victim-support.stagingserver.live Open in urlscan Pro
5.9.74.178 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://victim-support.stagingserver.live/
Submission: On October 08 via automatic, source certstream-suspicious (October 8th 2021, 2:37:29 am UTC) — Scanned from DE

Summary HTTP 147 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 5 domains to perform 147 HTTP transactions. The main IP is 5.9.74.178, located in Germany and belongs to HETZNER-AS, DE. The main domain is victim-support.stagingserver.live.
TLS certificate: Issued by R3 on October 8th 2021. Valid for: 3 months.

This is the only time victim-support.stagingserver.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
131	5.9.74.178 5.9.74.178	24940 (HETZNER-AS) (HETZNER-AS)
3	216.58.212.138 216.58.212.138	15169 (GOOGLE) (GOOGLE)
1	142.250.184.206 142.250.184.206	15169 (GOOGLE) (GOOGLE)
3	142.250.185.163 142.250.185.163	15169 (GOOGLE) (GOOGLE)
3	142.250.186.106 142.250.186.106	15169 (GOOGLE) (GOOGLE)
2	52.222.236.67 52.222.236.67	16509 (AMAZON-02) (AMAZON-02)
1	23.20.133.101 23.20.133.101	14618 (AMAZON-AES) (AMAZON-AES)
3	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
147	9

131 5.9.74.178 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.178.74.9.5.clients.your-server.de

victim-support.stagingserver.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.138 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f14.1e100.net

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.236.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-67.fra56.r.cloudfront.net

static.userback.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.20.133.101 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-133-101.compute-1.amazonaws.com

api.userback.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
131	stagingserver.live victim-support.stagingserver.live	3 MB
6	gstatic.com fonts.gstatic.com www.gstatic.com	34 KB
6	googleapis.com fonts.googleapis.com translate.googleapis.com	260 KB
3	userback.io static.userback.io api.userback.io	187 KB
1	google.com translate.google.com	27 KB
147	5

	Domain	Requested by
131	victim-support.stagingserver.live	victim-support.stagingserver.live
3	www.gstatic.com	victim-support.stagingserver.live translate.googleapis.com
3	translate.googleapis.com	translate.googleapis.com
3	fonts.gstatic.com	victim-support.stagingserver.live fonts.googleapis.com
3	fonts.googleapis.com	victim-support.stagingserver.live static.userback.io
2	static.userback.io	victim-support.stagingserver.live static.userback.io
1	api.userback.io	static.userback.io
1	translate.google.com	victim-support.stagingserver.live
147	8

This site contains links to these domains. Also see Links.

Domain
www.google.com
www.victimsupport.org.uk
www.mysupportspace.org.uk
twitter.com
www.facebook.com
www.youtube.com
www.instagram.com
www.linkedin.com
translate.google.com

Subject Issuer	Validity	Valid
victim-support.stagingserver.live R3	`2021-10-08` - `2022-01-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.userback.io Amazon	`2021-09-24` - `2022-10-23`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://victim-support.stagingserver.live/
Frame ID: 02AF629D119FF358A9B66A1BCF514864
Requests: 147 HTTP requests in this frame

Frame: data://truncated
Frame ID: 0F24CD44C58DAE0CD497964934F5DF92
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Victim Support

Detected technologies

WooCommerce (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

/woocommerce(?:\.min)?\.js(?:\?ver=([0-9.]+))?

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Gravity Forms (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href=(?:"|')[^>]*wp-content/plugins/gravityforms/css/
/wp-content/plugins/gravityforms/js/[^/]+\.js\?ver=([\d.]+)$

Lightbox (JavaScript Libraries) Expand

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

147
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

8
Subdomains

9
IPs

2
Countries

4010 kB
Transfer

6144 kB
Size

4
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/
Title: Leave website

Search URL Search Domain Scan URL

URL: https://www.victimsupport.org.uk/help-and-support/get-help
Title: Find out more

Search URL Search Domain Scan URL

URL: https://www.mysupportspace.org.uk/moj
Title: More

Search URL Search Domain Scan URL

URL: https://www.victimsupport.org.uk/get-involved
Title: More

Search URL Search Domain Scan URL

URL: https://www.victimsupport.org.uk/crime-info/types-crime/domestic-abuse/recognising-signs-domestic-abuse
Title: Signs of an unhealthy relationship

Search URL Search Domain Scan URL

URL: https://www.victimsupport.org.uk/help-and-support/get-help/support-near-you/live-chat
Title: start a live chat

Search URL Search Domain Scan URL

URL: https://twitter.com/victimsupport

Search URL Search Domain Scan URL

URL: https://www.facebook.com/victimsupport

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/VictimSupportCharity

Search URL Search Domain Scan URL

URL: https://www.instagram.com/victimsupport_uk/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/victim-support/

Search URL Search Domain Scan URL

URL: https://translate.google.com/
Title: Translate

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

147 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
victim-support.stagingserver.live/ 257 KB
46 KB 1172ms
1112ms Document
text/html 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

9f5a1a2948dfe8c4c950818fe1571f35cf765fa6e22e32419f0040856f951044

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: victim-support.stagingserver.live
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx/1.14.0 (Ubuntu)
date: Fri, 08 Oct 2021 02:37:23 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: <https://victim-support.stagingserver.live/wp-json/>; rel="https://api.w.org/" <https://victim-support.stagingserver.live/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json" <https://victim-support.stagingserver.live/>; rel=shortlink
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 gtranslate-style24.css
victim-support.stagingserver.live/wp-content/plugins/gtranslate/ 693 B
920 B 13ms
7ms Stylesheet
text/css 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=5.7.3

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

226456d9a9eef8f0831b6b181be100a49cbaec1651a8bd45d7d0cc897d161538

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/gtranslate/gtranslate-style24.css?ver=5.7.3
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 May 2021 10:46:57 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "609277a1-2b5"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 693
x-xss-protection: 1; mode=block

GET
H2 200 style.min.css
victim-support.stagingserver.live/wp-includes/css/dist/block-library/ 57 KB
11 KB 17ms
10ms Stylesheet
text/css 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-includes/css/dist/block-library/style.min.css?ver=5.7.3

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.7.3
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 10:22:38 GMT
server: nginx/1.14.0 (Ubuntu)
x-frame-options: SAMEORIGIN
etag: W/"607813ee-e33b"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 theme.min.css
victim-support.stagingserver.live/wp-includes/css/dist/block-library/ 3 KB
3 KB 17ms
11ms Stylesheet
text/css 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-includes/css/dist/block-library/theme.min.css?ver=5.7.3

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

3ee638689e343730a82027d03714f274b6c665cf7e3bf60b5208a3a0cdb3581d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/css/dist/block-library/theme.min.css?ver=5.7.3
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 08:12:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "605af483-a9a"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2714
x-xss-protection: 1; mode=block

GET
H2 200 vendors-style.css
victim-support.stagingserver.live/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/ 3 KB
3 KB 18ms
11ms Stylesheet
text/css 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/vendors-style.css?ver=4.4.3

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

ae707ec81b142f04b6d5f785a5d4f7e8301bdb62a95288dee1f3e58930d21c7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/vendors-style.css?ver=4.4.3
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Jul 2021 06:05:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60efd011-ccc"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 3276
x-xss-protection: 1; mode=block

GET
H2 200 style.css
victim-support.stagingserver.live/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/ 167 KB
25 KB 20ms
13ms Stylesheet
text/css 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=4.4.3

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

2924ea36a075d22f18a9fac2ad9a0e3a8aa2bf9195ba462ff626df6bcd05e97a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=4.4.3
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Jul 2021 06:05:05 GMT
server: nginx/1.14.0 (Ubuntu)
x-frame-options: SAMEORIGIN
etag: W/"60efd011-29a8a"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 all.min.css
victim-support.stagingserver.live/wp-content/plugins/download-manager/assets/fontawesome/css/ 56 KB
14 KB 27ms
20ms Stylesheet
text/css 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/download-manager/assets/fontawesome/css/all.min.css?ver=5.7.3

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

9a680b90260b5106d79f4075491ab31daafa7429eff686453c40b58357309649

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/download-manager/assets/fontawesome/css/all.min.css?ver=5.7.3
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Mar 2021 15:51:07 GMT
server: nginx/1.14.0 (Ubuntu)
x-frame-options: SAMEORIGIN
etag: W/"605a0e6b-dff5"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.min.css
victim-support.stagingserver.live/wp-content/plugins/download-manager/assets/bootstrap/css/ 56 KB
12 KB 27ms
20ms Stylesheet
text/css 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/download-manager/assets/bootstrap/css/bootstrap.min.css?ver=5.7.3

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

e53f793a5b8ac48587ffa08d392fddc565ccecc537528b94eb4c73eecad02e60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/download-manager/assets/bootstrap/css/bootstrap.min.css?ver=5.7.3
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Mar 2021 15:51:07 GMT
server: nginx/1.14.0 (Ubuntu)
x-frame-options: SAMEORIGIN
etag: W/"605a0e6b-e1e0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 front.css
victim-support.stagingserver.live/wp-content/plugins/download-manager/assets/css/ 65 KB
15 KB 30ms
23ms Stylesheet
text/css 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/download-manager/assets/css/front.css?ver=5.7.3

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

701686c379e27f6ee56c1459e76e8199c4d8a6937be2ae5b2364ffa55f7ee954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/download-manager/assets/css/front.css?ver=5.7.3
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Mar 2021 15:51:07 GMT
server: nginx/1.14.0 (Ubuntu)
x-frame-options: SAMEORIGIN
etag: W/"605a0e6b-10349"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 ws-custom.css
victim-support.stagingserver.live/wp-content/plugins/rsm2000-donation/css/ 7 KB
7 KB 30ms
24ms Stylesheet
text/css 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/rsm2000-donation/css/ws-custom.css?ver=5.7.3

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

8091bddd3ca84c03d5bc96c24f2ef0a77d2f3857347206e0057352d49a59f378

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/rsm2000-donation/css/ws-custom.css?ver=5.7.3
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Jan 2021 14:49:00 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5ff5cddc-1c72"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 7282
x-xss-protection: 1; mode=block

GET
H2 200 validationEngine.jquery.css
victim-support.stagingserver.live/wp-content/plugins/rsm2000-donation/css/ 2 KB
2 KB 30ms
24ms Stylesheet
text/css 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/rsm2000-donation/css/validationEngine.jquery.css?ver=5.7.3

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

6e2fa593ef2087498705ff56054420c5e8d1a3d323bcc25aff43c1f524ae0ea8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/rsm2000-donation/css/validationEngine.jquery.css?ver=5.7.3
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Jan 2021 14:49:00 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5ff5cddc-6fd"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1789
x-xss-protection: 1; mode=block

GET
H2 200 cookie-law-info-public.css
victim-support.stagingserver.live/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/ 4 KB
4 KB 31ms
24ms Stylesheet
text/css 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/cookie-law-info-public.css?ver=2.3.4

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

9e0206d7fbd04e129433b165f9d6eb325fb64d93d0320c39c0c1a2aa0af9ecd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/cookie-law-info-public.css?ver=2.3.4
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 17 Mar 2021 15:59:37 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60522769-f7f"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 3967
x-xss-protection: 1; mode=block

GET
H2 200 cookie-law-info-gdpr.css
victim-support.stagingserver.live/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/ 22 KB
6 KB 30ms
24ms Stylesheet
text/css 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/cookie-law-info-gdpr.css?ver=2.3.4

