Report - www.c99php.com/shell/symlink.zip

Report Overview

Submitted URL
www.c99php.com/shell/symlink.zip
IP
188.114.97.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-16 21:47:14
Access
public
Website Title
C99PHP.COM - Shell Indir - Shell Download!
Final URL
c99php.com/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-16	2.2 kB	636 kB	142.250.74.168
c99php.com	unknown	2012-07-17	2012-08-09	2024-04-15	27 kB	2.1 MB	104.21.39.37
www.c99php.com	unknown	2012-07-17	2012-10-11	2024-04-15	486 B	777 B	188.114.97.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2024-04-16	medium	c99php.com/wp-content/cache/perfmatters/c99php.com/fonts/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAexoMUdjFXmQ.woff	Known PHP Webshells which contain unique strings, lousy rule for low hanging fruits. Most are catched by other rules in here but maybe these catch different versions.

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (31)

	URL	Size	First Seen	Last Seen
	c99php.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.3	12 kB	2024-03-02	2024-05-02
Pretty URL c99php.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.3 IP 104.21.39.37 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-02 15:39:15 Last Seen2024-05-02 00:40:42 Times Seen1209 Hash efc27e253fae1b7b891fb5a40e687768 ad12044651ffac0badcd0e42f32edef91678b1ff 46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62 Loading...

	www.googletagmanager.com/gtag/js?id=UA-144709594-1	202 kB	2024-04-16	2024-04-16
Pretty URL www.googletagmanager.com/gtag/js?id=UA-144709594-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 23:47:15 Last Seen2024-04-16 23:47:17 Times Seen3 Hash 098ced4098dcba42063cc9e6f9b45739 9509f7e13bb74dead55d681d649735890ab54db6 137d21d0612c1d9f716558e12a6389456d7f409f1e592be8c3e74f5841bf59ca Loading...

	unknown	155 B	2024-04-16	2024-04-16
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 23:47:15 Last Seen2024-04-16 23:47:15 Times Seen1 Hash 43f78c2092a995fd92f80fa0aa313564 4445aecd01bc731d57b9fee13151051f80d9dd62 0cc01aa28eb94d778c0fdfecbe17949284f6310a7720fb527c914cfd3b6fa209 Loading...

	c99php.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1	88 kB	2023-11-03	2024-05-02
Pretty URL c99php.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP 104.21.39.37 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 09:26:43 Last Seen2024-05-02 01:56:34 Times Seen43343 Hash 826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Loading...

	unknown	25 kB	2024-04-16	2024-04-16
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 23:47:15 Last Seen2024-04-16 23:47:15 Times Seen1 Hash 8b01f3f376a601e91c66f216f84d3915 1d737967b6c66c024311e3ee5207b3a016267e59 151d47b67e582734386accd6558dafa692b799c9eca03ce4f01257c030e682d7 Loading...

	c99php.com/wp-content/themes/sparkling/assets/js/vendor/modernizr.min.js?ver=6.5.2	15 kB	2024-04-16	2024-04-16
Pretty URL c99php.com/wp-content/themes/sparkling/assets/js/vendor/modernizr.min.js?ver=6.5.2 IP 104.21.39.37 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 23:47:15 Last Seen2024-04-16 23:47:17 Times Seen3 Hash 1d80784e434b98fd0a5943eaa9cff350 62b9da5986efc866af180e109bcad9a98df709ff 3b6feaffd0feef7686bd2e49c356aea2df8cdefb5568ccf915a96c1e1cd34f61 Loading...

	unknown	137 B	2024-04-16	2024-04-16
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 23:47:16 Last Seen2024-04-16 23:47:16 Times Seen1 Hash 1a27c5b29d279f54c7d91807ca13a4df 0bef239165d6f27c3b1e1f919177a87c6fe2596b c6b1de40544dd54652a2b12962f9ca79016a1ff997b8d8d9336735a185d63946 Loading...

	c99php.com/wp-content/plugins/perfmatters/vendor/instant-page/instantpage.js?ver=2.0.0	2.9 kB	2023-03-08	2024-04-30
Pretty URL c99php.com/wp-content/plugins/perfmatters/vendor/instant-page/instantpage.js?ver=2.0.0 IP 104.21.39.37 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:04:47 Last Seen2024-04-30 10:44:02 Times Seen207 Hash 94fe872a54b0bc7805ce2ac15c883f1c cd1de0a9815dfbfa322de310e9e7ab26fbcf46a1 7f2fa0eb1b5ed38b5135623310ea4c41ca585503a457d35ea960b7966839bbe1 Loading...

	unknown	77 B	2024-04-16	2024-04-16
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 23:47:16 Last Seen2024-04-16 23:47:16 Times Seen1 Hash 0b29326c1342d79986098c4251cf8980 7e3d59c012e7a70817690c56f95725bd7a139cda 02fabc1fbef1d2da52be4497aa4e7f6d595467023febf4cbfd3d689a483400d4 Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-02
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-02 03:11:19 Times Seen343412 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	c99php.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	12 kB	2023-03-07	2024-05-02
Pretty URL c99php.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 104.21.39.37 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-02 02:08:23 Times Seen43426 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	unknown	279 B	2023-03-12	2024-04-16
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 07:20:00 Last Seen2024-04-16 23:47:16 Times Seen2 Hash 31e0228c0c84bf30a703e5d6a0f5d7d2 e99f6d346fc0e7df1114db2005d73890e229991b 71f40e0d664efdda18f399f30045f033391069a02888616c02fbc6b47d7cdfad Loading...

	unknown	53 B	2023-04-15	2024-04-26
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-15 02:45:32 Last Seen2024-04-26 04:18:09 Times Seen94 Hash a1b5031fd1616080d92b8274ce592f13 e85f24420e72f10d6d560b4cb8cec81152d77b8b 052c9f4a2df97f24d5c9c138f77862d4d08dd5a8f2d655c6e9dbee55e51ddb98 Loading...

	unknown	7.6 kB	2023-03-12	2024-04-16
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:09:35 Last Seen2024-04-16 23:47:16 Times Seen30 Hash 31e5ac7ad9c4abae4f74055dd76d8df3 94cc789a87d4f08d898b1f63c8e8964751584d7d fd873d8aa0fdd334bfea664e4f0d25e11b801ecc7a3a244ad406d30c5a2b8142 Loading...

	c99php.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.3	13 kB	2024-03-02	2024-05-02
Pretty URL c99php.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.3 IP 104.21.39.37 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-02 15:39:15 Last Seen2024-05-02 00:40:42 Times Seen1196 Hash 917602d642f84a211838f0c1757c4dc1 392df3fb4b0ec96ce4ebb5616e6b2a5c55a54bf8 d702e5ed1e573918d912775ac1e88987fc177aa51efe1253a08f71ab54f96516 Loading...

	c99php.com/sandbox%20eval%20code	147 B	2023-04-11	2024-05-02
Pretty URL c99php.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-02 03:11:19 Times Seen343919 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	c99php.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	7.8 kB	2024-04-16	2024-04-16
Pretty URL c99php.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.21.39.37 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 23:47:16 Last Seen2024-04-16 23:47:17 Times Seen2 Hash 25d40cbcaad57a106e3a239906c6374b 275251101ebdad17a0f81cab57d385ad069e84ed 596102ae72df8499eccbb383d7fab118dbc366bdb00edeb58a159f72f1148b0b Loading...

	c99php.com/wp-content/plugins/cookie-law-info/lite/frontend/js/script.min.js?ver=3.2.1	19 kB	2024-02-21	2024-04-28
Pretty URL c99php.com/wp-content/plugins/cookie-law-info/lite/frontend/js/script.min.js?ver=3.2.1 IP 104.21.39.37 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-21 04:57:11 Last Seen2024-04-28 10:32:07 Times Seen127 Hash 7b896f320d4be758185f61d7a0da9b25 92494b460bcdf250cd9b103833dfb54dfc5f2ae9 12d393abbf9ec587da4083633fda44c867fd07ae1fd93ab2241fb8aa73320128 Loading...

	c99php.com/wp-content/themes/sparkling/assets/js/vendor/bootstrap.min.js?ver=6.5.2	443 kB	2024-04-16	2024-04-16
Pretty URL c99php.com/wp-content/themes/sparkling/assets/js/vendor/bootstrap.min.js?ver=6.5.2 IP 104.21.39.37 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 23:47:16 Last Seen2024-04-16 23:47:16 Times Seen2 Hash 923a407af6cd18badca222ecf7ec6cc9 248142dec5e38b45aeea2ecd000127af3c517a8d c7da4810bc0ff940e2a7a96ddeea7885739b90fffc4645981ffbe92f81d3cc49 Loading...

	c99php.com/wp-content/themes/sparkling/assets/js/functions.min.js?ver=6.5.2	1.7 kB	2024-04-16	2024-04-16
Pretty URL c99php.com/wp-content/themes/sparkling/assets/js/functions.min.js?ver=6.5.2 IP 104.21.39.37 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 23:47:16 Last Seen2024-04-16 23:47:16 Times Seen2 Hash 28dc2fd2dd2e0836c7c1bd5a82968df5 84c4fd4b4765e00053169f4e345a4e84e47cafe6 071cedb3e7386e25529bd490da1a4485e16c06475776a49e3af3291d5223492e Loading...

