urlscan.io logo urlscan.io
SecurityTrails logo

www.wordfence.com Open in urlscan Pro
18.154.41.120  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.email.sans.org/?qs=be5ef610fe16c719cc0ba8b7aba28a13bac24a105885a83aa6aad4a7fdd7946afe0c813a0281003edeea93ccdae3...
Effective URL: https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e...
Submission: On June 09 via api from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 39 HTTP transactions. The main IP is 18.154.41.120, located in United States and belongs to AMAZON-02, US. The main domain is www.wordfence.com. The Cisco Umbrella rank of the primary domain is 192700.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 23rd 2023. Valid for: 7 months.
This is the only time www.wordfence.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 136.147.189.155 22606 (EXACT-7)
19 18.154.41.120 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
7 2a04:fa87:fff... 2635 (AUTOMATTIC)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
39 9
1    136.147.189.155 (United States)

ASN22606 (EXACT-7, US)
PTR: click.email.sans.org
click.email.sans.org
19    18.154.41.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-41-120.mad53.r.cloudfront.net
www.wordfence.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6810:b841 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsforms.net
2    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
3    2606:4700::6811:d6f3 (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
1    2606:4700::6811:d2f3 (United States)

ASN13335 (CLOUDFLARENET, US)
forms-na1.hsforms.com
Apex Domain
Subdomains		 Transfer
19 wordfence.com
www.wordfence.com — Cisco Umbrella Rank: 192700
4 MB
7 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 2017
13 KB
4 hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 4469
forms-na1.hsforms.com — Cisco Umbrella Rank: 7485
12 KB
4 gstatic.com
fonts.gstatic.com
81 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
2 KB
1 hsforms.net
js.hsforms.net — Cisco Umbrella Rank: 7285
165 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 75
53 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 993
7 KB
1 sans.org
click.email.sans.org — Cisco Umbrella Rank: 237939
334 B
39 9
Domain Requested by
19 www.wordfence.com www.wordfence.com
7 secure.gravatar.com www.wordfence.com
4 fonts.gstatic.com fonts.googleapis.com
3 forms.hsforms.com js.hsforms.net
www.wordfence.com
2 fonts.googleapis.com www.wordfence.com
js.hsforms.net
1 forms-na1.hsforms.com www.wordfence.com
1 js.hsforms.net www.wordfence.com
1 www.googletagmanager.com www.wordfence.com
1 maxcdn.bootstrapcdn.com www.wordfence.com
1 click.email.sans.org 1 redirects
39 10
Subject Issuer Validity Valid
*.wordfence.com
Amazon RSA 2048 M02		 2023-02-23 -
2023-09-30		 7 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.gravatar.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-23 -
2023-12-24		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
Frame ID: 73332E0191A23875290EE9147E373F82
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Large-Scale Attacks Target Epsilon Framework Themes

Page URL History Show full URLs

  1. https://click.email.sans.org/?qs=be5ef610fe16c719cc0ba8b7aba28a13bac24a105885a83aa6aad4a7fdd7946afe0c813a... HTTP 302
    https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f1... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+ionicons(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

