wordpressadm.ctigroup.cf Open in urlscan Pro
2606:4700:3034::ac43:a225  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response wordpressadm.ctigroup.cf/	57 KB 11 KB	447ms 334ms	Document text/html	2606:4700:3034::ac43:a225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wordpressadm.ctigroup.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:a225 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.21 Resource Hash db24700e64f08c1c16bf6ed3ac74dea0a5a79cf1d00ffda2249c5fac821f286a Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers admin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 71757ffe7a259174-FRA content-encoding br content-type text/html; charset=UTF-8 date Tue, 07 Jun 2022 01:09:02 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" link <https://wordpressadm.ctigroup.cf/wp-json/>; rel="https://api.w.org/" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KurL4vlVYbAa2B%2BQ8aC4H2Yp4tgkHw%2FmZ8%2FgFfqqxsKqs%2FeuQY8yyaLeJjga2weAlARxfC%2F2GEmm7EP%2Fa%2FZf2AQr1Ajz2Jw7Zs%2F4r99%2B7nE3BMxRpzwm3FFLyUbgm%2BVUn2c16IK%2B903qL5VSFUlvUgAH0GxO5mM%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.4.21
GET H2	200	style.min.css wordpressadm.ctigroup.cf/wp-includes/blocks/navigation/	14 KB 2 KB	221ms 220ms	Stylesheet text/css	2606:4700:3034::ac43:a225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wordpressadm.ctigroup.cf/wp-includes/blocks/navigation/style.min.css?ver=6.0 Requested by Host: wordpressadm.ctigroup.cf URL: https://wordpressadm.ctigroup.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:a225 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 475f6c9f1587fe3445028d5a1c75c6cbcecba0962ffa9d7e047c3ef24ce02540 Request headers accept-language de-DE,de;q=0.9 Referer https://wordpressadm.ctigroup.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Tue, 07 Jun 2022 01:09:02 GMT content-encoding br cf-cache-status EXPIRED last-modified Mon, 06 Jun 2022 17:12:25 GMT server cloudflare admin etag W/"385f-5e0ca936f1fac-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F0Y6OO3eMxmtIK3GbBQPNzUyM7JxeUOJ%2BK9wOdObrEg9nhfgyB6wIiSHM3BoDxYDD6BgUunaLiGRxBMyg8o%2BYq9VtoG94XfBWHK%2B%2B9%2FN7MtV%2BbJ401Sp%2BtUtKdyHievfTg4NVP8t%2BnLva7iHodAmQsKuMycUVno%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 717580009d019174-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	wp-emoji-release.min.js Show response wordpressadm.ctigroup.cf/wp-includes/js/	18 KB 5 KB	254ms 253ms	Script application/javascript	2606:4700:3034::ac43:a225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wordpressadm.ctigroup.cf/wp-includes/js/wp-emoji-release.min.js?ver=6.0 Requested by Host: wordpressadm.ctigroup.cf URL: https://wordpressadm.ctigroup.cf/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a225 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Request headers accept-language de-DE,de;q=0.9 Referer https://wordpressadm.ctigroup.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Tue, 07 Jun 2022 01:09:02 GMT content-encoding br cf-cache-status EXPIRED last-modified Mon, 06 Jun 2022 17:12:25 GMT server cloudflare admin etag W/"48b9-5e0ca936fbbec-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2BCiN7fNl5GojuDTOvYTvECODjFOjMw41OvlJz2CsiMyf%2F%2BuhNUpNGjNystOkctaGVhqK%2BVx1VzGg24Yvic2pT%2B%2FC0H1WmHand1m7GjgOzpA959JCwfr3yt0OPyiEfzWnDiZ%2BGRItIx3EBKD%2FpCDDbpYADgL7hM%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 71758000bbff8fe2-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	style.css wordpressadm.ctigroup.cf/wp-content/themes/twentytwentytwo/	5 KB 2 KB	231ms 231ms	Stylesheet text/css	2606:4700:3034::ac43:a225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wordpressadm.ctigroup.cf/wp-content/themes/twentytwentytwo/style.css?ver=1.2 Requested by Host: wordpressadm.ctigroup.cf URL: https://wordpressadm.ctigroup.cf/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a225 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c355fb42f94fa9a72def77d70ee8eb5ec4437f1382da257d62ba8e4d4c2b961a Request headers accept-language de-DE,de;q=0.9 Referer https://wordpressadm.ctigroup.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Tue, 07 Jun 2022 01:09:02 GMT content-encoding br cf-cache-status EXPIRED last-modified Mon, 06 Jun 2022 17:12:25 GMT server cloudflare admin etag W/"15e2-5e0ca937384af-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oiqNz9LooeEPjCEE03%2FeltEf8rl3l7xFiNoWabWWkMkvvPNkM1MsnGAVR%2Fcl2YB2o5ySwu0ggGqYN40KCudyCdESEtAoojwnTNpVvF6XvBacIBhm%2BB52peW%2BqJG89WaJGVDkUzbenvaRiIQlT2xJgKh9urbjxRE%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 71758000cc018fe2-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	view.min.js Show response wordpressadm.ctigroup.cf/wp-includes/blocks/navigation/	8 KB 3 KB	232ms 231ms	Script application/javascript	2606:4700:3034::ac43:a225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wordpressadm.ctigroup.cf/wp-includes/blocks/navigation/view.min.js?ver=009e29110e016c14bac4ba0ecc809fcd Requested by Host: wordpressadm.ctigroup.cf URL: https://wordpressadm.ctigroup.cf/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a225 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 43605db4453aed3c966dda36f501cd25d35d7790e34f4c395c5259e69d89bc19 Request headers accept-language de-DE,de;q=0.9 Referer https://wordpressadm.ctigroup.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Tue, 07 Jun 2022 01:09:02 GMT content-encoding br cf-cache-status EXPIRED last-modified Mon, 06 Jun 2022 17:12:25 GMT server cloudflare admin etag W/"208e-5e0ca936f1fac-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CrSvCZ5FWhaIOg36ao%2FYxz3U3XknGXpBT2OEUH0rUCUlyHUr54hdnFo3yyF5hiIkXdhQ2u%2BAOdhKEKiS2M5WZv0hbygentdtkLq4RY6AbvyedKu7wrZucvB%2BOE6N%2FiruOZyCNm6YzgndZW4DTsVok5QnsIPjV6I%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 71758000cc028fe2-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	jquery.min.js Show response wordpressadm.ctigroup.cf/wp-includes/js/jquery/	87 KB 32 KB	210ms 210ms	Script application/javascript	2606:4700:3034::ac43:a225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wordpressadm.ctigroup.cf/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 Requested by Host: wordpressadm.ctigroup.cf URL: https://wordpressadm.ctigroup.cf/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a225 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Request headers accept-language de-DE,de;q=0.9 Referer https://wordpressadm.ctigroup.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Tue, 07 Jun 2022 01:09:02 GMT content-encoding br cf-cache-status EXPIRED last-modified Mon, 06 Jun 2022 17:12:25 GMT server cloudflare admin etag W/"15db1-5e0ca9370776d-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pnvkA1cA8TFjn7OV1jpyFblY76jGCt5ZALb6INlGtG5uYyxZZYYrnLVpqc4U63uZ9GtlFCZwn86hCi0nDcVRHAUl3J2Go16kCQv0NvlJQT%2Bbn4sKe4FwTsFUIRe4xvA0CN0yDraC4AXfF22P8rnjWzLC9UpIkEc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 71758000cc038fe2-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	jquery-migrate.min.js Show response wordpressadm.ctigroup.cf/wp-includes/js/jquery/	11 KB 5 KB	252ms 252ms	Script application/javascript	2606:4700:3034::ac43:a225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wordpressadm.ctigroup.cf/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Requested by Host: wordpressadm.ctigroup.cf URL: https://wordpressadm.ctigroup.cf/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a225 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Request headers accept-language de-DE,de;q=0.9 Referer https://wordpressadm.ctigroup.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Tue, 07 Jun 2022 01:09:02 GMT content-encoding br cf-cache-status EXPIRED last-modified Wed, 18 Nov 2020 09:06:06 GMT server cloudflare admin etag W/"2bd8-5b45debe27b80-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ncutmYSmUykG7YW9ggmxrP055hbqQed4PEYxo2MexvIFhH5f97NWPXesJsRCdCS%2F7pBmjyV7zCqEgig90mDVWDFRGNPOuKcHHeqEIv66Bv8u0E002KhyDyULVgDA94VaeGtA0XKtyNV0wkovA3vO4n2yDDNUfzo%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 71758000cc048fe2-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	flight-path-on-transparent-d.png wordpressadm.ctigroup.cf/wp-content/themes/twentytwentytwo/assets/images/	101 KB 102 KB	305ms 304ms	Image image/png	2606:4700:3034::ac43:a225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wordpressadm.ctigroup.cf/wp-content/themes/twentytwentytwo/assets/images/flight-path-on-transparent-d.png Requested by Host: wordpressadm.ctigroup.cf URL: https://wordpressadm.ctigroup.cf/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a225 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bff7c407f9b1507e3f6e97eb0f30bab49ffdf42374bd764001ae78208cb60e06 Request headers accept-language de-DE,de;q=0.9 Referer https://wordpressadm.ctigroup.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Tue, 07 Jun 2022 01:09:02 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 103639 last-modified Mon, 06 Jun 2022 17:12:25 GMT server cloudflare admin etag "194d7-5e0ca9373656f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zIAuFQm49nCyrgbNQpJJgD8Wk745a031fdTbcFRfSgW%2FuXZDJ1GISYIZEujUGOU01NHR%2F%2Bx7DvRSKUDLq2qEIk8rBfoJLtPuHphoVzIHi2V0TDPS%2BtPpKrROoeYmLKXYm2oGCoN%2BcdnVQlFuG4QOil65skWE4jM%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 717580025d9b8fe2-FRA
GET H2	200	22104144.js Show response js.hs-scripts.com/	1 KB 959 B	485ms 433ms	Script application/javascript	2606:4700::6811:d3cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-scripts.com/22104144.js?integration=WordPress&ver=8.12.41 Requested by Host: wordpressadm.ctigroup.cf URL: https://wordpressadm.ctigroup.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1c50e3fb5636755e94b9d1c1822435fdc710ec02c9b6538c1dc58d783fb6280e Request headers accept-language de-DE,de;q=0.9 Referer https://wordpressadm.ctigroup.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Tue, 07 Jun 2022 01:09:02 GMT content-encoding br vary Accept-Encoding cf-cache-status MISS x-hubspot-correlation-id 10ae2bab-f7d9-4668-b330-a35d66a0ded7 last-modified Tue, 07 Jun 2022 01:09:02 GMT server cloudflare x-trace 2B85E2C1178D3035CCCB378F8F7A87B8882AB3DD5B000000000000000000 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3600 content-type application/javascript;charset=utf-8 access-control-allow-origin https://wordpressadm.ctigroup.cf cache-control public, max-age=60 access-control-allow-credentials true cf-ray 71758002bd689238-FRA expires Tue, 07 Jun 2022 01:10:02 GMT
GET H3	200	SourceSerif4Variable-Roman.ttf.woff2 wordpressadm.ctigroup.cf/wp-content/themes/twentytwentytwo/assets/fonts/source-serif-pro/	418 KB 419 KB	282ms 282ms	Font font/woff2	2606:4700:3034::ac43:a225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wordpressadm.ctigroup.cf/wp-content/themes/twentytwentytwo/assets/fonts/source-serif-pro/SourceSerif4Variable-Roman.ttf.woff2 Requested by Host: wordpressadm.ctigroup.cf URL: https://wordpressadm.ctigroup.cf/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a225 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bb8c4212414ce2a7887636e1c6eb1fd3ab46e4391226fd39653a2c2abbb17697 Request headers Referer https://wordpressadm.ctigroup.cf/ Origin https://wordpressadm.ctigroup.cf accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Tue, 07 Jun 2022 01:09:02 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 428448 last-modified Mon, 06 Jun 2022 17:12:25 GMT server cloudflare admin etag "689a0-5e0ca9373750f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lz9O3LJtCANLmqPM3gL9k03aykgICWiMZxeF2Csrl7rZiSRNGQYy6XbqQCOe3oO9FYwX1r5sOmK%2B98KedxkpRx2L6ta7Ak4J1VD320cWP9YNac7GTHZX6Z3aeCtLuwXOHzyLI5qrQIog%2BFEnAf2GpPZvMNV6acE%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=14400 accept-ranges bytes cf-ray 717580029de38fe2-FRA
GET H2	200	22104144.js Show response js.hs-banner.com/	59 KB 16 KB	292ms 248ms	Script text/javascript	2606:4700:4400::6812:21ab CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/22104144.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/22104144.js?integration=WordPress&ver=8.12.41 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bcc724d71e85124131bc56a000f636d019dbd9a5f734036de92382878e2901e4 Request headers accept-language de-DE,de;q=0.9 Referer https://wordpressadm.ctigroup.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Tue, 07 Jun 2022 01:09:03 GMT content-encoding br cf-cache-status MISS x-amz-request-id 3Y5MN9288Q0V7675 x-amz-server-side-encryption AES256 content-type text/javascript; charset=UTF-8 access-control-max-age 604800 x-amz-id-2 NsDE9Hf40ePkAv5nnHCTmOwZ/TCNQFXeT4KTNx9empeN8vmT8MUV2SyjvX8rmlHY5qDyIyLhB5I= timing-allow-origin * last-modified Mon, 06 Jun 2022 17:42:35 GMT server cloudflare etag W/"f2078d3e73d9c757e0cbd2457e78972e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD x-amz-version-id NiOTb92xPgXnQGYbueQjf3FSpbzUpJED access-control-allow-origin https://wordpressadm.ctigroup.cf access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300, public access-control-allow-credentials true cf-ray 71758005bed5923e-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id expires Tue, 07 Jun 2022 01:14:03 GMT
GET H2	200	22104144.js Show response js.hs-analytics.net/analytics/1654563900000/	62 KB 20 KB	218ms 176ms	Script text/javascript	2606:4700::6811:46b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-analytics.net/analytics/1654563900000/22104144.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/22104144.js?integration=WordPress&ver=8.12.41 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:46b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 193d798115fe3b4ad8486b5b8655c740d99e82760a123c0eb0159a18d856162e Request headers accept-language de-DE,de;q=0.9 Referer https://wordpressadm.ctigroup.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Tue, 07 Jun 2022 01:09:03 GMT content-encoding br cf-cache-status MISS x-amz-request-id 3Y5YQ6BF81E6WSMN x-amz-server-side-encryption AES256 cf-ray 71758005b9238fef-FRA x-amz-id-2 Xzy/KiFtCW+Durw8xFughV0uObjLlLTbM5uB9mqcBF+Ks1ZVPknZJitsb0mZuelPJ5HVU8FzESk= last-modified Mon, 06 Jun 2022 17:42:39 GMT server cloudflare etag W/"5b7b78808190a39f767f42044b1c942f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-version-id null cache-control max-age=300, public access-control-allow-credentials false content-type text/javascript expires Tue, 07 Jun 2022 01:14:03 GMT
GET H2	200	collectedforms.js Show response js.hscollectedforms.net/	72 KB 25 KB	208ms 163ms	Script application/javascript	2606:4700::6811:82ab CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hscollectedforms.net/collectedforms.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/22104144.js?integration=WordPress&ver=8.12.41 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:82ab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8309531b6b2107c16edd77efa774374f935a7924a84c7bae72973f19b962e0e5 Request headers Referer https://wordpressadm.ctigroup.cf/ Origin https://wordpressadm.ctigroup.cf accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Tue, 07 Jun 2022 01:09:03 GMT via 1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront) cf-cache-status MISS x-amz-cf-pop IAD89-P1 x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.278/bundles/project.js&cfRay=71758005b83f9944-FRA x-cache RefreshHit from cloudfront access-control-max-age 3000 x-amz-replication-status COMPLETED content-encoding br cf-ray 71758005b83f9944-FRA last-modified Thu, 19 May 2022 12:56:36 UTC server cloudflare etag W/"9bdc82a581dc188ff306ce5ac3c3e170" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET x-amz-version-id w6kD440dVLHBLSxXlQNkz9NYzxhkbh3c access-control-allow-origin * cache-control s-maxage=86400, max-age=0 x-hs-cache-status MISS content-type application/javascript; charset=utf-8 x-amz-cf-id KNjCk-2s6NBJiHWsRRb4G_v1FhSQRrrgY0AzCXqha4ROz4L-TfM3WQ== x-hs-target-asset collected-forms-embed-js/static-1.278/bundles/project.js
GET H2	200	json Show response forms.hubspot.com/collected-forms/v1/config/	116 B 1 KB	187ms 135ms	XHR application/json	2606:4700::6813:9a53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.hubspot.com/collected-forms/v1/config/json?portalId=22104144&utk= Requested by Host: js.hscollectedforms.net URL: https://js.hscollectedforms.net/collectedforms.