	unknown	310 B	2024-04-16	2024-04-16
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 23:47:16 Last Seen2024-04-16 23:47:16 Times Seen1 Hash 6a81d719a199b499655ad69133fb8352 aef762b53225423f2b8ff06689586533d3496ee4 3738543d742f106a1c08e3f89d16e146444e586140a7f0c8cb034b6e1ee1dc35 Loading...

	c99php.com/wp-content/themes/sparkling/assets/js/skip-link-focus-fix.min.js?ver=20140222	543 B	2023-03-07	2024-04-16
Pretty URL c99php.com/wp-content/themes/sparkling/assets/js/skip-link-focus-fix.min.js?ver=20140222 IP 104.21.39.37 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:39:09 Last Seen2024-04-16 23:47:16 Times Seen31 Hash d47661c3e9ead3acc6fc8069094a7264 2a24685b55bfea1820054045d55626c66e729bc0 2123b61f26a87c608f5e339df52bb4bf85dfa17718ee83b80e9b869e07c9a447 Loading...

	unknown	247 B	2024-04-16	2024-04-16
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 23:47:16 Last Seen2024-04-16 23:47:16 Times Seen1 Hash bcc708bfa47d44655f8cef8336a8bc52 54d83013a6f058151ffdc4d8a06b7714b5e2ec3f 44b2a7ac040e2ff277b18c90f4d5810f03a8c98bcae37b630fb9f2249ee76709 Loading...

	www.googletagmanager.com/gtag/js?id=GT-TQRJSXQT	300 kB	2024-04-16	2024-04-16
Pretty URL www.googletagmanager.com/gtag/js?id=GT-TQRJSXQT IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 23:47:16 Last Seen2024-04-16 23:47:17 Times Seen2 Hash 4f002bbcf87b44fc0e0ce516809bd785 ae55a4de75feea521038114ebbf9d5fe54e4a57d 0691df4ba98968fa4ffa6f7590d78fe63987ef466e65b17de15fb8fa1fd580d3 Loading...

	www.googletagmanager.com/gtag/js?id=G-FK8R676RYN&l=dataLayer&cx=c	242 kB	2024-04-16	2024-04-16
Pretty URL www.googletagmanager.com/gtag/js?id=G-FK8R676RYN&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 23:47:16 Last Seen2024-04-16 23:47:17 Times Seen2 Hash 8d28adf6f150b361f5efb3ab09f6a06e db9266bedd0f98816050334bb4ff5fbd755473a0 6378c5829d8d188cf301c874e5a43185ad0c1fb7438aaa6140b674cf7a1bfcd5 Loading...

	c99php.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2	19 kB	2024-03-13	2024-05-02
Pretty URL c99php.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 IP 104.21.39.37 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-13 16:02:37 Last Seen2024-05-02 01:41:43 Times Seen2348 Hash b976b651932bfd25b9ddb5b7693d88a7 7fcb7cb5c11227f9213b1e08a07d0212209e1432 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3 Loading...

	c99php.com/	1.1 kB	2024-04-16	2024-04-16
Pretty URL c99php.com/ IP 104.21.39.37 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 23:47:16 Last Seen2024-04-16 23:47:16 Times Seen1 Hash c1af7d437bc6762311c9760b6b0d2c12 cbc46760cb2258dc632b6c0a2b78ff7ca6828c34 787993e4213143c006c39824b74f7c839ebadb6fe62ddd938dda3664a6b945f6 Loading...

	unknown	260 B	2024-04-16	2024-04-16
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 23:47:16 Last Seen2024-04-16 23:47:16 Times Seen1 Hash 4cefadfb89520f6bd713f7e024bae30d 918ef67af29e8e74ebc75cd967e3644b1cf02292 bfcbd18c65d7941b065567407723b2fabd4c4719aa573e3b4c01f48fb93d7b34 Loading...

	www.googletagmanager.com/gtag/js?id=GT-TQRJSXQT&l=dataLayer&cx=c	300 kB	2024-04-16	2024-04-16
Pretty URL www.googletagmanager.com/gtag/js?id=GT-TQRJSXQT&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 23:47:16 Last Seen2024-04-16 23:47:17 Times Seen2 Hash bf4ff1083ff80885a70c92ed164ea15f ad7315b97738e1e293a96fd0bd023e34641be73b 16db46c43e029dd76def8788db9f534db176bb59a274472fb11a52d5a8dee695 Loading...

	unknown	3.2 kB	2024-04-16	2024-04-16
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 23:47:16 Last Seen2024-04-16 23:47:16 Times Seen1 Hash 1b066a5e79095f5367158a2b69d479ee cbf516ca5bc3e57b72d832661e906292b4424ac6 4f51eb57828d28a33de8c6b8c5db2e0b24c8ff945a3fa45f6a29b8611c46227a Loading...

	c99php.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1	14 kB	2023-05-09	2024-05-02
Pretty URL c99php.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP 104.21.39.37 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-09 19:21:05 Last Seen2024-05-02 01:56:34 Times Seen81820 Hash 9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Loading...

HTTP Transactions (49)

URL IP Response Size

c99php.com/shell/symlink.zip

104.21.39.37

18 kB

URL
c99php.com/shell/symlink.zip
IP
104.21.39.37:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, Unicode text, UTF-8 text, with very long lines (19949)
Size
18 kB (17957 bytes)
Hash
a2568df3623ae2086b905fcdf5fb596b
435139a335c8597658fe9ecb5205f09b5bbcd94f
84d5b8f4c0b9d18161a39a16dc1b1feadc91b49adbe590fa2e31a87862c0e0fd

HTTP Headers

GET /shell/symlink.zip HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Tue, 16 Apr 2024 21:46:46 GMT
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
link: <https://c99php.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pr49inBgH6CpInq4X6PNadhJL%2F4dUok1nwne9cTdfos6ws3MU1pVZVdnsKgIBBScQpIZmybRZB57rxWHENEWA3Y%2BphyKFQZgmHoVpvv%2F4mzgd1QAn%2BJSRivah5mu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87575eb86c6c56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

c99php.com/wp-content/themes/sparkling/assets/fonts/glyphicons-halflings-regular.woff2

104.21.39.37

200 OK

18 kB

URL GET HTTP/3
c99php.com/wp-content/themes/sparkling/assets/fonts/glyphicons-halflings-regular.woff2
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18028, version 1.589
Size
18 kB (18028 bytes)
Hash
448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

HTTP Headers

GET /wp-content/themes/sparkling/assets/fonts/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/wp-content/cache/perfmatters/c99php.com/css/404.used.css?ver=1713099120
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 21:46:46 GMT
content-type: font/woff2
content-length: 18028
cache-control: public, max-age=604800
expires: Mon, 22 Apr 2024 13:24:30 GMT
last-modified: Wed, 28 Mar 2018 14:37:26 GMT
cf-cache-status: HIT
age: 116536
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F2fX2V%2FAd8FEHAhVQPW2B9zgGapo7iJvipGxcsF%2FJHMDy%2FvQpV5Ij4H00amRgSp1srlCOD5FN5qX7UClwLJtq2vMOvlhjqE5QWYfIhzNqiUybZ4ufSQi%2B%2Fc9o1sS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87575ebb7d22569f-OSL
alt-svc: h3=":443"; ma=86400

c99php.com/wp-content/themes/sparkling/assets/fonts/fontawesome-webfont.woff2?v=4.7.0

104.21.39.37

200 OK

77 kB

URL GET HTTP/3
c99php.com/wp-content/themes/sparkling/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /wp-content/themes/sparkling/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/wp-content/cache/perfmatters/c99php.com/css/404.used.css?ver=1713099120
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 21:46:47 GMT
content-type: font/woff2
content-length: 77160
cache-control: public, max-age=604800
expires: Mon, 22 Apr 2024 13:24:30 GMT
last-modified: Wed, 28 Mar 2018 14:37:26 GMT
cf-cache-status: HIT
age: 116537
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z4Gx7SXUOmd3XgEBkLLo0zscrgbOrV%2FbubT9wm%2BTjs9US5DBPoGwX%2FFsqxr0lTtTN47Ypa94HK%2Bc2F75APx7FUFI50wI3FLL%2FwGz5oXTOo0AxpyyMfeHu1cBeZ3p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87575ebbcd88569f-OSL
alt-svc: h3=":443"; ma=86400

www.c99php.com/shell/symlink.zip

188.114.97.1

0 B

URL
www.c99php.com/shell/symlink.zip
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /shell/symlink.zip HTTP/1.1
Host: www.c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Tue, 16 Apr 2024 21:46:46 GMT
content-type: text/html; charset=UTF-8
location: https://c99php.com/shell/symlink.zip
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
x-redirect-by: WordPress
x-litespeed-cache: hit
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XpKVFlVoQueTl6SOZa8%2Fz%2Bh54HZOF1%2BISzAmYEDxKIdLPUDg1TqAW7U%2BmoiHOA5o%2FNF2NABn%2FLXuZ6cs4UN1f0EeFV7RkTc%2BXcqiB%2B7RKuBB0dkjt%2FfsCoMqdZRdyQjWUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87575eb7ce090b4d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

c99php.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

104.21.39.37

200 OK

5.5 kB

URL GET HTTP/3
c99php.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/shell/symlink.zip
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type
JavaScript source, ASCII text, with very long lines (13479)
Size
5.5 kB (5472 bytes)
Hash
9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/shell/symlink.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 21:46:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 22 Apr 2024 13:24:30 GMT
last-modified: Wed, 09 Aug 2023 05:19:53 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 116537
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F6VPuOLFr46Oh2nYLtZjR1El%2BKykXx0LLWi9Rp0rBBoksWmNCjEVZLHZpv5OqTdifJBB8aPyK2GpLdNb4dnyHwsNGhPz3j4qq3qIMVXJcDglvmpMU4hGZ8PFdAhv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87575ebcfea3569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

c99php.com/wp-content/themes/sparkling/assets/js/vendor/bootstrap.min.js?ver=6.5.2

