urlscan.io logo urlscan.io
SecurityTrails logo

199.242.144.56 Open in urlscan Pro
199.242.144.56  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
Effective URL: https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
Submission: On September 08 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 6 domains to perform 20 HTTP transactions. The main IP is 199.242.144.56, located in United States and belongs to ACLENS-PROD, US. The main domain is 199.242.144.56.
TLS certificate: Issued by Let's Encrypt Authority X3 on July 13th 2020. Valid for: 3 months.
This is the only time 199.242.144.56 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 199.242.144.56 54615 (ACLENS-PROD)
9 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 209.197.3.24 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
20 9
5    199.242.144.56 (United States)

ASN54615 (ACLENS-PROD, US)
PTR: www.samsclubcontacts.com
199.242.144.56
9    2606:4700::6812:1697 (United States)

ASN13335 (CLOUDFLARENET, US)
www.samsclubcontacts.com
2    2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    209.197.3.24 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: vip0x018.map2.ssl.hwcdn.net
code.jquery.com
1    2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c01::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Domain Requested by
9 www.samsclubcontacts.com 199.242.144.56
www.samsclubcontacts.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdn.cookielaw.org 199.242.144.56
cdn.cookielaw.org
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com 199.242.144.56
1 code.jquery.com cdn.cookielaw.org
20 6
Subject Issuer Validity Valid
*.samsclubcontacts.com
Let's Encrypt Authority X3		 2020-07-13 -
2020-10-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-05 -
2021-08-05		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2020-07-01 -
2021-07-01		 a year crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-08-19 -
2020-11-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-08-19 -
2020-11-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
Frame ID: D9DECB54E1ECEF229166618073D20C2F
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php HTTP 302
    https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

20
Requests

80 %
HTTPS

75 %
IPv6

6
Domains

6
Subdomains

9
IPs

3
Countries

1212 kB
Transfer

2332 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php HTTP 302
    https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request connector.minimal.php
199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/
Redirect Chain
  • http://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
  • https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
74 KB
75 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.242.144.56 , United States, ASN54615 (ACLENS-PROD, US),
Reverse DNS
www.samsclubcontacts.com
Software
/ PROD02
Resource Hash
b6d772d47790dc3c9c56558082aee79c9ebb37044f3c2e0e43006a6664d38ef0
Security Headers
Name Value
Content-Security-Policy frame-src https:; report-uri /csp-violation-endpoint/
Strict-Transport-Security max-age=15780000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

:method
GET
:authority
199.242.144.56
:scheme
https
:path
//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
404
date
Tue, 08 Sep 2020 18:44:04 GMT
cache-control
private,public
content-type
text/html; charset=utf-8
x-powered-by
PROD02
access-control-allow-origin
*
content-length
75672
set-cookie
Personalization=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJDdXJyZW5jeSI6MSwiQUJHcm91cCI6IkEiLCJIYXNQcmV2aW91c09yZGVyIjpmYWxzZSwiRmF2b3JpdGVzIjpbXSwiaXNzIjoiUEVSU09OQUxJWkFUSU9OX1NWQyIsIldlYnNpdGUiOjUxLCJSZXBlYXRWaXNpdENvdW50IjoxfQ.JlQ3-uM8So5I2S5Me_OzFNiR7APoEYDZqCtHRolwCi0; expires=Wed, 08-Sep-2021 18:44:05 GMT; path=/; secure; HttpOnly; SameSite=None; SameSite=lax 51-AB=A; expires=Wed, 08-Sep-2021 18:44:05 GMT; path=/; secure; HttpOnly; SameSite=None; SameSite=lax CookieID=82.102.18.114-OGY1ZGZlOTlmZWM1MjQ1O; expires=Wed, 08-Sep-2021 18:44:05 GMT; path=/; secure; HttpOnly; SameSite=None; SameSite=lax __RequestVerificationToken=nd-d7Oil40TXuZnLLPLK6XsYLwaqbzYS6IMtxvxLUDwU6Smt8dcgPHjDcQFE_P09h0dUhlOmriQSP7o2vO7Ml0AI9DM1; path=/; secure; HttpOnly; SameSite=lax
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
frame-src https:; report-uri /csp-violation-endpoint/
x-xss-protection
1
strict-transport-security
max-age=15780000;