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

3a2ea6943e7241d9147d6af532430bd4c3dea147792c008d3e53fc1d77c8c6c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/cookie-law-info-gdpr.css?ver=2.3.4
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Mar 2021 15:59:37 GMT
server: nginx/1.14.0 (Ubuntu)
x-frame-options: SAMEORIGIN
etag: W/"60522769-5728"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 header-form.css
victim-support.stagingserver.live/wp-content/themes/Avada-Child-Theme/styles/forms/ 110 B
337 B 31ms
25ms Stylesheet
text/css 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada-Child-Theme/styles/forms/header-form.css?ver=5.7.3

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

f2c5f444fe2a8f00542643b819d133cad6df9024be6ffa4b12b064b370fbf2eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada-Child-Theme/styles/forms/header-form.css?ver=5.7.3
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 09 Dec 2020 16:08:19 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5fd0f673-6e"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 110
x-xss-protection: 1; mode=block

GET
H2 200 gravity-forms.css
victim-support.stagingserver.live/wp-content/themes/Avada-Child-Theme/styles/forms/ 9 KB
9 KB 61ms
55ms Stylesheet
text/css 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada-Child-Theme/styles/forms/gravity-forms.css?ver=5.7.3

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

e9eb10add4d9e48cda5b2e891ff39d0f863d427f2e818dc43ff145bab598389f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada-Child-Theme/styles/forms/gravity-forms.css?ver=5.7.3
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 15:11:09 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040f88d-244d"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 9293
x-xss-protection: 1; mode=block

GET
H2 200 barclays-login-form.css
victim-support.stagingserver.live/wp-content/themes/Avada-Child-Theme/styles/forms/ 592 B
820 B 61ms
55ms Stylesheet
text/css 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada-Child-Theme/styles/forms/barclays-login-form.css?ver=5.7.3

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

f82f156805ec9f04923eef2adac1f477abd0a5c79d502374d55d1394622ca0e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada-Child-Theme/styles/forms/barclays-login-form.css?ver=5.7.3
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 09 Dec 2020 16:08:19 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5fd0f673-250"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 592
x-xss-protection: 1; mode=block

GET
H2 200 gdpr-cookie-consent.css
victim-support.stagingserver.live/wp-content/themes/Avada-Child-Theme/styles/cookie-consent/ 5 KB
5 KB 61ms
55ms Stylesheet
text/css 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada-Child-Theme/styles/cookie-consent/gdpr-cookie-consent.css?ver=5.7.3

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

b0e3f3157a798a04247acc548ce30b82a5b5a1835130d9341cc0e5321151f272

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada-Child-Theme/styles/cookie-consent/gdpr-cookie-consent.css?ver=5.7.3
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 09 Dec 2020 16:08:19 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5fd0f673-14d0"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 5328
x-xss-protection: 1; mode=block

GET
H2 200 donations.css
victim-support.stagingserver.live/wp-content/themes/Avada-Child-Theme/styles/forms/ 3 KB
3 KB 61ms
56ms Stylesheet
text/css 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada-Child-Theme/styles/forms/donations.css?ver=5.7.3

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

14f2cea33b8346bfe9c37bdfb01ec8a47e23785e2bc4913ea054b49c548ffc10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada-Child-Theme/styles/forms/donations.css?ver=5.7.3
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Jan 2021 09:08:38 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5ff42c96-cf9"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 3321
x-xss-protection: 1; mode=block

GET
H2 200 formreset.min.css
victim-support.stagingserver.live/wp-content/plugins/gravityforms/css/ 4 KB
4 KB 61ms
56ms Stylesheet
text/css 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/gravityforms/css/formreset.min.css?ver=2.4.24

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

d70d9853ff87464d69a8174e3a76633bf29e45aaafcbccb214c10722b2b9714c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/gravityforms/css/formreset.min.css?ver=2.4.24
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 10:22:29 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "607813e5-f14"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 3860
x-xss-protection: 1; mode=block

GET
H2 200 formsmain.min.css
victim-support.stagingserver.live/wp-content/plugins/gravityforms/css/ 73 KB
15 KB 61ms
56ms Stylesheet
text/css 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/gravityforms/css/formsmain.min.css?ver=2.4.24

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

227ac845901e0403de89d7b6e24a3141dacb54ce167902c4a45b3e3cf14e751e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/gravityforms/css/formsmain.min.css?ver=2.4.24
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 10:22:29 GMT
server: nginx/1.14.0 (Ubuntu)
x-frame-options: SAMEORIGIN
etag: W/"607813e5-12282"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 readyclass.min.css
victim-support.stagingserver.live/wp-content/plugins/gravityforms/css/ 30 KB
4 KB 61ms
57ms Stylesheet
text/css 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/gravityforms/css/readyclass.min.css?ver=2.4.24

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

e61ac08ccbbff6ae298e168c6d2fb069e5db7c122fe07f7e2e4ce1dbb01a58fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/gravityforms/css/readyclass.min.css?ver=2.4.24
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 10:22:29 GMT
server: nginx/1.14.0 (Ubuntu)
x-frame-options: SAMEORIGIN
etag: W/"607813e5-76e7"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 browsers.min.css
victim-support.stagingserver.live/wp-content/plugins/gravityforms/css/ 7 KB
8 KB 61ms
57ms Stylesheet
text/css 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/gravityforms/css/browsers.min.css?ver=2.4.24

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

7f9a44c6380de9dad00c68412b2420fc5132e4013bf2f62d9daee5da9d151674

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/gravityforms/css/browsers.min.css?ver=2.4.24
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 10:22:29 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "607813e5-1d79"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 7545
x-xss-protection: 1; mode=block

GET
H2 200 059164c3b2550e54bb89533a7169eeab.min.css
victim-support.stagingserver.live/wp-content/uploads/fusion-styles/ 1 MB
184 KB 61ms
57ms Stylesheet
text/css 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/uploads/fusion-styles/059164c3b2550e54bb89533a7169eeab.min.css?ver=3.2.1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

fef17d2538cb78ad170f91c8da16b3fb7f174b60d92001889322e45806483621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/fusion-styles/059164c3b2550e54bb89533a7169eeab.min.css?ver=3.2.1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 04 Jun 2021 11:11:04 GMT
server: nginx/1.14.0 (Ubuntu)
x-frame-options: SAMEORIGIN
etag: W/"60ba0a48-11829f"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
victim-support.stagingserver.live/wp-includes/js/jquery/ 87 KB
88 KB 61ms
57ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 10:59:43 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bd9f-15d98"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 89496
x-xss-protection: 1; mode=block

GET
H2 200 jquery-migrate.min.js Show response
victim-support.stagingserver.live/wp-includes/js/jquery/ 11 KB
11 KB 61ms
58ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 10:59:43 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bd9f-2bd8"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 11224
x-xss-protection: 1; mode=block

GET
H2 200 front.js Show response
victim-support.stagingserver.live/wp-content/plugins/download-manager/assets/js/ 39 KB
39 KB 62ms
58ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/download-manager/assets/js/front.js?ver=3.1.16

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

70fabc58ca55af5ac394614cce6a2288a3eeba4cd5f429eea53eaa443f6ca52e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/download-manager/assets/js/front.js?ver=3.1.16
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Mar 2021 15:51:07 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "605a0e6b-9a93"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 39571
x-xss-protection: 1; mode=block

GET
H2 200 chosen.jquery.min.js Show response
victim-support.stagingserver.live/wp-content/plugins/download-manager/assets/js/ 51 KB
51 KB 62ms
58ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/download-manager/assets/js/chosen.jquery.min.js?ver=5.7.3

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

7373ca9ed2c272959213699ab6c34d53f342a2d01d996ebc543743312911a6dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/download-manager/assets/js/chosen.jquery.min.js?ver=5.7.3
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Mar 2021 15:51:07 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "605a0e6b-cbc3"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 52163
x-xss-protection: 1; mode=block

GET
H2 200 cookie-law-info-public.js Show response
victim-support.stagingserver.live/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/js/ 49 KB
50 KB 62ms
58ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/js/cookie-law-info-public.js?ver=2.3.4

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

ab874c14a91fc229d52d98fc29205abb4ac455ee11496e31e3beb1c3c40921bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/webtoffee-gdpr-cookie-consent/public/js/cookie-law-info-public.js?ver=2.3.4
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 17 Mar 2021 15:59:37 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60522769-c5fe"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 50686
x-xss-protection: 1; mode=block

GET
H2 200 jquery.json.min.js Show response
victim-support.stagingserver.live/wp-content/plugins/gravityforms/js/ 2 KB
2 KB 62ms
59ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.4.24

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.4.24
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 10:22:29 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "607813e5-738"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1848
x-xss-protection: 1; mode=block

GET
H2 200 gravityforms.min.js Show response
victim-support.stagingserver.live/wp-content/plugins/gravityforms/js/ 34 KB
35 KB 62ms
59ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.4.24

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

ece8397fe0509a2e315fa13a052d65976845b8c6bb311c46f8dc284eb391ca6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.4.24
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 10:22:29 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "607813e5-89f9"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 35321
x-xss-protection: 1; mode=block

GET
H2 200 conditional_logic.min.js Show response
victim-support.stagingserver.live/wp-content/plugins/gravityforms/js/ 8 KB
8 KB 62ms
59ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/gravityforms/js/conditional_logic.min.js?ver=2.4.24

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

1b15c8a3e1561ca04c7c47d8820009ba4f42288c81433872188e6e3ec1c2f782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/gravityforms/js/conditional_logic.min.js?ver=2.4.24
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 10:22:29 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "607813e5-1e02"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 7682
x-xss-protection: 1; mode=block

GET
H2 200 placeholders.jquery.min.js Show response
victim-support.stagingserver.live/wp-content/plugins/gravityforms/js/ 5 KB
5 KB 62ms
59ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.4.24

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.4.24
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 10:22:29 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "607813e5-121f"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4639
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 39ms
15ms Stylesheet
text/css 216.58.212.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik:400,500

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.138 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f10.1e100.net

Software

ESF /

Resource Hash

166a27e1b03555422cd8e8ac018b72f69cb6b7743caf8ab4a9e319c8ac36319f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 01:14:14 GMT
server: ESF
date: Fri, 08 Oct 2021 02:37:23 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Fri, 08 Oct 2021 02:37:23 GMT

GET
H2 200 logo-400x101.png
victim-support.stagingserver.live/wp-content/uploads/2020/10/ 14 KB
14 KB 41ms
34ms Image
image/png 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://victim-support.stagingserver.live/wp-content/uploads/2020/10/logo-400x101.png

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

3ca40466470a7b0c4542b573d83f88e547d39f4527d00be0c4f6af29fc61239a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/10/logo-400x101.png
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Fri, 16 Oct 2020 12:30:59 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5f899283-36b5"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 14005
x-xss-protection: 1; mode=block

GET
H2 200 phone_icon.png
victim-support.stagingserver.live/wp-content/uploads/2020/10/ 5 KB
5 KB 42ms
35ms Image
image/png 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://victim-support.stagingserver.live/wp-content/uploads/2020/10/phone_icon.png

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

448507290e41c44a3abc492c1313556e9bef99f2437c4839ae5b6d830cfd27f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/10/phone_icon.png
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Fri, 16 Oct 2020 12:37:16 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5f8993fc-1318"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4888
x-xss-protection: 1; mode=block