104.21.39.37

200 OK

11 kB

URL GET HTTP/3
c99php.com/wp-content/themes/sparkling/assets/js/vendor/bootstrap.min.js?ver=6.5.2
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type
JavaScript source, ASCII text, with very long lines (32037)
Size
11 kB (11098 bytes)
Hash
923a407af6cd18badca222ecf7ec6cc9
248142dec5e38b45aeea2ecd000127af3c517a8d
c7da4810bc0ff940e2a7a96ddeea7885739b90fffc4645981ffbe92f81d3cc49

HTTP Headers

GET /wp-content/themes/sparkling/assets/js/vendor/bootstrap.min.js?ver=6.5.2 HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/shell/symlink.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 21:46:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 22 Apr 2024 13:24:30 GMT
last-modified: Wed, 28 Mar 2018 14:37:26 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 116537
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fhj8qAEVl9We1et%2BVxSfsTyu0wNxBuDq07Lq5%2BJrjexBypZjIYtsE2kFlPjjET5IGr7rhR%2Bqw1p%2B94wiMuskSmz7zoQF47xwPnDnZPci74H1%2F5eujHiDP0uJ31qv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87575ebd0eb5569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

c99php.com/wp-content/themes/sparkling/assets/js/functions.min.js?ver=6.5.2

104.21.39.37

200 OK

85 kB

URL GET HTTP/3
c99php.com/wp-content/themes/sparkling/assets/js/functions.min.js?ver=6.5.2
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/shell/symlink.zip
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type
JavaScript source, ASCII text, with very long lines (1652)
Size
85 kB (85072 bytes)
Hash
28dc2fd2dd2e0836c7c1bd5a82968df5
84c4fd4b4765e00053169f4e345a4e84e47cafe6
071cedb3e7386e25529bd490da1a4485e16c06475776a49e3af3291d5223492e

HTTP Headers

GET /wp-content/themes/sparkling/assets/js/functions.min.js?ver=6.5.2 HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/shell/symlink.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 21:46:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 22 Apr 2024 13:24:30 GMT
last-modified: Wed, 28 Mar 2018 14:37:26 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 116537
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BgWEzHw660UptUv458ZB0aMfRkNWf3wC50TqBCTpVruYGcrZkOVqh0gmdULeBGFHEkNxfSNGE84N9jMrt5Pv1jZUWWUwSbbI%2FTVvebCvZbjUfZNt%2BNxWXb0voQRe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87575ebd1ec1569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

c99php.com/wp-content/themes/sparkling/assets/fonts/glyphicons-halflings-regular.woff2

104.21.39.37

200 OK

18 kB

URL GET HTTP/3
c99php.com/wp-content/themes/sparkling/assets/fonts/glyphicons-halflings-regular.woff2
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18028, version 1.589
Size
18 kB (18028 bytes)
Hash
448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

HTTP Headers

GET /wp-content/themes/sparkling/assets/fonts/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/wp-content/cache/perfmatters/c99php.com/css/home.used.css?ver=1713098761
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 21:46:47 GMT
content-type: font/woff2
content-length: 18028
cache-control: public, max-age=604800
expires: Mon, 22 Apr 2024 13:24:30 GMT
last-modified: Wed, 28 Mar 2018 14:37:26 GMT
cf-cache-status: HIT
age: 116537
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fZ3nXYtkUIlcWLimWZJ5%2BM3ocGL707tmsKH5Orm1vFY9Ee%2BdzH6n2ewaiaZmdpzE6nkYJcvS%2FHmehaizRbTZzlLBwg7VAqHMMi%2B7B5BTzNMvJYSV7k9u%2BwyBEBBV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87575ebe98dc569f-OSL
alt-svc: h3=":443"; ma=86400

c99php.com/wp-content/plugins/cookie-law-info/lite/frontend/js/script.min.js?ver=3.2.1

104.21.39.37

200 OK

107 kB

URL GET HTTP/3
c99php.com/wp-content/plugins/cookie-law-info/lite/frontend/js/script.min.js?ver=3.2.1
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type
JavaScript source, ASCII text, with very long lines (19348), with no line terminators
Size
107 kB (106694 bytes)
Hash
7b896f320d4be758185f61d7a0da9b25
92494b460bcdf250cd9b103833dfb54dfc5f2ae9
12d393abbf9ec587da4083633fda44c867fd07ae1fd93ab2241fb8aa73320128

HTTP Headers

GET /wp-content/plugins/cookie-law-info/lite/frontend/js/script.min.js?ver=3.2.1 HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/shell/symlink.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 21:46:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 22 Apr 2024 21:18:11 GMT
last-modified: Fri, 22 Mar 2024 05:19:40 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 88116
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FTOgvJW6nvJJ4iVMbFrm98vT%2BNg2S4vL0YhwvCWvxLOSTiGcewfu%2BEDLtNweQ1Kf0difgEGTV%2F%2F2UvALvLV%2FbFcJLLVNtvOzNUGVsuNXaEGos%2B196RkJcwn8UCzT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87575ebceea0569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=UA-144709594-1

142.250.74.168

200 OK

73 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-144709594-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://c99php.com/shell/symlink.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
73 kB (73078 bytes)
Hash
098ced4098dcba42063cc9e6f9b45739
9509f7e13bb74dead55d681d649735890ab54db6
137d21d0612c1d9f716558e12a6389456d7f409f1e592be8c3e74f5841bf59ca

HTTP Headers

GET /gtag/js?id=UA-144709594-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 21:46:47 GMT
expires: Tue, 16 Apr 2024 21:46:47 GMT
cache-control: private, max-age=900
last-modified: Tue, 16 Apr 2024 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73078
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

c99php.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

104.21.39.37

302 Found

0 B

URL GET HTTP/3
c99php.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Tue, 16 Apr 2024 21:46:47 GMT
content-length: 0
access-control-allow-origin: *
cache-control: max-age=300, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TvOkVp%2BPIsnOMPFBycBH3CgzWpapedfJ6BdQHHh2eFZHWbRlb4qtQjXxT%2BOSKL6r20Jsyttx4Kj%2Ba88ZxYmWfLS0sJT3o5w%2BpRAfh0RqhH6%2BKKeB0BBMRPJcEkgg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87575ebf69a2569f-OSL
alt-svc: h3=":443"; ma=86400

c99php.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

104.21.39.37

200 OK

131 kB

URL GET HTTP/3
c99php.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
131 kB (131388 bytes)
Hash
826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/shell/symlink.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 21:46:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 22 Apr 2024 13:24:30 GMT
last-modified: Wed, 08 Nov 2023 05:19:43 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 116537
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ikPIyTgmg%2Fd90%2FUYqHnmY%2FSlVpgRNGSheNvd1lcd%2B5Rh52rgdz6%2FROzyMPRbQbkle52Y8FEeiu%2BrFF5TLovdNF4ShTAyKer%2BGEWTOHmHNHbw8gc5utT6gx8%2BkBKp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87575ebcfea2569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

c99php.com/shell/symlink.zip

104.21.39.37

118 kB

URL
c99php.com/shell/symlink.zip
IP
104.21.39.37:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, Unicode text, UTF-8 text, with very long lines (19949)
Size
118 kB (117815 bytes)
Hash
f10a02cc9401649dab7b45fa6de02f8a
34f04ada13d59117313df78957d2b338748852d4
6bd56398d5ed9a19160b4cadb07386b14f5cd6f9ea5c3ee5fcbd6110811d52d0

HTTP Headers

GET /shell/symlink.zip HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Tue, 16 Apr 2024 21:46:46 GMT
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
link: <https://c99php.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
vary: Accept-Encoding
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N7URVVzWR0M%2FKbX5lO%2FCHB1XR3tl1shPBdkFspyhqIbiQvcO%2Br2W7RWhKO1w570%2By%2BbHK%2FytSu89HfXQ2Jm8zY6cJqarlhV4OOiDFGqp%2BpBBL4yyCXe4ES37e6Bv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87575eba3bfa569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

c99php.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.3

104.21.39.37

200 OK

104 kB

URL GET HTTP/3
c99php.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.3
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/shell/symlink.zip
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type
JavaScript source, ASCII text, with very long lines (13054), with no line terminators
Size
104 kB (103488 bytes)
Hash
917602d642f84a211838f0c1757c4dc1
392df3fb4b0ec96ce4ebb5616e6b2a5c55a54bf8
d702e5ed1e573918d912775ac1e88987fc177aa51efe1253a08f71ab54f96516