39
Requests

100 %
HTTPS

80 %
IPv6

9
Domains

10
Subdomains

9
IPs

3
Countries

4057 kB
Transfer

11600 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.email.sans.org/?qs=be5ef610fe16c719cc0ba8b7aba28a13bac24a105885a83aa6aad4a7fdd7946afe0c813a0281003edeea93ccdae3202196e267f8465f71ad HTTP 302
    https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/
Redirect Chain
  • https://click.email.sans.org/?qs=be5ef610fe16c719cc0ba8b7aba28a13bac24a105885a83aa6aad4a7fdd7946afe0c813a0281003edeea93ccdae3202196e267f8465f71ad
  • https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
40 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.41.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-41-120.mad53.r.cloudfront.net
Software
nginx /
Resource Hash
95c051003d834e20d5447d779b6e8789832b136ff3178f8582fd8ac8c593600e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache="Set-Cookie"
content-type
text/html; charset=UTF-8
date
Fri, 09 Jun 2023 10:42:31 GMT
link
<https://www.wordfence.com/wp-json/>; rel="https://api.w.org/" <https://www.wordfence.com/wp-json/wp/v2/posts/25491>; rel="alternate"; type="application/json" <https://www.wordfence.com/?p=25491>; rel=shortlink
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000
via
1.1 b4acd829829287562b6f6c2e15ee0040.cloudfront.net (CloudFront)
x-amz-cf-id
yK0aDfoPsXV1WAoGjot0j-lIgJ03PSMldNygG1oLfDBJKdkh2xQd1A==
x-amz-cf-pop
MAD53-P2
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
private
Connection
close
Content-Length
276
Content-Type
text/html; charset=utf-8
Date
Fri, 09 Jun 2023 10:42:31 GMT
Location
https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
style.min.css
www.wordfence.com/wp-includes/css/dist/block-library/ 		87 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.wordfence.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.5
Requested by
Host: www.wordfence.com
URL: https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.41.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-41-120.mad53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 09:36:18 GMT
content-encoding
gzip
via
1.1 b4acd829829287562b6f6c2e15ee0040.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
MAD53-P2
age
4217
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 15 Mar 2023 20:40:06 GMT
server
AmazonS3
etag
W/"b7915926fe42d76e9c802353ab01dae4"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=604800
x-amz-cf-id
Qfj-lUBeTTLeIgdtW6gvpNdiVFecqBD5hkCcXA5ubl5H2XQ70pvw3g==
style.css
www.wordfence.com/wp-content/plugins/fm-social-share/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.wordfence.com/wp-content/plugins/fm-social-share/css/style.css?ver=6.0.5
Requested by
Host: www.wordfence.com
URL: https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.41.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-41-120.mad53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6f993564578ff62e1c2c45d8ac852c6c1d8e76e92a6d141e5100fc8582a8ff0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 10:41:58 GMT
content-encoding
br
via
1.1 b4acd829829287562b6f6c2e15ee0040.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
MAD53-P2
age
36
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 15 Mar 2023 20:40:13 GMT
server
AmazonS3
etag
W/"74ad22ec5aa67640f99e07ecd26218cc"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=300
x-amz-cf-id
8QRkztYtbKIURLYPOmXtJYJwG36yKp2dpQ-qjqRHrYENUPaI3gmf0Q==
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/latest/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/latest/css/font-awesome.min.css?ver=6.0.5
Requested by
Host: www.wordfence.com
URL: https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wordfence.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 10:42:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
863
age
1742725
cdn-cachedat
08/20/2022 03:05:12
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:56 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
17b47a2b7079adf979369b89fe993867
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7d48c4b5f9c02bb8-FRA
cdn-requestpullsuccess
True
wordfence-metrics.css
www.wordfence.com/wp-content/plugins/wordfence-metrics/css/ 		2 KB
1002 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.wordfence.com/wp-content/plugins/wordfence-metrics/css/wordfence-metrics.css?ver=6.0.5
Requested by
Host: www.wordfence.com
URL: https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.41.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-41-120.mad53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18600d985076a482e5b8f07993b3dfe340a515d25a2328b090922c620f7347be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 10:41:58 GMT
content-encoding
br
via
1.1 b4acd829829287562b6f6c2e15ee0040.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
MAD53-P2
age
35
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 15 Mar 2023 20:40:15 GMT
server
AmazonS3
etag
W/"ec27e340f308c320dcccc573426ae77a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=300
x-amz-cf-id
wPtBrNkCC0Zm1Y8J54ypvuMQDRV8KZtlyEuTx7KL3sQ3WWJlm9mzSQ==
googlefonts.css
www.wordfence.com/wp-content/themes/wordfence2020/css/ 		24 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.wordfence.com/wp-content/themes/wordfence2020/css/googlefonts.css
Requested by
Host: www.wordfence.com
URL: https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.41.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-41-120.mad53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
52e9583eff72276651bd501d6643a061dae2e49b9e770b500df0fa66477b449d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 10:41:58 GMT
content-encoding
br
via
1.1 b4acd829829287562b6f6c2e15ee0040.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
MAD53-P2
age
111
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 15 Mar 2023 20:40:21 GMT
server
AmazonS3
etag
W/"e033488849149f34a32f67a7785f326d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=300
x-amz-cf-id
ey9-tuQzVXQEqGM_Fp9pj-UOfYic_SolW9uw2nHAaUEs4wJ70rxCFg==
ionicons.min.css
www.wordfence.com/wp-content/themes/wordfence2020/css/ 		50 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.wordfence.com/wp-content/themes/wordfence2020/css/ionicons.min.css
Requested by
Host: www.wordfence.com
URL: https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.41.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-41-120.mad53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
de2bbd8e0b32f53a53c1729bedb350cea59e9115fba4f2bed8e2e3dd1f76d9fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 10:41:58 GMT
content-encoding
br
via
1.1 b4acd829829287562b6f6c2e15ee0040.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
MAD53-P2
age
111
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 15 Mar 2023 20:40:21 GMT
server
AmazonS3
etag
W/"0d6763b67616cb9183f3931313d42971"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=300
x-amz-cf-id
hH5gsHw_N3cVwNo5fs8Hz6cxdUDDIWVnrym2kVLh-FQZikxwNOOcFw==
style.css
www.wordfence.com/wp-content/themes/wordfence2020/ 		100 B
628 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.wordfence.com/wp-content/themes/wordfence2020/style.css?ver=1678912699
Requested by
Host: www.wordfence.com
URL: https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.41.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-41-120.mad53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
377c9b04ddb1bbfb974d3e77e4427c4488f7a7aff3777897f17fbfc7d8a96e5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 10:41:58 GMT
via
1.1 b4acd829829287562b6f6c2e15ee0040.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
MAD53-P2
age
111
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
100