Redirect headers

Cache-Control
no-cache
Content-length
0
Location
https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
global-v760d7202eea17971b98ff12ea8cef1bf.min.css
www.samsclubcontacts.com/Sites/SamsClubContacts/Assets/compiled/css/ 		171 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.samsclubcontacts.com/Sites/SamsClubContacts/Assets/compiled/css/global-v760d7202eea17971b98ff12ea8cef1bf.min.css
Requested by
Host: 199.242.144.56
URL: https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PROD03
Resource Hash
5f9b143b62b2df0da0f2a2b1f4504e00e7d6822bddc5a3aa462cda1ceedf58ea
Security Headers
Name Value
Content-Security-Policy frame-src https:; report-uri /csp-violation-endpoint/
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 18:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-powered-by
PROD03
status
200
vary
Accept-Encoding
content-length
40816
x-xss-protection
1
last-modified
Wed, 02 Sep 2020 16:30:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"1d68167f3700c6f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
frame-src https:; report-uri /csp-violation-endpoint/
cf-request-id
0510a157710000dfe73ebec200000001
accept-ranges
bytes
cf-ray
5cfad19f1ca9dfe7-FRA
expires
Wed, 08 Sep 2021 18:44:05 GMT
error-vfed6047fb13d03138d6675f2b1060377.min.css
www.samsclubcontacts.com/Sites/SamsClubContacts/Assets/compiled/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.samsclubcontacts.com/Sites/SamsClubContacts/Assets/compiled/css/error-vfed6047fb13d03138d6675f2b1060377.min.css
Requested by
Host: 199.242.144.56
URL: https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PROD03
Resource Hash
a067d47be024d2fbfbee6d432a4e46ac3eb4b1fb80d487b7559d88684a3e3b7a
Security Headers
Name Value
Content-Security-Policy frame-src https:; report-uri /csp-violation-endpoint/
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 18:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-powered-by
PROD03
status
200
vary
Accept-Encoding
content-length
1427
x-xss-protection
1
last-modified
Wed, 02 Sep 2020 16:30:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"1d68167f372b403"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
frame-src https:; report-uri /csp-violation-endpoint/
cf-request-id
0510a157710000dfe73ebed200000001
accept-ranges
bytes
cf-ray
5cfad19f1cabdfe7-FRA
expires
Wed, 08 Sep 2021 18:44:05 GMT
035139cc-5c05-4829-bdc0-876ab44b8841.js
cdn.cookielaw.org/consent/ 		64 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/035139cc-5c05-4829-bdc0-876ab44b8841.js
Requested by
Host: 199.242.144.56
URL: https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07e371e095d3faa53287d6c990847b57f0398810c0b3ef96b704cbab821bcec6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 08 Sep 2020 18:44:05 GMT
content-encoding
GZIP
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-md5
6jl506LrxV79j8rMbzGa9g==
status
200
vary
Accept-Encoding
content-length
16398
cf-request-id
0510a157540000062913929200000001
x-ms-lease-status
unlocked
last-modified
Tue, 02 Jun 2020 21:17:44 GMT
server
cloudflare
etag
0x8D8073A640DB74A
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5d8de912-501e-014a-2319-80aed4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
5cfad19eee540629-FRA
optanon.css
cdn.cookielaw.org/skins/5.14.0/default_flat_bottom_two_button_black/v2/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/skins/5.14.0/default_flat_bottom_two_button_black/v2/css/optanon.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/035139cc-5c05-4829-bdc0-876ab44b8841.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e48e8dada6c1e8a5fb31c28a198f2931138504a6a292ee8635fadeff84f595c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 08 Sep 2020 18:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Te8vbtRu+tO5JTSWp3zsiw==
age
2224
status
200
vary
Accept-Encoding
content-length
5553
cf-request-id
0510a157920000062913931200000001
x-ms-lease-status
unlocked
last-modified
Fri, 03 Apr 2020 02:08:14 GMT
server
cloudflare
etag
0x8D7D773DE2EEBAC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
57573c0e-101e-0085-74d9-778f33000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
5cfad19f5f940629-FRA
jquery-3.3.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/035139cc-5c05-4829-bdc0-876ab44b8841.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.197.3.24 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x018.map2.ssl.hwcdn.net
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Origin
https://199.242.144.56
Referer
https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 18:44:06 GMT
content-encoding
gzip
last-modified
Sat, 20 Jan 2018 17:26:44 GMT