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.3 HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/shell/symlink.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 21:46:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 22 Apr 2024 13:24:30 GMT
last-modified: Fri, 22 Mar 2024 05:19:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 116537
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YLvwsArPTyKcQPeF4UOM3gvnbhbbFw7GLfV5iDz0Cc7PbQhEOjEKB%2B7PIYCFvXxVfftrkrWtTkoJuOROtDCJphGqVsQ3gXrOwLyQEZR6mFLonU0BjFzRNTDMBOX4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87575ebd1ecc569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

c99php.com/cdn-cgi/challenge-platform/h/b/jsd/r/87575ebc5e0c569f

104.21.39.37

200 OK

11 kB

URL POST HTTP/3
c99php.com/cdn-cgi/challenge-platform/h/b/jsd/r/87575ebc5e0c569f
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type
data
Size
11 kB (10791 bytes)
Hash
4ae3f13bb432dbfe0400f88cfeee4fc0
819002af6879860b0b464ec2f4217e80f53852af
f44c1afd1cd7b55ddb3a73cea430e0eb6b1614a5d50d53bcb9be388c9ddf518e

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/jsd/r/87575ebc5e0c569f HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12136
Origin: https://c99php.com
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 21:46:47 GMT
content-type: text/plain; charset=UTF-8
set-cookie: cf_clearance=Qw1dG94ZV1ChybWvtuZ8TmqpVZP5WeEPxpcmphu9sd4-1713304007-1.0.1.1-RT8ccuGGhs4psrncw_3e6zGGGom8GcTkLx9QfCKltqIaSsfn3AK._rwxcJAEi5g.2Ve2Lh9hVMHipaz80bZNkA; path=/; expires=Wed, 16-Apr-25 21:46:47 GMT; domain=.c99php.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JaE5dZg%2FfySVwuUAHK2Z2JDeIcZ8I9OWMZ8hqbd77ejbpBrfF7GzwfQOXfNzmqMwL3ohZydSWN09TZoerAZZO2oVx28SPqQmxBx7%2FBxOgQybD%2FKffb3q98fDG9sg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87575ec06a88569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

c99php.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

104.21.39.37

200 OK

11 kB

URL GET HTTP/3
c99php.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type
JavaScript source, ASCII text, with very long lines (7796), with no line terminators
Size
11 kB (10561 bytes)
Hash
25d40cbcaad57a106e3a239906c6374b
275251101ebdad17a0f81cab57d385ad069e84ed
596102ae72df8499eccbb383d7fab118dbc366bdb00edeb58a159f72f1148b0b

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 21:46:47 GMT
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-content-type-options: nosniff
vary: accept-encoding
cache-control: max-age=14400, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DJlTq652q9S6hf9BLwrPqDBFaKHi97HE3f71Qb9qsDmFirzhRg9tzJ151eJ8NzzgqcUUE6NepAFQkVHIsjyhwNnviiQhgISeRDO%2FUEooKpeITNVO8KhjDVNdyiTK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87575ebf79c9569f-OSL
alt-svc: h3=":443"; ma=86400

c99php.com/wp-content/plugins/perfmatters/vendor/instant-page/instantpage.js?ver=2.0.0

104.21.39.37

200 OK

7.4 kB

URL GET HTTP/3
c99php.com/wp-content/plugins/perfmatters/vendor/instant-page/instantpage.js?ver=2.0.0
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/shell/symlink.zip
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type
JavaScript source, ASCII text, with very long lines (2800)
Size
7.4 kB (7368 bytes)
Hash
94fe872a54b0bc7805ce2ac15c883f1c
cd1de0a9815dfbfa322de310e9e7ab26fbcf46a1
7f2fa0eb1b5ed38b5135623310ea4c41ca585503a457d35ea960b7966839bbe1

HTTP Headers

GET /wp-content/plugins/perfmatters/vendor/instant-page/instantpage.js?ver=2.0.0 HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/shell/symlink.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 21:46:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 22 Apr 2024 13:24:30 GMT
last-modified: Wed, 23 Nov 2022 13:05:23 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 116537
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Os3TX6f710R3Jidw5QRpJKbute2uNfb%2FipXmjc99vkjDHcd5WyJV%2BfLJL94nlBco7IQEMpvI7Ek0KyiMeJmQxCKBS785A98w3uSnHi3A6kFlMjHDqOvNgpL1SWlK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87575ebd2ee2569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=UA-144709594-1

142.250.74.168

200 OK

73 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-144709594-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://c99php.com/shell/symlink.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
73 kB (73078 bytes)
Hash
098ced4098dcba42063cc9e6f9b45739
9509f7e13bb74dead55d681d649735890ab54db6
137d21d0612c1d9f716558e12a6389456d7f409f1e592be8c3e74f5841bf59ca

HTTP Headers

GET /gtag/js?id=UA-144709594-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 21:46:57 GMT
expires: Tue, 16 Apr 2024 21:46:57 GMT
cache-control: private, max-age=900
last-modified: Tue, 16 Apr 2024 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73078
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/js?id=GT-TQRJSXQT

142.250.74.168

200 OK

100 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=GT-TQRJSXQT
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://c99php.com/shell/symlink.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
100 kB (100063 bytes)
Hash
4f002bbcf87b44fc0e0ce516809bd785
ae55a4de75feea521038114ebbf9d5fe54e4a57d
0691df4ba98968fa4ffa6f7590d78fe63987ef466e65b17de15fb8fa1fd580d3

HTTP Headers

GET /gtag/js?id=GT-TQRJSXQT HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 21:46:57 GMT
expires: Tue, 16 Apr 2024 21:46:57 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100063
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

c99php.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.3

104.21.39.37

200 OK

12 kB

URL GET HTTP/3
c99php.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.3
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/shell/symlink.zip
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type
JavaScript source, ASCII text, with very long lines (11513), with no line terminators
Size
12 kB (11785 bytes)
Hash
efc27e253fae1b7b891fb5a40e687768
ad12044651ffac0badcd0e42f32edef91678b1ff
46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.3 HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/shell/symlink.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 21:46:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 22 Apr 2024 21:18:11 GMT
last-modified: Fri, 22 Mar 2024 05:19:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 88116
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pARFCJQQh8ECMt0rv7aDX0NbfxGaNVrl0fXjq04IZevTdTV30JosQ%2BE1dGYJsjuszFNaM%2BqwdV%2BUlxo9Xh7sod%2F%2FaOlwqTiktzf8LNvyEA69XAkSDlp6mEUqd4F2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87575ebd1ec7569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=G-FK8R676RYN&l=dataLayer&cx=c

142.250.74.168

200 OK

86 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-FK8R676RYN&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://c99php.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
86 kB (86485 bytes)
Hash
8d28adf6f150b361f5efb3ab09f6a06e
db9266bedd0f98816050334bb4ff5fbd755473a0
6378c5829d8d188cf301c874e5a43185ad0c1fb7438aaa6140b674cf7a1bfcd5

HTTP Headers

GET /gtag/js?id=G-FK8R676RYN&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 21:46:58 GMT
expires: Tue, 16 Apr 2024 21:46:58 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 86485
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

c99php.com/wp-content/cache/perfmatters/c99php.com/fonts/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAexoMUdjFXmQ.woff

104.21.39.37

404 Not Found

192 kB

URL GET HTTP/3
c99php.com/wp-content/cache/perfmatters/c99php.com/fonts/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAexoMUdjFXmQ.woff
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (19949)
Size
192 kB (191820 bytes)
Hash
7b093c386ad7dca2f536577efe7bb083
9f1683547115bc24db2a12639de41e1674c036ca
592a7a329d7bcad8125c043b71bf6b78b2edea82c48921045088ff9df6ddba47

Detections

Analyzer	Verdict	Alert
Public Nextron YARA rules	malware	Known PHP Webshells which contain unique strings, lousy rule for low hanging fruits. Most are catched by other rules in here but maybe these catch different versions.