GET
H2 200 help_icon.png
victim-support.stagingserver.live/wp-content/uploads/2020/10/ 3 KB
3 KB 42ms
35ms Image
image/png 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://victim-support.stagingserver.live/wp-content/uploads/2020/10/help_icon.png

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

42c968ee75a5dbefbefa91a6fdf6af7d9f95fb292340050fbcc5068b025526b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/10/help_icon.png
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Fri, 16 Oct 2020 13:00:29 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5f89996d-c14"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 3092
x-xss-protection: 1; mode=block

GET
H2 200 donate_icon.png
victim-support.stagingserver.live/wp-content/uploads/2020/10/ 4 KB
4 KB 43ms
35ms Image
image/png 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://victim-support.stagingserver.live/wp-content/uploads/2020/10/donate_icon.png

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

d93bc82c38fdd934b56284575ea685b9e08ffe416e538932a9b4cf6a4ff9b24e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/10/donate_icon.png
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Fri, 16 Oct 2020 13:01:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5f899996-f0c"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 3852
x-xss-protection: 1; mode=block

GET
H2 200 wp-emoji-release.min.js Show response
victim-support.stagingserver.live/wp-includes/js/ 14 KB
14 KB 43ms
36ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-includes/js/wp-emoji-release.min.js?ver=5.7.3

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.7.3
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 10:59:43 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bd9f-3795"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 14229
x-xss-protection: 1; mode=block

GET
H2 200 who-we-are.png
victim-support.stagingserver.live/wp-content/uploads/2020/10/ 51 KB
52 KB 43ms
36ms Image
image/png 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://victim-support.stagingserver.live/wp-content/uploads/2020/10/who-we-are.png

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

5659972315149a87f6dd1c1a43cdf0cd5720d7c3831a6e6107ff0f2fa0a17b13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/10/who-we-are.png
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Fri, 16 Oct 2020 10:48:03 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5f897a63-cd22"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 52514
x-xss-protection: 1; mode=block

GET
H2 200 what-we-do.png
victim-support.stagingserver.live/wp-content/uploads/2020/10/ 33 KB
33 KB 44ms
37ms Image
image/png 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://victim-support.stagingserver.live/wp-content/uploads/2020/10/what-we-do.png

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

54f5d5ffbf2b0ed6cd020484992749e77ef25fddd911a56c63e6538f2c98f2c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/10/what-we-do.png
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Fri, 16 Oct 2020 10:48:35 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5f897a83-821b"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 33307
x-xss-protection: 1; mode=block

GET
H2 200 runner_icon-01.png
victim-support.stagingserver.live/wp-content/uploads/2020/10/ 4 KB
4 KB 44ms
37ms Image
image/png 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://victim-support.stagingserver.live/wp-content/uploads/2020/10/runner_icon-01.png

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

12f16e968aa518d90cf8512ef525e6235beb99167159b2e20628b0c771640ac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/10/runner_icon-01.png
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Fri, 16 Oct 2020 12:14:54 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5f898ebe-fec"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4076
x-xss-protection: 1; mode=block

GET
H2 200 money_icon.png
victim-support.stagingserver.live/wp-content/uploads/2020/10/ 9 KB
9 KB 44ms
38ms Image
image/png 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://victim-support.stagingserver.live/wp-content/uploads/2020/10/money_icon.png

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

c99dfededa18aaccc1f0589255a16399a379fdd2c61b3df3ad19bf7fdbbef875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/10/money_icon.png
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Fri, 16 Oct 2020 12:19:46 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5f898fe2-24bc"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 9404
x-xss-protection: 1; mode=block

GET
H2 200 calendar_icon_0.png
victim-support.stagingserver.live/wp-content/uploads/2020/10/ 8 KB
9 KB 44ms
38ms Image
image/png 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://victim-support.stagingserver.live/wp-content/uploads/2020/10/calendar_icon_0.png

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

9ef6c10cc3e35e4f316614f1a7e5e9714f75cfabc0219285660e797588839537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/10/calendar_icon_0.png
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Fri, 16 Oct 2020 12:20:15 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5f898fff-213c"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8508
x-xss-protection: 1; mode=block

GET
H2 200 DomesticAbuse.png
victim-support.stagingserver.live/wp-content/uploads/2020/10/ 727 KB
728 KB 45ms
39ms Image
image/png 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://victim-support.stagingserver.live/wp-content/uploads/2020/10/DomesticAbuse.png

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

4b3e6031fb4f68e5f3f0138f71ad4791a47a67e6fa4f05e97d305fec9d26ec92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/10/DomesticAbuse.png
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Fri, 16 Oct 2020 11:40:08 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5f898698-b5a21"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 743969
x-xss-protection: 1; mode=block

GET
H2 200 help-after-burg.png
victim-support.stagingserver.live/wp-content/uploads/2020/10/ 172 KB
172 KB 91ms
85ms Image
image/png 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://victim-support.stagingserver.live/wp-content/uploads/2020/10/help-after-burg.png

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

f5d223acda45b090a07ffadd2b1db738c5f96a3290689e2ce92ecda24d70368b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/10/help-after-burg.png
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Fri, 16 Oct 2020 11:55:07 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5f898a1b-2b02a"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 176170
x-xss-protection: 1; mode=block

GET
H2 200 hate-crime.png
victim-support.stagingserver.live/wp-content/uploads/2020/10/ 232 KB
233 KB 91ms
85ms Image
image/png 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://victim-support.stagingserver.live/wp-content/uploads/2020/10/hate-crime.png

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

c286319864cc07938e8ee9689d2f65887ea538ae8e055079247e272b506b3073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/10/hate-crime.png
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Fri, 16 Oct 2020 11:55:30 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5f898a32-3a030"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 237616
x-xss-protection: 1; mode=block

GET
H2 200 people.png
victim-support.stagingserver.live/wp-content/uploads/2020/10/ 288 KB
289 KB 92ms
85ms Image
image/png 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://victim-support.stagingserver.live/wp-content/uploads/2020/10/people.png

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

145fc56b39c9b1d2e6cf325a2bca68dbd6c4e235a17141a33f28e7d083df6fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/10/people.png
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Fri, 16 Oct 2020 11:55:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5f898a47-48193"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 295315
x-xss-protection: 1; mode=block

GET
H2 200 involved0.png
victim-support.stagingserver.live/wp-content/uploads/2020/10/ 158 KB
159 KB 92ms
86ms Image
image/png 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://victim-support.stagingserver.live/wp-content/uploads/2020/10/involved0.png

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

c0b8eff1f67f38ba4837b42219408a43a62e6d377981df78b2fd392929ec54be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/10/involved0.png
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Oct 2020 19:06:46 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5f971e46-27910"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 162064
x-xss-protection: 1; mode=block

GET
H2 200 involved10.png
victim-support.stagingserver.live/wp-content/uploads/2020/10/ 181 KB
181 KB 92ms
86ms Image
image/png 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://victim-support.stagingserver.live/wp-content/uploads/2020/10/involved10.png

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

7aa196e2dece3b257a6fd79ad4adc737fe262883852814566c146add108e3016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/10/involved10.png
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Oct 2020 19:07:53 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5f971e89-2d262"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 184930
x-xss-protection: 1; mode=block

GET
H2 200 involved2-1.png
victim-support.stagingserver.live/wp-content/uploads/2020/10/ 171 KB
171 KB 92ms
86ms Image
image/png 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://victim-support.stagingserver.live/wp-content/uploads/2020/10/involved2-1.png

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

bdc138dd6f8aa963430eb8dc2410fe19ded1ed3c6f9442781a37636f83cfda3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/10/involved2-1.png
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Oct 2020 19:07:12 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5f971e60-2aaa8"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 174760
x-xss-protection: 1; mode=block

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 76 KB
27 KB 58ms
34ms Script
text/javascript 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

ESF /

Resource Hash

25ef4086aa658a47103e3f4466d4518446bde646b71fc61d6564b2e57b560a2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Oct 2021 02:37:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8irajuAAtyVqGve7GQSTq0VGurvVOiUfjvKzysc56O7oR1Y4t0K3_N7a5bit2UEt79w","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irajuAAtyVqGve7GQSTq0VGurvVOiUfjvKzysc56O7oR1Y4t0K3_N7a5bit2UEt79w"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8irajuAAtyVqGve7GQSTq0VGurvVOiUfjvKzysc56O7oR1Y4t0K3_N7a5bit2UEt79w"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.form.min.js Show response
victim-support.stagingserver.live/wp-includes/js/jquery/ 16 KB
16 KB 11ms
11ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-includes/js/jquery/jquery.form.min.js?ver=4.2.1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

984cf02a8dfc0e5f7d51a73b1b768a82b005bf389183b6d038022fc2ddd1f06c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/jquery/jquery.form.min.js?ver=4.2.1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 10:22:38 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "607813ee-3e8f"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 16015
x-xss-protection: 1; mode=block

GET
H2 200 jquery.validationEngine-en.js Show response
victim-support.stagingserver.live/wp-content/plugins/rsm2000-donation/js/ 8 KB
8 KB 15ms
2ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/rsm2000-donation/js/jquery.validationEngine-en.js?ver=1.0.0

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

a7ef0e6efec3115801492fd17f171a5152b67a552a875e2f5f0492a3791cd221

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/rsm2000-donation/js/jquery.validationEngine-en.js?ver=1.0.0
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Jan 2021 14:49:00 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5ff5cddc-209d"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8349
x-xss-protection: 1; mode=block

GET
H2 200 jquery.validationEngine.js Show response
victim-support.stagingserver.live/wp-content/plugins/rsm2000-donation/js/ 18 KB
19 KB 25ms
9ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/rsm2000-donation/js/jquery.validationEngine.js?ver=1.0.0

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

1bd56ab110964b1ff4291a77388f3c38403de2639d5f9fa828211657c29d3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/rsm2000-donation/js/jquery.validationEngine.js?ver=1.0.0
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Jan 2021 14:49:00 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5ff5cddc-495a"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 18778
x-xss-protection: 1; mode=block

GET
H2 200 ws-custom.js Show response
victim-support.stagingserver.live/wp-content/plugins/rsm2000-donation/js/ 1 KB
2 KB 25ms
9ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/rsm2000-donation/js/ws-custom.js?ver=1.0.0

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

1085cdf2d46e2c1c3d4c71d13b0b471fb8f1d5423f358ff48cf158327590a197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/rsm2000-donation/js/ws-custom.js?ver=1.0.0
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Jan 2021 14:49:00 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5ff5cddc-571"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1393
x-xss-protection: 1; mode=block

GET
H2 200 jquery.blockUI.min.js Show response
victim-support.stagingserver.live/wp-content/plugins/woocommerce/assets/js/jquery-blockui/ 9 KB
10 KB 25ms
9ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

255c7a1fa69437e6e19994bcd662189c05d12bf98f2eecdee9f31690942336e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Jul 2021 06:05:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60efd011-2503"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 9475
x-xss-protection: 1; mode=block

GET
H2 200 add-to-cart.min.js Show response
victim-support.stagingserver.live/wp-content/plugins/woocommerce/assets/js/frontend/ 3 KB
3 KB 25ms
10ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.1.1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.1.1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Jul 2021 06:05:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60efd011-bdd"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 3037
x-xss-protection: 1; mode=block