server
nginx
status
200
etag
W/"5a637bd4-1538f"
vary
Accept-Encoding
x-hw
1599590646.dop033.pa1.t,1599590646.cds203.pa1.hn,1599590646.cds210.pa1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30288
jquery_lodash-v1ed11011d20f018388b3723f84eaa7c8.min.js
www.samsclubcontacts.com/Assets/static/ 		170 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.samsclubcontacts.com/Assets/static/jquery_lodash-v1ed11011d20f018388b3723f84eaa7c8.min.js
Requested by
Host: 199.242.144.56
URL: https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PROD01
Resource Hash
0ba2fb00032d9b149025a701fa07269ea2c6b4d3cd2c08e21b4ae4d0f7452e05
Security Headers
Name Value
Content-Security-Policy frame-src https:; report-uri /csp-violation-endpoint/
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 18:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-powered-by
PROD01
status
200
vary
Accept-Encoding
x-xss-protection
1
last-modified
Wed, 02 Sep 2020 16:30:50 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"1d68167f243d02c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
frame-src https:; report-uri /csp-violation-endpoint/
cf-request-id
0510a158300000dfe73ebfb200000001
cf-ray
5cfad1a04845dfe7-FRA
expires
Wed, 08 Sep 2021 18:44:05 GMT
vue-vf15aee8488ab57c0e80c77a7d10db3cd.min.js
www.samsclubcontacts.com/Assets/static/ 		86 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.samsclubcontacts.com/Assets/static/vue-vf15aee8488ab57c0e80c77a7d10db3cd.min.js
Requested by
Host: 199.242.144.56
URL: https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PROD03
Resource Hash
ba2def15381b208bddf5e3e1fb017e8eed393b78f29a9578172165a4d315d9cc
Security Headers
Name Value
Content-Security-Policy frame-src https:; report-uri /csp-violation-endpoint/
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 18:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-powered-by
PROD03
status
200
vary
Accept-Encoding
content-length
40179
x-xss-protection
1
last-modified
Wed, 02 Sep 2020 16:30:50 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"1d68167f2402f68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
frame-src https:; report-uri /csp-violation-endpoint/
cf-request-id
0510a158390000dfe73ebfd200000001
accept-ranges
bytes
cf-ray
5cfad1a0587bdfe7-FRA
expires
Wed, 08 Sep 2021 18:44:05 GMT
vee-validate-v87818e4bfaa8d5be224ba6079933eeb4.min.js
www.samsclubcontacts.com/Assets/static/ 		74 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.samsclubcontacts.com/Assets/static/vee-validate-v87818e4bfaa8d5be224ba6079933eeb4.min.js
Requested by
Host: 199.242.144.56
URL: https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PROD02
Resource Hash
f15547efba303c93434b13ca09f1c0844083190e0ea848f72323b44bfd663c88
Security Headers
Name Value
Content-Security-Policy frame-src https:; report-uri /csp-violation-endpoint/
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 18:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-powered-by
PROD02
status
200
vary
Accept-Encoding
content-length
26413
x-xss-protection
1
last-modified
Wed, 02 Sep 2020 16:30:50 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"1d68167f2405ea1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
frame-src https:; report-uri /csp-violation-endpoint/
cf-request-id
0510a158390000dfe73ebfe200000001
accept-ranges
bytes
cf-ray
5cfad1a0587edfe7-FRA
expires
Wed, 08 Sep 2021 18:44:05 GMT
bundle-global-v823b3f5cd6c7f6f4643d0b6ba8f1175c.min.js
www.samsclubcontacts.com/Sites/SamsClubContacts/Assets/compiled/js/ 		902 KB
304 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.samsclubcontacts.com/Sites/SamsClubContacts/Assets/compiled/js/bundle-global-v823b3f5cd6c7f6f4643d0b6ba8f1175c.min.js
Requested by
Host: 199.242.144.56
URL: https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PROD03
Resource Hash
15aadcfa55d2d3b1cd8058ddd9025f54f04d0ed4469698dcee48c92e09f8fb12
Security Headers
Name Value
Content-Security-Policy frame-src https:; report-uri /csp-violation-endpoint/
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 18:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-powered-by
PROD03
status
200
vary
Accept-Encoding
x-xss-protection
1
last-modified
Wed, 02 Sep 2020 16:30:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"1d68167f37cbfae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
frame-src https:; report-uri /csp-violation-endpoint/
cf-request-id
0510a158390000dfe73ebff200000001
cf-ray
5cfad1a05881dfe7-FRA
expires
Wed, 08 Sep 2021 18:44:05 GMT
logo.svg
199.242.144.56/Sites/SamsClubContacts/Assets/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://199.242.144.56/Sites/SamsClubContacts/Assets/images/logo.svg
Requested by
Host: 199.242.144.56
URL: https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.242.144.56 , United States, ASN54615 (ACLENS-PROD, US),
Reverse DNS
www.samsclubcontacts.com
Software
/ PROD02
Resource Hash
135256650b656004fd8e79494dbc3d16fe0d083984dbcba3f2c1fcda683ffeb7
Security Headers
Name Value
Content-Security-Policy frame-src https:; report-uri /csp-violation-endpoint/
Strict-Transport-Security max-age=15780000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 18:44:04 GMT
x-content-type-options
nosniff
last-modified
Wed, 02 Sep 2020 16:30:52 GMT
status
200
x-powered-by
PROD02
etag
"1d68167f372b249"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public
content-security-policy
frame-src https:; report-uri /csp-violation-endpoint/
strict-transport-security
max-age=15780000;
content-length
5193
x-xss-protection
1
logomark.svg
199.242.144.56/Sites/SamsClubContacts/Assets/images/ 		754 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://199.242.144.56/Sites/SamsClubContacts/Assets/images/logomark.svg
Requested by
Host: 199.242.144.56
URL: https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.242.144.56 , United States, ASN54615 (ACLENS-PROD, US),
Reverse DNS
www.samsclubcontacts.com
Software
/ PROD01
Resource Hash
524142d33a82e16b5a8e5362af6f24b55880cd331c9514d5d864a6ee104c9665
Security Headers
Name Value
Content-Security-Policy frame-src https:; report-uri /csp-violation-endpoint/
Strict-Transport-Security max-age=15780000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 18:44:05 GMT
x-content-type-options
nosniff
last-modified
Wed, 02 Sep 2020 16:30:52 GMT
status
200
x-powered-by
PROD01
etag
"1d68167f372a4f2"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public
content-security-policy
frame-src https:; report-uri /csp-violation-endpoint/
strict-transport-security
max-age=15780000;
content-length
754
x-xss-protection
1
gtm.js
www.googletagmanager.com/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5XM5S3X
Requested by
Host: 199.242.144.56
URL: https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6fd143fc1525f49cee5b82b6d744196176107a324cac55049538524acf003a7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 18:44:05 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29012
x-xss-protection
0
last-modified
Tue, 08 Sep 2020 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 08 Sep 2020 18:44:05 GMT
aktiv-grotesk-regular.woff
www.samsclubcontacts.com/Sites/SamsClubContacts/Assets/fonts/ 		241 KB
240 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.samsclubcontacts.com/Sites/SamsClubContacts/Assets/fonts/aktiv-grotesk-regular.woff
Requested by
Host: www.samsclubcontacts.com
URL: https://www.samsclubcontacts.com/Sites/SamsClubContacts/Assets/compiled/css/global-v760d7202eea17971b98ff12ea8cef1bf.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PROD03
Resource Hash
de53e8276fd27de39df74e4b6267a0a8dcd7cede264923e3cb271778f5bf3078
Security Headers
Name Value
Content-Security-Policy frame-src https:; report-uri /csp-violation-endpoint/
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Origin
https://199.242.144.56
Referer
https://www.samsclubcontacts.com/Sites/SamsClubContacts/Assets/compiled/css/global-v760d7202eea17971b98ff12ea8cef1bf.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 18:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-powered-by
PROD03
status
200
vary
Accept-Encoding
cf-request-id
0510a15851000063bfc8019200000001
last-modified
Wed, 02 Sep 2020 16:30:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d68167f3716442"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/font-woff
access-control-allow-origin
*
x-xss-protection
1
cache-control
public, max-age=31536000
content-security-policy
frame-src https:; report-uri /csp-violation-endpoint/
cf-ray
5cfad1a08a6463bf-FRA
expires
Wed, 08 Sep 2021 18:44:05 GMT
bree-serif-semibold.woff
www.samsclubcontacts.com/Sites/SamsClubContacts/Assets/fonts/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.samsclubcontacts.com/Sites/SamsClubContacts/Assets/fonts/bree-serif-semibold.woff
Requested by
Host: www.samsclubcontacts.com
URL: https://www.samsclubcontacts.com/Sites/SamsClubContacts/Assets/compiled/css/global-v760d7202eea17971b98ff12ea8cef1bf.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PROD01
Resource Hash
017fe5a1fe778fc2460bd1a0835cdac17e76b82152082ce3e48f86766b97d748
Security Headers
Name Value
Content-Security-Policy frame-src https:; report-uri /csp-violation-endpoint/
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Origin
https://199.242.144.56
Referer
https://www.samsclubcontacts.com/Sites/SamsClubContacts/Assets/compiled/css/global-v760d7202eea17971b98ff12ea8cef1bf.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 18:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-powered-by
PROD01
status
200
vary
Accept-Encoding
cf-request-id
0510a15855000063bfc801a200000001
last-modified
Wed, 02 Sep 2020 16:30:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d68167f372ccdc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/font-woff
access-control-allow-origin
*
x-xss-protection
1
cache-control
public, max-age=31536000
content-security-policy
frame-src https:; report-uri /csp-violation-endpoint/
cf-ray
5cfad1a08a6763bf-FRA
expires
Wed, 08 Sep 2021 18:44:05 GMT
aktiv-grotesk-bold.woff
www.samsclubcontacts.com/Sites/SamsClubContacts/Assets/fonts/ 		239 KB
238 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.samsclubcontacts.com/Sites/SamsClubContacts/Assets/fonts/aktiv-grotesk-bold.woff
Requested by
Host: www.samsclubcontacts.com
URL: https://www.samsclubcontacts.com/Sites/SamsClubContacts/Assets/compiled/css/global-v760d7202eea17971b98ff12ea8cef1bf.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PROD02
Resource Hash
62546fe8b2ccaa9c7e2d59805c61022f9f77ddab754ffaed7dd4bd728148440a
Security Headers
Name Value
Content-Security-Policy frame-src https:; report-uri /csp-violation-endpoint/
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Origin
https://199.242.144.56
Referer
https://www.samsclubcontacts.com/Sites/SamsClubContacts/Assets/compiled/css/global-v760d7202eea17971b98ff12ea8cef1bf.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 18:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-powered-by
PROD02
status
200
vary
Accept-Encoding
cf-request-id
0510a15855000063bfc801b200000001
last-modified
Wed, 02 Sep 2020 16:30:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d68167f3711b5c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/font-woff
access-control-allow-origin
*
x-xss-protection
1
cache-control
public, max-age=31536000
content-security-policy
frame-src https:; report-uri /csp-violation-endpoint/
cf-ray
5cfad1a08a6863bf-FRA
expires
Wed, 08 Sep 2021 18:44:06 GMT
icons.woff2
199.242.144.56/Assets/fonts/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://199.242.144.56/Assets/fonts/icons.woff2?7.2.20246.1
Requested by
Host: 199.242.144.56
URL: https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.242.144.56 , United States, ASN54615 (ACLENS-PROD, US),
Reverse DNS
www.samsclubcontacts.com
Software
/ PROD02
Resource Hash
d54db268f2e3e598f2b10c73f5b0db224673e5177afffdd8d2cc34b8f084b3ed
Security Headers
Name Value
Content-Security-Policy frame-src https:; report-uri /csp-violation-endpoint/
Strict-Transport-Security max-age=15780000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Origin
https://199.242.144.56
Referer
https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 18:44:05 GMT
x-content-type-options
nosniff
last-modified
Wed, 02 Sep 2020 16:30:48 GMT
status
200
x-powered-by
PROD02
etag
"1d68167f110f0fc"
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public
content-security-policy
frame-src https:; report-uri /csp-violation-endpoint/
strict-transport-security
max-age=15780000;
content-length
48380
x-xss-protection
1
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XM5S3X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 19 Aug 2020 20:46:40 GMT
server
Golfe2
age
5305
date
Tue, 08 Sep 2020 17:15:40 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18323
expires
Tue, 08 Sep 2020 19:15:40 GMT
collect
www.google-analytics.com/j/ 		2 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j85&a=753575391&t=pageview&_s=1&dl=https%3A%2F%2F199.242.144.56%2F%2Fwp-content%2Fplugins%2Fwp-file-manager%2Flib%2Fphp%2Fconnector.minimal.php&ul=en-us&de=UTF-8&dt=404%20Error%20Page%20Not%20Found&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1034801750&gjid=254838333&cid=2000341802.1599590646&tid=UA-37194796-1&_gid=874481487.1599590646&_r=1&gtm=2wg8q15XM5S3X&z=246624229
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 08 Sep 2020 18:44:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://199.242.144.56
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j85&tid=UA-37194796-1&cid=2000341802.1599590646&jid=1034801750&gjid=254838333&_gid=874481487.1599590646&_u=YEBAAAAAAAAAAC~&z=591179555
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c01::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 08 Sep 2020 18:44:06 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://199.242.144.56
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
12ae01d498fd998263b555e99880c6838ef6acca33fcd2e1cb12367a99e928f4