HTTP Headers

GET /wp-content/cache/perfmatters/c99php.com/fonts/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAexoMUdjFXmQ.woff HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/wp-content/cache/perfmatters/c99php.com/fonts/a1ce3f233d2d.google-fonts.css
Cookie: cf_clearance=Qw1dG94ZV1ChybWvtuZ8TmqpVZP5WeEPxpcmphu9sd4-1713304007-1.0.1.1-RT8ccuGGhs4psrncw_3e6zGGGom8GcTkLx9QfCKltqIaSsfn3AK._rwxcJAEi5g.2Ve2Lh9hVMHipaz80bZNkA; cookieyes-consent=consentid:SmdnSVZGbDhZTWVKQ0NWYTV6NWw5dU9iRmx6VVY0V2M,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Tue, 16 Apr 2024 21:46:57 GMT
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
link: <https://c99php.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: miss
vary: Accept-Encoding
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lShgybe%2FxfhTpOme4777dQ%2FGOewThrSXL3ViF%2F4tm4OCZfYVdFAjflvMdSFZfu6lJxSVIc5N1q4LGeJCL%2Fgoiv3GBmhkHAH5GAPOJDXRqEReiwLclJKoQRXddPaO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87575efe4a17569f-OSL
alt-svc: h3=":443"; ma=86400

c99php.com/wp-content/themes/sparkling/assets/fonts/fontawesome-webfont.woff2?v=4.7.0

104.21.39.37

200 OK

77 kB

URL GET HTTP/3
c99php.com/wp-content/themes/sparkling/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /wp-content/themes/sparkling/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/wp-content/themes/sparkling/assets/css/font-awesome.min.css?ver=6.5.2
Cookie: cf_clearance=Qw1dG94ZV1ChybWvtuZ8TmqpVZP5WeEPxpcmphu9sd4-1713304007-1.0.1.1-RT8ccuGGhs4psrncw_3e6zGGGom8GcTkLx9QfCKltqIaSsfn3AK._rwxcJAEi5g.2Ve2Lh9hVMHipaz80bZNkA; cookieyes-consent=consentid:SmdnSVZGbDhZTWVKQ0NWYTV6NWw5dU9iRmx6VVY0V2M,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no; _ga_6Y0H2ZZFKJ=GS1.1.1713304018.1.0.1713304018.0.0.0; _ga=GA1.1.2054255777.1713304018; _ga_FK8R676RYN=GS1.1.1713304018.1.0.1713304018.0.0.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 21:46:58 GMT
content-type: font/woff2
content-length: 77160
cache-control: public, max-age=604800
expires: Mon, 22 Apr 2024 13:24:30 GMT
last-modified: Wed, 28 Mar 2018 14:37:26 GMT
cf-cache-status: HIT
age: 116548
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bMX0VQOF6OSXGpovmZHhuITPYHwPVhMIuYcF54ZsBOiE5yJDwMuVsbXiWpADMs%2FRkCXFoOg92hws23P2KJL21yToUzEt43ENQ8aaStMKhmnEWMSkobsHfA8rVkwr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87575f034f9c569f-OSL
alt-svc: h3=":443"; ma=86400

c99php.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

104.21.39.37

200 OK

49 kB

URL GET HTTP/3
c99php.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
49 kB (49424 bytes)
Hash
826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/
Cookie: cf_clearance=Qw1dG94ZV1ChybWvtuZ8TmqpVZP5WeEPxpcmphu9sd4-1713304007-1.0.1.1-RT8ccuGGhs4psrncw_3e6zGGGom8GcTkLx9QfCKltqIaSsfn3AK._rwxcJAEi5g.2Ve2Lh9hVMHipaz80bZNkA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 21:46:57 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 22 Apr 2024 13:24:30 GMT
last-modified: Wed, 08 Nov 2023 05:19:43 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 116547
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xv6v2GVrr7X2eiI2IHupjx4REmcDOI0XN5WvVfaTnHg1VKU8Rjx9FOoG4gmlQY3s8YzIVwAPq3LOswOWvM%2FVSfeWDOyS387mD9%2FyY8i7TL1NI1FJ9XmkPIsfbFHx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87575efd6918569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

c99php.com/wp-content/plugins/cookie-law-info/lite/frontend/js/script.min.js?ver=3.2.1

104.21.39.37

200 OK

18 kB

URL GET HTTP/3
c99php.com/wp-content/plugins/cookie-law-info/lite/frontend/js/script.min.js?ver=3.2.1
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type
JavaScript source, ASCII text, with very long lines (19348), with no line terminators
Size
18 kB (17819 bytes)
Hash
7b896f320d4be758185f61d7a0da9b25
92494b460bcdf250cd9b103833dfb54dfc5f2ae9
12d393abbf9ec587da4083633fda44c867fd07ae1fd93ab2241fb8aa73320128

HTTP Headers

GET /wp-content/plugins/cookie-law-info/lite/frontend/js/script.min.js?ver=3.2.1 HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/
Cookie: cf_clearance=Qw1dG94ZV1ChybWvtuZ8TmqpVZP5WeEPxpcmphu9sd4-1713304007-1.0.1.1-RT8ccuGGhs4psrncw_3e6zGGGom8GcTkLx9QfCKltqIaSsfn3AK._rwxcJAEi5g.2Ve2Lh9hVMHipaz80bZNkA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 21:46:57 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 22 Apr 2024 21:18:11 GMT
last-modified: Fri, 22 Mar 2024 05:19:40 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 88126
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3dhZorRyA%2FK7h1xwnpzkjaFe8Zc1X5i7gqpar4NPDOgjm9yxDzr5FLo5xO95uurc4W%2BmmSNARwrTCimSgP06Yz9LEpjPoYO9oEepo4fb6epMQKjhRCxKkchEGIzM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87575efd5912569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

c99php.com/wp-content/cache/perfmatters/c99php.com/fonts/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2

104.21.39.37

404 Not Found

92 kB

URL GET HTTP/3
c99php.com/wp-content/cache/perfmatters/c99php.com/fonts/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type

Size
92 kB (91749 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/cache/perfmatters/c99php.com/fonts/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2 HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/wp-content/cache/perfmatters/c99php.com/fonts/a1ce3f233d2d.google-fonts.css
Cookie: cf_clearance=Qw1dG94ZV1ChybWvtuZ8TmqpVZP5WeEPxpcmphu9sd4-1713304007-1.0.1.1-RT8ccuGGhs4psrncw_3e6zGGGom8GcTkLx9QfCKltqIaSsfn3AK._rwxcJAEi5g.2Ve2Lh9hVMHipaz80bZNkA; cookieyes-consent=consentid:SmdnSVZGbDhZTWVKQ0NWYTV6NWw5dU9iRmx6VVY0V2M,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Tue, 16 Apr 2024 21:46:57 GMT
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
link: <https://c99php.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
vary: Accept-Encoding
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xs3fCuPr%2B1zAqSXRfUtVxqN1Iduh9ujvqGsw3fJrWGUR1SQLCVgDY1ki05r%2BFfM%2BiC38t7LtH0U2gH6CCh1X7IvETKYqW%2BJ7cXP%2BoG0jXQ0fzPYShGrtnFue4MoT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87575efe4a16569f-OSL
alt-svc: h3=":443"; ma=86400

c99php.com/wp-content/cache/perfmatters/c99php.com/fonts/a1ce3f233d2d.google-fonts.css

104.21.39.37

200 OK

32 kB

URL GET HTTP/3
c99php.com/wp-content/cache/perfmatters/c99php.com/fonts/a1ce3f233d2d.google-fonts.css
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type
ASCII text, with very long lines (1572)
Size
32 kB (32516 bytes)
Hash
f8590e4ed6b3ad9133ec15ef221be75a
5bff888a4f914edc9e40c717d11d3887561f0149
e03d3d5d4e5d3d4c6a797460b20a9e68f6a1163200367e25c5a666f659f2eefc

HTTP Headers

GET /wp-content/cache/perfmatters/c99php.com/fonts/a1ce3f233d2d.google-fonts.css HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 21:46:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Mon, 22 Apr 2024 13:24:31 GMT
last-modified: Sun, 14 Apr 2024 12:46:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 116536
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZTAD%2B1lHqvvlGE2BL9FjflaUr6TMf70Ex6XwlVU2iha1GLezx5cuI4jBXH4C46auadv4oIb0PNI5nO8%2B9pSbiqGyVRHakFTxJnViqxRewQpq5QRdAeqywfYonQAh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87575ebd8f5b569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

c99php.com/wp-content/themes/sparkling/assets/js/vendor/modernizr.min.js?ver=6.5.2

104.21.39.37

200 OK

15 kB

URL GET HTTP/3
c99php.com/wp-content/themes/sparkling/assets/js/vendor/modernizr.min.js?ver=6.5.2
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type
JavaScript source, ASCII text, with very long lines (14835)
Size
15 kB (14877 bytes)
Hash
1d80784e434b98fd0a5943eaa9cff350
62b9da5986efc866af180e109bcad9a98df709ff
3b6feaffd0feef7686bd2e49c356aea2df8cdefb5568ccf915a96c1e1cd34f61

HTTP Headers

GET /wp-content/themes/sparkling/assets/js/vendor/modernizr.min.js?ver=6.5.2 HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/
Cookie: cf_clearance=Qw1dG94ZV1ChybWvtuZ8TmqpVZP5WeEPxpcmphu9sd4-1713304007-1.0.1.1-RT8ccuGGhs4psrncw_3e6zGGGom8GcTkLx9QfCKltqIaSsfn3AK._rwxcJAEi5g.2Ve2Lh9hVMHipaz80bZNkA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 21:46:57 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 22 Apr 2024 13:24:30 GMT
last-modified: Wed, 28 Mar 2018 14:37:26 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 116547
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vl%2FyaHqlAydCepljoqHxsFy0SCDOrbjOtDoUsMuqNyKHWv1eMVvmCl8v2klOGi0Ttf6VW6lJi5i4EgE1qk96Wnf0sk2mxLQkn%2FWuphiH5KHvKuChJgExYHvlW%2FX7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87575efd6920569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

c99php.com/wp-content/plugins/cookie-law-info/lite/frontend/images/close.svg

104.21.39.37

200 OK

1.3 kB

URL GET HTTP/3
c99php.com/wp-content/plugins/cookie-law-info/lite/frontend/images/close.svg
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type
SVG Scalable Vector Graphics image
Size
1.3 kB (1345 bytes)
Hash
cfbcf7628b425adb0a55ef223965753e
42469ca151da583cf7c242cc2b62dc446211e8c5
2aa0b7fd5005a2a0cac1a66256cd96fc4e409e0e790ec5235d4819cc9ea0074f