GET
H2 200 js.cookie.min.js Show response
victim-support.stagingserver.live/wp-content/plugins/woocommerce/assets/js/js-cookie/ 2 KB
2 KB 26ms
8ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Jul 2021 06:05:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60efd011-72a"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1834
x-xss-protection: 1; mode=block

GET
H2 200 woocommerce.min.js Show response
victim-support.stagingserver.live/wp-content/plugins/woocommerce/assets/js/frontend/ 2 KB
2 KB 26ms
9ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.1.1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

6a2fd8165871a31946da9b2cb6ecc55a0dcbcdbc8b34be6ec4cc9eaafd7ab783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.1.1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Jul 2021 06:05:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60efd011-812"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2066
x-xss-protection: 1; mode=block

GET
H2 200 cart-fragments.min.js Show response
victim-support.stagingserver.live/wp-content/plugins/woocommerce/assets/js/frontend/ 3 KB
3 KB 26ms
9ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.1.1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

9c7c023f91428234ca0ea4df1199758686f4dcd04da96ba63571788fb3389c0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.1.1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Jul 2021 06:05:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60efd011-b7a"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2938
x-xss-protection: 1; mode=block

GET
H2 200 get-support-form.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada-Child-Theme/javascript/ 589 B
837 B 26ms
9ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada-Child-Theme/javascript/get-support-form.js?ver=1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

33549768db859911f6e2876dd7e1ac7b8e3a0d324b2b13667de20abf914c74c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada-Child-Theme/javascript/get-support-form.js?ver=1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 13:01:06 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5fa3f792-24d"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 589
x-xss-protection: 1; mode=block

GET
H2 200 wp-embed.min.js Show response
victim-support.stagingserver.live/wp-includes/js/ 1 KB
2 KB 26ms
9ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-includes/js/wp-embed.min.js?ver=5.7.3

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.7.3
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 10:59:43 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bd9f-592"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1426
x-xss-protection: 1; mode=block

GET
H2 200 modernizr.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 13 KB
13 KB 26ms
9ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/modernizr.js?ver=3.3.1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

45489ffcf01ef61169bda340908095cfc2c0ddcfa78a6cad71a2d1b636feccdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/min/js/library/modernizr.js?ver=3.3.1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-32bf"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 12991
x-xss-protection: 1; mode=block

GET
H2 200 fusion-column-bg-image.js Show response
victim-support.stagingserver.live/wp-content/plugins/fusion-builder/assets/js/min/general/ 2 KB
2 KB 26ms
10ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-column-bg-image.js?ver=1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

f8d19fd38583648406d9d038f210166f267ed793e2bdf10b19030d19254a5b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-column-bg-image.js?ver=1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:02:29 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040be45-8ad"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2221
x-xss-protection: 1; mode=block

GET
H2 200 cssua.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 3 KB
4 KB 26ms
10ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/cssua.js?ver=2.1.28

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

daf181ab9ead5372eefb6fe5d87704d7abdbfa6c09e4c79a2a2f688c6fac5ada

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/min/js/library/cssua.js?ver=2.1.28
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-d10"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 3344
x-xss-protection: 1; mode=block

GET
H2 200 fusion.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 3 KB
4 KB 26ms
10ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion.js?ver=3.2.1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

a7084d13af0b3a8cab0f09d474cd52024e79df417db3248ff0bdc846ae451fa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion.js?ver=3.2.1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-db2"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 3506
x-xss-protection: 1; mode=block

GET
H2 200 isotope.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 34 KB
34 KB 26ms
11ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/isotope.js?ver=3.0.4

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

ed00ca0964cbfca3e3a28ff14ba988ead8846f695adc310f8d3ad796ffed28fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/min/js/library/isotope.js?ver=3.0.4
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-87d5"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 34773
x-xss-protection: 1; mode=block

GET
H2 200 packery.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 13 KB
14 KB 27ms
11ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/packery.js?ver=2.0.0

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

2b01072bc605e2004b2013b56510475dba15fc901809de67475269d32fb3384d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/min/js/library/packery.js?ver=2.0.0
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-359b"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 13723
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.tooltip.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 11 KB
11 KB 28ms
13ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.tooltip.js?ver=3.3.5

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

23263a19c0dc4b29036a56f858a2b6f915ea0e415ed7c46071a071f170626c88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/min/js/library/bootstrap.tooltip.js?ver=3.3.5
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-2a6e"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 10862
x-xss-protection: 1; mode=block

GET
H2 200 jquery.waypoints.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 9 KB
9 KB 28ms
13ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.waypoints.js?ver=2.0.3

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

5f4a78ccf9ce5efdc593c0350e8974fcb040b3c95c7763cee02ccf40e52b26b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.waypoints.js?ver=2.0.3
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-2281"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8833
x-xss-protection: 1; mode=block

GET
H2 200 jquery.requestAnimationFrame.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 695 B
942 B 29ms
14ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.requestAnimationFrame.js?ver=1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

980aba21181e373e49d5e2602223454f0bb78ccb263eabcfb850abb14ad8c904

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.requestAnimationFrame.js?ver=1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-2b7"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 695
x-xss-protection: 1; mode=block

GET
H2 200 jquery.easing.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 2 KB
2 KB 29ms
14ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.easing.js?ver=1.3

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

c8c066c331d08eaf858338789a0499c5ad85cfc6325d7685ea8a9463750d8684

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.easing.js?ver=1.3
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-8eb"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2283
x-xss-protection: 1; mode=block

GET
H2 200 jquery.fitvids.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 2 KB
2 KB 29ms
14ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.fitvids.js?ver=1.1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

233cb2b905dec5df68df039e52e26980f674880fee51a8f6b7f75486760f1f3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.fitvids.js?ver=1.1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-6e7"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1767
x-xss-protection: 1; mode=block

GET
H2 200 jquery.flexslider.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 22 KB
22 KB 30ms
15ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.flexslider.js?ver=2.7.2

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

516da66dd988db6acdb7818facb98a25a06a10cf33a1ff33cfe61a150d8ac02d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.flexslider.js?ver=2.7.2
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-573f"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 22335
x-xss-protection: 1; mode=block

GET
H2 200 jquery.hoverflow.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 647 B
894 B 31ms
16ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.hoverflow.js?ver=1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

5ca946de5ba3710a3293fa8d6eb9215dc418f05330648553a75decc827844fe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.hoverflow.js?ver=1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-287"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 647
x-xss-protection: 1; mode=block

GET
H2 200 jquery.hoverintent.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 1 KB
1 KB 32ms
17ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.hoverintent.js?ver=1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

34e014c7d41ab0ae2996907824eda3bde337242ebd9dc29aeccd9d67078246ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.hoverintent.js?ver=1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-44a"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1098
x-xss-protection: 1; mode=block

GET
H2 200 jquery.ilightbox.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 80 KB
81 KB 32ms
18ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.ilightbox.js?ver=2.2.3

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

cfd46793deac1e98bf1c0ce884644d7b1e3d48dd358387eebe736c05607257f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.ilightbox.js?ver=2.2.3
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-14175"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 82293
x-xss-protection: 1; mode=block

GET
H2 200 jquery.infinitescroll.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 21 KB
21 KB 34ms
19ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.infinitescroll.js?ver=2.1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

1b57653eb15746860cc85fb2d6fa5f5f8cd87284b825300e393fae4ee6e0e18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.infinitescroll.js?ver=2.1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-5207"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 20999
x-xss-protection: 1; mode=block

GET
H2 200 jquery.mousewheel.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 3 KB
3 KB 34ms
20ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.mousewheel.js?ver=3.0.6

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

136859a04a16d051a3d15752d0b415a6c2c837f1278a56dbb87a0e93ba8b9601

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.mousewheel.js?ver=3.0.6
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-a2c"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2604
x-xss-protection: 1; mode=block

GET
H2 200 jquery.placeholder.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 2 KB
2 KB 34ms
20ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.placeholder.js?ver=2.0.7

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

fa34de993dea91eb0120c3745378192fa1177ba8ec5772e08632318d1d5e1267

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.placeholder.js?ver=2.0.7
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-880"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2176
x-xss-protection: 1; mode=block

GET
H2 200 jquery.fade.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 1 KB
1 KB 34ms
19ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.fade.js?ver=1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

836e98f92408ccb7250927acef9b494fbacc18678ef18888f835101557bddd37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.fade.js?ver=1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-48a"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1162
x-xss-protection: 1; mode=block

GET
H2 200 imagesLoaded.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 7 KB
7 KB 34ms
20ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/imagesLoaded.js?ver=3.1.8

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

e1ad0b4138c80c3d001287d48a3915724c963ef85787df537a8de61f906c5f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/min/js/library/imagesLoaded.js?ver=3.1.8
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-1a81"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 6785
x-xss-protection: 1; mode=block

GET
H2 200 fusion-equal-heights.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 1 KB
2 KB 35ms
20ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-equal-heights.js?ver=1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

18d6442774348bade3c7053b5775acde74021892a547b57511e8f0c9842f74da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-equal-heights.js?ver=1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-589"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1417
x-xss-protection: 1; mode=block

GET
H2 200 fusion-parallax.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 12 KB
12 KB 35ms
21ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/fusion-parallax.js?ver=1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

cc4b131c9e9bc64d98932c96c3c65bc4106c8891a3b3fdc2ecd68a70b9051ff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/min/js/library/fusion-parallax.js?ver=1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-2ee4"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 12004
x-xss-protection: 1; mode=block

GET
H2 200 fusion-video-general.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 7 KB
7 KB 35ms
21ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/fusion-video-general.js?ver=1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcefc5cafed5481f31bf826c91496e5368751599dd37c4e8d39af82711b439fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/min/js/library/fusion-video-general.js?ver=1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-1a93"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 6803
x-xss-protection: 1; mode=block

GET
H2 200 fusion-video-bg.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 5 KB
6 KB 35ms
21ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/fusion-video-bg.js?ver=1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

cc2dcfdec57c8614ed31dc4a0e7e8a4c651c276d2a2e1c04d28ccddb39f160a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/min/js/library/fusion-video-bg.js?ver=1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-154d"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 5453
x-xss-protection: 1; mode=block

GET
H2 200 fusion-waypoints.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 503 B
750 B 35ms
21ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-waypoints.js?ver=1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

7e46e14f8fcbf2c58f5b600391d9a6231895f7a550f9d42b0d7cbe22d3e42539

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-waypoints.js?ver=1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-1f7"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 503
x-xss-protection: 1; mode=block

GET
H2 200 fusion-lightbox.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 7 KB
7 KB 35ms
22ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-lightbox.js?ver=1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

19d1c953b71be53df3251d6a01df33a55c49c7e5f933cdcd0fd98498ae86d4f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-lightbox.js?ver=1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-1c6f"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 7279
x-xss-protection: 1; mode=block

GET
H2 200 fusion-tooltip.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 2 KB
2 KB 35ms
22ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-tooltip.js?ver=1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

04ffc69e6bdae64435d6ec1e0ec347979cec8bb40fd0cfcc22c959988b08745e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-tooltip.js?ver=1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-6ab"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1707
x-xss-protection: 1; mode=block

GET
H2 200 fusion-sharing-box.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 920 B
1 KB 35ms
22ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-sharing-box.js?ver=1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

eb08d2dc6b6583d3c1ba02daaa0d5b5d4abf4ffe87a8d4159fc41bd88487bd9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-sharing-box.js?ver=1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-398"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 920
x-xss-protection: 1; mode=block

GET
H2 200 fusion-flexslider.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 6 KB
6 KB 36ms
23ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-flexslider.js?ver=5.7.3

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

8efc0c4630ac1598e2f54812ac69ec7b8af77c15c8dabe6da8d6bec06ad61248

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-flexslider.js?ver=5.7.3
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-16ca"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 5834
x-xss-protection: 1; mode=block

GET
H2 200 fusion-blog.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 8 KB
8 KB 36ms
23ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-blog.js?ver=1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

ffa9d5049035de686b70ab2b84b2e8a28ead3d3168b1efc5bcfe4be9a89abeb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-blog.js?ver=1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-1e11"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 7697
x-xss-protection: 1; mode=block

GET
H2 200 jquery.sticky-kit.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 6 KB
6 KB 36ms
23ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.sticky-kit.js?ver=1.1.2

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

32fae0d35a57cea728c1c253c88bb19ee38ef5fb3cc631d221bd6f80dcd6b414

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/min/js/library/jquery.sticky-kit.js?ver=1.1.2
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-16ae"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 5806
x-xss-protection: 1; mode=block

GET
H2 200 vimeoPlayer.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 16 KB
16 KB 36ms
24ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/library/vimeoPlayer.js?ver=2.2.1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

501c8b7edd85aa5b93a52254d40cf04d754018292b113caf7f76441701d30a0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/min/js/library/vimeoPlayer.js?ver=2.2.1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-40bd"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 16573
x-xss-protection: 1; mode=block

GET
H2 200 avada-skip-link-focus-fix.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/assets/min/js/general/ 325 B
572 B 36ms
24ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/assets/min/js/general/avada-skip-link-focus-fix.js?ver=7.2.1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

53f829ae556bf7011727483015d83a98bcdb4b5796eecb728827c1282c971536

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/assets/min/js/general/avada-skip-link-focus-fix.js?ver=7.2.1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-145"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 325
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.scrollspy.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/assets/min/js/library/ 3 KB
3 KB 37ms
24ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/assets/min/js/library/bootstrap.scrollspy.js?ver=3.3.2

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

0f6cc9b91ac2a1aaffef58c4dbf37ed5fc3c42478416fa0b1c49bdf23cc27207

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/assets/min/js/library/bootstrap.scrollspy.js?ver=3.3.2
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-a95"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2709
x-xss-protection: 1; mode=block

GET
H2 200 avada-general-footer.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/assets/min/js/general/ 413 B
660 B 37ms
24ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/assets/min/js/general/avada-general-footer.js?ver=7.2.1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

61e7bb6d0210c308eb1f6153f18b4063eb715fde885b7d20b4d209d3fcb5a217

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/assets/min/js/general/avada-general-footer.js?ver=7.2.1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-19d"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 413
x-xss-protection: 1; mode=block

GET
H2 200 avada-quantity.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/assets/min/js/general/ 2 KB
2 KB 37ms
25ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/assets/min/js/general/avada-quantity.js?ver=7.2.1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

edfc046247c4f583e4d30feacc987ff1eedb5eabd246657385f018c74d418550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/assets/min/js/general/avada-quantity.js?ver=7.2.1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-738"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1848
x-xss-protection: 1; mode=block

GET
H2 200 avada-select.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/assets/min/js/general/ 682 B
929 B 38ms
26ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/assets/min/js/general/avada-select.js?ver=7.2.1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

9a32508666dfda50c967cf03f6690884c4960f9e1afa41e306c6405a0e0270dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/assets/min/js/general/avada-select.js?ver=7.2.1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-2aa"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 682
x-xss-protection: 1; mode=block

GET
H2 200 avada-tabs-widget.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/assets/min/js/general/ 498 B
745 B 38ms
26ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/assets/min/js/general/avada-tabs-widget.js?ver=7.2.1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

24e5eff6a919b4b6e09596c07eb968db4108a6f9b71ec37d8139791f444826ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/assets/min/js/general/avada-tabs-widget.js?ver=7.2.1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-1f2"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 498
x-xss-protection: 1; mode=block

GET
H2 200 avada-live-search.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/assets/min/js/general/ 3 KB
3 KB 38ms
26ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/assets/min/js/general/avada-live-search.js?ver=7.2.1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

e69fbf8aa90375f096cb7ac047650ccee81dcec38374bce61c01d64d0c610461

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/assets/min/js/general/avada-live-search.js?ver=7.2.1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-bf6"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 3062
x-xss-protection: 1; mode=block

GET
H2 200 fusion-alert.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 260 B
507 B 38ms
26ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-alert.js?ver=5.7.3

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

eb6481e44617b3e40d345b2df5e20965503b4ab87c9346a43894f93a601ccde7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-alert.js?ver=5.7.3
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-104"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 260
x-xss-protection: 1; mode=block

GET
H2 200 avada-woo-variations.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/assets/min/js/general/ 1 KB
2 KB 38ms
27ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/assets/min/js/general/avada-woo-variations.js?ver=7.2.1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

702affb8b1a6cf378eb8990d7c81695c7c80cf04c90aac4bae95253640789c3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/assets/min/js/general/avada-woo-variations.js?ver=7.2.1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-542"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1346
x-xss-protection: 1; mode=block

GET
H2 200 avada-woo-products.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/assets/min/js/general/ 9 KB
10 KB 38ms
27ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/assets/min/js/general/avada-woo-products.js?ver=7.2.1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

b460eba240c12436c2a268a3ac3218be6b5fcdcd4bab21368de92a63dba06f32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/assets/min/js/general/avada-woo-products.js?ver=7.2.1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-2558"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 9560
x-xss-protection: 1; mode=block

GET
H2 200 fusion-animations.js Show response
victim-support.stagingserver.live/wp-content/plugins/fusion-builder/assets/js/min/general/ 2 KB
2 KB 38ms
27ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-animations.js?ver=5.7.3

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

90ba13966c61f7ed9e4dfba7932afb7c4e8909d3b94c9a4155da726ae73eb367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-animations.js?ver=5.7.3
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:02:29 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040be45-66a"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1642
x-xss-protection: 1; mode=block

GET
H2 200 fusion-menu.js Show response
victim-support.stagingserver.live/wp-content/plugins/fusion-builder/assets/js/min/general/ 10 KB
10 KB 38ms
27ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-menu.js?ver=1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

3651eb6da0d2d8fc4d60a9e94d3fbaf9b3a6a9fac8a1584fcc944b3f8d23dddf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-menu.js?ver=1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:02:29 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040be45-27da"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 10202
x-xss-protection: 1; mode=block

GET
H2 200 fusion-button.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 236 B
483 B 38ms
28ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-button.js?ver=5.7.3

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

d6ccc0f7cd37ce64aac6d6d5443b4c08e1e285fd8b33e176c4d7da9cf9546dc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-button.js?ver=5.7.3
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-ec"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 236
x-xss-protection: 1; mode=block

GET
H2 200 jquery.textillate.js Show response
victim-support.stagingserver.live/wp-content/plugins/fusion-builder/assets/js/min/library/ 6 KB
6 KB 38ms
28ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/fusion-builder/assets/js/min/library/jquery.textillate.js?ver=2.0

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

4282cf51cab658faa9bb9a9c2094a348a318318a4009456b1b448aef3d461b80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/fusion-builder/assets/js/min/library/jquery.textillate.js?ver=2.0
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:02:29 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040be45-173a"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 5946
x-xss-protection: 1; mode=block

GET
H2 200 fusion-title.js Show response
victim-support.stagingserver.live/wp-content/plugins/fusion-builder/assets/js/min/general/ 4 KB
4 KB 38ms
28ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-title.js?ver=5.7.3

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

4415e8e84111db8ca627846efbdd28bd519234f32a34e161dc30fc7de5519889

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-title.js?ver=5.7.3
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:02:29 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040be45-f27"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 3879
x-xss-protection: 1; mode=block

GET
H2 200 fusion-recent-posts.js Show response
victim-support.stagingserver.live/wp-content/plugins/fusion-builder/assets/js/min/general/ 2 KB
2 KB 39ms
29ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-recent-posts.js?ver=1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

f678555035b4b760af516ad9795482657f54aeba77c26073cebbc2a5d55e4186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-recent-posts.js?ver=1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:02:29 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040be45-7ad"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1965
x-xss-protection: 1; mode=block

GET
H2 200 fusion-content-boxes.js Show response
victim-support.stagingserver.live/wp-content/plugins/fusion-builder/assets/js/min/general/ 4 KB
4 KB 39ms
29ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-content-boxes.js?ver=1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

85fa900a8b89048bdaf3f8b9b5876efba67675b908048fcd7ca28da67194ac71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-content-boxes.js?ver=1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:02:29 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040be45-10a5"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4261
x-xss-protection: 1; mode=block

GET
H2 200 fusion-container.js Show response
victim-support.stagingserver.live/wp-content/plugins/fusion-builder/assets/js/min/general/ 15 KB
16 KB 39ms
30ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-container.js?ver=1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

6ea76441689e3a781be2c9257025ee1d4d74a8ca77edeea49d99004c2bb74614

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-container.js?ver=1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:02:29 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040be45-3dd9"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 15833
x-xss-protection: 1; mode=block

GET
H2 200 avada-woocommerce.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/assets/min/js/general/ 9 KB
9 KB 39ms
30ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/assets/min/js/general/avada-woocommerce.js?ver=7.2.1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

e5ac6077b77f6fe71369c8c840aebc00ff9a8b856c766b746be0126b9a4d0b6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/assets/min/js/general/avada-woocommerce.js?ver=7.2.1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-2374"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 9076
x-xss-protection: 1; mode=block

GET
H2 200 avada-woo-product-images.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/assets/min/js/general/ 9 KB
9 KB 40ms
30ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/assets/min/js/general/avada-woo-product-images.js?ver=7.2.1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

bdf7188c1c08c0e52e7d0d01866acccc3f7db713d586f7c036ae86313064b149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/assets/min/js/general/avada-woo-product-images.js?ver=7.2.1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-24c0"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 9408
x-xss-protection: 1; mode=block

GET
H2 200 avada-gravity-forms.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/assets/min/js/general/ 2 KB
2 KB 41ms
31ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/assets/min/js/general/avada-gravity-forms.js?ver=7.2.1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

85abae69f44380ff2dfb2d6fad3e0d82cf47d96797e10a2a542251f6f9e79cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/assets/min/js/general/avada-gravity-forms.js?ver=7.2.1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-7f9"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2041
x-xss-protection: 1; mode=block

GET
H2 200 avada-drop-down.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/assets/min/js/general/ 6 KB
6 KB 41ms
32ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/assets/min/js/general/avada-drop-down.js?ver=7.2.1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

a79f7b23e636346f674bc93f2f5ecbe3d00393a0efbbe6bd13b9eadd80846b6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/assets/min/js/general/avada-drop-down.js?ver=7.2.1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-16cf"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 5839
x-xss-protection: 1; mode=block

GET
H2 200 avada-custom-header.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/assets/min/js/general/ 230 B
477 B 41ms
32ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/assets/min/js/general/avada-custom-header.js?ver=7.2.1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

7715a80712d0eda73dc30256cd19ee3b337b9689b1a67329ac37f30d3c79df40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/assets/min/js/general/avada-custom-header.js?ver=7.2.1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-e6"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 230
x-xss-protection: 1; mode=block

GET
H2 200 avada-sidebars.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/assets/min/js/general/ 3 KB
4 KB 41ms
32ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/assets/min/js/general/avada-sidebars.js?ver=7.2.1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

2b182ad82ed2ad13e54c6e8eb5644eeed95ba5041041c460f4610455fb26114b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/assets/min/js/general/avada-sidebars.js?ver=7.2.1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-df1"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 3569
x-xss-protection: 1; mode=block

GET
H2 200 avada-scrollspy.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/assets/min/js/general/ 761 B
1008 B 41ms
32ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/assets/min/js/general/avada-scrollspy.js?ver=7.2.1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

64445832d8d9814200bd858049612f493ff15de4afaea51ff22a12e19aa7a012

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/assets/min/js/general/avada-scrollspy.js?ver=7.2.1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-2f9"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 761
x-xss-protection: 1; mode=block

GET
H2 200 fusion-responsive-typography.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 3 KB
4 KB 41ms
32ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-responsive-typography.js?ver=1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

d8821c5035a54ac174ed82f68e6d7ce4beb77d1d7c884fcf18d67f8cfb4a6eab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-responsive-typography.js?ver=1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-df7"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 3575
x-xss-protection: 1; mode=block

GET
H2 200 fusion-scroll-to-anchor.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 5 KB
6 KB 41ms
33ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-scroll-to-anchor.js?ver=1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

d1d05eb5520d48c9c7dbd4b6b4799b04466f1e790518e717c35b786f5c1ef826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-scroll-to-anchor.js?ver=1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-1588"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 5512
x-xss-protection: 1; mode=block

GET
H2 200 fusion-general-global.js Show response
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/general/ 483 B
730 B 42ms
33ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-general-global.js?ver=1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

599b94fef9bd0069a32e3a11877547f3fabe274312c85873cab9ce334238bc8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-general-global.js?ver=1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-1e3"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 483
x-xss-protection: 1; mode=block

GET
H2 200 fusion-vertical-menu-widget.js Show response
victim-support.stagingserver.live/wp-content/plugins/fusion-core/js/min/ 2 KB
2 KB 42ms
33ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/fusion-core/js/min/fusion-vertical-menu-widget.js?ver=5.2.1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dacf368c1e8ff4cf7ca357f6df7c9bba459b0d04b8820a009d0121fffec12620

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/fusion-core/js/min/fusion-vertical-menu-widget.js?ver=5.2.1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:01:57 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040be25-75f"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1887
x-xss-protection: 1; mode=block

GET
H2 200 fusion-video.js Show response
victim-support.stagingserver.live/wp-content/plugins/fusion-builder/assets/js/min/general/ 2 KB
2 KB 42ms
33ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-video.js?ver=1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

9a0a34bc67f5d3623591214473ac2d449be18a8ce1cb5e531b185ef22a09b31f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-video.js?ver=1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:02:29 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040be45-815"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2069
x-xss-protection: 1; mode=block

GET
H2 200 fusion-column.js Show response
victim-support.stagingserver.live/wp-content/plugins/fusion-builder/assets/js/min/general/ 5 KB
5 KB 41ms
34ms Script
application/javascript 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-column.js?ver=1

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

171292f14119b55d0106dfa2df43e052b778a713c7bfa629364fae708223e76f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/fusion-builder/assets/js/min/general/fusion-column.js?ver=1
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:02:29 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040be45-13cd"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 5069
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 8 KB
778 B 17ms
17ms Stylesheet
text/css 216.58.212.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/wp-content/plugins/rsm2000-donation/css/ws-custom.css?ver=5.7.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.138 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f10.1e100.net

Software

ESF /

Resource Hash

d562e856fbfe2fc2ffa00479809da1ddf3b16bc9b4b90363e633bf4d86d38bde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 00:56:19 GMT
server: ESF
date: Fri, 08 Oct 2021 02:37:23 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Fri, 08 Oct 2021 02:37:23 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhvKKSTjw.woff
fonts.gstatic.com/s/opensans/v20/ 12 KB
12 KB 42ms
7ms Font
font/woff 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOUuhvKKSTjw.woff

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/wp-content/uploads/fusion-styles/059164c3b2550e54bb89533a7169eeab.min.css?ver=3.2.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

3373cca09b37612c5e03873c61f235c3bcc2cc5a11c3c2b3c92a976fcd68c728

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://victim-support.stagingserver.live/
Origin: https://victim-support.stagingserver.live
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 20:47:36 GMT
x-content-type-options: nosniff
age: 366588
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12176
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:24 GMT
server: sffe
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Oct 2022 20:47:36 GMT

GET
H2 200 fa-solid-900.woff2
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 78 KB
79 KB 17ms
17ms Font
application/octet-stream 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/wp-content/uploads/fusion-styles/059164c3b2550e54bb89533a7169eeab.min.css?ver=3.2.1

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

75f5349190725c85b426fdb66c683beb21b7804792d0770a9e84b28e7ace5d28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://victim-support.stagingserver.live
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
:path: /wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/wp-content/uploads/fusion-styles/059164c3b2550e54bb89533a7169eeab.min.css?ver=3.2.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://victim-support.stagingserver.live/wp-content/uploads/fusion-styles/059164c3b2550e54bb89533a7169eeab.min.css?ver=3.2.1
Origin: https://victim-support.stagingserver.live
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:24 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-13990"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
content-length: 80272
x-xss-protection: 1; mode=block

GET
H2 200 help-after-crime.jpg
victim-support.stagingserver.live/wp-content/uploads/2020/10/ 107 KB
108 KB 41ms
40ms Image
image/jpeg 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://victim-support.stagingserver.live/wp-content/uploads/2020/10/help-after-crime.jpg

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

8661d29511064bc8cb00097af988536c14d999d366cba7ec5790bdc2e01e9c0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/10/help-after-crime.jpg
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:24 GMT
x-content-type-options: nosniff
last-modified: Fri, 16 Oct 2020 09:21:47 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5f89662b-1ada5"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 109989
x-xss-protection: 1; mode=block

GET
H2 200 HTx0L209KT-LmIE9N7OR6eiycOe1_Dbw9XP-vA.woff
fonts.gstatic.com/s/allertastencil/v11/ 10 KB
10 KB 7ms
7ms Font
font/woff 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/allertastencil/v11/HTx0L209KT-LmIE9N7OR6eiycOe1_Dbw9XP-vA.woff

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/wp-content/uploads/fusion-styles/059164c3b2550e54bb89533a7169eeab.min.css?ver=3.2.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

a6cf872c43c746b1b645ab7de16877ea5c94c9ee62df3f932a42d5185e94de03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://victim-support.stagingserver.live/
Origin: https://victim-support.stagingserver.live
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 17:57:21 GMT
x-content-type-options: nosniff
age: 204003
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10020
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 04:40:36 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Oct 2022 17:57:21 GMT

GET
H2 200 icomoon.woff
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/ 20 KB
21 KB 11ms
11ms Font
application/font-woff 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.woff

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/wp-content/uploads/fusion-styles/059164c3b2550e54bb89533a7169eeab.min.css?ver=3.2.1

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

22c851d5f36813ff8cbb4ab0d16273aa1eb536f84f2c56b53df8d2c7a54479a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://victim-support.stagingserver.live
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e
:path: /wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/wp-content/uploads/fusion-styles/059164c3b2550e54bb89533a7169eeab.min.css?ver=3.2.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://victim-support.stagingserver.live/wp-content/uploads/fusion-styles/059164c3b2550e54bb89533a7169eeab.min.css?ver=3.2.1
Origin: https://victim-support.stagingserver.live
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:24 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-51ac"
x-frame-options: SAMEORIGIN
content-type: application/font-woff
access-control-allow-origin: *
accept-ranges: bytes
content-length: 20908
x-xss-protection: 1; mode=block

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 43ms
7ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.9WzEz6na2G8.O/d=1/rs=AN8SPfqsoIhIIohsTl-Bw7VQw8RDhYAscg/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 01:49:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="rosetta"
expires: Fri, 08 Oct 2021 02:49:28 GMT

GET
H2 200 main.js Show response
translate.googleapis.com/translate_static/js/element/ 6 KB
2 KB 43ms
7ms Script
text/javascript 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/js/element/main.js

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.9WzEz6na2G8.O/d=1/rs=AN8SPfqsoIhIIohsTl-Bw7VQw8RDhYAscg/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

sffe /

Resource Hash

251c607557e1302862934faeb35d7c9c20cbb64b4abb6a4faed721b71db501f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 01:49:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2877
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2154
x-xss-protection: 0
last-modified: Mon, 24 May 2021 18:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="rosetta"
expires: Fri, 08 Oct 2021 02:49:27 GMT

GET
H2 200 v1.js Show response
static.userback.io/widget/ 613 KB
174 KB 35ms
8ms Script
application/javascript 52.222.236.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.userback.io/widget/v1.js
Requested by: Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-67.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 22de715550092d34e7b665471906340ceece3d986609630561cdeeeec0315da8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 00:12:53 GMT
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 23:31:04 GMT
server: AmazonS3
age: 8672
etag: W/"80b33a365d392830fda0bde75e84e5b0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ab23076896ec73a1a830c9cdc49fcac5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: 6fErIOY4HTG_pyU8-OkYxOH7gPCCkzrbgBVvBvOHKpk5V3d6xZlGTw==

GET
H2 200 fa-regular-400.woff2
victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 13 KB
14 KB 11ms
11ms Font
application/octet-stream 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-regular-400.woff2

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/wp-content/uploads/fusion-styles/059164c3b2550e54bb89533a7169eeab.min.css?ver=3.2.1

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

41dc4f99f4101a4ae7956b5c23c2d40e04ffb928c7ebd989658d950b4e2f7c5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://victim-support.stagingserver.live
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=no
:path: /wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-regular-400.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/wp-content/uploads/fusion-styles/059164c3b2550e54bb89533a7169eeab.min.css?ver=3.2.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://victim-support.stagingserver.live/wp-content/uploads/fusion-styles/059164c3b2550e54bb89533a7169eeab.min.css?ver=3.2.1
Origin: https://victim-support.stagingserver.live
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:24 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 11:00:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6040bdba-3510"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
content-length: 13584
x-xss-protection: 1; mode=block

GET
H2 200 cookie-consent-header.png
victim-support.stagingserver.live/wp-content/themes/Avada-Child-Theme/images/ 17 KB
17 KB 11ms
11ms Image
image/png 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://victim-support.stagingserver.live/wp-content/themes/Avada-Child-Theme/images/cookie-consent-header.png

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/wp-content/themes/Avada-Child-Theme/styles/cookie-consent/gdpr-cookie-consent.css?ver=5.7.3

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

9fef171b586cb04ada211bc575a8f6fbc1d46921755459c0a6c9e49429d8db62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/Avada-Child-Theme/images/cookie-consent-header.png
pragma: no-cache
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=no
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/wp-content/themes/Avada-Child-Theme/styles/cookie-consent/gdpr-cookie-consent.css?ver=5.7.3
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/wp-content/themes/Avada-Child-Theme/styles/cookie-consent/gdpr-cookie-consent.css?ver=5.7.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:24 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Oct 2020 12:29:28 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5f9ab5a8-44bb"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 17595
x-xss-protection: 1; mode=block

GET
H2 200 countries Show response
victim-support.stagingserver.live/wp-json/VS/v1/ 577 B
1 KB 1559ms
1559ms XHR
application/json 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-json/VS/v1/countries

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

3c5f839f7a0040947b31c8e46af4e557a423095d86e8b34ac03092b82b22e560

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=no
:path: /wp-json/VS/v1/countries
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://victim-support.stagingserver.live/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:25 GMT
x-content-type-options: nosniff nosniff
vary: Origin
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
server: nginx/1.14.0 (Ubuntu)
x-frame-options: SAMEORIGIN
allow: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: no-store, no-cache, must-revalidate
x-wp-doingitwrong: register_rest_route (since 5.5.0; The REST API route definition for <code>VS/v1/file-download</code> is missing the required <code>permission_callback</code> argument. For REST API routes that are intended to be public, use <code>__return_true</code> as the permission callback.)
x-robots-tag: noindex
link: <https://victim-support.stagingserver.live/wp-json/>; rel="https://api.w.org/"
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 / Show response
victim-support.stagingserver.live/ 1 KB
2 KB 1628ms
1627ms XHR
application/json 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/?wc-ajax=get_refreshed_fragments

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

2f128e9d673abf00cfd91d738d9aae8ce8959d430939d3a7198eb5b7d3726705

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://victim-support.stagingserver.live
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=no
content-length: 18
:path: /?wc-ajax=get_refreshed_fragments
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: */*
cache-control: no-cache
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: */*
Referer: https://victim-support.stagingserver.live/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 08 Oct 2021 02:37:25 GMT
x-content-type-options: nosniff nosniff
server: nginx/1.14.0 (Ubuntu)
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://victim-support.stagingserver.live *
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
x-xss-protection: 1; mode=block
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 fa-regular-400.woff2
victim-support.stagingserver.live/wp-content/plugins/download-manager/assets/fontawesome/webfonts/ 13 KB
14 KB 12ms
11ms Font
application/octet-stream 5.9.74.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://victim-support.stagingserver.live/wp-content/plugins/download-manager/assets/fontawesome/webfonts/fa-regular-400.woff2

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/wp-content/plugins/download-manager/assets/fontawesome/css/all.min.css?ver=5.7.3

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.9.74.178 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.74.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

093f782260d70f914e7e591eba1502d3e992e9f7a69a17d1df6c32bcddd6f06a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://victim-support.stagingserver.live
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: PHPSESSID=2pji56ih3c75aj8p6cbqoqib1e; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=no
:path: /wp-content/plugins/download-manager/assets/fontawesome/webfonts/fa-regular-400.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: victim-support.stagingserver.live
referer: https://victim-support.stagingserver.live/wp-content/plugins/download-manager/assets/fontawesome/css/all.min.css?ver=5.7.3
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://victim-support.stagingserver.live/wp-content/plugins/download-manager/assets/fontawesome/css/all.min.css?ver=5.7.3
Origin: https://victim-support.stagingserver.live
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:37:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Mar 2021 15:51:07 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "605a0e6b-3520"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
content-length: 13600
x-xss-protection: 1; mode=block

GET
H3 200 element_main.js Show response
translate.googleapis.com/element/TE_20210503_00/e/js/element/ 252 KB
252 KB 36ms
15ms Script
text/javascript 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/TE_20210503_00/e/js/element/element_main.js

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

sffe /

Resource Hash

09363cc7c668ce12683214a9877ae9c068a82dfb8f64111355933c24e7193a98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 18:49:28 GMT
x-content-type-options: nosniff
age: 28076
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 257604
x-xss-protection: 0
last-modified: Mon, 03 May 2021 09:56:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="rosetta"
expires: Fri, 07 Oct 2022 18:49:28 GMT

POST
H2 200 / Show response
api.userback.io/ 2 KB
1 KB 359ms
144ms XHR
application/json 23.20.133.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userback.io/?loadWidgetConfig
Requested by: Host: static.userback.io
URL: https://static.userback.io/widget/v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.133.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-133-101.compute-1.amazonaws.com
Software: nginx/1.18.0 / PHP/7.4.11
Resource Hash: c8e62cd22b58a3405ef4569ef0ae6afc8c188f149731ca4ab12af51a27d84bd7

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://victim-support.stagingserver.live/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 08 Oct 2021 02:37:24 GMT
content-encoding: gzip
server: nginx/1.18.0
x-powered-by: PHP/7.4.11
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
DATA 200
OK truncated Show response
/ Frame 0F24 2 KB
2 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c038fa1aaa4d38dc4dd6a92d02502c02175a0826ca6e706bd16fd65d9a389b1

Request headers

Upgrade-Insecure-Requests: 1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 825 B
1 KB 30ms
7ms Image
image/png 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:36:27 GMT
x-content-type-options: nosniff
age: 57
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 825
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 08 Oct 2022 02:36:27 GMT

GET
H2 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
1000 B 30ms
8ms Image
image/png 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: victim-support.stagingserver.live
URL: https://victim-support.stagingserver.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 21:03:19 GMT
x-content-type-options: nosniff
age: 20045
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 910
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 07 Oct 2022 21:03:19 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 30ms
7ms Image
image/png 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 00:17:22 GMT
x-content-type-options: nosniff
age: 8402
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1847
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 08 Oct 2022 00:17:22 GMT

GET
H2 200 v1.css
static.userback.io/widget/ 89 KB
12 KB 7ms
7ms Stylesheet
text/css 52.222.236.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.userback.io/widget/v1.css
Requested by: Host: static.userback.io
URL: https://static.userback.io/widget/v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-67.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3bf21e05cafcf27f21fa61aa211faeb70a180c305427e32d22d1197964f56513

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://victim-support.stagingserver.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 15:31:26 GMT
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 03:23:02 GMT
server: AmazonS3
age: 39959
etag: W/"da01b9355ce84ddd24c295a7f3a6ebf3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 ab23076896ec73a1a830c9cdc49fcac5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: jhHtjGR-QuJsgjMeP0uv8GUnR-f9OHr5A99FBcqYRqK3NN-W0pjTyg==

GET
H3 200 css2
fonts.googleapis.com/ 5 KB
554 B 34ms
19ms Stylesheet
text/css 216.58.212.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap

Requested by

Host: static.userback.io
URL: https://static.userback.io/widget/v1.css

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.138 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f10.1e100.net

Software

ESF /

Resource Hash

63335463672d8be67b46c8c88a3558edc2cb401fda7077f972e563e39914795d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.userback.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 01:03:52 GMT
server: ESF
date: Fri, 08 Oct 2021 02:37:24 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Fri, 08 Oct 2021 02:37:24 GMT

GET
H3 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 7ms
7ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://victim-support.stagingserver.live
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 17:53:46 GMT
x-content-type-options: nosniff
age: 204218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7776
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Oct 2022 17:53:46 GMT

Verdicts & Comments Add Verdict or Comment

352 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
victim-support.stagingserver.live/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2pji56ih3c75aj8p6cbqoqib1e
.google.com/	1970-01-20 02:11:11	Name: NID Value: 511=Js0lcBPKZHSo0FuXTWfUgdn4I87Ie0nnU-4GBAcOQ1mLC2TmKE_8nmoH7OVBtLxj4xFAVGubil_0EJzMzyyQ9W74x8VVZHavecWZ0EYKGUzxKDoDX5IdAxmCOE2powmbObUn4CvqY2wECXryg_0FIrIj7RlYhyTKGV94NZ1AcXA
victim-support.stagingserver.live/	1970-01-20 06:33:16	Name: cookielawinfo-checkbox-necessary Value: yes
victim-support.stagingserver.live/	1970-01-20 06:33:16	Name: cookielawinfo-checkbox-non-necessary Value: no

