Report - segurnab.elementor.cloud/wp-content/themes/twentytwenty/inc/llll/index.php

Report Overview

URL

segurnab.elementor.cloud/wp-content/themes/twentytwenty/inc/llll/index.php
IP

162.159.138.9

ASN

#13335 CLOUDFLARENET
Submitted

2022-08-30T21:55:14Z

Access
Tags

None
urlquery detections

No alerts detected

Detections

urlquery

0
Network Intrusion Detection

0
Threat Detection Systems

1

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com (2)	235	2015-04-17T22:46:33Z	2023-03-06T05:09:16Z	809	35093	104.17.25.14
static.cloudflareinsights.com (1)	1294	2019-09-24T16:34:56Z	2023-03-06T10:20:26Z	461	493	172.64.156.26
ocsp.sca1b.amazontrust.com (1)	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	338	944	54.230.245.110
img-getpocket.cdn.mozilla.net (6)	1631	2018-06-22T01:36:00Z	2023-03-06T05:09:35Z	3174	60358	34.120.237.76
stackpath.bootstrapcdn.com (1)	2467	2018-06-15T22:36:43Z	2023-03-06T11:17:42Z	449	1042	104.18.11.207
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03T13:26:46Z	2023-03-06T05:10:30Z	401	5846	143.204.55.25
segurnab.elementor.cloud (3)	unknown			1438	1433	162.159.138.9
kit-free.fontawesome.com (3)	22974	2019-05-10T14:34:22Z	2023-03-06T08:52:58Z	1410	160488	172.67.197.109
push.services.mozilla.com (1)	2140	2014-10-24T10:27:06Z	2023-03-06T05:09:12Z	594	127	52.43.46.140
r3.o.lencr.org (4)	344	2020-12-02T09:52:13Z	2023-03-06T05:09:03Z	1304	3544	23.36.77.32
firefox.settings.services.mozilla.com (2)	867	2020-06-04T22:08:41Z	2023-03-06T05:09:34Z	758	2709	143.204.55.35
contile.services.mozilla.com (1)	1114	2021-05-27T20:32:35Z	2023-03-06T05:09:43Z	321	229	34.117.237.239
s3-us-west-2.amazonaws.com (1)	unknown	2017-01-29T12:21:01Z	2023-03-06T21:00:25Z	397	176883	52.92.163.0
ocsp.digicert.com (1)	86	2012-05-21T09:02:23Z	2023-03-06T06:00:56Z	329	737	93.184.220.29
ocsp.pki.goog (2)	175	2018-07-01T08:43:07Z	2023-03-06T05:10:42Z	662	24661	142.250.74.3
ajax.googleapis.com (1)	12905	2013-08-16T11:51:31Z	2023-03-06T09:48:42Z	388	31873	142.250.74.170

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-08-30	medium	segurnab.elementor.cloud/wp-content/themes/twentytwenty/inc/llll/DRT1654SDF/	Chronopost International

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (7)

HTTP Transactions (31)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

517693963cc46e7a35a054296d0edfd5

11dfcd7e118e5f8d31e664e56ac29c57f973b8b3

ece269e8b9be8a5839d75c1343823d68b96930c593c2e3e8d522999176ee3149

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ECE269E8B9BE8A5839D75C1343823D68B96930C593C2E3E8D522999176EE3149"
Last-Modified: Mon, 29 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2582
Expires: Tue, 30 Aug 2022 22:37:58 GMT
Date: Tue, 30 Aug 2022 21:54:56 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939

URL HTTP/1.1

firefox.settings.services.mozilla.com/v1/
IP

143.204.55.35:0
ASN

#16509 AMAZON-02

Magic

JSON data\012- , ASCII text, with very long lines (939), with no line terminators

Size

939
Hash

99b7d23c1748d0526782b9ff9ea45f09

eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f

48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

HTTP Headers

                                        GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 30 Aug 2022 21:19:21 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: q5eTMajDAnf5YhPqwg3fNUrk_KlrRdPfW93uwZXqkPqsgNlA9FtigQ==
Age: 2135

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.25

200 OK

5348

URL HTTP/2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP

143.204.55.25:0
ASN

#16509 AMAZON-02

Magic

PEM certificate\012- , ASCII text

Size

5348
Hash

742edb4038f38bc533514982f3d2e861

cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1

b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

                                        GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 29 Aug 2022 22:35:59 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YxbE5H4pr43TG-0kpBsUKJfi2Scssyu30P4s43uOmd7HsgIf_VSIKw==
age: 83938
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

URL HTTP/2

contile.services.mozilla.com/v1/tiles
IP

34.117.237.239:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with no line terminators

Size

12
Hash

23e88fb7b99543fb33315b29b1fad9d6

a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

                                        GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
date: Tue, 30 Aug 2022 21:54:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329

URL HTTP/1.1

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP

143.204.55.35:0
ASN

#16509 AMAZON-02

Magic

JSON data\012- , ASCII text, with very long lines (329), with no line terminators

Size

329
Hash

0333b0655111aa68de771adfcc4db243

63f295a144ac87a7c8e23417626724eeca68a7eb

60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

                                        GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 30 Aug 2022 21:17:12 GMT
Expires: Tue, 30 Aug 2022 21:28:24 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Cj9aXQzDW41lxPpHFu0d47wJC9QgDFxjusqT73bIVvRldww1kDGq6A==
Age: 2265

ocsp.digicert.com/

93.184.220.29

200 OK

471

URL HTTP/1.1

ocsp.digicert.com/
IP

93.184.220.29:0
ASN

#15133 EDGECAST

Magic

data

Size

471
Hash

f67e41cdd7e5f2aa8f93d031979c9109

5f4c0093f9bf8f8e48e0d7f56ed31aba0c6f43f6

608e2b7d208977f18da12165c9eb1539656d7754dc49f3f687736151a4810e06

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4750
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 30 Aug 2022 21:54:57 GMT
Last-Modified: Tue, 30 Aug 2022 20:35:47 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.43.46.140

101 Switching Protocols

URL HTTP/1.1

push.services.mozilla.com/
IP

52.43.46.140:0
ASN

#16509 AMAZON-02

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jfgP/dCJ9xM3SgNC3801yQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                        HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: LLSUUMOw+j1ogOZPXc1Ig+eLLp0=

segurnab.elementor.cloud/wp-content/themes/twentytwenty/inc/llll/DRT1654SDF/

162.159.138.9

301 Moved Permanently

URL HTTP/1.1

segurnab.elementor.cloud/wp-content/themes/twentytwenty/inc/llll/DRT1654SDF/
IP

162.159.138.9:0
ASN

#13335 CLOUDFLARENET

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Chronopost International

HTTP Headers

                                        GET /wp-content/themes/twentytwenty/inc/llll/DRT1654SDF/ HTTP/1.1
Host: segurnab.elementor.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                        HTTP/1.1 301 Moved Permanently
Date: Tue, 30 Aug 2022 21:54:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 30 Aug 2022 22:54:58 GMT
Location: https://segurnab.elementor.cloud/wp-content/themes/twentytwenty/inc/llll/DRT1654SDF/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7430c498b9dcfab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/jquery.min.js

104.17.25.14

200 OK

27192

URL HTTP/2

cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/jquery.min.js
IP

104.17.25.14:0
ASN

#13335 CLOUDFLARENET

Magic

ASCII text, with very long lines (32030)