HTTP Headers

GET /wp-content/plugins/cookie-law-info/lite/frontend/images/close.svg HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=Qw1dG94ZV1ChybWvtuZ8TmqpVZP5WeEPxpcmphu9sd4-1713304007-1.0.1.1-RT8ccuGGhs4psrncw_3e6zGGGom8GcTkLx9QfCKltqIaSsfn3AK._rwxcJAEi5g.2Ve2Lh9hVMHipaz80bZNkA; cookieyes-consent=consentid:SmdnSVZGbDhZTWVKQ0NWYTV6NWw5dU9iRmx6VVY0V2M,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 21:46:57 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Mon, 22 Apr 2024 13:24:41 GMT
last-modified: Fri, 22 Mar 2024 05:19:40 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 116536
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GixDA%2F2X6twBXiA6bK3uYPGh6r4%2FGe3nQReGFRqCTJ7gVvznMRf1zVRqqLyyaNuROi5QUfkJwBQO%2Fbk2KlGNZzB9HWRj7zCzQQ1sUkb8KBTEdlkjQVzPjPnRQkoj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87575efeca97569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

c99php.com/wp-content/themes/sparkling/assets/js/skip-link-focus-fix.min.js?ver=20140222

104.21.39.37

200 OK

543 B

URL GET HTTP/3
c99php.com/wp-content/themes/sparkling/assets/js/skip-link-focus-fix.min.js?ver=20140222
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/shell/symlink.zip
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type
ASCII text, with very long lines (558), with no line terminators
Size
543 B (543 bytes)
Hash
b90e5bf71250a1c386cf910c8cdaae23
840e59a9950a5782e9de19ee03293a646dc44b41
89346562479c637f696f11fd781279623298ce7e8be416937f6bf0ea67001a90

HTTP Headers

GET /wp-content/themes/sparkling/assets/js/skip-link-focus-fix.min.js?ver=20140222 HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/shell/symlink.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 21:46:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 22 Apr 2024 13:24:30 GMT
last-modified: Wed, 28 Mar 2018 14:37:26 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 116537
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tcn21nEGUYxMLWrqomnZQ0oUoQYCCbpgnzFnU7%2BxtGVAyWeP4ocURAFm5hArsxdL0HmYvxFjPTUp8xUz6mHYzCi9uK5AKtEqxjiBUJuU%2FiIZFTUFHhrXSAOdwPZ1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87575ebd2ecf569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

c99php.com/wp-content/cache/perfmatters/c99php.com/css/home.used.css?ver=1713098761

104.21.39.37

200 OK

33 kB

URL GET HTTP/3
c99php.com/wp-content/cache/perfmatters/c99php.com/css/home.used.css?ver=1713098761
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type

Size
33 kB (32716 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/cache/perfmatters/c99php.com/css/home.used.css?ver=1713098761 HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 21:46:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Mon, 22 Apr 2024 13:24:31 GMT
last-modified: Sun, 14 Apr 2024 12:46:01 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 116536
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=56emh2dTz0U3GjmLU02kJ%2F6ExEN2vTixmV4QMYBbavQwSEbzLrJeLogG5bno9g55sKb0YjYw%2BcOV00vyKvLnmHh45%2Bdc8MWfZBuuj0nh06YftQYr9PU7J%2BgMb%2FVp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87575ebd8f57569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

c99php.com/wp-content/plugins/cookie-law-info/lite/frontend/images/revisit.svg

104.21.39.37

200 OK

2.3 kB

URL GET HTTP/3
c99php.com/wp-content/plugins/cookie-law-info/lite/frontend/images/revisit.svg
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type
SVG Scalable Vector Graphics image
Size
2.3 kB (2339 bytes)
Hash
4d412a23b3de1ab18851730ddfe13825
74bc40d3f1fca7994ce2894daa1ddca3a2bc301e
16d56ad572546ad8af1260e100bf5e94d2e47988a0ca920d6e68fc3837832f04

HTTP Headers

GET /wp-content/plugins/cookie-law-info/lite/frontend/images/revisit.svg HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=Qw1dG94ZV1ChybWvtuZ8TmqpVZP5WeEPxpcmphu9sd4-1713304007-1.0.1.1-RT8ccuGGhs4psrncw_3e6zGGGom8GcTkLx9QfCKltqIaSsfn3AK._rwxcJAEi5g.2Ve2Lh9hVMHipaz80bZNkA; cookieyes-consent=consentid:SmdnSVZGbDhZTWVKQ0NWYTV6NWw5dU9iRmx6VVY0V2M,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 21:46:57 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Mon, 22 Apr 2024 13:24:41 GMT
last-modified: Fri, 22 Mar 2024 05:19:40 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 116536
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dxJONpfnduCyrhtAz2e3%2FCqpowOqXl3kb%2FRdbcwWV2mxALodKZbyogCwbZWPvJECp8ceNSjJRk%2F%2FteBnEngdDXkNoSva31W7iqblOYuRrsyTXJqeWesUWav3or0%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87575efeca93569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

c99php.com/

104.21.39.37

200 OK

119 kB

URL User Request GET HTTP/3
c99php.com/
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type

Size
119 kB (118764 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 21:46:47 GMT
content-type: text/html; charset=UTF-8
link: <https://c99php.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xy7u4a9iXQcRSPrQE%2BZrNJAfCAoNKSos5FUSYfLAWVgj0ZjJaFP794O3MUvuignaPqabpcJUxWrJ4gvfNXobJwetXi1zvKu5u3qi%2BHXWSJAmkGAj6GwXoSu5F5Nm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87575ebc5e0c569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

c99php.com/wp-content/cache/perfmatters/c99php.com/fonts/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2

104.21.39.37

404 Not Found

92 kB

URL GET HTTP/3
c99php.com/wp-content/cache/perfmatters/c99php.com/fonts/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type

Size
92 kB (91749 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/cache/perfmatters/c99php.com/fonts/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2 HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/wp-content/cache/perfmatters/c99php.com/fonts/a1ce3f233d2d.google-fonts.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Tue, 16 Apr 2024 21:46:47 GMT
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
link: <https://c99php.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
vary: Accept-Encoding
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eECt5cFqBT1h6X7fasv3c6a4db43Ge1BP%2FykdzQ9LLONmVMFFd%2F6gAD8ZNBO3iCo1AAs6QdnUThMxW%2BpYbpL83EjDNnkGdOf7o9inQUYAr87qcJGYU1cWLpWqh3T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87575ebddfdd569f-OSL
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=GT-TQRJSXQT&l=dataLayer&cx=c

142.250.74.168

200 OK

300 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=GT-TQRJSXQT&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://c99php.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
300 kB (299904 bytes)
Hash
bf4ff1083ff80885a70c92ed164ea15f
ad7315b97738e1e293a96fd0bd023e34641be73b
16db46c43e029dd76def8788db9f534db176bb59a274472fb11a52d5a8dee695

HTTP Headers

GET /gtag/js?id=GT-TQRJSXQT&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 21:46:58 GMT
expires: Tue, 16 Apr 2024 21:46:58 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100071
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

c99php.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2

104.21.39.37

200 OK

19 kB

URL GET HTTP/3
c99php.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type
JavaScript source, ASCII text, with very long lines (15752)
Size
19 kB (18726 bytes)
Hash
b976b651932bfd25b9ddb5b7693d88a7
7fcb7cb5c11227f9213b1e08a07d0212209e1432
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/
Cookie: cf_clearance=Qw1dG94ZV1ChybWvtuZ8TmqpVZP5WeEPxpcmphu9sd4-1713304007-1.0.1.1-RT8ccuGGhs4psrncw_3e6zGGGom8GcTkLx9QfCKltqIaSsfn3AK._rwxcJAEi5g.2Ve2Lh9hVMHipaz80bZNkA; cookieyes-consent=consentid:SmdnSVZGbDhZTWVKQ0NWYTV6NWw5dU9iRmx6VVY0V2M,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no; _ga_6Y0H2ZZFKJ=GS1.1.1713304018.1.0.1713304018.0.0.0; _ga=GA1.1.2054255777.1713304018
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 21:46:58 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 22 Apr 2024 13:24:31 GMT
last-modified: Wed, 03 Apr 2024 05:19:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 116547
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o28bKu9BI1TIOgMe2ZT2xHgTeX5ZrR5ViPyZIZu%2BRverZNLBBtAluGGKEgAuqAcVSb%2FeqiYmJva74VVs7BKnC8J3FOzvo7N5NVfbJKmkUVBDJEG9gLwMsXcs1wE2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87575f01fe36569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

c99php.com/wp-content/cache/perfmatters/c99php.com/fonts/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2

104.21.39.37

404 Not Found

92 kB

URL GET HTTP/3
c99php.com/wp-content/cache/perfmatters/c99php.com/fonts/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type

Size
92 kB (91749 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/cache/perfmatters/c99php.com/fonts/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2 HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/wp-content/cache/perfmatters/c99php.com/fonts/a1ce3f233d2d.google-fonts.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Tue, 16 Apr 2024 21:46:47 GMT
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
link: <https://c99php.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
vary: Accept-Encoding
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zZBWcprBTz0IpvcoA99r3uvjl%2BrCMXDZy7o%2BDXlQNPHnQfk%2BKKO2EiPcx0disWtxSWqwOqO4Z0Cjrh9qlFvVbj5myeMxhIPfx3tOBJAt26L51iWh9j7gISJaivBP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87575ebddfd9569f-OSL
alt-svc: h3=":443"; ma=86400

c99php.com/wp-content/themes/sparkling/assets/js/skip-link-focus-fix.min.js?ver=20140222

104.21.39.37

200 OK

543 B

URL GET HTTP/3
c99php.com/wp-content/themes/sparkling/assets/js/skip-link-focus-fix.min.js?ver=20140222
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type
ASCII text, with very long lines (558), with no line terminators
Size
543 B (543 bytes)
Hash
b90e5bf71250a1c386cf910c8cdaae23
840e59a9950a5782e9de19ee03293a646dc44b41
89346562479c637f696f11fd781279623298ce7e8be416937f6bf0ea67001a90

HTTP Headers

GET /wp-content/themes/sparkling/assets/js/skip-link-focus-fix.min.js?ver=20140222 HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/
Cookie: cf_clearance=Qw1dG94ZV1ChybWvtuZ8TmqpVZP5WeEPxpcmphu9sd4-1713304007-1.0.1.1-RT8ccuGGhs4psrncw_3e6zGGGom8GcTkLx9QfCKltqIaSsfn3AK._rwxcJAEi5g.2Ve2Lh9hVMHipaz80bZNkA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 21:46:57 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 22 Apr 2024 13:24:30 GMT
last-modified: Wed, 28 Mar 2018 14:37:26 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 116547
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pL6dZrsiX4EVZ4UKjulIY%2BYGivIwJGOMT2kSQohC9ZlO2DJoASFUQW%2B0mub%2BWpFzJMkyb3Y7k%2BCqTeToyHYWeJXlrKcdSOApG06uQSp5NlkZnujArEhTkUVpnUUh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87575efd7933569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

c99php.com/wp-content/themes/sparkling/assets/css/font-awesome.min.css?ver=6.5.2

104.21.39.37

200 OK

31 kB

URL GET HTTP/3
c99php.com/wp-content/themes/sparkling/assets/css/font-awesome.min.css?ver=6.5.2
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type
ASCII text, with very long lines (30837)
Size
31 kB (31000 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

HTTP Headers

GET /wp-content/themes/sparkling/assets/css/font-awesome.min.css?ver=6.5.2 HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/
Cookie: cf_clearance=Qw1dG94ZV1ChybWvtuZ8TmqpVZP5WeEPxpcmphu9sd4-1713304007-1.0.1.1-RT8ccuGGhs4psrncw_3e6zGGGom8GcTkLx9QfCKltqIaSsfn3AK._rwxcJAEi5g.2Ve2Lh9hVMHipaz80bZNkA; cookieyes-consent=consentid:SmdnSVZGbDhZTWVKQ0NWYTV6NWw5dU9iRmx6VVY0V2M,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no; _ga_6Y0H2ZZFKJ=GS1.1.1713304018.1.0.1713304018.0.0.0; _ga=GA1.1.2054255777.1713304018; _ga_FK8R676RYN=GS1.1.1713304018.1.0.1713304018.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 21:46:58 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Mon, 22 Apr 2024 13:24:30 GMT
last-modified: Wed, 28 Mar 2018 14:37:26 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 116548
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V6TkENtyfDi8iPpWcN%2Fb8Ley6Td8DsZfXX5YdO4ykfA9QfW8i9qj7c30qkM1RkPylv0pSwyKq7%2BFYG9ZTkA3U71FckvmBC95jWHUJYlx%2BmWTp0YYY8OnRuNAgFZU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87575f02df11569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

c99php.com/wp-content/themes/sparkling/assets/js/vendor/modernizr.min.js?ver=6.5.2

104.21.39.37

200 OK

15 kB

URL GET HTTP/3
c99php.com/wp-content/themes/sparkling/assets/js/vendor/modernizr.min.js?ver=6.5.2
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/shell/symlink.zip
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type
JavaScript source, ASCII text, with very long lines (14835)
Size
15 kB (14877 bytes)
Hash
1d80784e434b98fd0a5943eaa9cff350
62b9da5986efc866af180e109bcad9a98df709ff
3b6feaffd0feef7686bd2e49c356aea2df8cdefb5568ccf915a96c1e1cd34f61

HTTP Headers

GET /wp-content/themes/sparkling/assets/js/vendor/modernizr.min.js?ver=6.5.2 HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/shell/symlink.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 21:46:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 22 Apr 2024 13:24:30 GMT
last-modified: Wed, 28 Mar 2018 14:37:26 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 116537
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MDNgz1VFtmsviTC583dfxktAXOkUkXfc2TemMmXrOp9JhIGl8eLK7PYuSWE%2Bb22MUcuVehtUKrPmoMizg0Am%2BzhUeISO%2FeIcGXofrrnW7zfz0plbNXTowQCRBB5h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87575ebd0ead569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

c99php.com/favicon.ico

104.21.39.37

404 Not Found

708 B

URL GET HTTP/3
c99php.com/favicon.ico
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type
HTML document, ASCII text, with very long lines (739), with no line terminators
Size
708 B (708 bytes)
Hash
9a088ded79e56cc72e737869c04f755f
1431a084bae06f9a31fc4f1f9c87887be8f64b2d
768cb8655c2f2a1c7d68551a7e858fe3f13e2101172c4898638a2240b5b25ad2

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Tue, 16 Apr 2024 21:46:47 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qQwoZShMCrPblJIpF8Skf%2FioCObkMziZdeTtv0cRq%2FgZqiiSMr3Y9PxZFsMOeHRhkaw0Jq0V8h5omZepf1zEgdntyB4X8bR2IGzyW1LKaVWu0lCCHK%2F6Nfwswv9u"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87575ebf69a4569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

c99php.com/wp-content/cache/perfmatters/c99php.com/fonts/BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2

104.21.39.37

404 Not Found

92 kB

URL GET HTTP/3
c99php.com/wp-content/cache/perfmatters/c99php.com/fonts/BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type

Size
92 kB (91749 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/cache/perfmatters/c99php.com/fonts/BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2 HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/wp-content/cache/perfmatters/c99php.com/fonts/a1ce3f233d2d.google-fonts.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Tue, 16 Apr 2024 21:46:47 GMT
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
link: <https://c99php.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
vary: Accept-Encoding
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HKe%2B9MMFzVM0lglvTHoBWJ5bbBCCbpyjFoQrxUxx6DoXUrgjz0KRrchh%2B2fG2zMHrPgAPvOqyUyAMXiEygru5QHeP5gQnm2a79HMhf646uPSzNxO%2Bk9Vtbol2Qda"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87575ebddfda569f-OSL
alt-svc: h3=":443"; ma=86400

c99php.com/wp-content/themes/sparkling/style.css?ver=6.5.2

104.21.39.37

200 OK

40 kB

URL GET HTTP/3
c99php.com/wp-content/themes/sparkling/style.css?ver=6.5.2
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type
ASCII text, with very long lines (1440)
Size
40 kB (39760 bytes)
Hash
51136a64659f20279618262f55bdf280
891708f26a3096a247b9a73211894013080ae717
596218607e6bc3a2dae01447cc5336da6bff0ad77981a5baf08ea4cc1e9e952b

HTTP Headers

GET /wp-content/themes/sparkling/style.css?ver=6.5.2 HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/
Cookie: cf_clearance=Qw1dG94ZV1ChybWvtuZ8TmqpVZP5WeEPxpcmphu9sd4-1713304007-1.0.1.1-RT8ccuGGhs4psrncw_3e6zGGGom8GcTkLx9QfCKltqIaSsfn3AK._rwxcJAEi5g.2Ve2Lh9hVMHipaz80bZNkA; cookieyes-consent=consentid:SmdnSVZGbDhZTWVKQ0NWYTV6NWw5dU9iRmx6VVY0V2M,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no; _ga_6Y0H2ZZFKJ=GS1.1.1713304018.1.0.1713304018.0.0.0; _ga=GA1.1.2054255777.1713304018; _ga_FK8R676RYN=GS1.1.1713304018.1.0.1713304018.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 21:46:58 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Mon, 22 Apr 2024 21:18:22 GMT
last-modified: Wed, 28 Mar 2018 14:37:26 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 88116
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JOEwS1jOru23IeJwzVaBAdc6PE7kk6sJAKkv8wocVDvIYVa2G3o50nkwN%2BYJa0iq7bkT7MxD2MHZGNL5%2BkaC0Pps2YyyvR2r5YugIBIjpTkOwTllL%2BeyBRRc3XIS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87575f02df16569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

c99php.com/wp-content/cache/perfmatters/c99php.com/fonts/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu0SC55K5gw.woff2