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8233c308180cedcb89b1486aba098a89baeac411a7d39f5adb14d20115d4dca8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept application/json, text/plain, */* Referer https://wordpressadm.ctigroup.cf/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Tue, 07 Jun 2022 01:09:03 GMT content-encoding br vary Accept-Encoding cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-hubspot-correlation-id c662bcea-7515-4142-b9b5-b9e2819052ae access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 180 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKxzDnfVvWw06JKioQ00n%2BIQft7vdBaMGNNmZgRU6aBIbZIN1G3ax2EJzzGozViXjPerqFENVcuEXIp%2FytO%2B4oL1KoNTLt%2F0gu4z8b%2B1dvShqqe2NwpnknJmGxTwuPZC%2BrksscvwDwXoVadT%2FIwb"}],"group":"cf-nel","max_age":604800} content-type application/json;charset=utf-8 access-control-allow-origin https://wordpressadm.ctigroup.cf x-robots-tag none access-control-allow-credentials false cf-ray 717580077c499b5b-FRA access-control-allow-headers *
GET H2	200	__ptq.gif track.hubspot.com/	45 B 971 B	177ms 133ms	Image image/gif	2606:4700::6813:9b53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2252185681&v=1.1&a=22104144&pu=https%3A%2F%2Fwordpressadm.ctigroup.cf%2F&t=ctigroup%2Ccf+%E2%80%93+M%E1%BB%99t+trang+web+m%E1%BB%9Bi+s%E1%BB%AD+d%E1%BB%A5ng+WordPress&cts=1654564143268&vi=68ae36390886aae784449059307462a1&nc=true&ce=false&cc=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://wordpressadm.ctigroup.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Tue, 07 Jun 2022 01:09:03 GMT vary Accept-Encoding cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-hubspot-correlation-id 26f43f2c-6cb0-4119-a6ba-74f86e7ea032 cf-ray 71758007c8159b49-FRA p3p CP="NOI CUR ADM OUR NOR STA NID" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 45 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cs%2BDl9akoWiJBDgQAcrJtkuqsVZy%2FDfnWU%2BsKI7JPzOhXIHDSwJsEyzdSlsNzh%2BKJUHOn%2BYS%2B1mzccgP8WbPxEgazPurbEdBfHfrY1pC5NKocRVEgOtcpr%2FwQVQzrlXSgE2iGHwaZPg814N8tkpk"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control no-cache, no-store, no-transform access-control-allow-credentials false x-robots-tag none

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| _wpemojiSettings object| MicroModal object| twemoji object| wp undefined| $ function| jQuery object| _hsq object| hbspt object| leadin_wordpress object| _hsp object| __hsCollectedFormsDebug object| _paq function| sanitizeKey boolean| _hstc_loaded boolean| _hspb_loaded boolean| _hstc_ran string| __hsUserToken number| expireDateTime boolean| _hspb_ran

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.ctigroup.cf/	1970-01-20 07:55:16	Name: __hstc Value: 205397327.68ae36390886aae784449059307462a1.1654564143266.1654564143266.1654564143266.1
			.ctigroup.cf/	1970-01-20 07:55:16	Name: hubspotutk Value: 68ae36390886aae784449059307462a1
			.ctigroup.cf/	1969-12-31 23:59:59	Name: __hssrc Value: 1
			.ctigroup.cf/	1970-01-20 03:36:05	Name: __hssc Value: 205397327.1.1654564143266
			.hubspot.com/	1970-01-20 03:36:05	Name: __cf_bm Value: hF5wObQjgJOxAG69d5bUBR7rUKUHQKkyCqsNVQX.TsY-1654564143-0-AdT77RX7ES+hmP/VLkuOrIlzUo5ta8WmehOLLO+TRLtfKe+xlyx+sDHC/+H8TCGGi8Y45dyBbm3MZMVU3QxCAfo=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

forms.hubspot.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
track.hubspot.com
wordpressadm.ctigroup.cf
2606:4700:3034::ac43:a225
2606:4700:4400::6812:21ab
2606:4700::6811:46b0
2606:4700::6811:82ab
2606:4700::6811:d3cc
2606:4700::6813:9a53
2606:4700::6813:9b53
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
193d798115fe3b4ad8486b5b8655c740d99e82760a123c0eb0159a18d856162e
1c50e3fb5636755e94b9d1c1822435fdc710ec02c9b6538c1dc58d783fb6280e
43605db4453aed3c966dda36f501cd25d35d7790e34f4c395c5259e69d89bc19
475f6c9f1587fe3445028d5a1c75c6cbcecba0962ffa9d7e047c3ef24ce02540
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
8233c308180cedcb89b1486aba098a89baeac411a7d39f5adb14d20115d4dca8
8309531b6b2107c16edd77efa774374f935a7924a84c7bae72973f19b962e0e5
bb8c4212414ce2a7887636e1c6eb1fd3ab46e4391226fd39653a2c2abbb17697
bcc724d71e85124131bc56a000f636d019dbd9a5f734036de92382878e2901e4
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bff7c407f9b1507e3f6e97eb0f30bab49ffdf42374bd764001ae78208cb60e06
c355fb42f94fa9a72def77d70ee8eb5ec4437f1382da257d62ba8e4d4c2b961a
db24700e64f08c1c16bf6ed3ac74dea0a5a79cf1d00ffda2249c5fac821f286a
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4