blog.securelayer7.net Open in urlscan Pro
2606:4700::6812:93e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3E9qvfv
Effective URL:
https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
Submission: On November 15 via api (November 15th 2022, 12:00:17 pm UTC) from RO — Scanned from DE

Summary HTTP 72 Redirects Links 45 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 11 domains to perform 72 HTTP transactions. The main IP is 2606:4700::6812:93e, located in United States and belongs to CLOUDFLARENET, US. The main domain is blog.securelayer7.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 26th 2022. Valid for: a year.

This is the only time blog.securelayer7.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
43	2606:4700::68... 2606:4700::6812:93e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2606:4700:10:... 2606:4700:10::6816:e17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
72	14

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2606:4700::6812:93e (United States)

ASN13335 (CLOUDFLARENET, US)

blog.securelayer7.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:e17 (United States)

ASN13335 (CLOUDFLARENET, US)

my.hellobar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	securelayer7.net blog.securelayer7.net	672 KB
11	wp.com c0.wp.com — Cisco Umbrella Rank: 6807 stats.wp.com — Cisco Umbrella Rank: 2615 pixel.wp.com — Cisco Umbrella Rank: 2437	78 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36 region1.google-analytics.com — Cisco Umbrella Rank: 2536	20 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	224 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43 firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 549	2 KB
2	hellobar.com my.hellobar.com — Cisco Umbrella Rank: 16626	77 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5922	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78	446 B
1	gstatic.com fonts.gstatic.com	16 KB
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 5383	282 B
72	11

	Domain	Requested by
43	blog.securelayer7.net	blog.securelayer7.net
9	c0.wp.com	blog.securelayer7.net
4	www.googletagmanager.com	blog.securelayer7.net www.googletagmanager.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com
2	firebaseinstallations.googleapis.com	blog.securelayer7.net
2	my.hellobar.com	blog.securelayer7.net my.hellobar.com
2	fonts.googleapis.com	blog.securelayer7.net my.hellobar.com
1	www.google.de
1	www.google.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	pixel.wp.com
1	stats.wp.com	blog.securelayer7.net
1	fonts.gstatic.com	fonts.googleapis.com
1	bit.ly	1 redirects
72	15

This site contains links to these domains. Also see Links.

Domain
securelayer7.net
www.wondercms.com
www.securelayer7.net
github.com
www.exploit-db.com
nvd.nist.gov
www.facebook.com
twitter.com
www.linkedin.com
pinterest.com
akismet.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-03-26` - `2023-03-26`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
Frame ID: 9D933C71AEDFD333219B4D590C5001B8
Requests: 71 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Raleway
Frame ID: 3D8DDCC29BC85E1B0A89C2103A258D87
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

WonderCMS 3.1.3 Vulnerable to Authenticated Server-Side Request Forgery - CVE-2020-35313 - Penetration Testing and CyberSecurity Solution - SecureLayer7

Page URL History Show full URLs

https://bit.ly/3E9qvfv HTTP 301
https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

72
Requests

100 %
HTTPS

79 %
IPv6

11
Domains

15
Subdomains

14
IPs

3
Countries

1091 kB
Transfer

3084 kB
Size

9
Cookies

45 Outgoing links

These are links going to different origins than the main page.

URL: https://securelayer7.net/
Title: Services

Search URL Search Domain Scan URL

URL: https://securelayer7.net/security/application-penetration-testing
Title: Application Security

Search URL Search Domain Scan URL

URL: https://securelayer7.net/mobile/mobile-application-penetration-testing
Title: Mobile Application Security

Search URL Search Domain Scan URL

URL: https://securelayer7.net/binary/thick-client-penetration-testing
Title: Thick Client Penetration Testing

Search URL Search Domain Scan URL

URL: https://securelayer7.net/telecom/voip-penetration-testing
Title: VoIP Penetration Testing

Search URL Search Domain Scan URL

URL: https://securelayer7.net/on-demand-penetration-testing
Title: On Demand Penetration Testing

Search URL Search Domain Scan URL

URL: https://securelayer7.net/blockchain/ethereum-smart-contract
Title: Ethereum Smart Contract Audit

Search URL Search Domain Scan URL

URL: https://securelayer7.net/review/source-code-audit
Title: Source Code Audit

Search URL Search Domain Scan URL

URL: https://securelayer7.net/iot/internet-of-things-security-assessment
Title: IoT Device Security

Search URL Search Domain Scan URL

URL: https://securelayer7.net/digital/ico-security
Title: ICO Security

Search URL Search Domain Scan URL

URL: https://securelayer7.net/scan/website-malware-removal
Title: Web Malware Removal

Search URL Search Domain Scan URL

URL: https://securelayer7.net/sap-security-assessment
Title: SAP Security Assessment

Search URL Search Domain Scan URL

URL: https://securelayer7.net/assessment/red-team-cyber-security-assessment
Title: Red Team Assessment

Search URL Search Domain Scan URL

URL: https://securelayer7.net/aws-security-assessment
Title: AWS Security Assessment

Search URL Search Domain Scan URL

URL: https://securelayer7.net/infrastructure/network-security
Title: Network Security

Search URL Search Domain Scan URL

URL: https://securelayer7.net/secure/server-security-hardening
Title: Server Hardening

Search URL Search Domain Scan URL

URL: https://securelayer7.net/radio/wireless-security-assessment
Title: Wireless Security Assessment

Search URL Search Domain Scan URL

URL: https://securelayer7.net/device/firewall-configuration-review
Title: Firewall Configuration Review

Search URL Search Domain Scan URL

URL: https://securelayer7.net/telecom-network-security
Title: Telecom Network Security

Search URL Search Domain Scan URL

URL: https://securelayer7.net/web-application-security-training
Title: Web Application Security Training

Search URL Search Domain Scan URL

URL: https://securelayer7.net/resources
Title: Resources

Search URL Search Domain Scan URL

URL: https://securelayer7.net/advisories-acknowledgements
Title: Advisories

Search URL Search Domain Scan URL

URL: https://securelayer7.net/about/
Title: About

Search URL Search Domain Scan URL

URL: https://securelayer7.net/leadership
Title: Management

Search URL Search Domain Scan URL

URL: https://securelayer7.net/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://securelayer7.net/contact-us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.wondercms.com/
Title: WonderCMS

Search URL Search Domain Scan URL

URL: http://www.securelayer7.net/penetration-testing
Title: penetration testers

Search URL Search Domain Scan URL

URL: https://github.com/robiso/wondercms
Title: WonderCMS

Search URL Search Domain Scan URL

URL: https://github.com/robiso/wondercms/releases/download/3.1.3/WonderCMS-3.1.3.zip
Title: https://github.com/robiso/wondercms/releases/download/3.1.3/WonderCMS-3.1.3.zip

Search URL Search Domain Scan URL

URL: https://www.exploit-db.com/exploits/49154
Title: https://www.exploit-db.com/exploits/49154

Search URL Search Domain Scan URL

URL: https://nvd.nist.gov/vuln/detail/CVE-2020-35313
Title: https://nvd.nist.gov/vuln/detail/CVE-2020-35313

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fblog.securelayer7.net%2Fwondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=WonderCMS+3.1.3+Vulnerable+to+Authenticated+Server-Side+Request+Forgery+-+CVE-2020-35313+-+Penetration+Testing+and+CyberSecurity+Solution+-+SecureLayer7.+https%3A%2F%2Fblog.securelayer7.net%2Fwondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery%2F

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fblog.securelayer7.net%2Fwondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery%2F

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/find/?url=https%3A%2F%2Fblog.securelayer7.net%2Fwondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery%2F

Search URL Search Domain Scan URL

URL: https://akismet.com/privacy/
Title: Learn how your comment data is processed

Search URL Search Domain Scan URL

URL: https://securelayer7.net/index
Title: Home

Search URL Search Domain Scan URL

URL: https://securelayer7.net/mobile/mobile-application-security
Title: Mobile Application Security

Search URL Search Domain Scan URL

URL: https://securelayer7.net/iot/iot-security
Title: IoT Device Security

Search URL Search Domain Scan URL

URL: https://securelayer7.net/assessment/red-team-assessment
Title: Red Teaming Assessment

Search URL Search Domain Scan URL

URL: https://securelayer7.net/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://securelayer7.net/disclaimer-agreement
Title: Disclaimer Agreement

Search URL Search Domain Scan URL

URL: https://securelayer7.net/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://securelayer7.net/usage-agreement
Title: Usage Agreement

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3E9qvfv HTTP 301
https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

72 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
Redirect Chain

https://bit.ly/3E9qvfv
https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/

201 KB
36 KB

299ms
228ms

Document
text/html

2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53d935b7a7daa35ffa9d1075a3978b011e6db18b9c99bcdc537d9eb31b44ac63

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 76a7d33b0cfc5cb0-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 15 Nov 2022 12:00:12 GMT
link: <https://blog.securelayer7.net/wp-json/>; rel="https://api.w.org/", <https://blog.securelayer7.net/wp-json/wp/v2/posts/5138>; rel="alternate"; type="application/json", <https://blog.securelayer7.net/?p=5138>; rel=shortlink
server: cloudflare
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
x-pingback: https://blog.securelayer7.net/xmlrpc.php

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=90
content-length: 189
content-type: text/html; charset=utf-8
date: Tue, 15 Nov 2022 12:00:11 GMT
location: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
server: nginx
via: 1.1 google

GET
H2 200 style.min.css
c0.wp.com/c/6.0.3/wp-includes/css/dist/block-library/ 87 KB
11 KB 73ms
20ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.0.3/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 15 Nov 2022 12:00:12 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Wed, 15 Nov 2023 12:00:12 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
c0.wp.com/c/6.0.3/wp-includes/js/mediaelement/ 11 KB
2 KB 73ms
21ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.0.3/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 15 Nov 2022 12:00:12 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Wed, 15 Nov 2023 12:00:12 GMT

GET
H2 200 wp-mediaelement.min.css
c0.wp.com/c/6.0.3/wp-includes/js/mediaelement/ 4 KB
1 KB 73ms
21ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.0.3/wp-includes/js/mediaelement/wp-mediaelement.min.css

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 15 Nov 2022 12:00:12 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Wed, 15 Nov 2023 12:00:12 GMT

GET
H2 200 styles.css
blog.securelayer7.net/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 35ms
32ms Stylesheet
text/css 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 19 Oct 2022 11:20:06 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: text/css
content-encoding: gzip
cache-control: public, max-age=14400
cf-ray: 76a7d33c98695cb0-FRA
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 blocks.style.build.min.css
blog.securelayer7.net/wp-content/plugins/wp-codemirror-block/assets/blocks/ 10 KB
2 KB 34ms
31ms Stylesheet
text/css 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/wp-content/plugins/wp-codemirror-block/assets/blocks/blocks.style.build.min.css?ver=1587551715

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4977e892ec278eac9b3d1820edbda8b9b3c2c2de73181f657097ebf89e65b804

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 22 Apr 2020 10:35:15 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: text/css
content-encoding: gzip
cache-control: public, max-age=14400
cf-ray: 76a7d33c986d5cb0-FRA
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 frontend.min.css
blog.securelayer7.net/wp-content/plugins/wp-user-avatar/assets/css/ 97 KB
14 KB 39ms
36ms Stylesheet
text/css 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css?ver=4.3.2

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c257a079a1ccf32c329c94c8a698ea5af2d96e75c3797475eee2ea974a188b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 06:26:43 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: text/css
content-encoding: gzip
cache-control: public, max-age=14400
cf-ray: 76a7d33c986f5cb0-FRA
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 flatpickr.min.css
blog.securelayer7.net/wp-content/plugins/wp-user-avatar/assets/flatpickr/ 14 KB
3 KB 33ms
30ms Stylesheet
text/css 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css?ver=4.3.2

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3668f6d335416599574fb1f336cbd2b9bb2f8fcff63e63a9ca3b68df4d0c6165

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 06:26:43 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: text/css
content-encoding: gzip
cache-control: public, max-age=14400
cf-ray: 76a7d33c98715cb0-FRA
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 select2.min.css
blog.securelayer7.net/wp-content/plugins/wp-user-avatar/assets/select2/ 15 KB
2 KB 35ms
33ms Stylesheet
text/css 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css?ver=6.0.3

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 06:26:43 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: text/css
content-encoding: gzip
cache-control: public, max-age=14400
cf-ray: 76a7d33c98735cb0-FRA
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 be.css
blog.securelayer7.net/wp-content/themes/betheme/css/ 403 KB
69 KB 52ms
49ms Stylesheet
text/css 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/wp-content/themes/betheme/css/be.css?ver=26.6.1

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4b9184f5f95bdaa158c2d28a5fae0cb03999b35c77c95c54f5538b2864b8e06

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 06:34:45 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: text/css
content-encoding: gzip
cache-control: public, max-age=14400
cf-ray: 76a7d33c98755cb0-FRA
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 animations.min.css
blog.securelayer7.net/wp-content/themes/betheme/assets/animations/ 58 KB
5 KB 38ms
35ms Stylesheet
text/css 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/wp-content/themes/betheme/assets/animations/animations.min.css?ver=26.6.1

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

622a07604bb0030ba7094f0f1dcb5d1e9080164fd6ba4071a73452802378b55b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 06:34:45 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: text/css
content-encoding: gzip
cache-control: public, max-age=14400
cf-ray: 76a7d33c98785cb0-FRA
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 fontawesome.css
blog.securelayer7.net/wp-content/themes/betheme/fonts/fontawesome/ 59 KB
12 KB 41ms
39ms Stylesheet
text/css 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/wp-content/themes/betheme/fonts/fontawesome/fontawesome.css?ver=26.6.1

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a8f55d140604ca7fed7724ee5d45c06d445673636211543d30959c317a98a4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 06:34:45 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: text/css
content-encoding: gzip
cache-control: public, max-age=14400
cf-ray: 76a7d33c987a5cb0-FRA
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 jplayer.blue.monday.min.css
blog.securelayer7.net/wp-content/themes/betheme/assets/jplayer/css/ 9 KB
2 KB 35ms
33ms Stylesheet
text/css 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.min.css?ver=26.6.1

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10f8e5f272c9ae8c8271ab51d7310aaf9c9bed694104dbe6ff10d99849d19ab8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 06:34:45 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: text/css
content-encoding: gzip
cache-control: public, max-age=14400
cf-ray: 76a7d33c987e5cb0-FRA
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 responsive.css
blog.securelayer7.net/wp-content/themes/betheme/css/ 64 KB
12 KB 36ms
34ms Stylesheet
text/css 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/wp-content/themes/betheme/css/responsive.css?ver=26.6.1

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd05c6edba0491dc3745b1f6eb10e4ca6bac9e9d8783083147e4b59bc79ceb9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 06:34:45 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: text/css
content-encoding: gzip
cache-control: public, max-age=14400
cf-ray: 76a7d33c98805cb0-FRA
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 82ms
31ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A1&display=swap&ver=6.0.3

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 15 Nov 2022 12:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 11:58:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Nov 2022 12:00:12 GMT

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/11.5.1/css/ 84 KB
15 KB 65ms
21ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/11.5.1/css/jetpack.css

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

96852267480e97e11f1058af3c56a86368b3c6647c2c4de7a69de2a693be9f68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 15 Nov 2022 12:00:12 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 25 Oct 2022 13:51:34 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Wed, 15 Nov 2023 12:00:12 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 email-decode.min.js Show response
blog.securelayer7.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
825 B 26ms
24ms Script
application/javascript 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
last-modified: Wed, 09 Nov 2022 12:52:00 GMT
server: cloudflare
content-encoding: gzip
etag: W/"636ba270-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 76a7d33cd8ef5cb0-FRA
expires: Thu, 17 Nov 2022 12:00:12 GMT

GET
H2 200 post-5138.css
blog.securelayer7.net/wp-content/uploads/betheme/css/ 52 B
140 B 96ms
95ms Stylesheet
text/css 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/wp-content/uploads/betheme/css/post-5138.css?ver=1668513612

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

352741b78d90e9c48216a63737a03cf7235e70dc7b3a6fa26f0225182f3c254e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 10 Nov 2022 08:43:58 GMT
server: cloudflare
content-encoding: gzip
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 76a7d33cd8f45cb0-FRA
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 rocket-loader.min.js Show response
blog.securelayer7.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 26ms
25ms Script
application/javascript 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
last-modified: Wed, 09 Nov 2022 12:52:00 GMT
server: cloudflare
content-encoding: gzip
etag: W/"636ba270-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 76a7d33cd8f75cb0-FRA
expires: Thu, 17 Nov 2022 12:00:12 GMT

GET
H2 200 footer-bg.png
blog.securelayer7.net/wp-content/uploads/2019/12/ 21 KB
21 KB 37ms
37ms Image
image/png 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.securelayer7.net/wp-content/uploads/2019/12/footer-bg.png

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1bd41ab98ca645e15ca496bdaacda0919c28782ad8a97210e7a1aa39b09cc4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 06 Dec 2019 11:27:42 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 76a7d33d39f75cb0-FRA
content-length: 21217
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 75ms
21ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A1&display=swap&ver=6.0.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.securelayer7.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 404277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Nov 2023 19:42:15 GMT

GET
H2 200 icons.woff
blog.securelayer7.net/wp-content/themes/betheme/fonts/mfn/ 80 KB
80 KB 89ms
89ms Font
font/woff 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/wp-content/themes/betheme/fonts/mfn/icons.woff?31690507

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/wp-content/themes/betheme/css/be.css?ver=26.6.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

559a910060423ed485ddc062a9ab5318859bbfde26be3f73d9b83ac0b9dae677

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.securelayer7.net/wp-content/themes/betheme/css/be.css?ver=26.6.1
Origin: https://blog.securelayer7.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 06:34:45 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: font/woff
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 76a7d33d4a155cb0-FRA
content-length: 81448
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 e-202246.js Show response
stats.wp.com/ 9 KB
3 KB 70ms
20ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202246.js
Requested by: Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nc: HIT hhn
date: Tue, 15 Nov 2022 12:00:12 GMT
content-encoding: br
server: nginx
etag: W/"62f6b688-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 05 Nov 2023 23:57:24 GMT

GET
H2 200 9eace28e9cb60d5ad413a7f8bb14769f33414f4b.js Show response
my.hellobar.com/ 15 KB
4 KB 129ms
69ms Script
text/javascript 2606:4700:10::6816:e17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hellobar.com/9eace28e9cb60d5ad413a7f8bb14769f33414f4b.js
Requested by: Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:e17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e0b261dc61c2e568cb80b68c8c5356616ad5021fce911c9a32dfa88b005761f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 15 Nov 2022 11:07:16 GMT
server: cloudflare
x-amz-request-id: 67T1KXZ7GX01HZDD
age: 10
etag: W/"7f4a0d6c2f9450a73678baead168e754"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=86400, must-revalidate, proxy-revalidate, s-maxage=10
cf-ray: 76a7d33dff1a9202-FRA
x-amz-id-2: TyIydrSV7Ee38KJSPiz3di3QbrBzJLPgl3HJNK2KhFTC87fH0BYa8ZmGU/eICQ5abrXqugyaLik=

GET
H2 200 akismet-frontend.js Show response
blog.securelayer7.net/wp-content/plugins/akismet/_inc/ 10 KB
3 KB 33ms
27ms Script
application/javascript 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1666178405

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

070b943db88a9b02b0f8aa48f8f650e89fad00c2747367923f939c08436c25f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 19 Oct 2022 11:20:05 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=14400
cf-ray: 76a7d33d9a8e5cb0-FRA
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 lazy-images.js Show response
blog.securelayer7.net/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/ 2 KB
1 KB 67ms
59ms Script
application/javascript 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=8767d0da914b289bd862

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c99ffa666406b233d0791d6f9c7b4675c37ae1e537813b213bc3968a95321355

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 06:26:40 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=14400
cf-ray: 76a7d33d9aa55cb0-FRA
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 intersection-observer.js Show response
blog.securelayer7.net/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/ 9 KB
3 KB 129ms
121ms Script
application/javascript 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=83ec8aa758f883d6da14

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 06:26:40 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=14400
cf-ray: 76a7d33d9aa75cb0-FRA
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 comment-reply.min.js Show response
c0.wp.com/c/6.0.3/wp-includes/js/ 3 KB
1 KB 27ms
19ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.0.3/wp-includes/js/comment-reply.min.js

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 15 Nov 2022 12:00:12 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Wed, 15 Nov 2023 12:00:12 GMT

GET
H2 200 scripts.js Show response
blog.securelayer7.net/wp-content/themes/betheme/js/ 113 KB
23 KB 54ms
46ms Script
application/javascript 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/wp-content/themes/betheme/js/scripts.js?ver=26.6.1

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1cdbbb00370d0b39f206fd632aba71deef1ae02a238441cac4b2ac4be98b452

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 06:34:45 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=14400
cf-ray: 76a7d33d9aa95cb0-FRA
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 translate3d.js Show response
blog.securelayer7.net/wp-content/themes/betheme/js/parallax/ 4 KB
1 KB 43ms
36ms Script
application/javascript 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/wp-content/themes/betheme/js/parallax/translate3d.js?ver=26.6.1

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0a00439e0c82d42a9b64c694698665bd924252eb48e86b1c95a4d40dac471a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 06:34:45 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=14400
cf-ray: 76a7d33d9aaa5cb0-FRA
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 enllax.min.js Show response
blog.securelayer7.net/wp-content/themes/betheme/js/plugins/ 2 KB
589 B 42ms
35ms Script
application/javascript 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/wp-content/themes/betheme/js/plugins/enllax.min.js?ver=26.6.1

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c24a7908e8bccfb36947de91ab342f33f1c966b31f50ed1fb83d9d8b3d579a1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 06:34:45 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=14400
cf-ray: 76a7d33d9aae5cb0-FRA
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 stickysidebar.min.js Show response
blog.securelayer7.net/wp-content/themes/betheme/js/plugins/ 12 KB
4 KB 42ms
35ms Script
application/javascript 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/wp-content/themes/betheme/js/plugins/stickysidebar.min.js?ver=26.6.1

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5667b095b36ff6e6ac5365fd5d517bd3d0b6cdbf32d36daf479c5334ba655760

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 06:34:45 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=14400
cf-ray: 76a7d33d9aaf5cb0-FRA
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 jplayer.min.js Show response
blog.securelayer7.net/wp-content/themes/betheme/assets/jplayer/ 51 KB
12 KB 50ms
43ms Script
application/javascript 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=26.6.1

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e6c69ba30da65996fe5cfd06a9248ad71966d7f05781b646d87358a7e202511

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 06:34:45 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=14400
cf-ray: 76a7d33d9ab05cb0-FRA
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 animations.min.js Show response
blog.securelayer7.net/wp-content/themes/betheme/assets/animations/ 2 KB
684 B 40ms
33ms Script
application/javascript 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/wp-content/themes/betheme/assets/animations/animations.min.js?ver=26.6.1

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1bbd7ecc1eb2490fa89949a1af779e82a0817587e19a8396936ed86e430550b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 06:34:45 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=14400
cf-ray: 76a7d33d9ab15cb0-FRA
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 visible.min.js Show response
blog.securelayer7.net/wp-content/themes/betheme/js/plugins/ 608 B
439 B 36ms
29ms Script
application/javascript 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/wp-content/themes/betheme/js/plugins/visible.min.js?ver=26.6.1

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ecf312a51fd23a6d2258191745ab900d7f393a4633515e0df6305cde42b1a3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 06:34:45 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=14400
cf-ray: 76a7d33d9ab25cb0-FRA
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 menu.js Show response
blog.securelayer7.net/wp-content/themes/betheme/js/ 3 KB
1 KB 38ms
32ms Script
application/javascript 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/wp-content/themes/betheme/js/menu.js?ver=26.6.1

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e31562bbd4b9f377eec9662b440b0c1262ff73f7e85c3a6e3639635e4516013f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 06:34:45 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=14400
cf-ray: 76a7d33d9ab35cb0-FRA
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 magnificpopup.min.js Show response
blog.securelayer7.net/wp-content/themes/betheme/js/plugins/ 20 KB
7 KB 40ms
34ms Script
application/javascript 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/wp-content/themes/betheme/js/plugins/magnificpopup.min.js?ver=26.6.1

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82705acbecdd84306ce33e08f576eca6a688896895e6e48d1c36a4071fcba14e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 06:34:45 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=14400
cf-ray: 76a7d33d9ab45cb0-FRA
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 debouncedresize.min.js Show response
blog.securelayer7.net/wp-content/themes/betheme/js/plugins/ 472 B
355 B 63ms
57ms Script
application/javascript 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/wp-content/themes/betheme/js/plugins/debouncedresize.min.js?ver=26.6.1

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c5a0e187e68ccbf13dafd079e2c46c7917cc60b6959e5a881da324958f34d92

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 06:34:45 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=14400
cf-ray: 76a7d33d9ab65cb0-FRA
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 tabs.min.js Show response
c0.wp.com/c/6.0.3/wp-includes/js/jquery/ui/ 12 KB
4 KB 26ms
20ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.0.3/wp-includes/js/jquery/ui/tabs.min.js

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

34934dc0d2652647955344d4d53218860096f14217c81c1eb5b02e54526835b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 15 Nov 2022 12:00:12 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Wed, 15 Nov 2023 12:00:12 GMT

GET
H2 200 core.min.js Show response
c0.wp.com/c/6.0.3/wp-includes/js/jquery/ui/ 20 KB
7 KB 26ms
20ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.0.3/wp-includes/js/jquery/ui/core.min.js

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 15 Nov 2022 12:00:12 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Wed, 15 Nov 2023 12:00:12 GMT

GET
H2 200 app.js Show response
blog.securelayer7.net/wp-content/plugins/push-notification//assets/public/ 9 KB
3 KB 36ms
30ms Script
application/javascript 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/wp-content/plugins/push-notification//assets/public/app.js?ver=1.24

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd67994f5de370fc62b5fbd163a357389b91c249c5473a3f20176ea0571038c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 27 Sep 2022 06:58:19 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=14400
cf-ray: 76a7d33d9ab85cb0-FRA
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 messaging.min.js Show response
blog.securelayer7.net/wp-content/plugins/push-notification//assets/public/ 38 KB
10 KB 50ms
45ms Script
application/javascript 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/wp-content/plugins/push-notification//assets/public/messaging.min.js?ver=1.24

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

193db151ad014ae19830b6e81c93373c52ad0bec12e5e341884e81394985f7b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 27 Sep 2022 06:58:19 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=14400
cf-ray: 76a7d33d9aba5cb0-FRA
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 93 KB
37 KB 81ms
29ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?ver=1.24

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3e49e2a138a44a48e36ae30ba5a2e0116394e92ef15aa4a2f66f1e751687dca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 37468
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 15 Nov 2022 12:00:12 GMT

GET
H2 200 analytics.js Show response
blog.securelayer7.net/wp-content/plugins/push-notification//assets/public/ 23 KB
8 KB 75ms
70ms Script
application/javascript 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/wp-content/plugins/push-notification//assets/public/analytics.js?ver=1.24

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cd62ce85f83b32a72420feaa977b7213d3b0d40373b3354462854c5a230514f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 27 Sep 2022 06:58:19 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=14400
cf-ray: 76a7d33d9abd5cb0-FRA
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 application.min.js Show response
blog.securelayer7.net/wp-content/plugins/push-notification//assets/public/ 18 KB
6 KB 48ms
44ms Script
application/javascript 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/wp-content/plugins/push-notification//assets/public/application.min.js?ver=1.24

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

171eb22406107d1aed7dba9b73f9c52eecb1a296f73f5e25ca8fb071406ea313

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 27 Sep 2022 06:58:19 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=14400
cf-ray: 76a7d33d9abe5cb0-FRA
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 frontend.min.js Show response
blog.securelayer7.net/wp-content/plugins/wp-user-avatar/assets/js/ 19 KB
4 KB 48ms
44ms Script
application/javascript 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?ver=4.3.2

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

255bbdc2a44e99169f7196982ff3155cf5631bdc043a1a431e5ea8f51297bb73

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 06:26:43 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=14400
cf-ray: 76a7d33d9ac05cb0-FRA
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 index.js Show response
blog.securelayer7.net/wp-content/plugins/contact-form-7/includes/js/ 12 KB
4 KB 62ms
58ms Script
application/javascript 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 19 Oct 2022 11:20:06 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=14400
cf-ray: 76a7d33d9ac45cb0-FRA
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 index.js Show response
blog.securelayer7.net/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 89ms
85ms Script
application/javascript 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 19 Oct 2022 11:20:06 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=14400
cf-ray: 76a7d33dbae25cb0-FRA
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 select2.min.js Show response
blog.securelayer7.net/wp-content/plugins/wp-user-avatar/assets/select2/ 69 KB
19 KB 52ms
48ms Script
application/javascript 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=4.3.2

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 06:26:43 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=14400
cf-ray: 76a7d33dbae65cb0-FRA
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 flatpickr.min.js Show response
blog.securelayer7.net/wp-content/plugins/wp-user-avatar/assets/flatpickr/ 49 KB
14 KB 62ms
59ms Script
application/javascript 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=4.3.2

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f77f1c60435921cb2d68ccfb3bf2da81dd35f274014c4cd5a5b9c20c4a46a27

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 06:26:43 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=14400
cf-ray: 76a7d33dbaea5cb0-FRA
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/6.0.3/wp-includes/js/jquery/ 11 KB
4 KB 23ms
20ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.0.3/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 15 Nov 2022 12:00:12 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Wed, 15 Nov 2023 12:00:12 GMT

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/6.0.3/wp-includes/js/jquery/ 87 KB
30 KB 23ms
21ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.0.3/wp-includes/js/jquery/jquery.min.js

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 15 Nov 2022 12:00:12 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Wed, 15 Nov 2023 12:00:12 GMT

GET
H2 200 wp-emoji-release.min.js Show response
blog.securelayer7.net/wp-includes/js/ 18 KB
5 KB 42ms
41ms Script
application/javascript 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.securelayer7.net/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 20 Jun 2022 12:51:19 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=14400
cf-ray: 76a7d33e2bda5cb0-FRA
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 127 KB
49 KB 55ms
54ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-52QKLP3

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cc23c644025922e5058fec93c13249a780f7200840a129062bf6d611709a468f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 49698
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 15 Nov 2022 12:00:12 GMT

POST
H3 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/pushnotificationsio/ 624 B
510 B 412ms
366ms Fetch
application/json 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/pushnotificationsio/installations

Requested by

Host: blog.securelayer7.net
URL: https://blog.securelayer7.net/wp-content/plugins/push-notification//assets/public/analytics.js?ver=1.24

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7ec307977c5e4659f81dfff8fa4a2570c169ce6735fa4c2cee539fd5f94441d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://blog.securelayer7.net/
x-goog-api-key: AIzaSyDhRbFy9m-NXZVkozYJwKdDYJuwsL6W_bw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type: application/json

Response headers

date: Tue, 15 Nov 2022 12:00:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://blog.securelayer7.net
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 487
x-xss-protection: 0

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/pushnotificationsio/ Frame 0
0 88ms
30ms Preflight
text/html 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/pushnotificationsio/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key
Access-Control-Request-Method: POST
Origin: https://blog.securelayer7.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://blog.securelayer7.net
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 15 Nov 2022 12:00:12 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 modules.js Show response
my.hellobar.com/ 254 KB
73 KB 41ms
41ms Script
text/javascript 2606:4700:10::6816:e17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hellobar.com/modules.js
Requested by: Host: my.hellobar.com
URL: https://my.hellobar.com/9eace28e9cb60d5ad413a7f8bb14769f33414f4b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:e17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe63b957a8b0cb3132d1f7096d5e72361c5daf75773ea4782b38de4fb26dfc96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 02 Nov 2022 18:32:06 GMT
server: cloudflare
x-amz-request-id: HZ4J8HXK4J488ED1
age: 1266
cf-polished: origSize=260007
etag: W/"27c9b022c4d05919f58888137e2283e1"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 76a7d33e983a9202-FRA
x-amz-id-2: GjfWXJ3wlNnlN6QKAzHDnyisHh5K63Wu4yViQraTohKl7o4pOeo+MGqNr3QWeJjHmCv7okrc3ek=

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 32ms
20ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=86393960&post=5138&tz=5.5&srv=blog.securelayer7.net&j=1%3A11.5.1&host=blog.securelayer7.net&ref=&fcp=663&rand=0.9683555672818283
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 15 Nov 2022 12:00:12 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 174 KB
64 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NXS0Z75BCH&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?ver=1.24

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1db8b97aab48a81c9eb0b9b4ca41ae63dfbc88162493f12ca7dffa9691083a67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 65950
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 15 Nov 2022 12:00:12 GMT

GET
H2 200 securelayer7-logo.png
blog.securelayer7.net/wp-content/uploads/2019/12/ 2 KB
2 KB 35ms
34ms Image
image/png 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.securelayer7.net/wp-content/uploads/2019/12/securelayer7-logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63ac29969d6866e0711b256f83b4031565f3b5af5b2880036142a477b974433e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 06 Dec 2019 06:37:18 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 76a7d33edd635cb0-FRA
content-length: 2274
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 blog-image-1200x675-1-80x80.png
blog.securelayer7.net/wp-content/uploads/2022/11/ 8 KB
8 KB 34ms
31ms Image
image/png 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.securelayer7.net/wp-content/uploads/2022/11/blog-image-1200x675-1-80x80.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

465c4921e0eb3938d042a6657be544a78398c4f01c4dccbb3b8f1a09a9f4f827

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 01 Nov 2022 12:13:22 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 76a7d33edd665cb0-FRA
content-length: 8553
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 Blog-WAF-80x80.png
blog.securelayer7.net/wp-content/uploads/2022/11/ 9 KB
9 KB 34ms
32ms Image
image/png 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.securelayer7.net/wp-content/uploads/2022/11/Blog-WAF-80x80.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e41f0ff496a75edab48473c20ef0076e3c8add683bcc41fdc42beb8e7a83ce53

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 11:01:02 GMT
server: cloudflare
age: 324
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 76a7d33edd685cb0-FRA
content-length: 8946
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 CMS1.png
blog.securelayer7.net/wp-content/uploads/2022/11/ 254 KB
254 KB 37ms
35ms Image
image/png 2606:4700::6812:93e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.securelayer7.net/wp-content/uploads/2022/11/CMS1.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:93e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b95b6e7ed924d28065037991c1112faed7daa21145b903e4472a44f3541dc45

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 11:53:08 GMT
server: cloudflare
age: 2322
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 76a7d33edd695cb0-FRA
content-length: 259810
expires: Tue, 15 Nov 2022 16:00:12 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 90ms
21ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52QKLP3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 15 Nov 2022 11:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2658
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 15 Nov 2022 13:15:54 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 212 KB
74 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5VHYWW57KQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52QKLP3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3a72395f97c2169d4656ef29e7dc8b7eb2358ee216c42d4b70bdc63d654918b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:00:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75983
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 15 Nov 2022 12:00:12 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
351 B 108ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NXS0Z75BCH&gtm=2oeb90&_p=643810666&_fid=fY-wF5Sz0JJK9icRhYYkMo&cid=1403062186.1668513613&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1668513612&sct=1&seg=0&dl=https%3A%2F%2Fblog.securelayer7.net%2Fwondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery%2F&dt=WonderCMS%203.1.3%20Vulnerable%20to%20Authenticated%20Server-Side%20Request%20Forgery%20-%20CVE-2020-35313%20-%20Penetration%20Testing%20and%20CyberSecurity%20Solution%20-%20SecureLayer7&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.origin=firebase
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NXS0Z75BCH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 12:00:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.securelayer7.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 3D8D 2 KB
523 B 99ms
56ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Raleway

Requested by

Host: my.hellobar.com
URL: https://my.hellobar.com/modules.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7d3b9b124ab86b33b4c72d29ceca9c5a56e5205e546394f55e1ca7fac57d58d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 15 Nov 2022 12:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 12:00:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Nov 2022 12:00:12 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 29ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5VHYWW57KQ&gtm=2oeb90&_p=643810666&cid=1403062186.1668513613&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1668513612&sct=1&seg=0&dl=https%3A%2F%2Fblog.securelayer7.net%2Fwondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery%2F&dt=WonderCMS%203.1.3%20Vulnerable%20to%20Authenticated%20Server-Side%20Request%20Forgery%20-%20CVE-2020-35313%20-%20Penetration%20Testing%20and%20CyberSecurity%20Solution%20-%20SecureLayer7&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5VHYWW57KQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 12:00:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.securelayer7.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
446 B 87ms
28ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-60729213-1&cid=1403062186.1668513613&jid=144939930&gjid=290120479&_gid=383019376.1668513613&_u=YCDAgEABAAAAAEAAI~&z=1894966993

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.securelayer7.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 15 Nov 2022 12:00:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.securelayer7.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 67ms
23ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=643810666&t=pageview&_s=1&dl=https%3A%2F%2Fblog.securelayer7.net%2Fwondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery%2F&ul=en-us&de=UTF-8&dt=WonderCMS%203.1.3%20Vulnerable%20to%20Authenticated%20Server-Side%20Request%20Forgery%20-%20CVE-2020-35313%20-%20Penetration%20Testing%20and%20CyberSecurity%20Solution%20-%20SecureLayer7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAAAAAI~&jid=144939930&gjid=290120479&cid=1403062186.1668513613&tid=UA-60729213-1&_gid=383019376.1668513613&gtm=2wgb9052QKLP3&z=1111138117

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 04:31:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 26951
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 110ms
63ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-60729213-1&cid=1403062186.1668513613&jid=144939930&_u=YCDAgEABAAAAAEAAI~&z=914831278

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 12:00:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 111ms
61ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-60729213-1&cid=1403062186.1668513613&jid=144939930&_u=YCDAgEABAAAAAEAAI~&z=914831278

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.securelayer7.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 12:00:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-20 11:47:45	Name: _bit Value: mafc0b-81f2ea12e26ee10ecd-000
blog.securelayer7.net/	1970-01-20 07:30:00	Name: CzvhJolLHtDwuraT Value: Y_g9NUa%2AT
blog.securelayer7.net/	1970-01-20 07:30:00	Name: kLFOtr Value: dRKC9QpsmTFE
blog.securelayer7.net/	1970-01-20 07:30:00	Name: JyCcRYxGzhQ Value: lN82HxSXh5Bopu
.securelayer7.net/	1970-01-20 17:04:33	Name: _ga_NXS0Z75BCH Value: GS1.1.1668513612.1.0.1668513612.0.0.0
.securelayer7.net/	1970-01-20 17:04:33	Name: _ga_5VHYWW57KQ Value: GS1.1.1668513612.1.0.1668513612.0.0.0
.securelayer7.net/	1970-01-20 17:04:33	Name: _ga Value: GA1.2.1403062186.1668513613
.securelayer7.net/	1970-01-20 07:30:00	Name: _gid Value: GA1.2.383019376.1668513613
.securelayer7.net/	1970-01-20 07:28:33	Name: _dc_gtm_UA-60729213-1 Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
blog.securelayer7.net
c0.wp.com
firebaseinstallations.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
my.hellobar.com
pixel.wp.com
region1.google-analytics.com
stats.g.doubleclick.net
stats.wp.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
192.0.76.3
192.0.77.37
2001:4860:4802:32::36
2606:4700:10::6816:e17
2606:4700::6812:93e
2a00:1450:4001:801::2008
2a00:1450:4001:802::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:813::200a
2a00:1450:4001:829::2004
2a00:1450:4001:831::2003
2a00:1450:400c:c08::9b
67.199.248.10
00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908
070b943db88a9b02b0f8aa48f8f650e89fad00c2747367923f939c08436c25f3
10f8e5f272c9ae8c8271ab51d7310aaf9c9bed694104dbe6ff10d99849d19ab8
171eb22406107d1aed7dba9b73f9c52eecb1a296f73f5e25ca8fb071406ea313
193db151ad014ae19830b6e81c93373c52ad0bec12e5e341884e81394985f7b5
1db8b97aab48a81c9eb0b9b4ca41ae63dfbc88162493f12ca7dffa9691083a67
1f77f1c60435921cb2d68ccfb3bf2da81dd35f274014c4cd5a5b9c20c4a46a27
240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5
255bbdc2a44e99169f7196982ff3155cf5631bdc043a1a431e5ea8f51297bb73
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
34934dc0d2652647955344d4d53218860096f14217c81c1eb5b02e54526835b6
352741b78d90e9c48216a63737a03cf7235e70dc7b3a6fa26f0225182f3c254e
3668f6d335416599574fb1f336cbd2b9bb2f8fcff63e63a9ca3b68df4d0c6165
3a72395f97c2169d4656ef29e7dc8b7eb2358ee216c42d4b70bdc63d654918b0
465c4921e0eb3938d042a6657be544a78398c4f01c4dccbb3b8f1a09a9f4f827
4977e892ec278eac9b3d1820edbda8b9b3c2c2de73181f657097ebf89e65b804
4b95b6e7ed924d28065037991c1112faed7daa21145b903e4472a44f3541dc45
4c257a079a1ccf32c329c94c8a698ea5af2d96e75c3797475eee2ea974a188b5
53d935b7a7daa35ffa9d1075a3978b011e6db18b9c99bcdc537d9eb31b44ac63
559a910060423ed485ddc062a9ab5318859bbfde26be3f73d9b83ac0b9dae677
5667b095b36ff6e6ac5365fd5d517bd3d0b6cdbf32d36daf479c5334ba655760
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5cd62ce85f83b32a72420feaa977b7213d3b0d40373b3354462854c5a230514f
5e0b261dc61c2e568cb80b68c8c5356616ad5021fce911c9a32dfa88b005761f
622a07604bb0030ba7094f0f1dcb5d1e9080164fd6ba4071a73452802378b55b
63ac29969d6866e0711b256f83b4031565f3b5af5b2880036142a477b974433e
6a8f55d140604ca7fed7724ee5d45c06d445673636211543d30959c317a98a4b
6e6c69ba30da65996fe5cfd06a9248ad71966d7f05781b646d87358a7e202511
7c5a0e187e68ccbf13dafd079e2c46c7917cc60b6959e5a881da324958f34d92
7d3b9b124ab86b33b4c72d29ceca9c5a56e5205e546394f55e1ca7fac57d58d5
82705acbecdd84306ce33e08f576eca6a688896895e6e48d1c36a4071fcba14e
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8ecf312a51fd23a6d2258191745ab900d7f393a4633515e0df6305cde42b1a3a
96852267480e97e11f1058af3c56a86368b3c6647c2c4de7a69de2a693be9f68
9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d
a1bd41ab98ca645e15ca496bdaacda0919c28782ad8a97210e7a1aa39b09cc4f
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd67994f5de370fc62b5fbd163a357389b91c249c5473a3f20176ea0571038c8
c0a00439e0c82d42a9b64c694698665bd924252eb48e86b1c95a4d40dac471a4
c1cdbbb00370d0b39f206fd632aba71deef1ae02a238441cac4b2ac4be98b452
c24a7908e8bccfb36947de91ab342f33f1c966b31f50ed1fb83d9d8b3d579a1f
c99ffa666406b233d0791d6f9c7b4675c37ae1e537813b213bc3968a95321355
cc23c644025922e5058fec93c13249a780f7200840a129062bf6d611709a468f
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d1bbd7ecc1eb2490fa89949a1af779e82a0817587e19a8396936ed86e430550b
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d7ec307977c5e4659f81dfff8fa4a2570c169ce6735fa4c2cee539fd5f94441d
d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b
dd05c6edba0491dc3745b1f6eb10e4ca6bac9e9d8783083147e4b59bc79ceb9e
df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e31562bbd4b9f377eec9662b440b0c1262ff73f7e85c3a6e3639635e4516013f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e49e2a138a44a48e36ae30ba5a2e0116394e92ef15aa4a2f66f1e751687dca
e41f0ff496a75edab48473c20ef0076e3c8add683bcc41fdc42beb8e7a83ce53
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4b9184f5f95bdaa158c2d28a5fae0cb03999b35c77c95c54f5538b2864b8e06
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fe63b957a8b0cb3132d1f7096d5e72361c5daf75773ea4782b38de4fb26dfc96

blog.securelayer7.net Open in urlscan Pro 2606:4700::6812:93e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

72 Requests

100 %HTTPS

79 %IPv6

11 Domains

15 Subdomains

14 IPs

3 Countries

1091 kBTransfer

3084 kBSize

9 Cookies

45 Outgoing links

Page URL History

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

blog.securelayer7.net Open in urlscan Pro
2606:4700::6812:93e Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

100 %
HTTPS

79 %
IPv6

11
Domains

15
Subdomains

14
IPs

3
Countries

1091 kB
Transfer

3084 kB
Size

9
Cookies

72 HTTP transactions
1 data transactions