Size

27192
Hash

92a5ff32a622bce0ca55d5644bdd4076

ad3c2861d6216aaf07b6ba1a0eb3b1a4eaa1ae91

1811f05ec81d0f3d900617e8760efb623e1a0f5ca0e8e424124181581653dbf5

HTTP Headers

                                        GET /ajax/libs/jquery/3.1.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://segurnab.elementor.cloud/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
date: Tue, 30 Aug 2022 21:54:58 GMT
content-type: application/javascript; charset=utf-8
content-length: 27192
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-152b5"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 7076856
expires: Sun, 20 Aug 2023 21:54:58 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gsQs%2Fs4wAr5%2FBJJ2pqsljhtmbqrmd1BoDLP3p5Dh8RG9imJMykxwYF1UtGts79dcWJpy6tguLrZ4Dhgb04t5SFgREzuNwXrEONrJ8SJoH0pD7Wt9CQR5erxtlTgPwZJ37DpfcVAk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7430c499fcefb521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.25.14

200 OK

5631

URL HTTP/2

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP

104.17.25.14:0
ASN

#13335 CLOUDFLARENET

Magic

ASCII text, with very long lines (30837)

Size

5631
Hash

109d1ed85cd01f9cdab73a4cac5bf80d

d6c6498ad46de2d8e2008a8ff68e364ae7f16b32

8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc

HTTP Headers

                                        GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://segurnab.elementor.cloud/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
date: Tue, 30 Aug 2022 21:54:58 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 3549646
expires: Sun, 20 Aug 2023 21:54:58 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7XTiEi470%2FZxR4n6hzyYiBlKFbeOmcATow%2B4VJw81vgR2d9L7j97kSqUQbZZnoWBbzG1OWSUwOlV%2BWNfYRtP0SEDwRhPlK3q9PV7EuMiiaoNQSY6skTT0L%2Bwsv%2FlbIN636hAs%2Fy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7430c49a3d32b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

13875

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.3:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 250x250, components 3\012- data

Size

13875
Hash

f91b5c5a1d82e82eba941e63efe88537

1f5549ec710161e2770dc34ec15b1cfed69a2c34

9cf9f0e90c49323c0cc25c5be14cd4f7b76382366dd366bbaf7876285814c7b2

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 Aug 2022 21:54:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

142.250.74.170

200 OK

30774

URL HTTP/2

ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP

142.250.74.170:0
ASN

#15169 GOOGLE

Magic

ASCII text, with very long lines (65451)

Size

30774
Hash

81182f4b684635f6bdcbdd907ee66f25

a1f2f151df72ede41397c8131bd47a3ce85575b3

be40946c98d9a78a3c7c9ad097d379ab12549a195bd7a4766919a1d3fd987396

HTTP Headers

                                        GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://segurnab.elementor.cloud/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 Aug 2022 18:24:40 GMT
expires: Wed, 30 Aug 2023 18:24:40 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
age: 12618
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

10330

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.3:0
ASN

#15169 GOOGLE

Magic

RIFF (little-endian) data, Web/P image\012- data

Size

10330
Hash

9cb50e471011acd1364794abcbd5b5e7

652b695d4308932008c0d2c695de12848246abec

cc5418084bfd3a6e5694735311ca3ec4ffd635dd6ae8bc4ddf291a3cf48f2873

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 Aug 2022 21:54:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

kit-free.fontawesome.com/releases/latest/webfonts/free-fa-solid-900.woff2

172.67.197.109

200 OK

78168

URL HTTP/2

kit-free.fontawesome.com/releases/latest/webfonts/free-fa-solid-900.woff2
IP

172.67.197.109:0
ASN

#13335 CLOUDFLARENET

Magic

Web Open Font Format (Version 2), TrueType, length 78168, version 331.-31196\012- data

Size

78168
Hash

a9fd1225fb2cd32320e2b931dca01089

44ec5c6a868b4ce62350d9f040ed8e18f7a1d128

c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

HTTP Headers

                                        GET /releases/latest/webfonts/free-fa-solid-900.woff2 HTTP/1.1
Host: kit-free.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://segurnab.elementor.cloud
Connection: keep-alive
Referer: https://kit-free.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
date: Tue, 30 Aug 2022 21:54:58 GMT
content-type: font/woff2
content-length: 78168
x-amz-id-2: k2viZCetajqjI0WpyokV0JogRkSX6OrnvQkVcBVTB5ykb+ypnnH/I3z+GYBYrpQC0kdOmFKwtXs=
x-amz-request-id: BKWCKYJB2AFY36WG
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:26:53 GMT
etag: "a9fd1225fb2cd32320e2b931dca01089"
cache-control: max-age=1800
cf-cache-status: HIT
age: 23
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HuBYzV93fjplr%2FfPdLBNPYcBmYWSGy1PXiOS%2F0DzmRFixXiGznoRk2rj7zDTQh%2F8yZgUu81lxUnq%2FawFX1A7XWLA7AwX2EdtxkGNEM5IIGSk%2Fpy6TY%2FnHL1l2q6auZ55zKi2%2FTkpcR0Xa8g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7430c49afe1d0b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kit-free.fontawesome.com/releases/latest/webfonts/free-fa-brands-400.woff2

172.67.197.109

200 OK

79050

URL HTTP/2

kit-free.fontawesome.com/releases/latest/webfonts/free-fa-brands-400.woff2
IP

172.67.197.109:0
ASN

#13335 CLOUDFLARENET

Magic

RIFF (little-endian) data, Web/P image\012- data

Size

79050
Hash

581814fb4c70a58be1532dca6294ece7

49fc5dfc98c5f84cb376a4c50d5108e67b7a3dcd

97325fea3f7576fff3fbff88debd3ff3ee514ee9eaa1f6322421e4428f3a0712

HTTP Headers

                                        GET /releases/latest/webfonts/free-fa-brands-400.woff2 HTTP/1.1
Host: kit-free.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://segurnab.elementor.cloud
Connection: keep-alive
Referer: https://kit-free.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        HTTP/2 200 OK
date: Tue, 30 Aug 2022 21:54:58 GMT
content-type: font/woff2
content-length: 76736
x-amz-id-2: CdQmn1fE6t4Jt5frcM3LtVIoqYI8sb6RHnaEkqs3P2uDl0M8tzVWuRZXdniu4Yn86xNptWlg9aQ=
x-amz-request-id: BKWFRTZHNSAVE43F
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:26:53 GMT
etag: "4f5ec865a8274ab291b6a42b5f70639e"
cache-control: max-age=1800
cf-cache-status: HIT
age: 23
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F8XDRp4upqmuvafoehx1JN02ZQ5GTT9wG53AvRZUrGcG%2BmswVRWF10DmUGADDnC3DeiqSSKK%2FFLQL1ZtaONSPKy1bR0%2BTgMyBBIH5lfTCClk%2F5N%2FQnS586JnmaH02yizD6pQsPvoW2jrqcw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7430c49b0e200b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

471

URL HTTP/1.1

ocsp.sca1b.amazontrust.com/
IP

54.230.245.110:0
ASN

#16509 AMAZON-02

Magic

data

Size

471
Hash

3ae04d7dcb239abecb986e671f75208b

af451aaa4f547218d8fbee37073f2cd0d867ba1b

22ca7b6cc51280ffb52f8865d396138efc14d120495c774f2feca69deff92148

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 30 Aug 2022 21:54:58 GMT
Last-Modified: Tue, 30 Aug 2022 20:23:47 GMT
Server: ECS (nyb/1D04)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Sg6DBMt36q0EcsgNExlgkPGzgZpOt19E_uQ89AnICDwIiy8laLtOcw==
Age: 5472

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

8483eb99dbd130593ed0072e2fbaccf9

fcb83f0b4a448f0b94b0bf9db431cc802413dacd

5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9605
Expires: Wed, 31 Aug 2022 00:35:04 GMT
Date: Tue, 30 Aug 2022 21:54:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

8483eb99dbd130593ed0072e2fbaccf9

fcb83f0b4a448f0b94b0bf9db431cc802413dacd

5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9605
Expires: Wed, 31 Aug 2022 00:35:04 GMT
Date: Tue, 30 Aug 2022 21:54:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

8483eb99dbd130593ed0072e2fbaccf9

fcb83f0b4a448f0b94b0bf9db431cc802413dacd

5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9605
Expires: Wed, 31 Aug 2022 00:35:04 GMT
Date: Tue, 30 Aug 2022 21:54:59 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd073058d-a781-4fa3-abd4-05363877c306.jpeg

34.120.237.76

200 OK

8478

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd073058d-a781-4fa3-abd4-05363877c306.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

8478
Hash

87425d52d274ccbc12298aa7a47395f2

b2866f84f93b73d97e9aecfa2293ff47131b6d67

2284c74b04493c7a67907b2477bac252832f3550c6a7e57c221abefc45a12549

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd073058d-a781-4fa3-abd4-05363877c306.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 8478
x-amzn-requestid: 8ae5ce3f-0d58-412b-84f1-579c5cf21fd8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpTWIH5JoAMFh9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d328d-7bb707102a3acb0320585b52;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 21:41:33 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: G0y5MCu_U2IUMTrWxPmyUefwSkF5tcEWpPh7sZ-Bn_1lXZv12tlpgQ==
via: 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 21:58:58 GMT
age: 86161
etag: "b2866f84f93b73d97e9aecfa2293ff47131b6d67"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10056

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb19e4053-4c42-4436-ba83-5e76fd16f5a4.webp
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

10056
Hash

0502c5060f29d82fd10f9f79459e2ce0

110f2eecf72c6b89f250ebefeff5ef664dc2f3f6

f722656c432bbec2baa63b6edc4116c1996850462864456105d9fea9c3bc7ff4

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb19e4053-4c42-4436-ba83-5e76fd16f5a4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 10056
x-amzn-requestid: 2eb7bbf2-47ad-4f80-98e8-ecb45e98961b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xguh2H_woAMFXnQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6309c472-7dda060b4e7c81262aef3421;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 07:14:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1cunCq4Z1J-oQSmTlcAtgfXO0A4_XpHKl2UHpRCbf75--3eHEIgZGQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 11:39:46 GMT
age: 36913
etag: "110f2eecf72c6b89f250ebefeff5ef664dc2f3f6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5925

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ed547f-030a-462d-a7c7-12a7748cf9c8.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

5925
Hash

91310bc1fb5ae0efa502a9bafe046399

ec2a4baf0a21c1738a541d89756cccd6f3bef5fd

5fe0511116c6bd2d6e668c69764905c3a5c93fa23a4dc207b0f4b1604783ceb6

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ed547f-030a-462d-a7c7-12a7748cf9c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 5925
x-amzn-requestid: 15e5a8fd-8a14-486d-9e83-7da3dafd1713
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpSfZEEooAMFbeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d312f-05652d4e06746e8b4f4be29b;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 21:35:43 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bYTWcGb1-aWdEhGox1If7F0NpZ0JDobDMZK6l0J7a2tb9_ejGKDiDQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 21:45:09 GMT
age: 590
etag: "ec2a4baf0a21c1738a541d89756cccd6f3bef5fd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9980

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa91a5094-5af6-430d-993d-243427b324ba.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

9980
Hash

82bc1c69018845280d29653d6b2d6f8d

0c122f15422cab7ee3461e8fa657183ae54adcc5

e221638eff281c27ef4656f76e64963718186285c57e50a8958bd3065e662674

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa91a5094-5af6-430d-993d-243427b324ba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 9980
x-amzn-requestid: b9f6b930-9c47-41b9-879d-ce239e39f033
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpTMGHlNoAMFuoA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d324d-72ea52c010dff34438bbca28;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 21:40:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fHSa3fGJD-E4daWDZyyKGaErPw9YBbAwJ2uQ2dxbxl2UJCXXDRykag==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 21:45:04 GMT
age: 595
etag: "0c122f15422cab7ee3461e8fa657183ae54adcc5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10672

