www.getastra.com Open in urlscan Pro
2606:4700:3033::681f:543a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
Submission: On June 17 via manual (June 17th 2020, 10:20:42 am UTC) from CH

Summary HTTP 98 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 30 IPs in 7 countries across 27 domains to perform 98 HTTP transactions. The main IP is 2606:4700:3033::681f:543a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.getastra.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on January 30th 2020. Valid for: 8 months.

This is the only time www.getastra.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 45	2606:4700:303... 2606:4700:3033::681f:543a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3033::681c:1685	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2606:4700::68... 2606:4700::6810:85e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:215... 2600:9000:215d:a000:3:c04e:c780:93a1	16509 (AMAZON-02) (AMAZON-02)
2	151.101.112.193 151.101.112.193	54113 (FASTLY) (FASTLY)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
5	151.139.128.8 151.139.128.8	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2600:9000:218... 2600:9000:2182:1c00:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.231.48.243 54.231.48.243	16509 (AMAZON-02) (AMAZON-02)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
2	18.195.176.77 18.195.176.77	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:825::2008	15169 (GOOGLE) (GOOGLE)
9	2606:4700:10:... 2606:4700:10::6816:3fd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:91a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.226.154.3 13.226.154.3	16509 (AMAZON-02) (AMAZON-02)
2	162.243.168.11 162.243.168.11	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
1	46.105.201.116 46.105.201.116	16276 (OVH) (OVH)
1 2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:819::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
1	13.226.154.99 13.226.154.99	16509 (AMAZON-02) (AMAZON-02)
2	34.251.53.81 34.251.53.81	16509 (AMAZON-02) (AMAZON-02)
98	30

45 2606:4700:3033::681f:543a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.getastra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
go.getastra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::681c:1685 (United States)

ASN13335 (CLOUDFLARENET, US)

static.play.ht	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:215d:a000:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)

ws.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.112.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

s.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.139.128.8 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kit-free.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:1c00:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.48.243 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.176.77 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-176-77.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:10::6816:3fd1 (United States)

ASN13335 (CLOUDFLARENET, US)

client.crisp.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
settings.crisp.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image.crisp.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:91a (United States)

ASN13335 (CLOUDFLARENET, US)

instant.page	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.154.3 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-154-3.dus51.r.cloudfront.net

script.tapfiliate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.243.168.11 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: convertful.com

app.convertful.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:3::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.116 (France)

ASN16276 (OVH, FR)

dc.cux.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.154.99 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-154-99.dus51.r.cloudfront.net

serve.albacross.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.251.53.81 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-53-81.eu-west-1.compute.amazonaws.com

collect.albacross.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	getastra.com 1 redirects www.getastra.com go.getastra.com	1 MB
9	crisp.chat client.crisp.chat settings.crisp.chat image.crisp.chat	200 KB
5	fontawesome.com kit.fontawesome.com kit-free.fontawesome.com	182 KB
4	facebook.net connect.facebook.net	225 KB
3	albacross.com serve.albacross.com collect.albacross.com	20 KB
3	sharethis.com ws.sharethis.com l.sharethis.com	8 KB
2	facebook.com www.facebook.com	466 B
2	google.de www.google.de	259 B
2	google.com 1 redirects www.google.com	320 B
2	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	jsdelivr.net cdn.jsdelivr.net	8 KB
2	convertful.com app.convertful.com	30 KB
2	googletagmanager.com www.googletagmanager.com	65 KB
2	twitter.com platform.twitter.com	29 KB
2	imgur.com s.imgur.com	4 KB
2	cloudflare.com cdnjs.cloudflare.com	28 KB
2	play.ht static.play.ht	33 KB
1	googleadservices.com www.googleadservices.com	12 KB
1	cux.io dc.cux.io	14 KB
1	tapfiliate.com script.tapfiliate.com	4 KB
1	instant.page instant.page	1 KB
1	gravatar.com secure.gravatar.com	2 KB
1	amazonaws.com s3.amazonaws.com	8 KB
1	consensu.org c.sharethis.mgr.consensu.org
1	googleapis.com fonts.googleapis.com	652 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	5 KB
98	27

	Domain	Requested by
43	www.getastra.com	1 redirects www.getastra.com
6	client.crisp.chat	www.getastra.com client.crisp.chat
4	kit-free.fontawesome.com	kit.fontawesome.com www.getastra.com
4	connect.facebook.net	www.getastra.com connect.facebook.net
2	collect.albacross.com
2	www.facebook.com	connect.facebook.net
2	settings.crisp.chat	client.crisp.chat
2	www.google.de
2	www.google.com	1 redirects
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	cdn.jsdelivr.net	www.googletagmanager.com
2	app.convertful.com	www.googletagmanager.com app.convertful.com
2	www.googletagmanager.com	www.getastra.com www.googletagmanager.com
2	go.getastra.com	www.getastra.com go.getastra.com
2	l.sharethis.com	ws.sharethis.com www.getastra.com
2	platform.twitter.com	www.getastra.com platform.twitter.com
2	s.imgur.com	www.getastra.com s.imgur.com
2	cdnjs.cloudflare.com	www.getastra.com
2	static.play.ht	www.getastra.com
1	serve.albacross.com	www.getastra.com
1	image.crisp.chat
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	stats.g.doubleclick.net	1 redirects
1	dc.cux.io	www.getastra.com
1	script.tapfiliate.com	www.googletagmanager.com
1	instant.page	www.getastra.com
1	secure.gravatar.com	www.getastra.com
1	s3.amazonaws.com	www.getastra.com
1	c.sharethis.mgr.consensu.org	ws.sharethis.com
1	kit.fontawesome.com	www.getastra.com
1	fonts.googleapis.com	www.getastra.com
1	ws.sharethis.com	www.getastra.com
1	maxcdn.bootstrapcdn.com	www.getastra.com
98	34

This site contains links to these domains. Also see Links.

Domain
securityscan.getastra.com
dash.getastra.com
getastra.com
demo.getastra.com
www.facebook.com
twitter.com
www.linkedin.com
fb.com
akismet.com
www.youtube.com
medium.com
www.trustpilot.com
www.capterra.com
play.ht

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-01-30` - `2020-10-09`	8 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
*.sharethis.com Go Daddy Secure Certificate Authority - G2	`2017-09-26` - `2020-09-29`	3 years	crt.sh
*.imgur.com DigiCert SHA2 Secure Server CA	`2020-01-15` - `2022-03-16`	2 years	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-05-14` - `2020-08-05`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2019-10-28` - `2020-12-23`	a year	crt.sh
sharethis.mgr.consensu.org Amazon	`2020-05-05` - `2021-06-05`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2020-12-02`	a year	crt.sh
*.gravatar.com COMODO RSA Domain Validation Secure Server CA	`2018-09-06` - `2020-09-05`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
crisp.chat CloudFlare Inc ECC CA-2	`2019-08-28` - `2020-08-27`	a year	crt.sh
tapfiliate.com Amazon	`2019-10-23` - `2020-11-23`	a year	crt.sh
app.convertful.com Let's Encrypt Authority X3	`2020-05-14` - `2020-08-12`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-06-08` - `2021-04-17`	10 months	crt.sh
dc.cux.io Let's Encrypt Authority X3	`2020-04-15` - `2020-07-14`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.albacross.com Amazon	`2019-10-03` - `2020-11-03`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
Frame ID: 92A9FD9AB1B76A010C42A3A3E01C2D12
Requests: 104 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/v1.0/cmp/portal-v2.html
Frame ID: 21401C1744A568EB1F8FD27A9DA00BE5
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.86df6234483a1fa251e365dd8643c136.html?origin=https%3A%2F%2Fwww.getastra.com
Frame ID: 3D60F2057F367A1DD4BCB6EB0931CFCE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware HTTP 301
https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

98
Requests

100 %
HTTPS

67 %
IPv6

27
Domains

34
Subdomains

30
IPs

7
Countries

2096 kB
Transfer

5456 kB
Size

1
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://securityscan.getastra.com/security-audit
Title: Start free scan

Search URL Search Domain Scan URL

URL: https://securityscan.getastra.com/
Title: View all free tools

Search URL Search Domain Scan URL

URL: https://dash.getastra.com/hey-there
Title: Sign in

Search URL Search Domain Scan URL

URL: https://getastra.com/
Title: Astra’s Security

Search URL Search Domain Scan URL

URL: https://demo.getastra.com/hey-there
Title: Check out the demo

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
Title: <img src=https://www.getastra.com/blog/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/facebook.png style="width: 35px;" title=Facebook class="ssba ssba-img" alt="Share on Facebook" data-pagespeed-url-hash="619734217">Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/&text=How%20to%20Fix%20Push%20Notification%20%26%20Redirection%20Malware%20on%20WordPress%20
Title: <img src=https://www.getastra.com/blog/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/twitter.png style="width: 35px;" title=Twitter class="ssba ssba-img" alt="Tweet about this on Twitter" data-pagespeed-url-hash="401119150">Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
Title: <img src=https://www.getastra.com/blog/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/linkedin.png style="width: 35px;" title=LinkedIn class="ssba ssba-img" alt="Share on LinkedIn" data-pagespeed-url-hash="3070038025">Linkedin

Search URL Search Domain Scan URL

URL: https://fb.com/shikhil

Search URL Search Domain Scan URL

URL: https://twitter.com/shikhilsharma

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/profile/view?id=AAIAAAqNLeEB10r2STbDFglJ-6_jrbdJWGyQAUc&trk=nav_responsive_tab_profile_pic

Search URL Search Domain Scan URL

URL: https://akismet.com/privacy/
Title: Learn how your comment data is processed

Search URL Search Domain Scan URL

URL: https://getastra.com/pricing
Title: Secure your site in 3 mins

Search URL Search Domain Scan URL

URL: https://twitter.com/getAstra
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/getAstra
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/CzarSecurities/
Title: YouTube

Search URL Search Domain Scan URL

URL: https://medium.com/astra-security
Title: Medium

Search URL Search Domain Scan URL

URL: https://www.trustpilot.com/review/getastra.com
Title: Trustpilot

Search URL Search Domain Scan URL

URL: https://www.capterra.com/p/162941/Astra-Security/
Title: Capterra

Search URL Search Domain Scan URL

URL: https://play.ht/
Title: powered by Play.ht

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware HTTP 301
https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1598115664&t=pageview&_s=1&dl=https%3A%2F%2Fwww.getastra.com%2Fblog%2Fcms%2Fwordpress-security%2Ffix-push-notifications-malware%2F&ul=en-us&de=UTF-8&dt=%5BFixed%5D%20Push%20Notifications%20Malware%20on%20WordPress&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=1068645613&gjid=1519682164&cid=1870573193.1592389226&tid=UA-62532637-1&_gid=410692311.1592389226&_r=1&gtm=2wg6405JQNQC6&z=1160931213 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-62532637-1&cid=1870573193.1592389226&jid=1068645613&_gid=410692311.1592389226&gjid=1519682164&_v=j83&z=1160931213 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-62532637-1&cid=1870573193.1592389226&jid=1068645613&_v=j83&z=1160931213 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-62532637-1&cid=1870573193.1592389226&jid=1068645613&_v=j83&z=1160931213&slf_rd=1&random=3120004334

98 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
Redirect Chain

https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware
https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