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes undefined| a undefined| c function| jsonFeed object| OneTrust object| Optanon string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer function| OptanonWrapper object| iePolyfill object| ACL object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| $ function| jQuery function| _ object| gaplugins object| gaGlobal object| gaData function| Vue object| VeeValidate object| __checkoutHub__

7 Cookies

Domain/Path Name / Value
199.242.144.56/ Name: _gid
Value: GA1.4.874481487.1599590646
199.242.144.56/ Name: _ga
Value: GA1.4.2000341802.1599590646
199.242.144.56/ Name: CookieID
Value: 82.102.18.114-OGY1ZGZlOTlmZWM1MjQ1O
199.242.144.56/ Name: 51-AB
Value: A
199.242.144.56/ Name: __RequestVerificationToken
Value: nd-d7Oil40TXuZnLLPLK6XsYLwaqbzYS6IMtxvxLUDwU6Smt8dcgPHjDcQFE_P09h0dUhlOmriQSP7o2vO7Ml0AI9DM1
199.242.144.56/ Name: _gat_UA-37194796-1
Value: 1
199.242.144.56/ Name: Personalization
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJDdXJyZW5jeSI6MSwiQUJHcm91cCI6IkEiLCJIYXNQcmV2aW91c09yZGVyIjpmYWxzZSwiRmF2b3JpdGVzIjpbXSwiaXNzIjoiUEVSU09OQUxJWkFUSU9OX1NWQyIsIldlYnNpdGUiOjUxLCJSZXBlYXRWaXNpdENvdW50IjoxfQ.JlQ3-uM8So5I2S5Me_OzFNiR7APoEYDZqCtHRolwCi0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-src https:; report-uri /csp-violation-endpoint/
Strict-Transport-Security max-age=15780000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookielaw.org
code.jquery.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
www.samsclubcontacts.com
199.242.144.56
209.197.3.24
2606:4700::6810:9540
2606:4700::6812:1697
2a00:1450:4001:806::200e
2a00:1450:4001:818::2008
2a00:1450:4001:825::200e
2a00:1450:400c:c01::9b
017fe5a1fe778fc2460bd1a0835cdac17e76b82152082ce3e48f86766b97d748
07e371e095d3faa53287d6c990847b57f0398810c0b3ef96b704cbab821bcec6
0ba2fb00032d9b149025a701fa07269ea2c6b4d3cd2c08e21b4ae4d0f7452e05
12ae01d498fd998263b555e99880c6838ef6acca33fcd2e1cb12367a99e928f4
135256650b656004fd8e79494dbc3d16fe0d083984dbcba3f2c1fcda683ffeb7
15aadcfa55d2d3b1cd8058ddd9025f54f04d0ed4469698dcee48c92e09f8fb12
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
3e48e8dada6c1e8a5fb31c28a198f2931138504a6a292ee8635fadeff84f595c
524142d33a82e16b5a8e5362af6f24b55880cd331c9514d5d864a6ee104c9665
5f9b143b62b2df0da0f2a2b1f4504e00e7d6822bddc5a3aa462cda1ceedf58ea
62546fe8b2ccaa9c7e2d59805c61022f9f77ddab754ffaed7dd4bd728148440a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fd143fc1525f49cee5b82b6d744196176107a324cac55049538524acf003a7b
a067d47be024d2fbfbee6d432a4e46ac3eb4b1fb80d487b7559d88684a3e3b7a
b6d772d47790dc3c9c56558082aee79c9ebb37044f3c2e0e43006a6664d38ef0
ba2def15381b208bddf5e3e1fb017e8eed393b78f29a9578172165a4d315d9cc
d54db268f2e3e598f2b10c73f5b0db224673e5177afffdd8d2cc34b8f084b3ed
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de53e8276fd27de39df74e4b6267a0a8dcd7cede264923e3cb271778f5bf3078
f15547efba303c93434b13ca09f1c0844083190e0ea848f72323b44bfd663c88