104.21.39.37

404 Not Found

92 kB

URL GET HTTP/3
c99php.com/wp-content/cache/perfmatters/c99php.com/fonts/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu0SC55K5gw.woff2
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type

Size
92 kB (91749 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/cache/perfmatters/c99php.com/fonts/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu0SC55K5gw.woff2 HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/wp-content/cache/perfmatters/c99php.com/fonts/a1ce3f233d2d.google-fonts.css
Cookie: cf_clearance=Qw1dG94ZV1ChybWvtuZ8TmqpVZP5WeEPxpcmphu9sd4-1713304007-1.0.1.1-RT8ccuGGhs4psrncw_3e6zGGGom8GcTkLx9QfCKltqIaSsfn3AK._rwxcJAEi5g.2Ve2Lh9hVMHipaz80bZNkA; cookieyes-consent=consentid:SmdnSVZGbDhZTWVKQ0NWYTV6NWw5dU9iRmx6VVY0V2M,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Tue, 16 Apr 2024 21:46:57 GMT
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
link: <https://c99php.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: miss
vary: Accept-Encoding
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m24InEAH%2FvUWHh8f6XH32xY8k5rIwbGPAngKH%2Bx6M9eLtfK3sDTkyOfDyLT8qA%2BcS2vTYCFRrD1gW6mHS29qYJwt27Mc2dKnhd%2FO%2FSGuM6XXLc2UtpAGTdtiqStV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87575efe5a22569f-OSL
alt-svc: h3=":443"; ma=86400

c99php.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2

104.21.39.37

200 OK

113 kB

URL GET HTTP/3
c99php.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type

Size
113 kB (113381 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/
Cookie: cf_clearance=Qw1dG94ZV1ChybWvtuZ8TmqpVZP5WeEPxpcmphu9sd4-1713304007-1.0.1.1-RT8ccuGGhs4psrncw_3e6zGGGom8GcTkLx9QfCKltqIaSsfn3AK._rwxcJAEi5g.2Ve2Lh9hVMHipaz80bZNkA; cookieyes-consent=consentid:SmdnSVZGbDhZTWVKQ0NWYTV6NWw5dU9iRmx6VVY0V2M,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no; _ga_6Y0H2ZZFKJ=GS1.1.1713304018.1.0.1713304018.0.0.0; _ga=GA1.1.2054255777.1713304018; _ga_FK8R676RYN=GS1.1.1713304018.1.0.1713304018.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 21:46:58 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Mon, 22 Apr 2024 13:24:30 GMT
last-modified: Wed, 03 Apr 2024 05:19:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 116548
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0iHbwStMtTZ42rQI%2FIrQLtiBqwrQEvr4Jy79rNZapH%2BVieNQvZnwvze6qLeqk%2BB93Uzq08iIcN4CkpsdGaYw8GxbzADV6ZAcpzGBZcVBTFe%2BF%2F%2BOa4ynYcQd1IaF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87575f02cf09569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

c99php.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

104.21.39.37

200 OK

12 kB

URL GET HTTP/3
c99php.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type
JavaScript source, ASCII text, with very long lines (12331)
Size
12 kB (12332 bytes)
Hash
88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 21:46:47 GMT
content-type: application/javascript
last-modified: Mon, 15 Apr 2024 08:31:34 GMT
etag: W/"661ce5e6-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RtDuw07AqT4Mpj5KjSWzkmu5O4kjokMj78BuRTFchXBDMSBPp5%2F%2BBzASdYd%2FnCLOr3bYCvV1oUqJTJ2Y3hCYYGIu%2BTJwYex%2BN%2BJlvQaOM0u3YybZIAIZ2XhFEB%2Fs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87575ebdbfa4569f-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 18 Apr 2024 21:46:47 GMT
cache-control: max-age=172800, public
content-encoding: gzip

c99php.com/wp-content/themes/sparkling/assets/css/bootstrap.min.css?ver=6.5.2

104.21.39.37

200 OK

121 kB

URL GET HTTP/3
c99php.com/wp-content/themes/sparkling/assets/css/bootstrap.min.css?ver=6.5.2
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type
ASCII text, with very long lines (65371)
Size
121 kB (121200 bytes)
Hash
ec3bb52a00e176a7181d454dffaea219
6527d8bf3e1e9368bab8c7b60f56bc01fa3afd68
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

HTTP Headers

GET /wp-content/themes/sparkling/assets/css/bootstrap.min.css?ver=6.5.2 HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/
Cookie: cf_clearance=Qw1dG94ZV1ChybWvtuZ8TmqpVZP5WeEPxpcmphu9sd4-1713304007-1.0.1.1-RT8ccuGGhs4psrncw_3e6zGGGom8GcTkLx9QfCKltqIaSsfn3AK._rwxcJAEi5g.2Ve2Lh9hVMHipaz80bZNkA; cookieyes-consent=consentid:SmdnSVZGbDhZTWVKQ0NWYTV6NWw5dU9iRmx6VVY0V2M,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no; _ga_6Y0H2ZZFKJ=GS1.1.1713304018.1.0.1713304018.0.0.0; _ga=GA1.1.2054255777.1713304018; _ga_FK8R676RYN=GS1.1.1713304018.1.0.1713304018.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 21:46:58 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Mon, 22 Apr 2024 13:24:30 GMT
last-modified: Wed, 28 Mar 2018 14:37:26 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 116548
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VjOFs%2B0sK9OjZfN%2FGlrTQbUDyMCGjuFWIQsQXymJQuvj7jpD5WVXuV%2ByKSrZEXuwmHYQ8oLCQXQj6eohi7JZjQsQnVIz9WGSFOgMPh2GGyXx30saq0u4nwW5xbTt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87575f02cf0f569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

c99php.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

104.21.39.37

200 OK

12 kB

URL GET HTTP/3
c99php.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type
JavaScript source, ASCII text, with very long lines (12331)
Size
12 kB (12332 bytes)
Hash
88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 21:46:47 GMT
content-type: application/javascript
last-modified: Mon, 15 Apr 2024 08:31:34 GMT
etag: W/"661ce5e6-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EGWJBij2MSD4crqUm4R%2BB2yTb7NAKond7rJ43ySZXDinuZjBIMttbss7kJVw5mkj2UUEs2CcP0sHMPMiF1jdFlpr2%2BjxrsXlAw2mykc2fG0S5KrkJkbxUBtKSb%2F2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87575ebd7f52569f-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 18 Apr 2024 21:46:47 GMT
cache-control: max-age=172800, public
content-encoding: gzip

c99php.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.9.3

104.21.39.37

200 OK

2.9 kB

URL GET HTTP/3
c99php.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.9.3
IP
104.21.39.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://c99php.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectc99php.com
Fingerprint03:88:91:73:93:EB:45:B5:58:33:91:32:DF:90:A1:05:95:0C:C2:6E
ValiditySat, 09 Mar 2024 12:32:34 GMT - Fri, 07 Jun 2024 12:32:33 GMT

File type
ASCII text, with very long lines (3172), with no line terminators
Size
2.9 kB (2894 bytes)
Hash
4ff394b4fc55e546c2457e1a49a044fa
0f3fe404c0821a795cb73aa6bb5c062d52af7e68
4858dafdb763b5027e97ca50c5747329e16d4c19ecc575aff7454335e71cba33

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.9.3 HTTP/1.1
Host: c99php.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c99php.com/
Cookie: cf_clearance=Qw1dG94ZV1ChybWvtuZ8TmqpVZP5WeEPxpcmphu9sd4-1713304007-1.0.1.1-RT8ccuGGhs4psrncw_3e6zGGGom8GcTkLx9QfCKltqIaSsfn3AK._rwxcJAEi5g.2Ve2Lh9hVMHipaz80bZNkA; cookieyes-consent=consentid:SmdnSVZGbDhZTWVKQ0NWYTV6NWw5dU9iRmx6VVY0V2M,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no; _ga_6Y0H2ZZFKJ=GS1.1.1713304018.1.0.1713304018.0.0.0; _ga=GA1.1.2054255777.1713304018; _ga_FK8R676RYN=GS1.1.1713304018.1.0.1713304018.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 21:46:58 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Mon, 22 Apr 2024 13:24:30 GMT
last-modified: Fri, 22 Mar 2024 05:19:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 116548
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tnX4FdPlRU%2FB1nk7ugOEU8VQcAPHc8V19pz%2Fn4LovYtxaz%2FqlfraVUM8Hj5CjnFDT0zq8dE81nU%2BU%2BGfsyOMnR2oT3tK%2BqlPs9OEWZAdrluuNPt4HaRq6B0nByFH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87575f02cf0c569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (31)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN