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6dfc6fb17cf59076-FRA
cf-bgj: h2pri

GET
H2 200 /
image.crisp.chat/process/thumbnail/ 15 KB
15 KB 24ms
16ms Image
image/jpeg 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.crisp.chat/process/thumbnail/?url=https%3A%2F%2Fstorage.crisp.chat%2Fusers%2Favatar%2Foperator%2Fb2e828790e537000%2Fankit-3_yaw69d.jpg&width=240&height=240&1644068915156

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1af1b3bb415a388a78e4ab79d766827f1f9e7c3fdb4633db4a9e58660a86645d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 23005
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15517
expires: Tue, 17 Feb 2032 03:33:53 GMT
last-modified: Fri, 18 Feb 2022 14:25:56 GMT
server: cloudflare
etag: W/"3c9d-17f0d39a899"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6dfc6fb17cf89076-FRA
cf-bgj: h2pri

GET
DATA 200
OK truncated
/ 196 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb7f12659f78c570857b0a6f5d8aae5f16f3a1af4a6915cc03f18b1c6699eaef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 noto_sans_regular.woff2
client.crisp.chat/static/fonts/noto_sans/0020-007F/ 10 KB
11 KB 32ms
22ms Font
application/font-woff2 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/fonts/noto_sans/0020-007F/noto_sans_regular.woff2?14441ec

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/stylesheets/client_default.css?14441ec

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3dd77dcb09b4dd4f21dc57d0babf83c04d10eedd13037572384179d30106e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://client.crisp.chat/static/stylesheets/client_default.css?14441ec
Origin: https://www.getastra.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27836
access-control-max-age: 300
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10340
last-modified: Tue, 18 Jan 2022 08:47:27 GMT
server: cloudflare
etag: "61e67e9f-2864"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 6dfc6fb18d745b7a-FRA
access-control-allow-headers: Content-Type, Origin
expires: Tue, 17 Feb 2032 03:33:53 GMT

GET
H3 200 noto_sans_bold.woff2
client.crisp.chat/static/fonts/noto_sans/0020-007F/ 10 KB
10 KB 27ms
18ms Font
application/font-woff2 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/fonts/noto_sans/0020-007F/noto_sans_bold.woff2?14441ec

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/stylesheets/client_default.css?14441ec

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73d7d4ea3f62303b780f0225e5346e5047cfb41fcae7ac19e99af8a3e1950973

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://client.crisp.chat/static/stylesheets/client_default.css?14441ec
Origin: https://www.getastra.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27836
access-control-max-age: 300
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10252
last-modified: Tue, 18 Jan 2022 08:47:27 GMT
server: cloudflare
etag: "61e67e9f-280c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 6dfc6fb18d755b7a-FRA
access-control-allow-headers: Content-Type, Origin
expires: Tue, 17 Feb 2032 03:33:53 GMT

GET
H3 200 noto_sans_regular.woff2
client.crisp.chat/static/fonts/noto_sans/2000-206F/ 7 KB
7 KB 19ms
16ms Font
application/font-woff2 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/fonts/noto_sans/2000-206F/noto_sans_regular.woff2?14441ec

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/stylesheets/client_default.css?14441ec

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc5b29b8d5bac56012c2a0707dfef2d4fc945ffe72e7e1a2c58e5de080e11848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://client.crisp.chat/static/stylesheets/client_default.css?14441ec
Origin: https://www.getastra.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27836
access-control-max-age: 300
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7012
last-modified: Tue, 18 Jan 2022 08:47:27 GMT
server: cloudflare
etag: "61e67e9f-1b64"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 6dfc6fb18d735b7a-FRA
access-control-allow-headers: Content-Type, Origin
expires: Tue, 17 Feb 2032 03:33:53 GMT

GET
H3 200 chat-message-receive.oga Show response
client.crisp.chat/static/sounds/events/ 11 KB
11 KB 18ms
18ms XHR
audio/ogg 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/sounds/events/chat-message-receive.oga?14441ec

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?14441ec

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

158e6f55c804592292dff060cfeb8d04d4c3c4982e42ce22d970ade99ace47c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 65048
access-control-max-age: 300
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11014
last-modified: Tue, 18 Jan 2022 08:47:24 GMT
server: cloudflare
etag: "61e67e9c-2b06"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: audio/ogg
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 6dfc6fb18d7a5b7a-FRA
access-control-allow-headers: Content-Type, Origin
expires: Tue, 17 Feb 2032 03:33:53 GMT

GET
H3 200 /
image.crisp.chat/avatar/website/b13579b1-ab47-49ee-b13a-d933e23722bc/240/ 7 KB
7 KB 15ms
14ms Image
image/png 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.crisp.chat/avatar/website/b13579b1-ab47-49ee-b13a-d933e23722bc/240/?1644068915156

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81dd6a3a572859c24db6fd9b7b92523e63f1cba39fc808493a7ac2bd893687d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 74143
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7161
last-modified: Wed, 16 Feb 2022 12:26:26 GMT
server: cloudflare
etag: W/"1bf9-17f027f86b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6dfc6fb19ee16921-FRA
expires: Tue, 17 Feb 2032 03:33:53 GMT

GET
H3 200 SecurityPoweredByAstra.png
cdn.jsdelivr.net/gh/ga-delivr/cookie-consent@latest/ 3 KB
3 KB 29ms
18ms Image
image/png 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/ga-delivr/cookie-consent@latest/SecurityPoweredByAstra.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1f25fe89b20305f5203a78b764eaa596083e081de1af678c81003e25ba5ca94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 40438
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2944
x-served-by: cache-fra19167-FRA
timing-allow-origin: *
x-jsd-version-type: branch
server: cloudflare
etag: W/"b80-0thswSVu97e2w3OIOPSvVwXBGvM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
cf-ray: 6dfc6fb34e2b6963-FRA

POST
H2 204 collect Show response
h.clarity.ms/ 0
71 B 91ms
90ms XHR
text/plain 52.224.31.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://h.clarity.ms/collect
Requested by: Host: h.clarity.ms
URL: https://h.clarity.ms/s/0.6.32/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://www.getastra.com
date: Sat, 19 Feb 2022 03:33:53 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H3 200 chat-message-receive.oga Show response
client.crisp.chat/static/sounds/events/ 11 KB
11 KB 13ms
12ms XHR
audio/ogg 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/sounds/events/chat-message-receive.oga?14441ec

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?14441ec

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

158e6f55c804592292dff060cfeb8d04d4c3c4982e42ce22d970ade99ace47c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 65048
access-control-max-age: 300
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11014
last-modified: Tue, 18 Jan 2022 08:47:24 GMT
server: cloudflare
etag: "61e67e9c-2b06"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: audio/ogg
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 6dfc6fb34ec25b7a-FRA
access-control-allow-headers: Content-Type, Origin
expires: Tue, 17 Feb 2032 03:33:53 GMT

GET
H3 200 /
image.crisp.chat/process/thumbnail/ 12 KB
13 KB 18ms
17ms Image
image/jpeg 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.crisp.chat/process/thumbnail/?url=https%3A%2F%2Fstorage.crisp.chat%2Fusers%2Favatar%2Foperator%2Fef77e6f57206b800%2Fshikhil-1__01_1gm74f5.jpg&width=240&height=240&1644068915156

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff0a80bbf27545d30c0c602128f801ea154f43c79f07e4a0193ca22ed78bebf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 74144
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12487
expires: Tue, 17 Feb 2032 03:33:53 GMT
last-modified: Fri, 18 Feb 2022 02:20:26 GMT
server: cloudflare
etag: W/"30c7-17f0aa17129"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6dfc6fb399ec6921-FRA
cf-bgj: h2pri

GET
DATA 200
OK truncated
/ 245 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d207cfa3e39eee38539cbe26f1d12affdee8f9b0b4f581edeea9fa2b4ac7ed4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 241 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c6d218d569bc6ae5d306d761bf13ddde3e88876bfd8e48762dc46fdaa341e52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 587 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 94b707aa10beaed6ecaf98182e8039fb7465ac4b904c01f4fafe6091620aa975

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 197 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5fd9c7f15ab839e689cf15f054a97ceb74aceaf921bf49c02a42244f52d7b6aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 /
image.crisp.chat/process/thumbnail/ 12 KB
13 KB 20ms
19ms Image
image/jpeg 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.crisp.chat/process/thumbnail/?url=https%3A%2F%2Fstorage.crisp.chat%2Fusers%2Favatar%2Foperator%2Fef77e6f57206b800%2Fshikhil-1__01_1gm74f5.jpg&width=240&height=240&1644068915156

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff0a80bbf27545d30c0c602128f801ea154f43c79f07e4a0193ca22ed78bebf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.getastra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 74144
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12487
expires: Tue, 17 Feb 2032 03:33:53 GMT
last-modified: Fri, 18 Feb 2022 02:20:26 GMT
server: cloudflare
etag: W/"30c7-17f0aa17129"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6dfc6fb3fa3d6921-FRA
cf-bgj: h2pri

POST
H2 204 collect Show response
h.clarity.ms/ 0
25 B 275ms
275ms XHR
text/plain 52.224.31.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://h.clarity.ms/collect
Requested by: Host: h.clarity.ms
URL: https://h.clarity.ms/s/0.6.32/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://www.getastra.com
date: Sat, 19 Feb 2022 03:33:53 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

POST
H2 204 collect Show response
h.clarity.ms/ 0
48 B 91ms
90ms XHR
text/plain 52.224.31.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://h.clarity.ms/collect
Requested by: Host: h.clarity.ms
URL: https://h.clarity.ms/s/0.6.32/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://www.getastra.com
date: Sat, 19 Feb 2022 03:33:56 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H/1.1 200
OK track.js Show response
serve.albacross.com/ 10 KB
5 KB 52ms
10ms Script
application/javascript 108.157.4.127

General

Check archive.org

Show headers Download Go to

Full URL: https://serve.albacross.com/track.js
Requested by: Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.127 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 38fbe56978cc73ba5a5f8c85b360f71aca125c2cd850a3cd6c3683385e388702

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 03:33:18 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 08 Apr 2021 13:13:21 GMT
Server: AmazonS3
Age: 51
ETag: W/"b769e9b4f23be6c9bab7c715fdf2526a"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
Cache-Control: max-age=120
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-P2
X-Amz-Cf-Id: lG7v3KXyCLTwNlmwUPm1cnWdt_KDEhxqzM6Cfd17v7VpsxWHTOsRNw==

GET
H2 200 110 Show response
dash.getastra.com/seal/draw/qEmJ5EdfzT16/ Frame AB03 4 KB
5 KB 234ms
224ms Document
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dash.getastra.com/seal/draw/qEmJ5EdfzT16/110

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a4201ed6221579396e95195b7901d487ee8e9fe4778022027332668aca085d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 19 Feb 2022 03:33:58 GMT
content-type: text/html; charset=UTF-8
x-mod-pagespeed: 1.13.35.2-0
vary: Accept-Encoding
cache-control: max-age=0, no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pgGMSL7mP%2BiP6YPG%2FfnICCfUx4Ddeyik%2Ffc6ePUUPwAeMm1VPXquN4IGBxcU97VXA%2Br7DnoHsGADSKhwbWwO7X4yVKsoUSGiohQO92HPHPUJSp6QgC6MPjvkQKcGQ7272w5KxOEoEAOob5UhLBaL7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6dfc6fccbbf19268-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jSscO-IEdbgOmqabm4JqEfVEIAc.js Show response
dash.getastra.com/cdn-cgi/apps/head/ Frame AB03 7 KB
3 KB 32ms
31ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dash.getastra.com/cdn-cgi/apps/head/jSscO-IEdbgOmqabm4JqEfVEIAc.js

Requested by

Host: dash.getastra.com
URL: https://dash.getastra.com/seal/draw/qEmJ5EdfzT16/110

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd71a9264f56c0d43f3122826b3c21ee9b41157fc7065d5acba749a045d28802

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dash.getastra.com/seal/draw/qEmJ5EdfzT16/110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1458
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 63JE0BM7KA7RM4NK
x-amz-id-2: NT3zPJ77oBlT9tf7/LzrXjlk7653Spp5KpU6JBQUqv9fwUogBjAQmu4MGEnOlqlmdoNF+H0c4sk=
last-modified: Thu, 19 Aug 2021 13:00:22 GMT
server: cloudflare
etag: W/"b89917619835640b33426f5fad66fd5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xkEFBUlKGbpTM61aSYfOjnQxwKEeX4thOGsYhZ8rwR%2FexoZxe9AeZ0UHTQi2TYNmFcFJayjByNI1M%2Bp3Ys%2BC6bl3zvY1rwDn%2FBt%2BmPVHpzKkGFmta3UlxE7DmVNgiP7m9EptqVFw3wfhLBrL9o7Q%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: abxbh0KptqvM3rNdnSvV2t_podgV3Fmo
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6dfc6fce3bc5927d-FRA

GET xastra-seal-v3-back.png.pagespeed.ic.m6LzNA9m8a.webp
dash.getastra.com/assets/seal/ Frame AB03 0
0

GET
H3 200 HDBaI3TEfOa-RZ1-tgLDoxABaUE.js Show response
dash.getastra.com/cdn-cgi/apps/body/ Frame AB03 33 KB
12 KB 19ms
19ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dash.getastra.com/cdn-cgi/apps/body/HDBaI3TEfOa-RZ1-tgLDoxABaUE.js

Requested by

Host: dash.getastra.com
URL: https://dash.getastra.com/cdn-cgi/apps/head/jSscO-IEdbgOmqabm4JqEfVEIAc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7cd3e4c127daccac292779eae92b1b8b644772efb0bcdf4ced7ef7a73a8286b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dash.getastra.com/seal/draw/qEmJ5EdfzT16/110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:33:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1458
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 63JA56ZQZ8H7WSJT
x-amz-id-2: 1zG4NlW8j4wBAVAsrQSyOsXwK1Qx1RIh/qbMjXVzsFP0A0floVwWD1R+Mh6XtouOCVjifm4TtVg=
last-modified: Thu, 19 Aug 2021 13:00:21 GMT
server: cloudflare
etag: W/"5cdb6552f6a72755b9c180c02d8ed6cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ERenLeElRGUXHqZbbmTJZqwfsaNKvsP9ETCsKI48yIoHm4BBVTNs7WF6IBHdMpxZuCLQRJkk5HhZHGoFyMCVwkG0QGrkzEp%2B5lSphGMpXw4hMyKc9VY9zYwGnxydxY6wAdjTKwFVdv0JApxWPjJ%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: f12jJHZOrYUnDei4A1SCtU_DfS8Xd8bL
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6dfc6fce6c15927d-FRA

GET
DATA 200
OK truncated
/ Frame AB03 2 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c53cf862125379af4f415d0faae379166d55e0d4b0fb82bad41caf8426453ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ Frame AB03 3 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ead9d662556a3bcfddaccb89f85f4877a8c2cd7b8aabc4400aa69fc839ddf2f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dash.getastra.com
URL: https://dash.getastra.com/assets/seal/xastra-seal-v3-back.png.pagespeed.ic.m6LzNA9m8a.webp

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.getastra.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: oaf1vdhb8f3atktd7tj5tj8bbq
www.getastra.com/	1970-01-20 01:43:53	Name: helpful_user Value: 184ba86ac80fbbb5e6be4aefef2405e5
www.getastra.com/	1970-01-20 18:31:53	Name: conv_person Value: {"$visitNum":1,"$fvDate":1645241632}
.getastra.com/	1970-01-20 18:31:53	Name: _ga Value: GA1.2.401264164.1645241633
.getastra.com/	1970-01-20 01:02:08	Name: _gid Value: GA1.2.887587620.1645241633
.getastra.com/	1970-01-20 01:00:41	Name: _gat_UA-62532637-1 Value: 1
.getastra.com/	1970-01-20 03:10:17	Name: _gcl_au Value: 1.1.784172906.1645241633
app.convertful.com/	1969-12-31 23:59:59	Name: session Value: 412ir8j2427q73vlnbq0etperp
app.convertful.com/	1970-01-20 01:00:43	Name: site_6090_session_id Value: 840f4dcafe50ca049e80a4a7e53d68510b0699bc~6090
www.getastra.com/	1969-12-31 23:59:59	Name: conv_geoip Value: 2a03:1b20:6:f011::6e,28102,29207,29210
www.getastra.com/	1970-01-20 18:31:53	Name: conv_session Value: {"start":1645241632,"shown":[],"startUrl":"https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/","referrer":"","expires":1645243433,"isNew":false,"pageViews":1,"ab":[27061,29670,31031]}
www.clarity.ms/	1970-01-20 09:46:17	Name: CLID Value: 0621c9d370494fec9921d64f819c317e.20220219.20230219
getastra.cloudflareaccess.com/	1970-01-20 01:00:56	Name: CF_Session Value: nBUFLSEcYO030JZCi
.getastra.com/	1970-01-20 05:23:29	Name: crisp-client%2Fsession%2Fb13579b1-ab47-49ee-b13a-d933e23722bc Value: session_e737c1f9-7c43-4de4-b51c-2b55ffb920ff
.c.bing.com/	1970-01-20 10:22:17	Name: SRM_B Value: 3D01869139EF69641F3D97C138846812
.doubleclick.net/	1970-01-20 01:00:42	Name: test_cookie Value: CheckForPermission
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 10:22:17	Name: MUID Value: 3D01869139EF69641F3D97C138846812
.c.clarity.ms/	1970-01-20 01:00:42	Name: ANONCHK Value: 0
www.getastra.com/	1970-01-20 01:03:34	Name: crisp-client%2Fsocket%2Fb13579b1-ab47-49ee-b13a-d933e23722bc Value: 1
.getastra.com/	1970-01-20 09:46:17	Name: _clck Value: av7176\|1\|ez4\|0
.getastra.com/	1970-01-20 01:02:08	Name: _clsk Value: 72yl4b\|1645241633891\|1\|1\|h.clarity.ms/collect

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.convertful.com
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
cdnjs.cloudflare.com
client.crisp.chat
connect.facebook.net
dash.getastra.com
getastra.cloudflareaccess.com
go.getastra.com
googleads.g.doubleclick.net
h.clarity.ms
image.crisp.chat
instant.page
ka-f.fontawesome.com
kit.fontawesome.com
maxcdn.bootstrapcdn.com
script.tapfiliate.com
secure.gravatar.com
serve.albacross.com
stats.g.doubleclick.net
www.clarity.ms
www.getastra.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
dash.getastra.com
108.157.4.127
142.250.185.226
18.66.248.65
2606:4700:20::681a:170
2606:4700:300a::6813:c31d
2606:4700::6810:135e
2606:4700::6810:5514
2606:4700::6811:91a
2606:4700::6812:1634
2606:4700::6812:1c5b
2606:4700::6812:acf
2620:1ec:27::cafe:1994
2620:1ec:c11::200
2a00:1450:4001:801::2003
2a00:1450:4001:810::2004
2a00:1450:4001:827::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2002
2a00:1450:400c:c0c::9c
2a03:2880:f02d:12:face:b00c:0:3
2a04:fa87:fffe::c000:4902
2a06:98c1:3121::7
52.142.114.2
52.224.31.34
069c2ed87e1fab1967a71f3159f103565c1284bfac95512f579dfb365b4b69b7
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
0a506bf66d9868a3dc52aa0cdff4065254aa58eb7eee4b937064db6995895303
0d93dd5cfabfd4f549843f147463fe06b2e8ce2179c1009bee96de5ba485534d
0e6b2155ad9148db0cae7de728709f425329c2199b80eba4d273b507e3e38b63
110819e44d1ea5e37e914a54b6003ba4af0264549bd3b53be778e81dfb7a62c9
13c49ce264224a16b8e2b5daad1b593e25479cc6724b5f7e312d532e898b239f
158e6f55c804592292dff060cfeb8d04d4c3c4982e42ce22d970ade99ace47c4
15d52ea91a7e1694cff162cf736c515c6e8c6651e3ced4d3f842cf779f3c2fa3
176f5f51ef011643df76e33a7b6355060203ec4d8511c8aea5e7ed43aa358695
19eac541b697d3d0d920597542de50fdeb3a9e1dc561d108f1fd9ecd7ecc6153
1af1b3bb415a388a78e4ab79d766827f1f9e7c3fdb4633db4a9e58660a86645d
1fa3782c6c94e24e5430e53c2e6a06b2edc3a280462f8b7b2ff2e15e565f22ef
20827b7ad5b97aefb9920008ee31f8291119163aa09d4d271597760058396dd4
22dd6b8a3e38bd625ab4d7b5b705879059cb2b6295fa72c61ddae38e06847e79
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
2904d8adb48a8317cdd83ad6a2fbd34e71f698832127ffeb627ebfdf4ff734e5
2aa50913ebfbbfdbbd569065c999e5bf2d706756274063a2d7deca7957360794
2b097154b541eccff5cad8e46948eea5cd7effa7cb61c534b1443c253c3ca2eb
2e797cefbc2ffe5eed70f532aee1e2a2d99beb2f208d0b3bb469079c17234d2f
334eab311e74044228a93ffccf895743405c039325dffa4cb2a3c56d2358229c
338cf7ba106df2797f98fc3c3636fde670c31194fe356d9c1aed7b4c052849bd
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65
37747ae89f1e0903a71134d15140cbd1ce0266399bf5b20980aa07e47103ce87
3790e60f2c2f04629f17302f91cc4145231038fff3cbad2df20bc91642f56705
379ef6d4177ed1f21893ae2178d1f82a3852755411ae743059780e118b956bfd
38fbe56978cc73ba5a5f8c85b360f71aca125c2cd850a3cd6c3683385e388702
3c53cf862125379af4f415d0faae379166d55e0d4b0fb82bad41caf8426453ad
3dde3f6c190360b68bb5d262e11631dafa832e5323d2490edfb61cca91e81afc
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
40b2f2f0c8ca4fc71a4ea0c31974dcc133b0b8e135f18d7732265c5a29dfef24
40df92ca9e852a8346cbb2e3121706ab4cf0e47e5966d9b0fc1ddd19aad32a86
4226bbf30631d8b85b97355ef88ed511d6bd0559681ed8cd0c4aa5f6358a6d7e
42cbe59132abb4cc85b3901a9141bada3dd1ca7a8a833ed2fc6eeb7fc59c1e77
4444bd8b37eede9c585bbea924a250c9c87008832f661f33ab0ec201f4cea620
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
48efdd0fffa872b868edf778aec4cd1bc99afeb30ef2cbee16f762f44ce39bb8
48fb6f0d8ac464d95cbc2df3ffa7bf5066950898c5581f5133d0565abb7f706b
49e63f9c88cd2c6d0c28a9f64e22bd58c8fc031e2b9492c35abac4ed6e27663b
4a9f72e4c3a0db6c8eeeed5637d94700e327b8e67dc4f95e22a8a27713c9ab85
4ae91dd76ffe339d4668fe648aea2624d7d348c5164d296ccd5edd32d655711e
4b4a983c81a9fc00b15be32936d842568e6c079839734bd01b533125c2400bed
4e857e52f3825038a21bb1fd8a89a150038f6d6418f994abb2b315380e0bc36f
540a8767e69d91c97c8e3a021b3c951164cac09c191a6445342dbe6c2cea003f
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5697bdf4d0c6463f169f852fd90a1d722f01fe07f5154a33259335dbe5806791
58c51fd0e5d65e8619ffb83c061567b4e981afee57973bcf08b13ed323d2c48d
5961769bed095e4abc2daa61e036e1e31c7a157aadb19b183c8913d9a09a298b
5978d7eee4b0fb37c9409a3315f1ca722ebd7dfd476a42e9efa8cb016c076414
5e71d08f626e0c80269671eb376ca9d6741dd81ca6caa5451063f0f2bc9b5c82
5fd9c7f15ab839e689cf15f054a97ceb74aceaf921bf49c02a42244f52d7b6aa
600d2376d46f5075f7f2a27e013efe08af29a5378eba5b9d079f61c7cdb3aa9b
602b5cddd5f26575ce7372dba26a31404bdab5caa5234ca182684407cd413a76
6071f4e4c890545ad0f59302890def2aebb273acd131ed7ec434b26dfebad1e2
626caf211b150d21f5c20b05b378cb99540ae81d719b2af1cb1e29081704238d
653b40ccb6ed560a39d8f3dc1902b946647a9939b955c6c53116454bdfe4c4e9
669494836ab1e1c80a178955e1e6ec948f5ff069e6b6d5af83e883fde6eafc03
696abb1249ad3aac33060bfed46b870e4a645faf9b96a9b81b3af85a4ef42694
6a3dd77dcb09b4dd4f21dc57d0babf83c04d10eedd13037572384179d30106e5
6f0ad9f3ff31904d6a4962296240ac2afa342ab957442389db0d04a33b40ef78
73d7d4ea3f62303b780f0225e5346e5047cfb41fcae7ac19e99af8a3e1950973
7455c4fa04c4a21749e4d1cf5c6bdfd2e8ddad262b0cf4e093868749f9322b19
7561e680878d5b0ead8704c157156c65b315bae88ba04b914aee6535f4de00c1
75cdd0cd8782116ba8444dabd993758b1b349843584c9631f4f24a4295b98940
76517224a46b2a012999bd0cd1ab535001244236d9138fd8184833856df340de
76a18f5f0637e0d73ce1afece898ce8b0fa75bb6b1c1990ae4a7ac6b083045ce
77b81eb119d1b3c4d588a5e90ba655c8f70fd4c93b5fbdd2f5a7b6d7fba539e6
78e828d0eb4b2f871dabb45dc1152218a2d7f57b0827b9c685610a6e88665404
7a4201ed6221579396e95195b7901d487ee8e9fe4778022027332668aca085d9
7b6fef0a63424245b31b293b1a3bfd074c9da482e28fb9e920e1cf306e54e8a2
7cd3a316cbdb203bd2a1addbbf11a78276b986f2ee43e8b015ac85bb316bb76f
7d992a8874abd45c74a5d19e412ae81cbb70467a4b5a9f51ab868ee2df14d4e4
7e1eac57c3f6b0f4b38bf342196a95e2f4cd910c3c0508639d69bd95d2c4d1b1
7e29118326cddebcc8c10e1458b84ab5b8db65a32c271cb29a5f147ab6e05cd7
7f31c0d9e63434b2f7654552360e978bcf8b96affb797fab72cd605dcd8b5861
81dd6a3a572859c24db6fd9b7b92523e63f1cba39fc808493a7ac2bd893687d1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86043189a35fa4753700ce6bbf6a9bf7a4a77b177cb38991bfbbd4137dbb2422
86472d0fce107560589aaaaf665817c9ab005b48434aaeff99489b919f9e0778
89b636b8450487b82088374d15698140267e3cc1f447a26b915986e2e8eb422c
8ab99a38c362457b5b6fdd53fde246e5b5577f1d69d545a1d2541d3d3c8db926
8bbc0a7737643dd7c2344ba961592632153cb5353c92c5127339627e14b09143
8d83434cda85afa4862ef36bb0fc2bb0d70f87c34f9ff09846248d1237cc475f
92d1004698f5834d8769c9b7de37db1fef906b80367d0a6d837037ea5fe74604
94b707aa10beaed6ecaf98182e8039fb7465ac4b904c01f4fafe6091620aa975
97e5988aa07bdf37b8f259192eebe90e7188b7949cd97d8692587ff1eeed8d98
995456f7211327129612b97dc0a2baa2288f1e3065d1d6ed1882a0eb89d6baac
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a14408a600e9a156bb747b5af75691f645fe144cea7e1c9f00574e97a816502
9c6d218d569bc6ae5d306d761bf13ddde3e88876bfd8e48762dc46fdaa341e52
9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a21591e91fcb2787b973f66f38911e5281fe570d1daa3645157a98a8912ffd58
a61b8c70c730d778a12ecff9f7a17be9b8d25f04253fd0159f02ada438255853
a8195496a719d90d894b0ac2b79a02834aae97e02e2bbdab02537bbe60421594
a887411cba44f9a6c561c6781c833a40b6c5272752d40b2aeee6f2105770d309
ac584535e55d9b62eef3d3fcbd0a191c2f8ea48c099000bca98d980fb7ba1cba
b2de4ae656c0605f0cc9ea54ab32a4508f56fc4f02dcc407d33fd44370afc1cb
b2e4bd67d73432ceab50735580a5017599af0c64885c48c1922088cc0b450a84
b519b8f531fea2506c9b536b5787505d503e2ca0971e29c00eef50cccbc7d3c3
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
bc6a6f6fe1c783a36c5dba6debcff28be438709366326e7a4b921fd6a0bf305d
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c33275705e60d7f9f4ed1667e4ca1ad0ba8acf6036d74538670467be8dad7f81
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
c7cd3e4c127daccac292779eae92b1b8b644772efb0bcdf4ced7ef7a73a8286b
c98f424531e7c55ef9e1179eb556d2e5fa04a97ccfe8f847fd71358008239ec4
cabff488d46b62b355fa1677b6cdde3f63d69682f8cc10fc35f81f5e3773c26e
cb764228bdf1e9a09dd2c35185d23c7cffbc1e8a6a2f40293202e30adf677e9a
cb84923f48302412e24618702c08ec257cb2d4e6717b5e141b02dc1b1666fc06
cdcba7a929f59658000da20f172ceb43c5122235f6569bb11f3530622b0ec28f
ce51a8242cd7db442e699ae88aed60a8411c521792e72bc744725596b2593d45
cef35bf3f7d4d5b906343ad8f9a2b252633f71e4fc1783712567c8610b597791
d0eebda2c992da6e26d5cd9409c287f5ce92d2d353a92662a9301754172263c9
d207cfa3e39eee38539cbe26f1d12affdee8f9b0b4f581edeea9fa2b4ac7ed4e
d23ac8831ac069a1bb46d4049483530a384d563762010bd9f4803b343242e76a
d298bb3a87a8ead150ff6bfd1df24354ab96de4d16b7774ffee259bee5482a55
dd71a9264f56c0d43f3122826b3c21ee9b41157fc7065d5acba749a045d28802
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1f25fe89b20305f5203a78b764eaa596083e081de1af678c81003e25ba5ca94
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e88fb5c10610e2973a8b88b1be433a503a5f4b0d1a908978a9a297e03f656d42
ea0e02216b4365172bf1ba7c4168fc5e823ed303f46696cf7e469a4525e949a8
ead9d662556a3bcfddaccb89f85f4877a8c2cd7b8aabc4400aa69fc839ddf2f0
eb7605e3f91149ed0e24954f00a14e80b724520f3d7f81976219842c6ddb7d94
eb7f12659f78c570857b0a6f5d8aae5f16f3a1af4a6915cc03f18b1c6699eaef
ec99a8d8b62ed8a184acaa45242c6ff157fb03b14c49f7276bad819172e6a8d7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8bdf994c1b922a492ae885d799d51a921732dbac352d8c7849b601fe8f4dc84
fc408eac229b6c8af6e076c9cc316208606bdf78e2b981d2215c1c050dbead5e
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
fc5b29b8d5bac56012c2a0707dfef2d4fc945ffe72e7e1a2c58e5de080e11848
fe734d8bfc7c2ac8b69aea754bd8384403af7ebd9219003b247af0040c7c75e5
ff0a80bbf27545d30c0c602128f801ea154f43c79f07e4a0193ca22ed78bebf4
ffce487df4744525fd529363bd47e310529698170c91084a5099f760fa957569

www.getastra.com Open in urlscan Pro 2a06:98c1:3121::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

139 Requests

98 %HTTPS

79 %IPv6

21 Domains

28 Subdomains

24 IPs

4 Countries

2540 kBTransfer

5247 kBSize

22 Cookies

25 Outgoing links

Redirected requests

139 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.getastra.com Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Screenshot
Live screenshot

Full Image

139
Requests

98 %
HTTPS

79 %
IPv6

21
Domains

28
Subdomains

24
IPs

4
Countries

2540 kB
Transfer

5247 kB
Size

22
Cookies

139 HTTP transactions
10 data transactions