102 KB
20 KB

615ms
615ms

Document
text/html

2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c1744aad7018c5d7191eb3595b54a673dca8fd044014bea9901823a78fb3ff9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.getastra.com
:scheme: https
:path: /blog/cms/wordpress-security/fix-push-notifications-malware/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: helpful_user=41833b1005c9063466f21a0e812f4092; __cfduid=df3c93b229356ae9b73616cf48a60ef501592389221; PHPSESSID=s6f7rbd4ol7fdj60godmh6ok3r
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 17 Jun 2020 10:20:22 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate max-age=0, no-cache, s-maxage=10
pragma: no-cache
link: <https://www.getastra.com/blog/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding,X-Forwarded-Proto,User-Agent
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests;
x-mod-pagespeed: 1.13.35.2-0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
cf-request-id: 036364563f0000fa50e50fa200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5a4c099d3ac1fa50-AMS
content-encoding: br

Redirect headers

status: 301
date: Wed, 17 Jun 2020 10:20:21 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=df3c93b229356ae9b73616cf48a60ef501592389221; expires=Fri, 17-Jul-20 10:20:21 GMT; path=/; domain=.getastra.com; HttpOnly; SameSite=Lax PHPSESSID=s6f7rbd4ol7fdj60godmh6ok3r; path=/ helpful_user=41833b1005c9063466f21a0e812f4092; expires=Fri, 17-Jul-2020 10:20:21 GMT; Max-Age=2592000
pragma: no-cache
expires: Wed, 17 Jun 2020 11:20:21 GMT
cache-control: max-age=3600 s-maxage=10
x-redirect-by: WordPress
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests;
vary: X-Forwarded-Proto,User-Agent
location: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
cf-request-id: 03636454a50000fa50e50e7200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5a4c099aadebfa50-AMS

GET
H2 200 autoptimize_1bd5601e4691b5d75775351d81b8d8e9.css
www.getastra.com/blog/wp-content/cache/autoptimize/css/ 640 KB
86 KB 23ms
22ms Stylesheet
text/css 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/cache/autoptimize/css/autoptimize_1bd5601e4691b5d75775351d81b8d8e9.css

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1df691de5c3512015810f2da87dd7b8a9c6e6b8814b6e1df8b9d12008fcc4ea3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 264184
cf-polished: origSize=656623
status: 200
cf-request-id: 03636458ac0000fa50e5118200000001
pragma: public
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=691200
content-security-policy: upgrade-insecure-requests;
cf-ray: 5a4c09a11984fa50-AMS

GET
H2 200 playht-pageplayer-plugin-v10.css
static.play.ht/ 16 KB
3 KB 88ms
21ms Stylesheet
text/css 2606:4700:3033::681c:1685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.play.ht/playht-pageplayer-plugin-v10.css
Requested by: Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681c:1685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccf1288320783664d5dc6fbed28894ca5bb244cff628227c228f45e7cd617103

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:22 GMT
via: 1.1 be3cfaacdb79da525fb50b14c14fb1dd.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 6663
cf-polished: origSize=16234
x-cache: Miss from cloudfront
status: 200
content-encoding: br
cf-request-id: 03636458ee0000c83746063200000001
last-modified: Sun, 08 Mar 2020 14:12:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
x-amz-cf-pop: ARN53
cf-ray: 5a4c09a17eb8c837-AMS
x-amz-cf-id: gJNXFsBzdQRBY47tMz0AM5B0DNmbQJIVV9l37QI1b_AgtNdddDgrnw==
cf-bgj: minify

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 23 KB
5 KB 8ms
7ms Stylesheet
text/css 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:19 GMT
status: 200
etag: "1544639719"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 5442

GET
H2 200 default.min.css
cdnjs.cloudflare.com/ajax/libs/highlight.js/9.18.1/styles/ 775 B
721 B 29ms
11ms Stylesheet
text/css 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.18.1/styles/default.min.css

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdcba7a929f59658000da20f172ceb43c5122235f6569bb11f3530622b0ec28f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:22 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2107530
status: 200
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 03636458b90000980860bcb200000001
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Sat, 01 Feb 2020 18:16:07 GMT
server: cloudflare
etag: W/"5e35c067-307"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5a4c09a12aaf9808-FRA
expires: Mon, 07 Jun 2021 10:20:22 GMT

GET
H2 200 st_insights.js Show response
ws.sharethis.com/button/ 23 KB
7 KB 81ms
26ms Script
application/javascript 2600:9000:215d:a000:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Requested by: Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:215d:a000:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: a6f6a68da852fe76f3b5a6ce0d02be3e8cac52e79f4b82f63b1eda5168dce0c6

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 00:54:33 GMT
content-encoding: gzip
age: 33951
x-cache: Hit from cloudfront
status: 200
content-length: 6824
server: nginx/1.16.1
etag: "5e86445e-5b4a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)
cache-control: max-age=259200
x-amz-cf-pop: CPH50-C1
x-robots-tag: noindex, nofollow
x-amz-cf-id: cxKSE4x0QxHZ8yMt8dCM-T5ofHGjoPRjO94L1sxrnIYnSTT0Yjiu0Q==
expires: Sat, 20 Jun 2020 00:54:31 GMT

GET
H2 200 embed.js Show response
s.imgur.com/min/ 433 B
703 B 184ms
60ms Script
application/javascript 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.imgur.com/min/embed.js
Requested by: Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2832c93ada0b6b4cecfc1cb12191921dcdd570fc5fcc54f7a5da359df716a061

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: If1MIp4TIp8IvXYdw25ZfmCGKArFRTtU
via: 1.1 varnish
last-modified: Mon, 01 Jun 2020 17:34:28 GMT
age: 34
etag: "35a7c25618062b8160cabdc53e2f03a1"
x-served-by: cache-hhn4026-HHN
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
date: Wed, 17 Jun 2020 10:20:22 GMT
accept-ranges: bytes
x-timer: S1592389223.801820,VS0,VE0
content-length: 433
x-cache-hits: 2

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 28ms
8ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40B6) /
Resource Hash: b54675d0c78b4247cd5ae2ab6b4ab96a280ae2bbdaf4f46dff6b95ca109840a5

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Jun 2020 10:20:22 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Jun 2020 22:20:30 GMT
Server: ECS (fcn/40B6)
Age: 750
Etag: "e8665a6672f6c6e18facbfd9e1eaaad3+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 29247

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a6cc5737b5dd789a0153b7990db4070f0607faaedf483f0c4c55fa89db0411f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 5Bi+fOASO/sfPqO8aXq7og==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=3600
content-length: 1782
etag: "1249bd6184298c2bbfceffaad5747ed9"
x-fb-debug: zlLGjdwJ0OnXUVVjHcR1i2ec+cPQSBzAxMpiQxYA8QPAM9QzUDqG/NdO7oQ+0C/vPrsNj8/zxmaGXX/xZjwtkw==
x-fb-trip-id: 664085054
x-fb-content-md5: 7f29188983a0475debe80067efdb6c96
x-frame-options: DENY
date: Wed, 17 Jun 2020 10:20:23 GMT, Wed, 17 Jun 2020 10:20:23 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 17 Jun 2020 10:31:30 GMT

GET
H2 200 xlazy_placeholder.gif.pagespeed.ic.zaZh-vXmDi.webp
www.getastra.com/blog/wp-content/plugins/a3-lazy-load/assets/images/ 34 B
347 B 18ms
18ms Image
image/webp 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.getastra.com/blog/wp-content/plugins/a3-lazy-load/assets/images/xlazy_placeholder.gif.pagespeed.ic.zaZh-vXmDi.webp
Requested by: Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:23 GMT
cf-cache-status: HIT
x-original-content-length: 42
age: 248902
status: 200
content-length: 34
cf-request-id: 0363645a690000fa50e512b200000001
last-modified: Sun, 14 Jun 2020 13:08:10 GMT
server: cloudflare
etag: W/"0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5a4c09a3de97fa50-AMS
link: <https://www.getastra.com/blog/wp-content/plugins/a3-lazy-load/assets/images/lazy_placeholder.gif>; rel="canonical"
expires: Mon, 14 Jun 2021 13:08:10 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
652 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:600&display=swap

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5bc2ae22717e4e9bad5527f5213e23e6ae4c68c3c2940d040a8cf9ac3d50b98c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 10:20:22 GMT
server: ESF
date: Wed, 17 Jun 2020 10:20:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Jun 2020 10:20:22 GMT

GET
H2 200 jquery.js Show response
www.getastra.com/blog/wp-includes/js/jquery/ 95 KB
32 KB 312ms
311ms Script
application/javascript 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-includes/js/jquery/jquery.js

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d08fdf960890b4f7662bad35400a8464627110622652b944445b4a4ab32c01cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-original-content-length: 96873
status: 200
cf-request-id: 03636459150000fa50e511b200000001
cf-bgj: minify
server: cloudflare
etag: W/"PSA-aj-gp20iU5FlU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 5a4c09a1ba98fa50-AMS
expires: Sun, 14 Jun 2020 09:02:24 GMT

GET
H2 200 lazysizes.min.js Show response
www.getastra.com/blog/wp-content/plugins/autoptimize/classes/external/js/ 9 KB
4 KB 21ms
21ms Script
application/x-javascript 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b88ddfa92e4cb2646d5c7e19274939caa3495dcb33c307f1bbaec31b1d9691a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 264170
status: 200
cf-request-id: 0363645a7d0000fa50e512e200000001
pragma: public
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
content-type: application/x-javascript
cache-control: public, max-age=691200
content-security-policy: upgrade-insecure-requests;
cf-ray: 5a4c09a3fecafa50-AMS

GET
H2 200 playht-pageplayer-plugin-v12.js Show response
static.play.ht/ 130 KB
30 KB 20ms
20ms Script
application/javascript 2606:4700:3033::681c:1685
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.play.ht/playht-pageplayer-plugin-v12.js
Requested by: Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681c:1685 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a094b8af2e7b186a1f6145943f0179c35bb4256028d513effe3a0ba0ba45ad80

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:22 GMT
via: 1.1 b3f1989dace51bd45b636bc99a604b20.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 1300
cf-polished: origSize=133089
x-cache: Miss from cloudfront
status: 200
content-encoding: br
cf-request-id: 03636459b70000c83746071200000001
last-modified: Sat, 14 Mar 2020 17:21:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
x-amz-cf-pop: DUB2-C1
cf-ray: 5a4c09a2b8c3c837-AMS
x-amz-cf-id: 6eFSczecWxn4C3EiXAwthV14twxgD0fM-B_RrAc3NiAEgjCFIS7rsg==
cf-bgj: minify

GET
H2 200 autoptimize_single_69a36fcdd9c836d36b1bed7734ddeba5.js Show response
www.getastra.com/blog/wp-content/cache/autoptimize/js/ 930 B
525 B 19ms
18ms Script
application/x-javascript 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/cache/autoptimize/js/autoptimize_single_69a36fcdd9c836d36b1bed7734ddeba5.js

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6a3039ccd87fd5c50cdc0aeb0c508b67ad53ef422b74dd32a2c026cc32a426c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 264179
status: 200
cf-request-id: 03636459d30000fa50e5125200000001
pragma: public
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
content-type: application/x-javascript
cache-control: public, max-age=691200
content-security-policy: upgrade-insecure-requests;
cf-ray: 5a4c09a2ecc3fa50-AMS

GET
H2 200 highlight.min.js Show response
cdnjs.cloudflare.com/ajax/libs/highlight.js/9.18.1/ 71 KB
27 KB 23ms
23ms Script
application/javascript 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.18.1/highlight.min.js

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78e828d0eb4b2f871dabb45dc1152218a2d7f57b0827b9c685610a6e88665404

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:22 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 11776718
status: 200
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 03636459e20000980860be2200000001
served-in-seconds: 0.002
timing-allow-origin: *
last-modified: Sat, 01 Feb 2020 18:16:07 GMT
server: cloudflare
etag: W/"5e35c067-11d9b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5a4c09a30bd99808-FRA
expires: Mon, 07 Jun 2021 10:20:22 GMT

GET
H2 200 cf3075be7e.js Show response
kit.fontawesome.com/ 6 KB
2 KB 104ms
35ms Script
text/javascript 151.139.128.8
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/cf3075be7e.js
Requested by: Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.8 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9e686323c0939b4caa79ef6d81aeb86264ed3ba08927e2342ed8a004a20a200d

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:22 GMT
content-encoding: gzip
last-modified: Wed, 11 Mar 2020 15:19:50 GMT
status: 200
etag: "2e9c7538392bbee38a1aaa8acc2c7ff5"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-hw: 1592389222.cds067.sk1.hn,1592389222.cds001.sk1.c
content-type: text/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, private, must-revalidate
access-control-allow-methods: GET
accept-ranges: bytes
content-length: 2116

GET
H2 200 autoptimize_f77df4d7a7c881a89177c5d6b73f8a63.js Show response
www.getastra.com/blog/wp-content/cache/autoptimize/js/ 304 KB
63 KB 32ms
32ms Script
application/x-javascript 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/cache/autoptimize/js/autoptimize_f77df4d7a7c881a89177c5d6b73f8a63.js

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5a741d98a8e495782a22723f11df8489248d665c22597c7661f84c77cfa2b32

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 264170
cf-polished: origSize=311499
status: 200
cf-request-id: 0363645a930000fa50e5132200000001
pragma: public
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
content-type: application/x-javascript
cache-control: public, max-age=691200
content-security-policy: upgrade-insecure-requests;
cf-ray: 5a4c09a41f1dfa50-AMS

GET
H2 200 frontend.js Show response
www.getastra.com/blog/wp-content/plugins/stop-user-enumeration/frontend/js/ 175 B
256 B 298ms
297ms Script
application/javascript 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/plugins/stop-user-enumeration/frontend/js/frontend.js

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44bf6e5b82d0b4fb52e73ee09b5af9803cfd536da7875f028543c4685ecd2130

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-original-content-length: 232
status: 200
cf-request-id: 0363645a5f0000fa50e512a200000001
cf-bgj: minify
server: cloudflare
etag: W/"PSA-aj-t6iSP7oWOZ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 5a4c09a3ce79fa50-AMS
expires: Sun, 14 Jun 2020 09:02:25 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 198 KB
60 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=517344746c6a9a7d17f3d358f99136ad&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

68b70138bba0ee1fa5cc939f69f37c7761b635b90e746cbb0087dec88d136bf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
Origin: https://www.getastra.com

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: t4O0vo7Gr0GbBwzojlAL5w==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=3600
content-length: 61087
etag: "6b159d46275a6c94ceaa4b67016a9cd5"
x-fb-debug: 6QzSByaKR2CWbS6cRFVWezr/KrF9rngd+YCITswLUczZwaoJ0s5onNCCCJgCpP7+IyhH0f+tzs7lU9ylziLe9g==
x-fb-trip-id: 664085054
x-fb-content-md5: 72b11d69a9991877ab0a17b401dab2c8
x-frame-options: DENY
date: Wed, 17 Jun 2020 10:20:23 GMT, Wed, 17 Jun 2020 10:20:23 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Thu, 17 Jun 2021 07:40:58 GMT

GET
H2 200 front.js Show response
www.getastra.com/blog/wp-content/plugins/wp-security-hardening/modules/js/ 37 B
290 B 22ms
21ms Script
application/x-javascript 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/plugins/wp-security-hardening/modules/js/front.js

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d429d28b9e4fb5a936e932e8b3f92ed4c267eefec7c32cfe15bf18f1f5932788

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 264177
cf-polished: origSize=58
status: 200
content-length: 37
cf-request-id: 0363645b8e0000fa50e513e200000001
pragma: public
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=691200
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 5a4c09a5ba8efa50-AMS

GET
H2 200 AvertaStd-Regular.woff2
www.getastra.com/blog/wp-content/themes/getastra/fonts/ 31 KB
31 KB 689ms
689ms Font
application/font-woff2 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/fonts/AvertaStd-Regular.woff2

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8587cdfae00d158ac084b5701d31a2ed49ceae434481d089d846625f58ae9e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.getastra.com/blog/wp-content/cache/autoptimize/css/autoptimize_1bd5601e4691b5d75775351d81b8d8e9.css
Origin: https://www.getastra.com

Response headers

pragma: public
date: Wed, 17 Jun 2020 10:20:24 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: EXPIRED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
status: 200
cache-control: public, max-age=691200, immutable, s-maxage=10
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
cf-ray: 5a4c09a5eb11fa50-AMS
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
cf-request-id: 0363645bae0000fa50e5141200000001

GET
H2 200 embed-controller.js Show response
s.imgur.com/min/ 3 KB
3 KB 59ms
59ms Script
application/javascript 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.imgur.com/min/embed-controller.js
Requested by: Host: s.imgur.com
URL: https://s.imgur.com/min/embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d5630e6cb7cdcca363cf81a7eb4a09202835166a613c002a27fac54fa87ba50

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: ajYZQhwtriBGS1qLgwmGrVIfsTzZDoFL
via: 1.1 varnish
last-modified: Tue, 09 Jun 2020 20:30:31 GMT
age: 94
etag: "9ed8fe2752ce22d6cdf0488bd3ad0802"
x-served-by: cache-hhn4026-HHN
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
date: Wed, 17 Jun 2020 10:20:23 GMT
accept-ranges: bytes
x-timer: S1592389223.378471,VS0,VE0
content-length: 2809
x-cache-hits: 3

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c8db0e7dd1256b68f9c60999aac7f95c7ce91cbf0c4969978727c9d2ed46b6f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 MarkPro.woff2
www.getastra.com/blog/wp-content/themes/getastra/fonts/ 41 KB
41 KB 451ms
450ms Font
application/font-woff2 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/fonts/MarkPro.woff2

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c07ee55e9ec6956934c3d661421554acf8752686ab2e34d6ef58a236907e78d5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.getastra.com/blog/wp-content/cache/autoptimize/css/autoptimize_1bd5601e4691b5d75775351d81b8d8e9.css
Origin: https://www.getastra.com

Response headers

pragma: public
date: Wed, 17 Jun 2020 10:20:23 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: EXPIRED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
status: 200
cache-control: public, max-age=691200, immutable, s-maxage=10
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
cf-ray: 5a4c09a61b5ffa50-AMS
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
cf-request-id: 0363645bcc0000fa50e5148200000001

GET
H2 200 MarkPro-Black.woff2
www.getastra.com/blog/wp-content/themes/getastra/fonts/ 40 KB
40 KB 438ms
438ms Font
application/font-woff2 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/fonts/MarkPro-Black.woff2

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72e2ffc0b861fb9c4be81b2d5b448e144864ede04455ba74c9227b27f91ba21f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.getastra.com/blog/wp-content/cache/autoptimize/css/autoptimize_1bd5601e4691b5d75775351d81b8d8e9.css
Origin: https://www.getastra.com

Response headers

pragma: public
date: Wed, 17 Jun 2020 10:20:23 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: EXPIRED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
status: 200
cache-control: public, max-age=691200, immutable, s-maxage=10
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
cf-ray: 5a4c09a61b64fa50-AMS
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
cf-request-id: 0363645bcc0000fa50e5149200000001

GET
H2 200 MarkPro-Book.woff2
www.getastra.com/blog/wp-content/themes/getastra/fonts/ 41 KB
41 KB 448ms
447ms Font
application/font-woff2 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/fonts/MarkPro-Book.woff2

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd08f2fcba5b3fb5279678178a470045ee121576374b23ee0d4e96b2e18f4480

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.getastra.com/blog/wp-content/cache/autoptimize/css/autoptimize_1bd5601e4691b5d75775351d81b8d8e9.css
Origin: https://www.getastra.com

Response headers

pragma: public
date: Wed, 17 Jun 2020 10:20:23 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: EXPIRED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
status: 200
cache-control: public, max-age=691200, immutable, s-maxage=10
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
cf-ray: 5a4c09a61b65fa50-AMS
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
cf-request-id: 0363645bcd0000fa50e514a200000001

GET
H2 200 AvertaStd-Bold.woff2
www.getastra.com/blog/wp-content/themes/getastra/fonts/ 31 KB
31 KB 454ms
453ms Font
application/font-woff2 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/fonts/AvertaStd-Bold.woff2

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acf65d56f73c528e45d857c92de4607d0566563d6b9684fcf08f844850e57796

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.getastra.com/blog/wp-content/cache/autoptimize/css/autoptimize_1bd5601e4691b5d75775351d81b8d8e9.css
Origin: https://www.getastra.com

Response headers

pragma: public
date: Wed, 17 Jun 2020 10:20:23 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: EXPIRED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
status: 200
cache-control: public, max-age=691200, immutable, s-maxage=10
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
cf-ray: 5a4c09a61b69fa50-AMS
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
cf-request-id: 0363645bcd0000fa50e514b200000001

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: faf8237325f73efbcbe7ddbfadea3efece2051460eafa8d24a302c1fd95c7499

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6fc28f42b008ad1715f6cad959e821722dc8458fb31d2390c89cae7334da9003

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 portal-v2.html
c.sharethis.mgr.consensu.org/v1.0/cmp/ Frame 2140 0
0 134ms
113ms Document
text/html 2600:9000:2182:1c00:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/v1.0/cmp/portal-v2.html
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:1c00:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /v1.0/cmp/portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: max-age=600, public
edge-control: cache-maxage=60m,downstream-ttl=60m
accept-ranges: bytes
last-modified: Mon, 08 Jun 2020 17:01:40 GMT
etag: W/"39db-17294e16920"
content-encoding: gzip
date: Mon, 15 Jun 2020 22:21:15 GMT
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 d0be2eec997f966c9c7eb03ae2f75c30.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: IJBTRfsj0mGrZRQnyS8tT4IqXI1wRwau0FxhLdiclj3AJeTnhXxEBQ==
age: 129549

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5620fd3acd4874ee2d86b7cc4ac77997940fb53e8faf51aa640573805c71cfce

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 chevron-white.png
www.getastra.com/blog/wp-content/themes/getastra/img/ 247 B
354 B 28ms
28ms Image
image/png 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/img/chevron-white.png

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8195496a719d90d894b0ac2b79a02834aae97e02e2bbdab02537bbe60421594

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.getastra.com/blog/wp-content/cache/autoptimize/css/autoptimize_1bd5601e4691b5d75775351d81b8d8e9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 264170
status: 200
content-length: 247
cf-request-id: 0363645bd40000fa50e514c200000001
pragma: public
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
content-type: image/png
cache-control: public, max-age=691200
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 5a4c09a62b81fa50-AMS

GET
H2 200 loading.gif
www.getastra.com/blog/wp-content/plugins/wpdiscuz/assets/img/ 3 KB
3 KB 26ms
26ms Image
image/gif 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/plugins/wpdiscuz/assets/img/loading.gif

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55bd462226c18a45c9d76d8677480bb8d12109d268071c929ff2c20dbbf7f1c6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.getastra.com/blog/wp-content/cache/autoptimize/css/autoptimize_1bd5601e4691b5d75775351d81b8d8e9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 264169
status: 200
content-length: 3180
cf-request-id: 0363645bd50000fa50e514d200000001
pragma: public
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
content-type: image/gif
cache-control: public, max-age=691200
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 5a4c09a62b86fa50-AMS

GET
H2 200 noise.svg
www.getastra.com/blog/wp-content/themes/getastra/img/ 329 KB
247 KB 632ms
632ms Image
image/svg+xml 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/img/noise.svg