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 15 Mar 2023 20:40:24 GMT
server
AmazonS3
etag
"8c8841317179f9fba20a471574963c8f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
EcgQ19zhW6HGSv-a0stLiv7P6yHS9jxot3SNiQhBewCgJFTSFUEaVw==
wordpress.css
www.wordfence.com/css/ 		1 MB
210 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.wordfence.com/css/wordpress.css?id=e9e16924ad71067463b7
Requested by
Host: www.wordfence.com
URL: https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.41.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-41-120.mad53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9870b16fdd446f827736188cfffff7494400c6e97baa43c346cc40993d835fe7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 23:46:20 GMT
content-encoding
br
via
1.1 b4acd829829287562b6f6c2e15ee0040.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
MAD53-P2
age
298571
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 May 2023 19:03:19 GMT
server
AmazonS3
etag
W/"e9e16924ad71067463b7e117d03859ba"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=604800
x-amz-cf-id
0ICtShABTh5kMsHgPxU-lEwBmrq4v8ZFJnsI6z6XtvgIQFSSMQWc3A==
load-scripts.php
www.wordfence.com/wp-admin/ 		98 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wordfence.com/wp-admin/load-scripts.php?c=1&load%5Bchunk_0%5D=jquery-core,jquery-migrate&ver=6.0.5
Requested by
Host: www.wordfence.com
URL: https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.41.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-41-120.mad53.r.cloudfront.net
Software
nginx /
Resource Hash
2dd3af50f576164461f64ca040e7841d09bd1dffde52148bd79c39c6a0bd906d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 10:42:32 GMT
via
1.1 b4acd829829287562b6f6c2e15ee0040.cloudfront.net (CloudFront)
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31536000
x-amz-cf-pop
MAD53-P2
etag
6.0.5
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
no-cache="Set-Cookie"
x-amz-cf-id
CIH7h676S-fvKTp5nPQYKGxVQOJOJFKlbLBCIJ20MPxZ1UPIJcCJsw==
x-xss-protection
1; mode=block
expires
Sat, 08 Jun 2024 10:42:32 GMT
modernizr-2.8.3.min.js
www.wordfence.com/wp-content/themes/wordfence2020/js/vendor/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wordfence.com/wp-content/themes/wordfence2020/js/vendor/modernizr-2.8.3.min.js
Requested by
Host: www.wordfence.com
URL: https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.41.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-41-120.mad53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 10:41:42 GMT
content-encoding
br
via
1.1 b4acd829829287562b6f6c2e15ee0040.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
MAD53-P2
age
111
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 15 Mar 2023 20:40:24 GMT
server
AmazonS3
etag
W/"65f1d21d5fcc9d21da758adababd0c3c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
Zht9E3yjFoB51t5jgkLsW7K2bNjP2qPxCyCzVC2gIwrZ6PXUZlJ5Pw==
large-scale-attacks-target-epsilon-framework-themes.png
www.wordfence.com/wp-content/uploads/2020/11/ 		365 KB
366 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wordfence.com/wp-content/uploads/2020/11/large-scale-attacks-target-epsilon-framework-themes.png
Requested by
Host: www.wordfence.com
URL: https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.41.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-41-120.mad53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
df9f4eb3db5515ad6b4375837b16c3e3a5e215f49cd3e21a391932548f4a0ac0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 13:50:07 GMT
via
1.1 b4acd829829287562b6f6c2e15ee0040.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
MAD53-P2
age
161546
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
373777
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 15 Mar 2023 20:40:56 GMT
server
AmazonS3
etag
"98e4c53fe6ff86164fb889ec0ecc94fc"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
x-amz-cf-id
boTuD3MetD6Zok0FipiNU_thpPQMZUEwUNif4j6LeK69Q8MBsMg1pg==
gtm.js
www.googletagmanager.com/ 		142 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K9CP2C8
Requested by
Host: www.wordfence.com
URL: https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a737ce5a887f713c8cb5a8901c91f462ae1ec1aad1927f162835cd0d439529c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wordfence.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 10:42:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53531
x-xss-protection
0
last-modified
Fri, 09 Jun 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 09 Jun 2023 10:42:32 GMT
footer-news-example.jpg
www.wordfence.com/img/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wordfence.com/img/footer-news-example.jpg
Requested by
Host: www.wordfence.com
URL: https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.41.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-41-120.mad53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f88f33c51f8b5753daa456493127c6fbc8fd79dbdfd6b66077c8dc19228c8b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 22:17:01 GMT
via
1.1 b4acd829829287562b6f6c2e15ee0040.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
MAD53-P2
age
131132
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
40052
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 May 2023 19:03:21 GMT
server
AmazonS3
etag
"1986ee8b97d954ce729399a7023544cf"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
x-amz-cf-id
teJFoNZzAKkM6CTT5e-g97nsMAUhBXWIH1e30ne-XstJufgpThZRsA==
v2.js
js.hsforms.net/forms/ 		526 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsforms.net/forms/v2.js
Requested by
Host: www.wordfence.com
URL: https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:b841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae49970411fe1d34b61ff63481dae8dc1d6be4e7797a01c5ee6531ec95fb9aca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wordfence.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-encoding
br
age
83
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.3300/bundles/project-v2.js&cfRay=7d48c2afcd2d900d-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"c09c46dff7b486f6c0aa62e0e52b90d4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=600, max-age=300
x-hs-target-asset
forms-embed/static-1.3300/bundles/project-v2.js
date
Fri, 09 Jun 2023 10:42:32 GMT
x-amz-version-id
tKgXByzCM65Sg4v4s0wQtREn_83DFf4I
via
1.1 b0c7b942a33f0f4451718aee53f7840c.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
IAD12-P1
x-cache
Hit from cloudfront
cache-tag
staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
03a5b973-e756-4b52-a93f-2b0adba15d5d
last-modified
Tue, 06 Jun 2023 10:33:59 UTC
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mibFJM1lyVlT%2BCDgK6%2FdIlI4299dCUeI9tcwE0ty7WV301x9un8tZA4yvT0o4Q9G40zK9DKpCm4tAnVdSUelFJU9ga7miBEFAq6diME2De0Y1wzBnJI%2BsLa7DFMElXJhqx8S5XSy6natxUbA"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-57ff77fcd-x5fmx
cf-ray
7d48c4b7d97b1d84-FRA
x-amz-cf-id
FldrMguJ-pfu88nkkteG_YsP0Pb5bCU96_Y9Z23DJ7pvs4xZvIR2Jw==
jquery.barrating.min.js
www.wordfence.com/wp-content/plugins/wordfence-metrics/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wordfence.com/wp-content/plugins/wordfence-metrics/js/jquery.barrating.min.js?ver=1.2.1
Requested by
Host: www.wordfence.com
URL: https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.41.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-41-120.mad53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f1e69ff4360cc12fb5c0cf38f19eaa74a2216893fe3cad6936d00fcc49b1bf57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 10:42:00 GMT
content-encoding
br
via
1.1 b4acd829829287562b6f6c2e15ee0040.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
MAD53-P2
age
33
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 15 Mar 2023 20:40:15 GMT
server
AmazonS3
etag
W/"78dd1d9a693a14cf6d099346772e96d5"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
aZThlTxmqipIX79JZkCZYPpyIe6y_s6pnUzDBbiDRHOVO4g1bk_Jbw==
wordfence-metrics.js
www.wordfence.com/wp-content/plugins/wordfence-metrics/js/ 		1 KB
941 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wordfence.com/wp-content/plugins/wordfence-metrics/js/wordfence-metrics.js?ver=1.0.0
Requested by
Host: www.wordfence.com
URL: https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.41.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-41-120.mad53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c41d674623a722fa0d7e0adeea621208a71b87813c1e09680298c15240853a83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 10:42:00 GMT
content-encoding
br
via
1.1 b4acd829829287562b6f6c2e15ee0040.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
MAD53-P2
age
33
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 15 Mar 2023 20:40:15 GMT
server
AmazonS3
etag
W/"06ffd8f9a420f12ddfa14d0a6ddd8d8d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
wVWp1D0y45oxxpTvamJFnMOGo9VT5n7Au3pCN0OM6WbQ3TSK3h1LFw==
site.js
www.wordfence.com/js/ 		9 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wordfence.com/js/site.js?id=7a87fe0be6b7206434e3
Requested by
Host: www.wordfence.com
URL: https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.41.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-41-120.mad53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35348f909ceba3ddee628d51167d7e923d3b6c72cbcf153c97b8049a968217ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 19:45:25 GMT
content-encoding
gzip
via
1.1 b4acd829829287562b6f6c2e15ee0040.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
MAD53-P2
age
456305
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 May 2023 19:03:24 GMT
server
AmazonS3
etag
W/"741e20be15fe7d551d61f991eb15a33c-2"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
L4JsU-AnHNy6AZKYG4CZSYaG5bNLlwbcYAvnbOR1PedntI8Qz6ElbQ==
app.js
www.wordfence.com/wp-content/themes/wordfence2020/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wordfence.com/wp-content/themes/wordfence2020/js/app.js?ver=1678912699
Requested by
Host: www.wordfence.com
URL: https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.41.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-41-120.mad53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
028db73097c1f6dd42a8884c95ceed3eb8d89d7dbb1f4b98765a457cf1f91396
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 10:41:58 GMT
content-encoding
br
via
1.1 b4acd829829287562b6f6c2e15ee0040.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
MAD53-P2
age
112
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 15 Mar 2023 20:40:24 GMT
server
AmazonS3
etag
W/"a4e3203b1543dd89571e611ddb6b1084"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
7xWqGdPrTtAm4EwOy_mmeg2sXEKaodBwm6LidDCKEvLkkIOhsBgV4g==
jquery.customSelect.min.js
www.wordfence.com/wp-content/themes/wordfence2020/js/vendor/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wordfence.com/wp-content/themes/wordfence2020/js/vendor/jquery.customSelect.min.js?ver=1
Requested by
Host: www.wordfence.com
URL: https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.41.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-41-120.mad53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94eb062f034d9c0a3631943344065bc2e07d520367312378b596f2b1f2a65109
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 10:41:58 GMT
content-encoding
br
via
1.1 b4acd829829287562b6f6c2e15ee0040.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
MAD53-P2
age
112
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 15 Mar 2023 20:40:24 GMT
server
AmazonS3
etag
W/"0212de77848bab70b670586c782a2f4f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
gSD627e4fZ0_NA6eYj0CVZNsAMcsRCb8I_Wb-rVmY7XZvXYlwXNHvw==
css2
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@100;300;400;500;700&display=swap
Requested by
Host: www.wordfence.com
URL: https://www.wordfence.com/css/wordpress.css?id=e9e16924ad71067463b7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8817f08b44eb8ad2cb9870b5a43d0e076630e74bf1761dd43f62cc6bb067848a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wordfence.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 09 Jun 2023 10:42:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 09 Jun 2023 10:38:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 09 Jun 2023 10:42:32 GMT
bg-fm_social_share_button-ico.png
www.wordfence.com/wp-content/plugins/fm-social-share/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wordfence.com/wp-content/plugins/fm-social-share/img/bg-fm_social_share_button-ico.png
Requested by
Host: www.wordfence.com
URL: https://www.wordfence.com/wp-content/plugins/fm-social-share/css/style.css?ver=6.0.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.41.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-41-120.mad53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
74252b0bdbbec37155b3b0eb4db3fedb4b5b0f0bc26d7315b76f306d44facff5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wordfence.com/wp-content/plugins/fm-social-share/css/style.css?ver=6.0.5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 10:42:33 GMT
via
1.1 b4acd829829287562b6f6c2e15ee0040.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
MAD53-P2
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
2560
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 15 Mar 2023 20:40:13 GMT
server
AmazonS3
etag
"d8741cc5e2909668494f5fd50f73745c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
_SYiNCnahKRvx5moGhBQfNMJzznKQeCHWhy1m4C0O2XAGnyv1SBTfw==
footer-hero-circles.svg
www.wordfence.com/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wordfence.com/img/footer-hero-circles.svg
Requested by
Host: www.wordfence.com
URL: https://www.wordfence.com/css/wordpress.css?id=e9e16924ad71067463b7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.41.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-41-120.mad53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b3b8532f2dff685f3342797b49f1058e5ab78bdb4b84b0ccb5073e002d4f6dd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wordfence.com/css/wordpress.css?id=e9e16924ad71067463b7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 05:50:26 GMT
content-encoding
gzip
via
1.1 b4acd829829287562b6f6c2e15ee0040.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
MAD53-P2
age
103927
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 May 2023 19:03:21 GMT
server
AmazonS3
etag
W/"6894d40213f4b5ea3cf51db090a64f40"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=604800
x-amz-cf-id
LlDFY-p0KuNRw24bBvqyEyQTDQbd6y0Nh4959G_uSQvBwmwqnSY1sA==
BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v25/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v25/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@100;300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20b588b86dac6a605b4baefd6a9d46f2c1ac84dd78a230dfb4b962c3155096f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.wordfence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 15:47:27 GMT
x-content-type-options
nosniff
age
500105
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34432
x-xss-protection
0
last-modified
Tue, 02 May 2023 17:01:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 02 Jun 2024 15:47:27 GMT
59930e186988e5f164c12674f73e6267
secure.gravatar.com/avatar/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/59930e186988e5f164c12674f73e6267?s=80&d=mm&r=g
Requested by
Host: www.wordfence.com
URL: https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c5cc3f6fce40607c8775d928a648b59c1f2f224de053e7e8d1fab272e585d099

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wordfence.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 09 Jun 2023 10:42:32 GMT
last-modified
Fri, 18 Feb 2022 17:25:52 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="59930e186988e5f164c12674f73e6267.jpeg"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/59930e186988e5f164c12674f73e6267?s=80&d=mm&r=g>; rel="canonical"
content-length
2619
expires
Fri, 09 Jun 2023 10:47:32 GMT
57d76f1081114ee571c0afd6005f2e32
secure.gravatar.com/avatar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/57d76f1081114ee571c0afd6005f2e32?s=96&d=mm&r=g
Requested by
Host: www.wordfence.com
URL: https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
54ee9bbe2550cd9323f302ba77e47d14fcb84cec7c628521b9f19cd52ce37cef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wordfence.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 09 Jun 2023 10:42:32 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="57d76f1081114ee571c0afd6005f2e32.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/57d76f1081114ee571c0afd6005f2e32?s=96&d=mm&r=g>; rel="canonical"
content-length
1447
expires
Fri, 09 Jun 2023 10:47:32 GMT
1365570a212d1fb73ba244940918ca79
secure.gravatar.com/avatar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/1365570a212d1fb73ba244940918ca79?s=96&d=mm&r=g
Requested by
Host: www.wordfence.com
URL: https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
67f565f25c1bb8ae629cfca60c71766232073a0c905e0387e45895657b4ae3e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wordfence.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 09 Jun 2023 10:42:32 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="1365570a212d1fb73ba244940918ca79.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/1365570a212d1fb73ba244940918ca79?s=96&d=mm&r=g>; rel="canonical"
content-length
1528
expires
Fri, 09 Jun 2023 10:47:32 GMT
e33f5b8df346e25cb21cb9e3291777a9
secure.gravatar.com/avatar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/e33f5b8df346e25cb21cb9e3291777a9?s=96&d=mm&r=g
Requested by
Host: www.wordfence.com
URL: https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
67f565f25c1bb8ae629cfca60c71766232073a0c905e0387e45895657b4ae3e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wordfence.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 09 Jun 2023 10:42:32 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="e33f5b8df346e25cb21cb9e3291777a9.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/e33f5b8df346e25cb21cb9e3291777a9?s=96&d=mm&r=g>; rel="canonical"
content-length
1528
expires
Fri, 09 Jun 2023 10:47:32 GMT
69d7683fda9fa05d0b85cc130b8bda7f
secure.gravatar.com/avatar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/69d7683fda9fa05d0b85cc130b8bda7f?s=96&d=mm&r=g
Requested by
Host: www.wordfence.com
URL: https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
67f565f25c1bb8ae629cfca60c71766232073a0c905e0387e45895657b4ae3e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wordfence.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 09 Jun 2023 10:42:32 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="69d7683fda9fa05d0b85cc130b8bda7f.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/69d7683fda9fa05d0b85cc130b8bda7f?s=96&d=mm&r=g>; rel="canonical"
content-length
1528
expires
Fri, 09 Jun 2023 10:47:32 GMT
64c04248a1f84e51159690fdf05c662e
secure.gravatar.com/avatar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/64c04248a1f84e51159690fdf05c662e?s=96&d=mm&r=g
Requested by
Host: www.wordfence.com
URL: https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
54ee9bbe2550cd9323f302ba77e47d14fcb84cec7c628521b9f19cd52ce37cef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wordfence.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 09 Jun 2023 10:42:32 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="64c04248a1f84e51159690fdf05c662e.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/64c04248a1f84e51159690fdf05c662e?s=96&d=mm&r=g>; rel="canonical"
content-length
1447
expires
Fri, 09 Jun 2023 10:47:32 GMT
92272d40a8948593c31c7b9117bd5ed4
secure.gravatar.com/avatar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/92272d40a8948593c31c7b9117bd5ed4?s=96&d=mm&r=g
Requested by
Host: www.wordfence.com
URL: https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
67f565f25c1bb8ae629cfca60c71766232073a0c905e0387e45895657b4ae3e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wordfence.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 09 Jun 2023 10:42:32 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="92272d40a8948593c31c7b9117bd5ed4.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/92272d40a8948593c31c7b9117bd5ed4?s=96&d=mm&r=g>; rel="canonical"
content-length
1528
expires
Fri, 09 Jun 2023 10:47:32 GMT
json
forms.hsforms.com/embed/v3/form/4354010/7e580360-6f66-4d96-a898-0bd11eec900a/ 		18 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hsforms.com/embed/v3/form/4354010/7e580360-6f66-4d96-a898-0bd11eec900a/json?hs_static_app=forms-embed&hs_static_app_version=1.3300&X-HubSpot-Static-App-Info=forms-embed-1.3300
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d6f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6de48a812cfc30cad6a86d8b0a38aa7cb1372c7a2a7f5d4672f9e16698c565fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.wordfence.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

X-Origin-Hublet
na1
Date
Fri, 09 Jun 2023 10:42:32 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
br
CF-Cache-Status
DYNAMIC
X-HubSpot-Correlation-Id
2abc65f7-2cbc-49f6-9486-9ef8e015b922
x-evy-trace-route-service-name
envoyset-translator
Transfer-Encoding
chunked
x-envoy-upstream-service-time
13
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
f30e4d2f-522b-4bad-a11b-9e7af59e4964
Server
cloudflare
X-Trace
2B21A7E1542FE0F2670D37D1C246E0B3647E30CFCC000000000000000000
Vary
origin
Access-Control-Allow-Methods
OPTIONS, GET
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.wordfence.com
x-evy-trace-virtual-host
all
Access-Control-Expose-Headers
X-Origin-Hublet
Access-Control-Max-Age
180
Access-Control-Allow-Credentials
false
Cache-Control
max-age=0, no-cache, no-store
X-Robots-Tag
none
Access-Control-Allow-Headers
*
CF-RAY
7d48c4ba2d811e31-FRA
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-759c64d45c-w9hvc
json
forms.hsforms.com/embed/v3/form/4354010/7e580360-6f66-4d96-a898-0bd11eec900a/ 		18 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hsforms.com/embed/v3/form/4354010/7e580360-6f66-4d96-a898-0bd11eec900a/json?hs_static_app=forms-embed&hs_static_app_version=1.3300&X-HubSpot-Static-App-Info=forms-embed-1.3300
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d6f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
488a4860023edf77330fc8b2222722a3f8f2779c21761dd2e5db4aae603c63a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.wordfence.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

X-Origin-Hublet
na1
Date
Fri, 09 Jun 2023 10:42:32 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
br
CF-Cache-Status
DYNAMIC
X-HubSpot-Correlation-Id
7bbe60a8-d65d-4ff1-bfaa-1e8fa5eba12a
x-evy-trace-route-service-name
envoyset-translator
Transfer-Encoding
chunked
x-envoy-upstream-service-time
14
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
205cf0a2-43f0-4bbd-b2d8-ea7423df46af
Server
cloudflare
X-Trace
2B8D5AB5812808E236B6B31C9501410BD9FE7F4CF6000000000000000000
Vary
origin
Access-Control-Allow-Methods
OPTIONS, GET
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.wordfence.com
x-evy-trace-virtual-host
all
Access-Control-Expose-Headers
X-Origin-Hublet
Access-Control-Max-Age
180
Access-Control-Allow-Credentials
false
Cache-Control
max-age=0, no-cache, no-store
X-Robots-Tag
none
Access-Control-Allow-Headers
*
CF-RAY
7d48c4ba291403a6-FRA
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-759c64d45c-cxrpn
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1
Requested by
Host: www.wordfence.com
URL: https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d6f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wordfence.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 10:42:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
x-hubspot-correlation-id
13031f1f-095c-436b-b462-9f673f614d0b
x-evy-trace-route-service-name
envoyset-translator
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=86400
content-length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
3437aa18-7061-48de-9d9d-3b28074b6637
server
cloudflare
x-trace
2B5C3A58EE4395C9C38AEBD8CBD2F990DBB574D352000000000000000000
vary
origin
content-type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-759c64d45c-rgcrk
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
cf-ray
7d48c4bb9b1339c8-FRA
css2
fonts.googleapis.com/ 		7 KB
791 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wordfence.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 09 Jun 2023 10:42:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 09 Jun 2023 08:45:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 09 Jun 2023 10:42:32 GMT
counters.gif
forms-na1.hsforms.com/embed/v3/ 		35 B
983 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1
Requested by
Host: www.wordfence.com
URL: https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/?is=e3832f108acb1d173b1c8560e6e5008bac06549549c3ce6073d40f2abb06fe29
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wordfence.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Fri, 09 Jun 2023 10:42:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
CF-Cache-Status
DYNAMIC
X-HubSpot-Correlation-Id
a44dd54b-c0db-46a8-9707-b950a6ece359
x-evy-trace-route-service-name
envoyset-translator
x-envoy-upstream-service-time
1
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
d9f862b8-9a4a-48f5-91db-6327943b56f7
Server
cloudflare
X-Trace
2BBDC3B021622CE605AA61B30EE8C4B2C4414CCC83000000000000000000
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-759c64d45c-cxrpn
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
7d48c4bbdd233827-FRA
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.wordfence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 18:58:23 GMT
x-content-type-options
nosniff
age
488649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 02 Jun 2024 18:58:23 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.wordfence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 22:48:48 GMT
x-content-type-options
nosniff
age
215624
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Jun 2024 22:48:48 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.wordfence.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 16:10:14 GMT
x-content-type-options
nosniff
age
239538
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Jun 2024 16:10:14 GMT

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| onbeforetoggle object| onscrollend string| wfDisabledCookies object| dataLayer function| $ function| jQuery object| html5 object| Modernizr object| uiSettings object| hubspot object| HubSpotForms object| _hsq object| hbspt object| hsFormsOnReady object| WFMVars function| setImmediate function| clearImmediate object| regeneratorRuntime function| _ function| Popper function| s function| moment function| md5 function| sanitizeHtml function| strftime function| axios function| http function| getAuthToken function| cleanupOneEntryPerLine function| makeDuration function| pluralize function| ucfirst function| parseJWT object| store function| validateEmail function| copyTextToClipboard object| wfUtils object| cookieParse function| responseToModels function| responseToModel function| formatUrl function| dateFormat function| dateFormatShort function| dateTimeFormat function| setJWTRenewalTimeout function| completeSetup object| eventBus object| searchKeys function| setOptionTitle function| getOptionTitle function| stringFormat object| google_tag_manager object| google_tag_data

2 Cookies

Domain/Path Name / Value
www.wordfence.com/ Name: AWSALBTG
Value: sUtHAXYtzl+uW/82pztc3C4NNIk4CUmqYMLeQPd5vF+8Kx0qjkdTEZIKSX2hLcXYEbqwpGUo24IQlLpwUU2J3jj/VIYrtunQuX0KX34x5hPcPYiTH3wnP4RVCQxJszrj5bf9uTvzWe1qhjlPzjtOqrUt95zvii74tpgpj80ri3ie
www.wordfence.com/ Name: AWSALBTGCORS
Value: sUtHAXYtzl+uW/82pztc3C4NNIk4CUmqYMLeQPd5vF+8Kx0qjkdTEZIKSX2hLcXYEbqwpGUo24IQlLpwUU2J3jj/VIYrtunQuX0KX34x5hPcPYiTH3wnP4RVCQxJszrj5bf9uTvzWe1qhjlPzjtOqrUt95zvii74tpgpj80ri3ie

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

click.email.sans.org
fonts.googleapis.com
fonts.gstatic.com
forms-na1.hsforms.com
forms.hsforms.com
js.hsforms.net
maxcdn.bootstrapcdn.com
secure.gravatar.com
www.googletagmanager.com
www.wordfence.com
136.147.189.155
18.154.41.120
2606:4700::6810:b841
2606:4700::6811:d2f3
2606:4700::6811:d6f3
2606:4700::6812:bcf
2a00:1450:4001:802::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:831::200a
2a04:fa87:fffe::c000:4902
028db73097c1f6dd42a8884c95ceed3eb8d89d7dbb1f4b98765a457cf1f91396
18600d985076a482e5b8f07993b3dfe340a515d25a2328b090922c620f7347be
20b588b86dac6a605b4baefd6a9d46f2c1ac84dd78a230dfb4b962c3155096f4
2dd3af50f576164461f64ca040e7841d09bd1dffde52148bd79c39c6a0bd906d
35348f909ceba3ddee628d51167d7e923d3b6c72cbcf153c97b8049a968217ca
377c9b04ddb1bbfb974d3e77e4427c4488f7a7aff3777897f17fbfc7d8a96e5f
488a4860023edf77330fc8b2222722a3f8f2779c21761dd2e5db4aae603c63a4
52e9583eff72276651bd501d6643a061dae2e49b9e770b500df0fa66477b449d
54ee9bbe2550cd9323f302ba77e47d14fcb84cec7c628521b9f19cd52ce37cef
67f565f25c1bb8ae629cfca60c71766232073a0c905e0387e45895657b4ae3e7
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6de48a812cfc30cad6a86d8b0a38aa7cb1372c7a2a7f5d4672f9e16698c565fe
74252b0bdbbec37155b3b0eb4db3fedb4b5b0f0bc26d7315b76f306d44facff5
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8817f08b44eb8ad2cb9870b5a43d0e076630e74bf1761dd43f62cc6bb067848a
8f88f33c51f8b5753daa456493127c6fbc8fd79dbdfd6b66077c8dc19228c8b6
94eb062f034d9c0a3631943344065bc2e07d520367312378b596f2b1f2a65109
95c051003d834e20d5447d779b6e8789832b136ff3178f8582fd8ac8c593600e
9870b16fdd446f827736188cfffff7494400c6e97baa43c346cc40993d835fe7
a737ce5a887f713c8cb5a8901c91f462ae1ec1aad1927f162835cd0d439529c7
ae49970411fe1d34b61ff63481dae8dc1d6be4e7797a01c5ee6531ec95fb9aca
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b3b8532f2dff685f3342797b49f1058e5ab78bdb4b84b0ccb5073e002d4f6dd2
c41d674623a722fa0d7e0adeea621208a71b87813c1e09680298c15240853a83
c5cc3f6fce40607c8775d928a648b59c1f2f224de053e7e8d1fab272e585d099
c6f993564578ff62e1c2c45d8ac852c6c1d8e76e92a6d141e5100fc8582a8ff0
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
de2bbd8e0b32f53a53c1729bedb350cea59e9115fba4f2bed8e2e3dd1f76d9fa
df9f4eb3db5515ad6b4375837b16c3e3a5e215f49cd3e21a391932548f4a0ac0
f1e69ff4360cc12fb5c0cf38f19eaa74a2216893fe3cad6936d00fcc49b1bf57
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615