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feac04243-b8b9-46aa-ad1f-285d333e6c88.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

10672
Hash

9f9132960db725a095b0db1773dc6f69

bf1d4347e1641da5aebe6ae438c0431232ae6242

0e0b84df674d48517a04819604deb555c904518f093784691de4914b6ddb9e9d

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feac04243-b8b9-46aa-ad1f-285d333e6c88.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 10672
x-amzn-requestid: 9044b578-ffc7-4890-a16f-bf6d5e242f46
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XnTWcEUnoAMF_UA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630c65c2-4397932f1417f6ab2463c4b0;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 07:07:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: uc8twk9uXve3wFxTvsZa_sg-aduiVBxXjTvOdqBc_BZmgw4BldMyHQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 07:15:20 GMT
age: 52779
etag: "bf1d4347e1641da5aebe6ae438c0431232ae6242"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8909

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4955929-0b9f-4215-9599-dffe8c74c90c.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

8909
Hash

feb433a0823cccb81dc4c5fa13ba4ed2

143f7bb98f57f8e6189e73e75a9fc93d29548962

09a5ddc32918b441b6d3ce3eed211d674d3844db6770e06bb3fecb86cc85771a

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4955929-0b9f-4215-9599-dffe8c74c90c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 8909
x-amzn-requestid: 2c4357d3-5c22-465a-a65a-e281d87c5305
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XnTxZGYEIAMFeZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630c666f-36b5010a793ab9c87182a895;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 07:10:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Y3cwsCGFKFQYWkxG96XsjTJMrCMccbdhjRvbB04PCNF2YupDcEcng==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 07:33:49 GMT
age: 51670
etag: "143f7bb98f57f8e6189e73e75a9fc93d29548962"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

s3-us-west-2.amazonaws.com/s.cdpn.io/3/jquery.inputmask.bundle.js

52.92.163.0

200 OK

176433

URL HTTP/1.1

s3-us-west-2.amazonaws.com/s.cdpn.io/3/jquery.inputmask.bundle.js
IP

52.92.163.0:0
ASN

#16509 AMAZON-02

Magic

ASCII text, with very long lines (544)

Size

176433
Hash

f0b02d9f2d3c6679556e63935ac23320

384bb74cdb2840da6eaa9400242faf4a2fac3daa

f708ad894d421f32ed297a914632db6bc1577841d1c210b34f1a0821ea0aaa4b

HTTP Headers

                                        GET /s.cdpn.io/3/jquery.inputmask.bundle.js HTTP/1.1
Host: s3-us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://segurnab.elementor.cloud/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
x-amz-id-2: 6RJmR8o2MjP1inGaRKMypEdupGem9d4ZxkWz5mqr2SBBpiI+Azfgnni7iOaLKoENvmicnT7u45A=
x-amz-request-id: NVJA0N1E8GB4DSDM
Date: Tue, 30 Aug 2022 21:54:59 GMT
Last-Modified: Wed, 30 Nov 2016 13:28:36 GMT
ETag: "f0b02d9f2d3c6679556e63935ac23320"
Cache-Control: public
Expires: Mon, 30 Nov 2026 13:28:34 GMT
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 176433

segurnab.elementor.cloud/wp-content/themes/twentytwenty/inc/llll/index.php

162.159.138.9

302 Found

URL HTTP/2

segurnab.elementor.cloud/wp-content/themes/twentytwenty/inc/llll/index.php
IP

162.159.138.9:0
ASN

#13335 CLOUDFLARENET

Magic

Size

0
Hash

HTTP Headers

                                        GET /wp-content/themes/twentytwenty/inc/llll/index.php HTTP/1.1
Host: segurnab.elementor.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                        HTTP/2 302 Found
date: Tue, 30 Aug 2022 21:54:57 GMT
content-type: text/html; charset=UTF-8
location: ./DRT1654SDF
cf-ray: 7430c490bda9b4fd-OSL
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT
set-cookie: PHPSESSID=q3suo3ka1054v960r45qp8400p; path=/
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pragma: no-cache
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