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42cbe59132abb4cc85b3901a9141bada3dd1ca7a8a833ed2fc6eeb7fc59c1e77

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.getastra.com/blog/wp-content/cache/autoptimize/css/autoptimize_1bd5601e4691b5d75775351d81b8d8e9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
status: 200
cf-request-id: 0363645bd60000fa50e514f200000001
pragma: public
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=691200, immutable, s-maxage=10
content-security-policy: upgrade-insecure-requests;
cf-ray: 5a4c09a62b8bfa50-AMS

GET
H2 200 chevron.png
www.getastra.com/blog/wp-content/themes/getastra/img/ 261 B
364 B 25ms
25ms Image
image/png 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/img/chevron.png

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c98f424531e7c55ef9e1179eb556d2e5fa04a97ccfe8f847fd71358008239ec4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.getastra.com/blog/wp-content/cache/autoptimize/css/autoptimize_1bd5601e4691b5d75775351d81b8d8e9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 264168
status: 200
content-length: 261
cf-request-id: 0363645bd60000fa50e5150200000001
pragma: public
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
content-type: image/png
cache-control: public, max-age=691200
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 5a4c09a62b8cfa50-AMS

GET
H2 200 twitter.svg
www.getastra.com/blog/wp-content/themes/getastra/img/ 1 KB
683 B 329ms
329ms Image
image/svg+xml 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/img/twitter.svg

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19eac541b697d3d0d920597542de50fdeb3a9e1dc561d108f1fd9ecd7ecc6153

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.getastra.com/blog/wp-content/cache/autoptimize/css/autoptimize_1bd5601e4691b5d75775351d81b8d8e9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
status: 200
cf-request-id: 0363645bd80000fa50e5151200000001
pragma: public
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=691200, immutable, s-maxage=10
content-security-policy: upgrade-insecure-requests;
cf-ray: 5a4c09a62b91fa50-AMS

GET
H2 200 facebook.svg
www.getastra.com/blog/wp-content/themes/getastra/img/ 577 B
406 B 313ms
312ms Image
image/svg+xml 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/img/facebook.svg

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2e4bd67d73432ceab50735580a5017599af0c64885c48c1922088cc0b450a84

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.getastra.com/blog/wp-content/cache/autoptimize/css/autoptimize_1bd5601e4691b5d75775351d81b8d8e9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
status: 200
cf-request-id: 0363645bd80000fa50e5152200000001
pragma: public
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=691200, immutable, s-maxage=10
content-security-policy: upgrade-insecure-requests;
cf-ray: 5a4c09a62b94fa50-AMS

GET
H2 200 youtube.svg
www.getastra.com/blog/wp-content/themes/getastra/img/ 1 KB
756 B 284ms
283ms Image
image/svg+xml 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/img/youtube.svg

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

110819e44d1ea5e37e914a54b6003ba4af0264549bd3b53be778e81dfb7a62c9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.getastra.com/blog/wp-content/cache/autoptimize/css/autoptimize_1bd5601e4691b5d75775351d81b8d8e9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
status: 200
cf-request-id: 0363645bd80000fa50e5153200000001
pragma: public
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=691200, immutable, s-maxage=10
content-security-policy: upgrade-insecure-requests;
cf-ray: 5a4c09a62b96fa50-AMS

GET
H2 200 wordpress.svg
www.getastra.com/blog/wp-content/themes/getastra/img/ 4 KB
2 KB 331ms
330ms Image
image/svg+xml 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/img/wordpress.svg

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

602b5cddd5f26575ce7372dba26a31404bdab5caa5234ca182684407cd413a76

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.getastra.com/blog/wp-content/cache/autoptimize/css/autoptimize_1bd5601e4691b5d75775351d81b8d8e9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
status: 200
cf-request-id: 0363645bd80000fa50e5154200000001
pragma: public
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=691200, immutable, s-maxage=10
content-security-policy: upgrade-insecure-requests;
cf-ray: 5a4c09a62b9dfa50-AMS

GET
H2 200 medium.svg
www.getastra.com/blog/wp-content/themes/getastra/img/ 954 B
579 B 313ms
312ms Image
image/svg+xml 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/img/medium.svg

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40df92ca9e852a8346cbb2e3121706ab4cf0e47e5966d9b0fc1ddd19aad32a86

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.getastra.com/blog/wp-content/cache/autoptimize/css/autoptimize_1bd5601e4691b5d75775351d81b8d8e9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
status: 200
cf-request-id: 0363645bd80000fa50e5155200000001
pragma: public
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=691200, immutable, s-maxage=10
content-security-policy: upgrade-insecure-requests;
cf-ray: 5a4c09a62baffa50-AMS

GET
H2 200 trustpilot.png
www.getastra.com/blog/wp-content/themes/getastra/img/ 284 B
380 B 26ms
26ms Image
image/png 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/img/trustpilot.png

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4226bbf30631d8b85b97355ef88ed511d6bd0559681ed8cd0c4aa5f6358a6d7e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.getastra.com/blog/wp-content/cache/autoptimize/css/autoptimize_1bd5601e4691b5d75775351d81b8d8e9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 264163
status: 200
content-length: 284
cf-request-id: 0363645be10000fa50e5156200000001
pragma: public
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
content-type: image/png
cache-control: public, max-age=691200
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 5a4c09a63bc4fa50-AMS

GET
H2 200 capterra.png
www.getastra.com/blog/wp-content/themes/getastra/img/ 1 KB
1 KB 28ms
27ms Image
image/png 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/img/capterra.png

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7455c4fa04c4a21749e4d1cf5c6bdfd2e8ddad262b0cf4e093868749f9322b19

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.getastra.com/blog/wp-content/cache/autoptimize/css/autoptimize_1bd5601e4691b5d75775351d81b8d8e9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 264163
status: 200
content-length: 1232
cf-request-id: 0363645be10000fa50e5157200000001
pragma: public
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
content-type: image/png
cache-control: public, max-age=691200
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 5a4c09a63bc7fa50-AMS

GET
H2 200 MarkPro-Bold.woff2
www.getastra.com/blog/wp-content/themes/getastra/fonts/ 42 KB
42 KB 532ms
532ms Font
application/font-woff2 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/fonts/MarkPro-Bold.woff2

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d8503ce1b0879455dd4029518f41a4a712f73ab5f751ed92e0f3496364969c7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.getastra.com/blog/wp-content/cache/autoptimize/css/autoptimize_1bd5601e4691b5d75775351d81b8d8e9.css
Origin: https://www.getastra.com

Response headers

pragma: public
date: Wed, 17 Jun 2020 10:20:23 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: EXPIRED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
status: 200
cache-control: public, max-age=691200, immutable, s-maxage=10
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
cf-ray: 5a4c09a63bc8fa50-AMS
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
cf-request-id: 0363645be10000fa50e5158200000001

GET
H2 200 fa-brands-400.woff2
www.getastra.com/blog/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/webfonts/ 75 KB
75 KB 419ms
418ms Font
application/font-woff2 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/webfonts/fa-brands-400.woff2

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.getastra.com/blog/wp-content/cache/autoptimize/css/autoptimize_1bd5601e4691b5d75775351d81b8d8e9.css
Origin: https://www.getastra.com

Response headers

pragma: public
date: Wed, 17 Jun 2020 10:20:23 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: EXPIRED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
status: 200
cache-control: public, max-age=691200, immutable, s-maxage=10
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
cf-ray: 5a4c09a63bcafa50-AMS
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
cf-request-id: 0363645be10000fa50e5159200000001

GET
H2 200 fa-solid-900.woff2
www.getastra.com/blog/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/webfonts/ 78 KB
78 KB 322ms
322ms Font
application/font-woff2 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/webfonts/fa-solid-900.woff2

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.getastra.com/blog/wp-content/cache/autoptimize/css/autoptimize_1bd5601e4691b5d75775351d81b8d8e9.css
Origin: https://www.getastra.com

Response headers

pragma: public
date: Wed, 17 Jun 2020 10:20:23 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: EXPIRED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
status: 200
cache-control: public, max-age=691200, immutable, s-maxage=10
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
cf-ray: 5a4c09a63bcbfa50-AMS
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
cf-request-id: 0363645be10000fa50e515a200000001

GET
H2 200 page_player.js Show response
www.getastra.com/blog/wp-content/plugins/play-ht/assets/dist/js/ 2 KB
721 B 306ms
306ms Script
application/javascript 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/plugins/play-ht/assets/dist/js/page_player.js

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4acef48005c5748289fbaaf40f60d113d58240d3b2bf85c75571d712aa86229

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Thu, 23 Apr 2020 16:35:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=691200, s-maxage=10
cf-ray: 5a4c09a6ed42fa50-AMS
cf-request-id: 0363645c510000fa50e5161200000001
expires: Wed, 17 Jun 2020 10:25:23 GMT

GET
H/1.1 200
OK fontello2.woff
s3.amazonaws.com/play-plugin/build/font/ 7 KB
8 KB 636ms
216ms Font
application/font-woff 54.231.48.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/play-plugin/build/font/fontello2.woff
Requested by: Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.48.243 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d56002c7bfe883f1d1bfea93a56dd7e17319e029c0d2200b5123b40bad513022

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://static.play.ht/playht-pageplayer-plugin-v10.css
Origin: https://www.getastra.com

Response headers

Date: Wed, 17 Jun 2020 10:20:24 GMT
Last-Modified: Thu, 13 Feb 2020 22:31:15 GMT
Server: AmazonS3
x-amz-request-id: B6DB7C5B218463D7
ETag: "803fc20092b77c417d15e994c3bce6d3"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Cache-Control: max-age=6000
Accept-Ranges: bytes
Content-Length: 7452
x-amz-id-2: SNphXAw8Vl/Z0sMVVaI3q6kz5thB5zo7vBtrQpTBnotfnU/seRh90Hs5X7mWPe/u

GET
H2 200 e753cf2ddd1db63e608e5c9317b1a1a9
secure.gravatar.com/avatar/ 2 KB
2 KB 21ms
6ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/e753cf2ddd1db63e608e5c9317b1a1a9?s=40&d=retro&r=g
Requested by: Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 96ffb0e6fd99058e72ec0ef780c5ef4c69cbca56b1f4840f293bc3fcc21b4f91

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 4
date: Wed, 17 Jun 2020 10:20:23 GMT
last-modified: Thu, 09 Feb 2017 17:24:24 GMT
server: nginx
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="e753cf2ddd1db63e608e5c9317b1a1a9.jpeg"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/e753cf2ddd1db63e608e5c9317b1a1a9?s=40&d=retro&r=g>; rel="canonical"
content-length: 1580
expires: Wed, 17 Jun 2020 10:25:23 GMT

GET
H2 200 WordPress-Push-Notifications-Hack.png
www.getastra.com/blog/wp-content/uploads/2020/06/ 333 KB
334 KB 21ms
21ms Image
image/png 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/uploads/2020/06/WordPress-Push-Notifications-Hack.png

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b9383d3943fb6bb49758116464c410e1b206fccd25a79bc9d74b2f43efe244f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 173334
status: 200
content-length: 341135
cf-request-id: 0363645c6a0000fa50e5163200000001
pragma: public
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
content-type: image/png
cache-control: public, max-age=691200
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 5a4c09a71d8ffa50-AMS

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
338 B 221ms
55ms XHR
text/plain 18.195.176.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&fpc=fbbd5fe-172c1cb4257-6a323ad2-1&sessionID=1592389223000.50792&hostname=www.getastra.com&location=%2Fblog%2Fcms%2Fwordpress-security%2Ffix-push-notifications-malware%2F&product=simpleshare&fcmp=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&bsamesite=true&consentDomain=.consensu.org&gdpr_domain=.consensu.org&gdpr_domain_v1=.consensu.org&url=https%3A%2F%2Fwww.getastra.com%2Fblog%2Fcms%2Fwordpress-security%2Ffix-push-notifications-malware%2F&sharURL=&buttonType=ERROR&destination=ERROR&source=ERROR&title=%5BFixed%5D%20Push%20Notifications%20Malware%20on%20WordPress&ts1592389223000.0=&sop=false
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.176.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-176-77.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Jun 2020 10:20:23 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://www.getastra.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H/1.1 204
No Content pview
l.sharethis.com/ 0
315 B 55ms
55ms Image
text/plain 18.195.176.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&fpc=fbbd5fe-172c1cb4257-6a323ad2-1&sessionID=1592389223000.50792&hostname=www.getastra.com&location=%2Fblog%2Fcms%2Fwordpress-security%2Ffix-push-notifications-malware%2F&product=simpleshare&fcmp=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&bsamesite=true&consentDomain=.consensu.org&gdpr_domain=.consensu.org&gdpr_domain_v1=.consensu.org&url=https%3A%2F%2Fwww.getastra.com%2Fblog%2Fcms%2Fwordpress-security%2Ffix-push-notifications-malware%2F&sharURL=&buttonType=ERROR&destination=ERROR&source=ERROR&title=%5BFixed%5D%20Push%20Notifications%20Malware%20on%20WordPress&ts1592389223000.0=&sop=false&img_pview=true
Requested by: Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.176.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-176-77.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Jun 2020 10:20:23 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 free.min.css
kit-free.fontawesome.com/releases/latest/css/ 58 KB
13 KB 36ms
35ms Stylesheet
text/css 151.139.128.8
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://kit-free.fontawesome.com/releases/latest/css/free.min.css
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/cf3075be7e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.8 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 980a31cf37ef159fd3ff7df7f4dd98df4c6f8132a824f0dd6a48927b80e7b2e0

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:23 GMT
content-encoding: gzip
last-modified: Mon, 23 Mar 2020 16:08:34 GMT
status: 200
etag: "1584979714"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-hw: 1592389223.cds067.sk1.hn,1592389223.cds019.sk1.c
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, private, must-revalidate
access-control-allow-methods: GET
accept-ranges: bytes
content-length: 13514

GET
H2 200 mautic.js Show response
www.getastra.com/blog/wp-content/themes/getastra/js/ 418 B
362 B 54ms
54ms Script
application/x-javascript 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/js/mautic.js

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

298d3a60443187a7dd017d2a010225b64c0064bfa4763b7137d6b21fcea31dbd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 264169
cf-polished: origSize=629
status: 200
cf-request-id: 0363645d9a0000fa50e517a200000001
pragma: public
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
content-type: application/x-javascript
cache-control: public, max-age=691200
content-security-policy: upgrade-insecure-requests;
cf-ray: 5a4c09a8f905fa50-AMS

GET
H2 200 mautic-form.js Show response
go.getastra.com/media/js/ 20 KB
5 KB 34ms
19ms Script
application/javascript 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.getastra.com/media/js/mautic-form.js
Requested by: Host: www.getastra.com
URL: https://www.getastra.com/blog/wp-content/themes/getastra/js/mautic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7a5bef86d1ecf3a65b377060c515fec7464708fbccb422d51e446e73a1b385e

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 Nov 2019 14:25:00 GMT
server: cloudflare
age: 4877
etag: W/"5de12a3c-4f73"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=691200
cf-ray: 5a4c09a969e4fa50-AMS
cf-request-id: 0363645de10000fa50e5180200000001
cf-bgj: minify

GET
H2 200 jquery.magnific-popup.min.js Show response
www.getastra.com/blog/wp-content/themes/getastra/js/ 20 KB
7 KB 27ms
26ms Script
application/x-javascript 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/js/jquery.magnific-popup.min.js

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 264167
status: 200
cf-request-id: 0363645dd30000fa50e517f200000001
pragma: public
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
content-type: application/x-javascript
cache-control: public, max-age=691200
content-security-policy: upgrade-insecure-requests;
cf-ray: 5a4c09a959c1fa50-AMS

GET
H2 200 free-fa-brands-400.woff2
kit-free.fontawesome.com/releases/latest/webfonts/ 75 KB
75 KB 103ms
34ms Font
font/woff2 151.139.128.8
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://kit-free.fontawesome.com/releases/latest/webfonts/free-fa-brands-400.woff2
Requested by: Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.8 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 619a7a385016cba07fb6d94bbf69c94fba53abf07297f5cd212e85b55aedee15

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://kit-free.fontawesome.com/releases/latest/css/free.min.css
Origin: https://www.getastra.com

Response headers

date: Wed, 17 Jun 2020 10:20:23 GMT
last-modified: Mon, 23 Mar 2020 16:14:36 GMT
status: 200
etag: "1584980076"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, private, must-revalidate
accept-ranges: bytes
content-length: 76592
x-hw: 1592389223.cds071.sk1.hn,1592389223.cds009.sk1.c

GET
H2 200 free-fa-solid-900.woff2
kit-free.fontawesome.com/releases/latest/webfonts/ 78 KB
78 KB 182ms
114ms Font
font/woff2 151.139.128.8
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://kit-free.fontawesome.com/releases/latest/webfonts/free-fa-solid-900.woff2
Requested by: Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.8 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 5c29d4462454d367d6ca6041ce1b1b5ff469d29be20739ffbef46a81ff4c9287

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://kit-free.fontawesome.com/releases/latest/css/free.min.css
Origin: https://www.getastra.com

Response headers

date: Wed, 17 Jun 2020 10:20:23 GMT
last-modified: Mon, 23 Mar 2020 16:14:53 GMT
status: 200
etag: "1584980093"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, private, must-revalidate
accept-ranges: bytes
content-length: 79444
x-hw: 1592389223.cds071.sk1.hn,1592389223.cds019.sk1.c

GET
H2 200 scripts.js Show response
www.getastra.com/blog/wp-content/themes/getastra/js/ 2 KB
930 B 17ms
16ms Script
application/x-javascript 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/themes/getastra/js/scripts.js

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8869d7bcd3889b901bda5f4b6bdf318433c7272bc6e18ae4cabcb03ee8902c1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 264165
cf-polished: origSize=4192
status: 200
cf-request-id: 0363645df50000fa50e5183200000001
pragma: public
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
content-type: application/x-javascript
cache-control: public, max-age=691200
content-security-policy: upgrade-insecure-requests;
cf-ray: 5a4c09a98a1afa50-AMS

GET
H2 200 modal.min.css
go.getastra.com/media/css/ 3 KB
602 B 18ms
18ms Stylesheet
text/css 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.getastra.com/media/css/modal.min.css
Requested by: Host: go.getastra.com
URL: https://go.getastra.com/media/js/mautic-form.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 456abdf681ebc4caac61d7eb6635e21a81d1dcc10f730b98719a65c2a88fe7ee

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 Nov 2019 14:25:00 GMT
server: cloudflare
age: 4876
etag: W/"5de12a3c-a45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=691200
cf-ray: 5a4c09a98a1efa50-AMS
cf-request-id: 0363645df70000fa50e5185200000001

GET
H2 200 jquery.lazyloadxt.extra.min.js Show response
www.getastra.com/blog/wp-content/plugins/a3-lazy-load/assets/js/ 3 KB
2 KB 286ms
285ms Script
application/javascript 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extra.min.js

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47286b85ea2fe3f83596cc8ae586a42a162eba42d5e078dc735dbe883df4b5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-original-content-length: 3014
server: cloudflare
etag: W/"PSA-aj-MsDhRIzKVX"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=691200
cf-ray: 5a4c09a9da9dfa50-AMS
cf-request-id: 0363645e240000fa50e5187200000001
expires: Sun, 14 Jun 2020 09:02:39 GMT

GET
H2 200 jquery.lazyloadxt.srcset.min.js Show response
www.getastra.com/blog/wp-content/plugins/a3-lazy-load/assets/js/ 1 KB
798 B 301ms
301ms Script
application/javascript 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.srcset.min.js

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfc8d9248cbb5e7faa24ee8395d1ee21a6508435ee81b6bc6e02c77411d05f31

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-original-content-length: 1573
server: cloudflare
etag: W/"PSA-aj-gtyvrHgNAQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=691200
cf-ray: 5a4c09abadccfa50-AMS
cf-request-id: 0363645f440000fa50e5190200000001
expires: Sun, 14 Jun 2020 09:02:40 GMT

GET
H2 200 jquery.lazyloadxt.extend.js Show response
www.getastra.com/blog/wp-content/plugins/a3-lazy-load/assets/js/ 955 B
560 B 421ms
421ms Script
application/javascript 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extend.js

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27800f845b3a7ed7aed8393fd8a4d25c65557af32ee1d27b2bdf7e867fbd6d5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-original-content-length: 1048
status: 200
cf-request-id: 03636460740000fa50e519b200000001
cf-bgj: minify
server: cloudflare
etag: W/"PSA-aj-XuyYHgSUtb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 5a4c09ad894bfa50-AMS
expires: Sun, 14 Jun 2020 09:02:41 GMT

GET
H2 200 helpful.js Show response
www.getastra.com/blog/wp-content/plugins/helpful/core/assets/js/ 2 KB
786 B 297ms
297ms Script
application/javascript 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/plugins/helpful/core/assets/js/helpful.js

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49c214fd50bfa18411a879d9e63808fbd53c8584cf01b4dd00e0e36d3bd82c49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-original-content-length: 2218
status: 200
cf-request-id: 036364621b0000fa50e51ae200000001
cf-bgj: minify
server: cloudflare
etag: W/"PSA-aj-LzWK7JpUaI"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 5a4c09b02deefa50-AMS
expires: Wed, 17 Jun 2020 04:50:49 GMT

GET
H2 200 wp-embed.min.js Show response
www.getastra.com/blog/wp-includes/js/ 1 KB
777 B 337ms
337ms Script
application/javascript 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-includes/js/wp-embed.min.js

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-original-content-length: 1434
server: cloudflare
etag: W/"PSA-aj-BBM9N8_Q8I"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=691200
cf-ray: 5a4c09b20910fa50-AMS
cf-request-id: 03636463470000fa50e51bc200000001
expires: Sun, 14 Jun 2020 09:02:45 GMT

GET
H2 200 main.min.js Show response
www.getastra.com/blog/wp-content/plugins/luckywp-table-of-contents/front/assets/ 4 KB
1 KB 327ms
327ms Script
application/javascript 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/plugins/luckywp-table-of-contents/front/assets/main.min.js

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

995456f7211327129612b97dc0a2baa2288f1e3065d1d6ed1882a0eb89d6baac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Wed, 18 Mar 2020 06:47:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=691200, s-maxage=10
cf-ray: 5a4c09b42cb4fa50-AMS
cf-request-id: 036364649b0000fa50e51d2200000001
expires: Wed, 17 Jun 2020 10:25:25 GMT

GET
H2 200 play_footer_scripts.js Show response
www.getastra.com/blog/wp-content/plugins/play-ht/assets/dist/js/ 206 B
390 B 18ms
18ms Script
application/x-javascript 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/blog/wp-content/plugins/play-ht/assets/dist/js/play_footer_scripts.js

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

735f76d299fc15d9ae8f27040ff31922ec401370bccf74c0ae822ad3054e0198

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 264158
status: 200
cf-request-id: 03636465e40000fa50e51e0200000001
pragma: public
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
content-type: application/x-javascript
cache-control: public, max-age=691200
content-security-policy: upgrade-insecure-requests;
cf-ray: 5a4c09b63857fa50-AMS

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 101 KB
33 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5JQNQC6

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7284b59dbb42131cdf6059822aa570a46efdd11b96e94252e6ed0596f9313427

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:25 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33218
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Jun 2020 10:20:25 GMT

GET
H2 200 overlay.png
www.getastra.com/blog/wp-content/plugins/wpdiscuz/assets/third-party/colorbox/images/ 115 B
274 B 21ms
20ms Image
image/png 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.getastra.com/blog/wp-content/plugins/wpdiscuz/assets/third-party/colorbox/images/overlay.png

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/wp-content/cache/autoptimize/js/autoptimize_f77df4d7a7c881a89177c5d6b73f8a63.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

752df758c0fc34e6a6c0459a43d88fc37d622528b45468b6be5db2e95a0b86cd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.getastra.com/blog/wp-content/cache/autoptimize/css/autoptimize_1bd5601e4691b5d75775351d81b8d8e9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 264158
status: 200
content-length: 115
cf-request-id: 03636466380000fa50e51e5200000001
pragma: public
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,User-Agent,Accept-Encoding
content-type: image/png
cache-control: public, max-age=691200
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 5a4c09b6c917fa50-AMS

GET
H2 200 free-fa-regular-400.woff2
kit-free.fontawesome.com/releases/latest/webfonts/ 13 KB
13 KB 39ms
39ms Font
font/woff2 151.139.128.8
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://kit-free.fontawesome.com/releases/latest/webfonts/free-fa-regular-400.woff2
Requested by: Host: www.getastra.com
URL: https://www.getastra.com/blog/wp-content/cache/autoptimize/js/autoptimize_f77df4d7a7c881a89177c5d6b73f8a63.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.8 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: dcbb25e28540a856f35e0e335683253e33a1b87f1ef661990e56a11edbfe32ca

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://kit-free.fontawesome.com/releases/latest/css/free.min.css
Origin: https://www.getastra.com

Response headers

date: Wed, 17 Jun 2020 10:20:26 GMT
last-modified: Mon, 23 Mar 2020 16:14:40 GMT
status: 200
etag: "1584980080"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, private, must-revalidate
accept-ranges: bytes
content-length: 13588
x-hw: 1592389226.cds071.sk1.hn,1592389226.cds040.sk1.c

GET
H/1.1 200
OK widget_iframe.86df6234483a1fa251e365dd8643c136.html
platform.twitter.com/widgets/ Frame 3D60 0
0 10ms
9ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.86df6234483a1fa251e365dd8643c136.html?origin=https%3A%2F%2Fwww.getastra.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/41B0) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 734271
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 17 Jun 2020 10:20:26 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Mon, 08 Jun 2020 22:13:29 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/41B0)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5825

GET
H2 200 l.js Show response
client.crisp.chat/ 11 KB
4 KB 54ms
33ms Script
application/javascript 2606:4700:10::6816:3fd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/l.js

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3fd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6d40e75b7488b774ddcfa0f8325b8601047d1029a091718802cd07ae7c20b9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 69607
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 03636467630000d6fd18120200000001
last-modified: Thu, 11 Jun 2020 14:09:08 GMT
server: cloudflare
etag: W/"5ee23b04-2df4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=86400
access-control-allow-credentials: false
cf-ray: 5a4c09b89fecd6fd-FRA
access-control-allow-headers: Content-Type, Origin
expires: Wed, 17 Jun 2020 15:00:19 GMT

GET
H2 200 3.0.0 Show response
instant.page/ 2 KB
1 KB 35ms
15ms Script
text/javascript 2606:4700::6811:91a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://instant.page/3.0.0
Requested by: Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:91a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f0ad9f3ff31904d6a4962296240ac2afa342ab957442389db0d04a33b40ef78

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
Origin: https://www.getastra.com

Response headers

date: Wed, 17 Jun 2020 10:20:26 GMT
content-encoding: br
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 5a4c09b8ae93d6d9-FRA
cf-request-id: 03636467650000d6d9e80c1200000001

GET
H2 200 tapfiliate.js Show response
script.tapfiliate.com/ 11 KB
4 KB 689ms
229ms Script
text/javascript 13.226.154.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://script.tapfiliate.com/tapfiliate.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JQNQC6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.154.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-154-3.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1e60996e02e207e83f55e1c1f9c67011b8d442e2d832564ff35e4cbe316cac8

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:49:55 GMT
content-encoding: gzip
last-modified: Thu, 02 Apr 2020 11:37:40 GMT
server: AmazonS3
age: 1848
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: LwVgxiQIY2_jDy_jgw6_l8VwqxcC6Y-Lw7Hy7p1RvH09oT0wbZdpKg==
via: 1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)

GET
H2 200 Convertful.js Show response
app.convertful.com/ 50 KB
15 KB 402ms
142ms Script
application/javascript 162.243.168.11
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://app.convertful.com/Convertful.js?owner=4475
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JQNQC6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.243.168.11 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: convertful.com
Software: nginx /
Resource Hash: a05e114ca2fdc00ae0bf03d76bfe166a122a6ede8861ebc89bac15eb555d94de

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Wed, 17 Jun 2020 10:20:26 GMT
content-encoding: gzip
last-modified: Tue, 09 Jun 2020 08:58:45 GMT
server: nginx
etag: W/"5edf4f45-c62a"
content-type: application/javascript
status: 200
cache-control: max-age=1800, public
expires: Wed, 17 Jun 2020 10:50:26 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 131 KB
32 KB 7ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 31766
x-xss-protection: 0
pragma: public
x-fb-debug: DNa4D2WR5wCx9fVwjUg2IprGMGUVITQFG301Kbh7wN71QoxNpALaYlZIwT6LDJuUBCIj4FbxOgBghkOj0mDGjg==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Wed, 17 Jun 2020 10:20:26 GMT, Wed, 17 Jun 2020 10:20:26 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 83 KB
33 KB 33ms
31ms Script
application/javascript 2a00:1450:4001:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-672227654

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JQNQC6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

00fe4f69fd1b2ba6fb5f137bbc2c535440817041943007cf5709e201faaad5c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:26 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33237
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Jun 2020 10:20:26 GMT

GET
H2 200 cookieconsent.min.css
cdn.jsdelivr.net/gh/ga-delivr/cookie-consent@latest/ 4 KB
1 KB 28ms
10ms Stylesheet
text/css 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/ga-delivr/cookie-consent@latest/cookieconsent.min.css

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JQNQC6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5697bdf4d0c6463f169f852fd90a1d722f01fe07f5154a33259335dbe5806791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 15916
x-cache: HIT
status: 200
content-length: 1220
etag: W/"100e-gRpRv7eni79UuhXRfgjn/KZ8H9g"
x-served-by: cache-fra19167-FRA
date: Wed, 17 Jun 2020 10:20:26 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 cookieconsent.min.js Show response
cdn.jsdelivr.net/gh/ga-delivr/cookie-consent@latest/ 22 KB
7 KB 25ms
8ms Script
application/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/ga-delivr/cookie-consent@latest/cookieconsent.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JQNQC6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

48efdd0fffa872b868edf778aec4cd1bc99afeb30ef2cbee16f762f44ce39bb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 27299
x-cache: HIT
status: 200
content-length: 7065
etag: W/"5610-2anIc8m8ei6LNpV9z2HnPgHXbeg"
x-served-by: cache-fra19167-FRA
date: Wed, 17 Jun 2020 10:20:26 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 analyzer.js Show response
dc.cux.io/ 52 KB
14 KB 269ms
94ms Script
application/javascript 46.105.201.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dc.cux.io/analyzer.js
Requested by: Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.105.201.116 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 910a5454481f8f624e8019e14fb814871c5e13876dc4ba5547a9f7d3a5dc8b84

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 08:48:33 GMT
content-encoding: br
last-modified: Mon, 15 Jun 2020 14:47:38 GMT
x-cdn-pop-ip: 137.74.120.32/27
etag: "5ee78a0a-d1ac"
x-cacheable: Matched cache
content-type: application/javascript
status: 200
cache-control: max-age=7200
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 13757
x-request-id: 1054114123

POST
H2 204 mod_pagespeed_beacon Show response
www.getastra.com/ 0
98 B 335ms
329ms XHR
text/plain 2606:4700:3033::681f:543a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getastra.com/mod_pagespeed_beacon?url=https%3A%2F%2Fwww.getastra.com%2Fblog%2Fcms%2Fwordpress-security%2Ffix-push-notifications-malware%2F

Requested by

Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681f:543a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 17 Jun 2020 10:20:26 GMT
vary: X-Forwarded-Proto
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
status: 204
cache-control: max-age=0, no-cache
content-security-policy: upgrade-insecure-requests;
cf-ray: 5a4c09b8ac5bfa50-AMS
cf-request-id: 03636467650000fa50e51fb200000001

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JQNQC6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 6048
date: Wed, 17 Jun 2020 08:39:38 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Wed, 17 Jun 2020 10:39:38 GMT

GET
H2 200 1463527970389398 Show response
connect.facebook.net/signals/config/ 517 KB
130 KB 240ms
240ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1463527970389398?v=2.9.18&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

65c977b60a5ccdec34ee9bcce69532d5039ed4bc7e29f7ca22662ff667ef895c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 0o0AyRfaN2qW8BeJhmI57KZgNc46ftjSIy9IYkmJInXvoijAxjxVN3GgiAnwcssE8Zus8+1pLcFHkVIZx+1nvg==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Wed, 17 Jun 2020 10:20:26 GMT, Wed, 17 Jun 2020 10:20:26 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1598115664&t=pageview&_s=1&dl=https%3A%2F%2Fwww.getastra.com%2Fblog%2Fcms%2Fwordpress-security%2Ffix-push-notifications-malware%2F&ul=en-us&d...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-62532637-1&cid=1870573193.1592389226&jid=1068645613&_gid=410692311.1592389226&gjid=1519682164&_v=j83&z=1160931213
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-62532637-1&cid=1870573193.1592389226&jid=1068645613&_v=j83&z=1160931213
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-62532637-1&cid=1870573193.1592389226&jid=1068645613&_v=j83&z=1160931213&slf_rd=1&random=3120004334

42 B
106 B

18ms
18ms

Image
image/gif

2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-62532637-1&cid=1870573193.1592389226&jid=1068645613&_v=j83&z=1160931213&slf_rd=1&random=3120004334

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jun 2020 10:20:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 17 Jun 2020 10:20:26 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-62532637-1&cid=1870573193.1592389226&jid=1068645613&_v=j83&z=1160931213&slf_rd=1&random=3120004334
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 client.js Show response
client.crisp.chat/static/javascripts/ 551 KB
104 KB 21ms
20ms Script
application/javascript 2606:4700:10::6816:3fd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/client.js?d9b9b6b

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3fd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03b29f45510428aa0a8fef7d2fb2904597b0b9f53169d46ebfa585c0088d5714

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 69607
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 036364678b0000d6fd18126200000001
last-modified: Thu, 11 Jun 2020 14:09:08 GMT
server: cloudflare
etag: W/"5ee23b04-89b15"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: false
cf-ray: 5a4c09b8d864d6fd-FRA
access-control-allow-headers: Content-Type, Origin
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 client_default.css
client.crisp.chat/static/stylesheets/ 514 KB
49 KB 16ms
15ms Stylesheet
text/css 2606:4700:10::6816:3fd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/stylesheets/client_default.css?d9b9b6b

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3fd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8544ae9e6208590cdd0cfcfb3bc01159d2d7f2604262696569c42ec6143e94cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 69607
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 036364678b0000d6fd18127200000001
last-modified: Thu, 11 Jun 2020 14:09:08 GMT
server: cloudflare
etag: W/"5ee23b04-8064b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: false
cf-ray: 5a4c09b8d867d6fd-FRA
access-control-allow-headers: Content-Type, Origin
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
settings.crisp.chat/client/website/b13579b1-ab47-49ee-b13a-d933e23722bc/prelude/ 78 B
217 B 25ms
24ms Script
application/javascript 2606:4700:10::6816:3fd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.crisp.chat/client/website/b13579b1-ab47-49ee-b13a-d933e23722bc/prelude/?callback=window.%24crisp.__spool.website_handler&2020-5-17-12-20

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?d9b9b6b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3fd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6229a80b717d9b75147dddfbf42b053580197c003b4b0b3580a6f29138a42d79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 5a4c09ba5b86d6fd-FRA
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 036364687b0000d6fd1813f200000001
expires: Wed, 17 Jun 2020 10:50:44 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
359 B 19ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1463527970389398&ev=PageView&dl=https%3A%2F%2Fwww.getastra.com%2Fblog%2Fcms%2Fwordpress-security%2Ffix-push-notifications-malware%2F&rl=&if=false&ts=1592389226652&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22683165172534708%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%221850534168422712%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1592389226652.1280350648&it=1592389226347&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:26 GMT, Wed, 17 Jun 2020 10:20:26 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 17 Jun 2020 10:20:26 GMT

GET
H2 200 / Show response
settings.crisp.chat/client/website/b13579b1-ab47-49ee-b13a-d933e23722bc/ 24 KB
5 KB 13ms
13ms Script
application/javascript 2606:4700:10::6816:3fd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.crisp.chat/client/website/b13579b1-ab47-49ee-b13a-d933e23722bc/?callback=window.%24crisp.__spool.website_handler&1592219001153

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?d9b9b6b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3fd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58346799e6d88505c0d00abc91beadb5faa870fe42547a9cac66cfe530e347ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13462
status: 200
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 03636469810000d6fd18150200000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 5a4c09bc0f20d6fd-FRA
expires: Wed, 17 Jun 2020 07:19:43 GMT

GET
H2 200 en.js Show response
client.crisp.chat/static/javascripts/locales/ 6 KB
2 KB 14ms
14ms Script
application/javascript 2606:4700:10::6816:3fd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/locales/en.js?d9b9b6b

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?d9b9b6b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3fd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6fee654e8d3c5c2650adccb0dfa83c8a0403a9199c65cf9ccde514f707b62c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 69603
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 03636469910000d6fd18152200000001
last-modified: Thu, 11 Jun 2020 14:09:09 GMT
server: cloudflare
etag: W/"5ee23b05-1724"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: false
cf-ray: 5a4c09bc1f53d6fd-FRA
access-control-allow-headers: Content-Type, Origin
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 947 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 008dd386dfafcd48e846499b13ead5a5461657ef655da0862362b411cdd4d961

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 export Show response
app.convertful.com/api/widget/ 135 KB
15 KB 138ms
138ms XHR
application/json 162.243.168.11
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://app.convertful.com/api/widget/export?owner=4475&domain=www.getastra.com&subscriber_uid=null

Requested by

Host: app.convertful.com
URL: https://app.convertful.com/Convertful.js?owner=4475

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.243.168.11 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

convertful.com

Software

nginx /

Resource Hash

b567eca75218a567b4e2cb947f5df04d07d049f2cb96523d64652224951b8efb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:27 GMT
content-encoding: gzip
server: nginx
status: 200
etag: W/"b1f34661af65fd7f1dbf08456dcca2314b2b4431"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.getastra.com
access-control-expose-headers: ETag
cache-control: private, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, ETag, If-None-Match, Cache-Control

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 29 KB
12 KB 200ms
73ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-672227654

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

a693efa7265b630e27e537f6ba09c5558a23b9ed2f57abdbf417c237a50a5156

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
server: cafe
etag: 13497728949557021888
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 17 Jun 2020 10:20:27 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
107 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryZ4WkuDavqxqP9jVG

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Wed, 17 Jun 2020 10:20:27 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.getastra.com
access-control-allow-credentials: true
alt-svc: h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/672227654/ 2 KB
2 KB 38ms
18ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/672227654/?random=1592389227247&cv=9&fst=1592389227247&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa640&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.getastra.com%2Fblog%2Fcms%2Fwordpress-security%2Ffix-push-notifications-malware%2F&tiba=%5BFixed%5D%20Push%20Notifications%20Malware%20on%20WordPress&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

049fe2759efd85a62369dbd03dc006ad2b54449a1edda78d04b284f0c31e7323

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jun 2020 10:20:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1075
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/672227654/ 42 B
148 B 20ms
19ms Image
image/gif 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/672227654/?random=1592389227247&cv=9&fst=1592388000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa640&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.getastra.com%2Fblog%2Fcms%2Fwordpress-security%2Ffix-push-notifications-malware%2F&tiba=%5BFixed%5D%20Push%20Notifications%20Malware%20on%20WordPress&async=1&fmt=3&is_vtc=1&random=199381471&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jun 2020 10:20:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/672227654/ 42 B
153 B 19ms
18ms Image
image/gif 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/672227654/?random=1592389227247&cv=9&fst=1592388000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa640&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.getastra.com%2Fblog%2Fcms%2Fwordpress-security%2Ffix-push-notifications-malware%2F&tiba=%5BFixed%5D%20Push%20Notifications%20Malware%20on%20WordPress&async=1&fmt=3&is_vtc=1&random=199381471&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jun 2020 10:20:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 258 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce38572c44184f2168c0b6e393318c674da0a0704e8fcb35d0dc5bfb1a6e303f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 484 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4f30d39b5b4d6a72db444127844d1379b457ce3f5f75e38ae748cce113be321

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 /
image.crisp.chat/process/thumbnail/ 14 KB
15 KB 23ms
15ms Image
image/jpeg 2606:4700:10::6816:3fd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.crisp.chat/process/thumbnail/?url=https%3A%2F%2Fstorage.crisp.chat%2Fusers%2Favatar%2Foperator%2F4476e39e8a30f800%2Fananda_17iraxr.jpg&width=240&height=240&1592219001153

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3fd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b86c417b83b21668446fc47c93d81eefe81a1ad7ca58732ff0899fb6bbb8deb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.getastra.com/blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 10:20:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 56680
status: 200
alt-svc: h3-27=":443"; ma=86400
content-length: 14813
cf-request-id: 03636471970000d6fd181e6200000001
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 16 Jun 2020 11:04:02 GMT
server: cloudflare
etag: W/"39dd-172bcccde3f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5a4c09c8f932d6fd-FRA
cf-bgj: h2pri

GET
H2 200 noto_sans_bold.woff2
client.crisp.chat/static/fonts/noto_sans/0020-007F/ 10 KB
11 KB 24ms
11ms Font
application/font-woff2 2606:4700:10::6816:3fd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/fonts/noto_sans/0020-007F/noto_sans_bold.woff2?d9b9b6b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3fd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73d7d4ea3f62303b780f0225e5346e5047cfb41fcae7ac19e99af8a3e1950973

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://client.crisp.chat/static/stylesheets/client_default.css?d9b9b6b
Origin: https://www.getastra.com

Response headers

date: Wed, 17 Jun 2020 10:20:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 69117
status: 200
access-control-max-age: 300
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400
content-length: 10252
cf-request-id: 036364719b00001f19b9944200000001
last-modified: Thu, 11 Jun 2020 14:08:25 GMT
server: cloudflare
etag: "5ee23ad9-280c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=315360000
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 5a4c09c8fa5c1f19-FRA
access-control-allow-headers: Content-Type, Origin
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 noto_sans_regular.woff2
client.crisp.chat/static/fonts/noto_sans/0020-007F/ 10 KB
10 KB 29ms
16ms Font
application/font-woff2 2606:4700:10::6816:3fd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/fonts/noto_sans/0020-007F/noto_sans_regular.woff2?d9b9b6b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3fd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3dd77dcb09b4dd4f21dc57d0babf83c04d10eedd13037572384179d30106e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://client.crisp.chat/static/stylesheets/client_default.css?d9b9b6b
Origin: https://www.getastra.com

Response headers

date: Wed, 17 Jun 2020 10:20:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 69117
status: 200
access-control-max-age: 300
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400
content-length: 10340
cf-request-id: 036364719b00001f19b9945200000001
last-modified: Thu, 11 Jun 2020 14:08:26 GMT
server: cloudflare
etag: "5ee23ada-2864"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=315360000
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 5a4c09c8fa5e1f19-FRA
access-control-allow-headers: Content-Type, Origin
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK track.js Show response
serve.albacross.com/ 64 KB
19 KB 939ms
228ms Script
application/javascript 13.226.154.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://serve.albacross.com/track.js
Requested by: Host: www.getastra.com
URL: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.154.99 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-154-99.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b7a12ed6cb5012d970eab1bd99f316a9077e4a1b3085ace81c19153839e6c076

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Jun 2020 04:29:01 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Oct 2019 09:31:23 GMT
Server: AmazonS3
Age: 21092
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 92eff4f17f8a434975f912a39f575296.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: gWsXthmUi0Ligzw5-IqbWrA9DnXkzcg2qrtYw3Y1ukIziqTSiuMF8w==

GET
H/1.1 200
OK e.gif
collect.albacross.com/ 37 B
184 B 295ms
70ms Image
image/gif 34.251.53.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collect.albacross.com/e.gif?s=JSCollector%2C2.0.2%2C1592389232321&e1=pageview&ur1=https%3A%2F%2Fwww.getastra.com%2Fblog%2Fcms%2Fwordpress-security%2Ffix-push-notifications-malware%2F&ti1=%5BFixed%5D%20Push%20Notifications%20Malware%20on%20WordPress&re1=1600&re1=1200&p1=71ce30e6-aa0b-aedd-42bc-6f55a2bc5419&c1=89952585&ci1=40dfa519-d790-7be9-efed-7a8d94a1225c&v1=79f70a7d-a6cd-04fa-0143-ec7777838ecf&u1=71ce30e6-aa0b-aedd-42bc-6f55a2bc5419&e2=fingerprint&fi2=5404145d11ea4210b857aa82e3eb3515&ti2=42&p2=71ce30e6-aa0b-aedd-42bc-6f55a2bc5419&c2=89952585&ci2=40dfa519-d790-7be9-efed-7a8d94a1225c&v2=79f70a7d-a6cd-04fa-0143-ec7777838ecf&u2=f214c481-53ab-559e-fe4c-c12028315857
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.53.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-53-81.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 49059d42ad3423fb9f04b2330cdce035e4d555aa9ea7a7ceae097de0c69be05d

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Jun 2020 10:20:32 GMT
Server: nginx/1.12.1
Connection: keep-alive
Content-Length: 37
Content-Type: image/gif

GET
H/1.1 200
OK e.gif
collect.albacross.com/ 37 B
184 B 69ms
69ms Image
image/gif 34.251.53.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collect.albacross.com/e.gif?s=JSCollector%2C2.0.2%2C1592389235322&e1=pageview_ping&p1=71ce30e6-aa0b-aedd-42bc-6f55a2bc5419&c1=89952585&ci1=40dfa519-d790-7be9-efed-7a8d94a1225c&v1=79f70a7d-a6cd-04fa-0143-ec7777838ecf&u1=8063e7e4-f3b5-8dfa-7c26-b2633da3fe50
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.53.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-53-81.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 49059d42ad3423fb9f04b2330cdce035e4d555aa9ea7a7ceae097de0c69be05d

Request headers

Referer: https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Jun 2020 10:20:35 GMT
Server: nginx/1.12.1
Connection: keep-alive
Content-Length: 37
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.getastra.com/	1970-01-19 11:03:01	Name: __cfduid Value: d5a970e664ade167e52e4512774fc8fd51592389224

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.convertful.com
c.sharethis.mgr.consensu.org
cdn.jsdelivr.net
cdnjs.cloudflare.com
client.crisp.chat
collect.albacross.com
connect.facebook.net
dc.cux.io
fonts.googleapis.com
go.getastra.com
googleads.g.doubleclick.net
image.crisp.chat
instant.page
kit-free.fontawesome.com
kit.fontawesome.com
l.sharethis.com
maxcdn.bootstrapcdn.com
platform.twitter.com
s.imgur.com
s3.amazonaws.com
script.tapfiliate.com
secure.gravatar.com
serve.albacross.com
settings.crisp.chat
static.play.ht
stats.g.doubleclick.net
ws.sharethis.com
www.facebook.com
www.getastra.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
13.226.154.3
13.226.154.99
151.101.112.193
151.139.128.8
162.243.168.11
172.217.16.130
18.195.176.77
2001:4de0:ac19::1:b:3b
2600:9000:215d:a000:3:c04e:c780:93a1
2600:9000:2182:1c00:c:a9b7:ddc0:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:3fd1
2606:4700:3033::681c:1685
2606:4700:3033::681f:543a
2606:4700::6810:85e5
2606:4700::6811:91a
2a00:1450:4001:802::200a
2a00:1450:4001:809::200e
2a00:1450:4001:819::2003
2a00:1450:4001:819::2004
2a00:1450:4001:81f::2002
2a00:1450:4001:825::2008
2a00:1450:400c:c00::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::621
2a04:fa87:fffe::c000:4902
34.251.53.81
46.105.201.116
54.231.48.243
008dd386dfafcd48e846499b13ead5a5461657ef655da0862362b411cdd4d961
00fe4f69fd1b2ba6fb5f137bbc2c535440817041943007cf5709e201faaad5c5
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
03b29f45510428aa0a8fef7d2fb2904597b0b9f53169d46ebfa585c0088d5714
049fe2759efd85a62369dbd03dc006ad2b54449a1edda78d04b284f0c31e7323
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
110819e44d1ea5e37e914a54b6003ba4af0264549bd3b53be778e81dfb7a62c9
19eac541b697d3d0d920597542de50fdeb3a9e1dc561d108f1fd9ecd7ecc6153
1df691de5c3512015810f2da87dd7b8a9c6e6b8814b6e1df8b9d12008fcc4ea3
27800f845b3a7ed7aed8393fd8a4d25c65557af32ee1d27b2bdf7e867fbd6d5c
2832c93ada0b6b4cecfc1cb12191921dcdd570fc5fcc54f7a5da359df716a061
298d3a60443187a7dd017d2a010225b64c0064bfa4763b7137d6b21fcea31dbd
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
40df92ca9e852a8346cbb2e3121706ab4cf0e47e5966d9b0fc1ddd19aad32a86
4226bbf30631d8b85b97355ef88ed511d6bd0559681ed8cd0c4aa5f6358a6d7e
42cbe59132abb4cc85b3901a9141bada3dd1ca7a8a833ed2fc6eeb7fc59c1e77
44bf6e5b82d0b4fb52e73ee09b5af9803cfd536da7875f028543c4685ecd2130
456abdf681ebc4caac61d7eb6635e21a81d1dcc10f730b98719a65c2a88fe7ee
47286b85ea2fe3f83596cc8ae586a42a162eba42d5e078dc735dbe883df4b5a1
48efdd0fffa872b868edf778aec4cd1bc99afeb30ef2cbee16f762f44ce39bb8
49059d42ad3423fb9f04b2330cdce035e4d555aa9ea7a7ceae097de0c69be05d
49c214fd50bfa18411a879d9e63808fbd53c8584cf01b4dd00e0e36d3bd82c49
4a6cc5737b5dd789a0153b7990db4070f0607faaedf483f0c4c55fa89db0411f
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
4d5630e6cb7cdcca363cf81a7eb4a09202835166a613c002a27fac54fa87ba50
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
55bd462226c18a45c9d76d8677480bb8d12109d268071c929ff2c20dbbf7f1c6
5620fd3acd4874ee2d86b7cc4ac77997940fb53e8faf51aa640573805c71cfce
5697bdf4d0c6463f169f852fd90a1d722f01fe07f5154a33259335dbe5806791
58346799e6d88505c0d00abc91beadb5faa870fe42547a9cac66cfe530e347ea
5bc2ae22717e4e9bad5527f5213e23e6ae4c68c3c2940d040a8cf9ac3d50b98c
5c29d4462454d367d6ca6041ce1b1b5ff469d29be20739ffbef46a81ff4c9287
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29
602b5cddd5f26575ce7372dba26a31404bdab5caa5234ca182684407cd413a76
619a7a385016cba07fb6d94bbf69c94fba53abf07297f5cd212e85b55aedee15
6229a80b717d9b75147dddfbf42b053580197c003b4b0b3580a6f29138a42d79
65c977b60a5ccdec34ee9bcce69532d5039ed4bc7e29f7ca22662ff667ef895c
68b70138bba0ee1fa5cc939f69f37c7761b635b90e746cbb0087dec88d136bf0
6a3dd77dcb09b4dd4f21dc57d0babf83c04d10eedd13037572384179d30106e5
6b9383d3943fb6bb49758116464c410e1b206fccd25a79bc9d74b2f43efe244f
6c1744aad7018c5d7191eb3595b54a673dca8fd044014bea9901823a78fb3ff9
6d8503ce1b0879455dd4029518f41a4a712f73ab5f751ed92e0f3496364969c7
6f0ad9f3ff31904d6a4962296240ac2afa342ab957442389db0d04a33b40ef78
6fc28f42b008ad1715f6cad959e821722dc8458fb31d2390c89cae7334da9003
7284b59dbb42131cdf6059822aa570a46efdd11b96e94252e6ed0596f9313427
72e2ffc0b861fb9c4be81b2d5b448e144864ede04455ba74c9227b27f91ba21f
735f76d299fc15d9ae8f27040ff31922ec401370bccf74c0ae822ad3054e0198
73d7d4ea3f62303b780f0225e5346e5047cfb41fcae7ac19e99af8a3e1950973
7455c4fa04c4a21749e4d1cf5c6bdfd2e8ddad262b0cf4e093868749f9322b19
752df758c0fc34e6a6c0459a43d88fc37d622528b45468b6be5db2e95a0b86cd
78e828d0eb4b2f871dabb45dc1152218a2d7f57b0827b9c685610a6e88665404
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
8544ae9e6208590cdd0cfcfb3bc01159d2d7f2604262696569c42ec6143e94cf
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8b88ddfa92e4cb2646d5c7e19274939caa3495dcb33c307f1bbaec31b1d9691a
910a5454481f8f624e8019e14fb814871c5e13876dc4ba5547a9f7d3a5dc8b84
96ffb0e6fd99058e72ec0ef780c5ef4c69cbca56b1f4840f293bc3fcc21b4f91
980a31cf37ef159fd3ff7df7f4dd98df4c6f8132a824f0dd6a48927b80e7b2e0
995456f7211327129612b97dc0a2baa2288f1e3065d1d6ed1882a0eb89d6baac
9b86c417b83b21668446fc47c93d81eefe81a1ad7ca58732ff0899fb6bbb8deb
9c8db0e7dd1256b68f9c60999aac7f95c7ce91cbf0c4969978727c9d2ed46b6f
9e686323c0939b4caa79ef6d81aeb86264ed3ba08927e2342ed8a004a20a200d
a05e114ca2fdc00ae0bf03d76bfe166a122a6ede8861ebc89bac15eb555d94de
a094b8af2e7b186a1f6145943f0179c35bb4256028d513effe3a0ba0ba45ad80
a693efa7265b630e27e537f6ba09c5558a23b9ed2f57abdbf417c237a50a5156
a6a3039ccd87fd5c50cdc0aeb0c508b67ad53ef422b74dd32a2c026cc32a426c
a6f6a68da852fe76f3b5a6ce0d02be3e8cac52e79f4b82f63b1eda5168dce0c6
a6fee654e8d3c5c2650adccb0dfa83c8a0403a9199c65cf9ccde514f707b62c7
a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe
a8195496a719d90d894b0ac2b79a02834aae97e02e2bbdab02537bbe60421594
acf65d56f73c528e45d857c92de4607d0566563d6b9684fcf08f844850e57796
b2e4bd67d73432ceab50735580a5017599af0c64885c48c1922088cc0b450a84
b54675d0c78b4247cd5ae2ab6b4ab96a280ae2bbdaf4f46dff6b95ca109840a5
b567eca75218a567b4e2cb947f5df04d07d049f2cb96523d64652224951b8efb
b7a12ed6cb5012d970eab1bd99f316a9077e4a1b3085ace81c19153839e6c076
c07ee55e9ec6956934c3d661421554acf8752686ab2e34d6ef58a236907e78d5
c1e60996e02e207e83f55e1c1f9c67011b8d442e2d832564ff35e4cbe316cac8
c4acef48005c5748289fbaaf40f60d113d58240d3b2bf85c75571d712aa86229
c6d40e75b7488b774ddcfa0f8325b8601047d1029a091718802cd07ae7c20b9c
c98f424531e7c55ef9e1179eb556d2e5fa04a97ccfe8f847fd71358008239ec4
ccf1288320783664d5dc6fbed28894ca5bb244cff628227c228f45e7cd617103
cd08f2fcba5b3fb5279678178a470045ee121576374b23ee0d4e96b2e18f4480
cdcba7a929f59658000da20f172ceb43c5122235f6569bb11f3530622b0ec28f
ce38572c44184f2168c0b6e393318c674da0a0704e8fcb35d0dc5bfb1a6e303f
cfc8d9248cbb5e7faa24ee8395d1ee21a6508435ee81b6bc6e02c77411d05f31
d08fdf960890b4f7662bad35400a8464627110622652b944445b4a4ab32c01cb
d429d28b9e4fb5a936e932e8b3f92ed4c267eefec7c32cfe15bf18f1f5932788
d56002c7bfe883f1d1bfea93a56dd7e17319e029c0d2200b5123b40bad513022
d8587cdfae00d158ac084b5701d31a2ed49ceae434481d089d846625f58ae9e1
dcbb25e28540a856f35e0e335683253e33a1b87f1ef661990e56a11edbfe32ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f30d39b5b4d6a72db444127844d1379b457ce3f5f75e38ae748cce113be321
e7a5bef86d1ecf3a65b377060c515fec7464708fbccb422d51e446e73a1b385e
e8869d7bcd3889b901bda5f4b6bdf318433c7272bc6e18ae4cabcb03ee8902c1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5a741d98a8e495782a22723f11df8489248d665c22597c7661f84c77cfa2b32
faf8237325f73efbcbe7ddbfadea3efece2051460eafa8d24a302c1fd95c7499
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

www.getastra.com Open in urlscan Pro 2606:4700:3033::681f:543a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

98 Requests

100 %HTTPS

67 %IPv6

27 Domains

34 Subdomains

30 IPs

7 Countries

2096 kBTransfer

5456 kBSize

1 Cookies

20 Outgoing links

Page URL History

Redirected requests

98 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.getastra.com Open in urlscan Pro
2606:4700:3033::681f:543a Public Scan

Screenshot
Live screenshot

Full Image

98
Requests

100 %
HTTPS

67 %
IPv6

27
Domains

34
Subdomains

30
IPs

7
Countries

2096 kB
Transfer

5456 kB
Size

1
Cookies

98 HTTP transactions
8 data transactions