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.userback.io
fonts.googleapis.com
fonts.gstatic.com
static.userback.io
translate.google.com
translate.googleapis.com
victim-support.stagingserver.live
www.gstatic.com
142.250.184.206
142.250.185.163
142.250.186.106
142.250.186.35
216.58.212.138
23.20.133.101
5.9.74.178
52.222.236.67
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04ffc69e6bdae64435d6ec1e0ec347979cec8bb40fd0cfcc22c959988b08745e
09363cc7c668ce12683214a9877ae9c068a82dfb8f64111355933c24e7193a98
093f782260d70f914e7e591eba1502d3e992e9f7a69a17d1df6c32bcddd6f06a
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0f6cc9b91ac2a1aaffef58c4dbf37ed5fc3c42478416fa0b1c49bdf23cc27207
1085cdf2d46e2c1c3d4c71d13b0b471fb8f1d5423f358ff48cf158327590a197
12f16e968aa518d90cf8512ef525e6235beb99167159b2e20628b0c771640ac1
136859a04a16d051a3d15752d0b415a6c2c837f1278a56dbb87a0e93ba8b9601
145fc56b39c9b1d2e6cf325a2bca68dbd6c4e235a17141a33f28e7d083df6fc8
14f2cea33b8346bfe9c37bdfb01ec8a47e23785e2bc4913ea054b49c548ffc10
166a27e1b03555422cd8e8ac018b72f69cb6b7743caf8ab4a9e319c8ac36319f
171292f14119b55d0106dfa2df43e052b778a713c7bfa629364fae708223e76f
172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d
18d6442774348bade3c7053b5775acde74021892a547b57511e8f0c9842f74da
19d1c953b71be53df3251d6a01df33a55c49c7e5f933cdcd0fd98498ae86d4f1
1b15c8a3e1561ca04c7c47d8820009ba4f42288c81433872188e6e3ec1c2f782
1b57653eb15746860cc85fb2d6fa5f5f8cd87284b825300e393fae4ee6e0e18f
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
1bd56ab110964b1ff4291a77388f3c38403de2639d5f9fa828211657c29d3db0
226456d9a9eef8f0831b6b181be100a49cbaec1651a8bd45d7d0cc897d161538
227ac845901e0403de89d7b6e24a3141dacb54ce167902c4a45b3e3cf14e751e
22c851d5f36813ff8cbb4ab0d16273aa1eb536f84f2c56b53df8d2c7a54479a4
22de715550092d34e7b665471906340ceece3d986609630561cdeeeec0315da8
23263a19c0dc4b29036a56f858a2b6f915ea0e415ed7c46071a071f170626c88
233cb2b905dec5df68df039e52e26980f674880fee51a8f6b7f75486760f1f3e
24e5eff6a919b4b6e09596c07eb968db4108a6f9b71ec37d8139791f444826ea
251c607557e1302862934faeb35d7c9c20cbb64b4abb6a4faed721b71db501f2
255c7a1fa69437e6e19994bcd662189c05d12bf98f2eecdee9f31690942336e4
25ef4086aa658a47103e3f4466d4518446bde646b71fc61d6564b2e57b560a2e
2924ea36a075d22f18a9fac2ad9a0e3a8aa2bf9195ba462ff626df6bcd05e97a
2b01072bc605e2004b2013b56510475dba15fc901809de67475269d32fb3384d
2b182ad82ed2ad13e54c6e8eb5644eeed95ba5041041c460f4610455fb26114b
2c038fa1aaa4d38dc4dd6a92d02502c02175a0826ca6e706bd16fd65d9a389b1
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2f128e9d673abf00cfd91d738d9aae8ce8959d430939d3a7198eb5b7d3726705
32fae0d35a57cea728c1c253c88bb19ee38ef5fb3cc631d221bd6f80dcd6b414
33549768db859911f6e2876dd7e1ac7b8e3a0d324b2b13667de20abf914c74c8
3373cca09b37612c5e03873c61f235c3bcc2cc5a11c3c2b3c92a976fcd68c728
34e014c7d41ab0ae2996907824eda3bde337242ebd9dc29aeccd9d67078246ab
3651eb6da0d2d8fc4d60a9e94d3fbaf9b3a6a9fac8a1584fcc944b3f8d23dddf
3a2ea6943e7241d9147d6af532430bd4c3dea147792c008d3e53fc1d77c8c6c5
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
3bf21e05cafcf27f21fa61aa211faeb70a180c305427e32d22d1197964f56513
3c5f839f7a0040947b31c8e46af4e557a423095d86e8b34ac03092b82b22e560
3ca40466470a7b0c4542b573d83f88e547d39f4527d00be0c4f6af29fc61239a
3ee638689e343730a82027d03714f274b6c665cf7e3bf60b5208a3a0cdb3581d
41dc4f99f4101a4ae7956b5c23c2d40e04ffb928c7ebd989658d950b4e2f7c5d
4282cf51cab658faa9bb9a9c2094a348a318318a4009456b1b448aef3d461b80
42c968ee75a5dbefbefa91a6fdf6af7d9f95fb292340050fbcc5068b025526b5
4415e8e84111db8ca627846efbdd28bd519234f32a34e161dc30fc7de5519889
448507290e41c44a3abc492c1313556e9bef99f2437c4839ae5b6d830cfd27f8
45489ffcf01ef61169bda340908095cfc2c0ddcfa78a6cad71a2d1b636feccdf
4b3e6031fb4f68e5f3f0138f71ad4791a47a67e6fa4f05e97d305fec9d26ec92
501c8b7edd85aa5b93a52254d40cf04d754018292b113caf7f76441701d30a0a
516da66dd988db6acdb7818facb98a25a06a10cf33a1ff33cfe61a150d8ac02d
53f829ae556bf7011727483015d83a98bcdb4b5796eecb728827c1282c971536
54f5d5ffbf2b0ed6cd020484992749e77ef25fddd911a56c63e6538f2c98f2c9
5659972315149a87f6dd1c1a43cdf0cd5720d7c3831a6e6107ff0f2fa0a17b13
599b94fef9bd0069a32e3a11877547f3fabe274312c85873cab9ce334238bc8d
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5ca946de5ba3710a3293fa8d6eb9215dc418f05330648553a75decc827844fe7
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5f4a78ccf9ce5efdc593c0350e8974fcb040b3c95c7763cee02ccf40e52b26b6
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
61e7bb6d0210c308eb1f6153f18b4063eb715fde885b7d20b4d209d3fcb5a217
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
63335463672d8be67b46c8c88a3558edc2cb401fda7077f972e563e39914795d
64445832d8d9814200bd858049612f493ff15de4afaea51ff22a12e19aa7a012
6a2fd8165871a31946da9b2cb6ecc55a0dcbcdbc8b34be6ec4cc9eaafd7ab783
6e2fa593ef2087498705ff56054420c5e8d1a3d323bcc25aff43c1f524ae0ea8
6ea76441689e3a781be2c9257025ee1d4d74a8ca77edeea49d99004c2bb74614
701686c379e27f6ee56c1459e76e8199c4d8a6937be2ae5b2364ffa55f7ee954
702affb8b1a6cf378eb8990d7c81695c7c80cf04c90aac4bae95253640789c3e
70fabc58ca55af5ac394614cce6a2288a3eeba4cd5f429eea53eaa443f6ca52e
7373ca9ed2c272959213699ab6c34d53f342a2d01d996ebc543743312911a6dc
75f5349190725c85b426fdb66c683beb21b7804792d0770a9e84b28e7ace5d28
7715a80712d0eda73dc30256cd19ee3b337b9689b1a67329ac37f30d3c79df40
7aa196e2dece3b257a6fd79ad4adc737fe262883852814566c146add108e3016
7e46e14f8fcbf2c58f5b600391d9a6231895f7a550f9d42b0d7cbe22d3e42539
7f9a44c6380de9dad00c68412b2420fc5132e4013bf2f62d9daee5da9d151674
8091bddd3ca84c03d5bc96c24f2ef0a77d2f3857347206e0057352d49a59f378
836e98f92408ccb7250927acef9b494fbacc18678ef18888f835101557bddd37
85abae69f44380ff2dfb2d6fad3e0d82cf47d96797e10a2a542251f6f9e79cec
85fa900a8b89048bdaf3f8b9b5876efba67675b908048fcd7ca28da67194ac71
8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8
8661d29511064bc8cb00097af988536c14d999d366cba7ec5790bdc2e01e9c0b
8efc0c4630ac1598e2f54812ac69ec7b8af77c15c8dabe6da8d6bec06ad61248
90ba13966c61f7ed9e4dfba7932afb7c4e8909d3b94c9a4155da726ae73eb367
980aba21181e373e49d5e2602223454f0bb78ccb263eabcfb850abb14ad8c904
984cf02a8dfc0e5f7d51a73b1b768a82b005bf389183b6d038022fc2ddd1f06c
9a0a34bc67f5d3623591214473ac2d449be18a8ce1cb5e531b185ef22a09b31f
9a32508666dfda50c967cf03f6690884c4960f9e1afa41e306c6405a0e0270dc
9a680b90260b5106d79f4075491ab31daafa7429eff686453c40b58357309649
9c7c023f91428234ca0ea4df1199758686f4dcd04da96ba63571788fb3389c0b
9e0206d7fbd04e129433b165f9d6eb325fb64d93d0320c39c0c1a2aa0af9ecd7
9ef6c10cc3e35e4f316614f1a7e5e9714f75cfabc0219285660e797588839537
9f5a1a2948dfe8c4c950818fe1571f35cf765fa6e22e32419f0040856f951044
9fef171b586cb04ada211bc575a8f6fbc1d46921755459c0a6c9e49429d8db62
a6cf872c43c746b1b645ab7de16877ea5c94c9ee62df3f932a42d5185e94de03
a7084d13af0b3a8cab0f09d474cd52024e79df417db3248ff0bdc846ae451fa9
a79f7b23e636346f674bc93f2f5ecbe3d00393a0efbbe6bd13b9eadd80846b6b
a7ef0e6efec3115801492fd17f171a5152b67a552a875e2f5f0492a3791cd221
ab874c14a91fc229d52d98fc29205abb4ac455ee11496e31e3beb1c3c40921bf
ae707ec81b142f04b6d5f785a5d4f7e8301bdb62a95288dee1f3e58930d21c7a
b0e3f3157a798a04247acc548ce30b82a5b5a1835130d9341cc0e5321151f272
b460eba240c12436c2a268a3ac3218be6b5fcdcd4bab21368de92a63dba06f32
bdc138dd6f8aa963430eb8dc2410fe19ded1ed3c6f9442781a37636f83cfda3d
bdf7188c1c08c0e52e7d0d01866acccc3f7db713d586f7c036ae86313064b149
c0b8eff1f67f38ba4837b42219408a43a62e6d377981df78b2fd392929ec54be
c286319864cc07938e8ee9689d2f65887ea538ae8e055079247e272b506b3073
c8c066c331d08eaf858338789a0499c5ad85cfc6325d7685ea8a9463750d8684
c8e62cd22b58a3405ef4569ef0ae6afc8c188f149731ca4ab12af51a27d84bd7
c99dfededa18aaccc1f0589255a16399a379fdd2c61b3df3ad19bf7fdbbef875
cc2dcfdec57c8614ed31dc4a0e7e8a4c651c276d2a2e1c04d28ccddb39f160a0
cc4b131c9e9bc64d98932c96c3c65bc4106c8891a3b3fdc2ecd68a70b9051ff6
cfd46793deac1e98bf1c0ce884644d7b1e3d48dd358387eebe736c05607257f4
d1d05eb5520d48c9c7dbd4b6b4799b04466f1e790518e717c35b786f5c1ef826
d562e856fbfe2fc2ffa00479809da1ddf3b16bc9b4b90363e633bf4d86d38bde
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060
d6ccc0f7cd37ce64aac6d6d5443b4c08e1e285fd8b33e176c4d7da9cf9546dc4
d70d9853ff87464d69a8174e3a76633bf29e45aaafcbccb214c10722b2b9714c
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
d8821c5035a54ac174ed82f68e6d7ce4beb77d1d7c884fcf18d67f8cfb4a6eab
d93bc82c38fdd934b56284575ea685b9e08ffe416e538932a9b4cf6a4ff9b24e
dacf368c1e8ff4cf7ca357f6df7c9bba459b0d04b8820a009d0121fffec12620
daf181ab9ead5372eefb6fe5d87704d7abdbfa6c09e4c79a2a2f688c6fac5ada
dcefc5cafed5481f31bf826c91496e5368751599dd37c4e8d39af82711b439fd
e1ad0b4138c80c3d001287d48a3915724c963ef85787df537a8de61f906c5f8e
e53f793a5b8ac48587ffa08d392fddc565ccecc537528b94eb4c73eecad02e60
e5ac6077b77f6fe71369c8c840aebc00ff9a8b856c766b746be0126b9a4d0b6f
e61ac08ccbbff6ae298e168c6d2fb069e5db7c122fe07f7e2e4ce1dbb01a58fb
e69fbf8aa90375f096cb7ac047650ccee81dcec38374bce61c01d64d0c610461
e9eb10add4d9e48cda5b2e891ff39d0f863d427f2e818dc43ff145bab598389f
eb08d2dc6b6583d3c1ba02daaa0d5b5d4abf4ffe87a8d4159fc41bd88487bd9a
eb6481e44617b3e40d345b2df5e20965503b4ab87c9346a43894f93a601ccde7
ece8397fe0509a2e315fa13a052d65976845b8c6bb311c46f8dc284eb391ca6a
ed00ca0964cbfca3e3a28ff14ba988ead8846f695adc310f8d3ad796ffed28fb
edfc046247c4f583e4d30feacc987ff1eedb5eabd246657385f018c74d418550
f2c5f444fe2a8f00542643b819d133cad6df9024be6ffa4b12b064b370fbf2eb
f5d223acda45b090a07ffadd2b1db738c5f96a3290689e2ce92ecda24d70368b
f678555035b4b760af516ad9795482657f54aeba77c26073cebbc2a5d55e4186
f82f156805ec9f04923eef2adac1f477abd0a5c79d502374d55d1394622ca0e4
f8d19fd38583648406d9d038f210166f267ed793e2bdf10b19030d19254a5b26
fa34de993dea91eb0120c3745378192fa1177ba8ec5772e08632318d1d5e1267
fef17d2538cb78ad170f91c8da16b3fb7f174b60d92001889322e45806483621
ffa9d5049035de686b70ab2b84b2e8a28ead3d3168b1efc5bcfe4be9a89abeb4

victim-support.stagingserver.live Open in urlscan Pro 5.9.74.178 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

147 Requests

100 %HTTPS

0 %IPv6

5 Domains

8 Subdomains

9 IPs

2 Countries

4010 kBTransfer

6144 kBSize

4 Cookies

12 Outgoing links

Redirected requests

147 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

victim-support.stagingserver.live Open in urlscan Pro
5.9.74.178 Public Scan

Screenshot
Live screenshot

Full Image

147
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

8
Subdomains

9
IPs

2
Countries

4010 kB
Transfer

6144 kB
Size

4
Cookies

147 HTTP transactions
1 data transactions