segurnab.elementor.cloud/wp-content/themes/twentytwenty/inc/llll/DRT1654SDF

162.159.138.9

301 Moved Permanently

URL HTTP/2

segurnab.elementor.cloud/wp-content/themes/twentytwenty/inc/llll/DRT1654SDF
IP

162.159.138.9:0
ASN

#13335 CLOUDFLARENET

Magic

Size

0
Hash

HTTP Headers

                                        GET /wp-content/themes/twentytwenty/inc/llll/DRT1654SDF HTTP/1.1
Host: segurnab.elementor.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=q3suo3ka1054v960r45qp8400p
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

                                        HTTP/2 301 Moved Permanently
date: Tue, 30 Aug 2022 21:54:58 GMT
content-type: text/html
location: http://segurnab.elementor.cloud/wp-content/themes/twentytwenty/inc/llll/DRT1654SDF/
cf-ray: 7430c497fe16b4fd-OSL
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kit-free.fontawesome.com/releases/latest/css/free.min.css

172.67.197.109

200 OK

URL HTTP/2

kit-free.fontawesome.com/releases/latest/css/free.min.css
IP

172.67.197.109:0
ASN

#13335 CLOUDFLARENET

Magic

Size

0
Hash

HTTP Headers

                                        GET /releases/latest/css/free.min.css HTTP/1.1
Host: kit-free.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://segurnab.elementor.cloud/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
date: Tue, 30 Aug 2022 21:54:58 GMT
content-type: text/css
x-amz-id-2: p6m9baBJ/2L4abWgnkZ6Suc7OaldZNjs+wuGAblaCmalxDD/KdvznACKl34pnITKK/2I85IKPW4=
x-amz-request-id: A4WG19PHWNZEDZHW
last-modified: Wed, 04 Aug 2021 21:22:50 GMT
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
cache-control: max-age=1800
cf-cache-status: HIT
age: 1125
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vf%2BTg6y7LA5yo0NigLCP9E363H6ksUUAuPr2WI22BBNIjMpjjM79zOzhZYJdp620vs%2BX2H0k8Aly0xnOIUn0aI3T71LtScrq3arXlJVuiFgV7qVKGAV7ZLKrvFvJIDHcRK0WULITCfBglDU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7430c499eb40b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css

104.18.11.207

200 OK

URL HTTP/2

stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css
IP

104.18.11.207:0
ASN

#13335 CLOUDFLARENET

Magic

Size

0
Hash

HTTP Headers

                                        GET /bootstrap/4.5.0/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://segurnab.elementor.cloud
Connection: keep-alive
Referer: https://segurnab.elementor.cloud/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
date: Tue, 30 Aug 2022 21:54:58 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"3afe15e976734d9daac26310110c4594"
last-modified: Mon, 25 Jan 2021 22:04:10 GMT
cdn-cachedat: 06/01/2022 10:11:07
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 565
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 1ff5df53acf0959f537b6ff39fc342f5
cdn-cache: HIT
cf-cache-status: HIT
age: 23
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7430c499eb47b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

172.64.156.26

200 OK

URL HTTP/2

static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
IP

172.64.156.26:0
ASN

#13335 CLOUDFLARENET

Magic

Size

0
Hash

HTTP Headers

                                        GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://segurnab.elementor.cloud
Connection: keep-alive
Referer: https://segurnab.elementor.cloud/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
date: Tue, 30 Aug 2022 21:54:58 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 7430c49a2ec3b512-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

URL

IP

ASN

Submitted

Access

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (7)

#1 JS:Script (size: 370)

#2 JS:Script (size: 86709)

#3 JS:Script (size: 13970)

#4 JS:Script (size: 88145)

#5 JS:Script (size: 2602)

#6 JS:Script (size: 185)

#7 JS:Script (size: 176433)

HTTP Transactions (31)

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers