Host 192.0.66.114
United States
Software information
nginx
tcp/443 tcp/80
-
GraphQL introspection is enabled.
GraphQL introspection is enabled.
This could leak to data leak if not properly configured.
IP: 192.0.66.114
Domain: staging.mendocinobeacon.com
Port: 443
URL: https://staging.mendocinobeacon.comFirst seen 2025-11-18 08:48
Last seen 2026-02-02 06:29
Open for 75 days-
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3GraphQL introspection enabled at /graphql
Found on 2026-02-02 06:29 -
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3737a5aeefb89341e73dff2e2b9c6c4fa62a25bfaGraphQL introspection enabled at /graphql Types: 648 (by kind: ENUM: 48, INPUT_OBJECT: 150, INTERFACE: 96, OBJECT: 347, SCALAR: 5, UNION: 2) Operations: - Query: RootQuery | fields: allGroupSubscriptions, allSettings, authors, categories, category - Mutation: RootMutation | fields: addPostSubscription, addSubscriberSite, createAuthor, createCategory, createComment Directives: deprecated, include, skip (total: 3)
Found on 2025-11-30 20:371.2 MBytes
-
-
GraphQL introspection is enabled.
GraphQL introspection is enabled.
This could leak to data leak if not properly configured.
IP: 192.0.66.114
Domain: contenthub.medianewsgroup.com
Port: 443
URL: https://contenthub.medianewsgroup.comFirst seen 2025-12-07 09:44
Last seen 2026-01-23 03:18
Open for 46 days-
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3GraphQL introspection enabled at /graphql
Found on 2026-01-23 03:18
-
-
Open service 192.0.66.114:443 · product-summit.voxmedia.com
2026-01-23 13:54
HTTP/1.1 200 OK Server: nginx Date: Fri, 23 Jan 2026 13:54:15 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding X-hacker: If you're reading this, you should visit https://join.a8c.com/viphacker and apply to join the fun, mention this header. X-Powered-By: WordPress VIP <https://wpvip.com> Host-Header: a9130478a60e5f9135f765b23f26593b Link: <https://product-summit.voxmedia.com/wp-json/>; rel="https://api.w.org/" Link: <https://product-summit.voxmedia.com/wp-json/wp/v2/pages/22>; rel="alternate"; title="JSON"; type="application/json" Link: <https://product-summit.voxmedia.com/>; rel=shortlink cache-control: max-age=300, must-revalidate accept-ranges: bytes x-rq: ams7 0 30 9980 x-cache: HIT
Found 2026-01-23 by HttpPluginCreate report
-
Open service 192.0.66.114:443 · contenthub.medianewsgroup.com
2026-01-23 03:18
HTTP/1.1 200 OK Server: nginx Date: Fri, 23 Jan 2026 03:18:59 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Content-Security-Policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob: *.visualwebsiteoptimizer.com; style-src 'unsafe-inline' https: *.visualwebsiteoptimizer.com app.vwo.com; img-src data: https: blob: *.visualwebsiteoptimizer.com app.vwo.com useruploads.vwo.io; font-src data: https:; connect-src https: data: blob: *.visualwebsiteoptimizer.com app.vwo.com; media-src blob: data: https:; object-src https:; child-src https: data: blob: 'self' *.visualwebsiteoptimizer.com app.vwo.com; upgrade-insecure-requests; block-all-mixed-content; x-rq: ams7 0 40 9980 accept-ranges: bytes x-cache: HIT cache-control: max-age=300, must-revalidate Strict-Transport-Security: max-age=31536000;includeSubdomains <!doctype html><html><body> </body></html>
Found 2026-01-23 by HttpPluginCreate report
-
Open service 192.0.66.114:443 · staging.mendocinobeacon.com
2026-01-23 02:42
HTTP/1.1 200 OK Server: nginx Date: Fri, 23 Jan 2026 02:42:13 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Content-Security-Policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob: *.visualwebsiteoptimizer.com; style-src 'unsafe-inline' https: *.visualwebsiteoptimizer.com app.vwo.com; img-src data: https: blob: *.visualwebsiteoptimizer.com app.vwo.com useruploads.vwo.io; font-src data: https:; connect-src https: data: blob: *.visualwebsiteoptimizer.com app.vwo.com; media-src blob: data: https:; object-src https:; child-src https: data: blob: 'self' *.visualwebsiteoptimizer.com app.vwo.com; upgrade-insecure-requests; block-all-mixed-content; X-hacker: If you're reading this, you should visit https://join.a8c.com/viphacker and apply to join the fun, mention this header. X-Powered-By: WordPress VIP <https://wpvip.com> Host-Header: a9130478a60e5f9135f765b23f26593b X-Robots-Tag: noindex, nofollow Link: <https://staging.mendocinobeacon.com/index.php?rest_route=/>; rel="https://api.w.org/" x-rq: yyz1 0 20 9980 accept-ranges: bytes cache-control: max-age=300, must-revalidate x-cache: HIT
Found 2026-01-23 by HttpPluginCreate report
-
Open service 192.0.66.114:443 · www.rollingstone.com
2026-01-22 23:10
HTTP/1.1 200 OK Server: nginx Date: Thu, 22 Jan 2026 23:10:02 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding X-hacker: If you're reading this, you should visit https://join.a8c.com/viphacker and apply to join the fun, mention this header. X-Powered-By: WordPress VIP <https://wpvip.com> Host-Header: a9130478a60e5f9135f765b23f26593b X-UA-Compatible: IE=Edge Content-Security-Policy: upgrade-insecure-requests Content-Security-Policy: frame-ancestors 'none' Content-Security-Policy-Report-Only: default-src data: 'unsafe-inline' 'unsafe-eval' https: blob: http://*.files.wordpress.com wss://www.rollingstone.com; report-uri https://pmcuri.report-uri.com/r/d/csp/reportOnly Link: <https://www.rollingstone.com/wp-json/>; rel="https://api.w.org/" Link: <https://wp.me/a2tH9>; rel=shortlink cache-control: max-age=300, must-revalidate accept-ranges: bytes x-rq: jfk1 181 253 80 x-cache: HIT Strict-Transport-Security: max-age=300
Found 2026-01-22 by HttpPluginCreate report
-
Open service 192.0.66.114:80 · cms.thetimes.com
2026-01-12 10:46
HTTP/1.1 301 Moved Permanently Server: nginx Date: Mon, 12 Jan 2026 10:46:36 GMT Content-Type: text/html Content-Length: 162 Connection: close Location: https://cms.thetimes.com/ Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>nginx</center> </body> </html>
Found 2026-01-12 by HttpPluginCreate report
-
Open service 192.0.66.114:443 · cms.thetimes.com
2026-01-12 10:46
HTTP/1.1 403 Forbidden Server: nginx Date: Mon, 12 Jan 2026 10:46:36 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Link: <https://cms.thetimes.com/wp-json/>; rel="https://api.w.org/" x-cache: BYPASS cache-control: private x-rq: yyz1 0 10 9980 Page title: WordPress › Error <!DOCTYPE html> <html lang="en-GB"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name='robots' content='max-image-preview:large, noindex, follow' /> <title>WordPress › Error</title> <style type="text/css"> html { background: #f1f1f1; } body { background: #fff; border: 1px solid #ccd0d4; color: #444; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, Oxygen-Sans, Ubuntu, Cantarell, "Helvetica Neue", sans-serif; margin: 2em auto; padding: 1em 2em; max-width: 700px; -webkit-box-shadow: 0 1px 1px rgba(0, 0, 0, .04); box-shadow: 0 1px 1px rgba(0, 0, 0, .04); } h1 { border-bottom: 1px solid #dadada; clear: both; color: #666; font-size: 24px; margin: 30px 0 0 0; padding: 0; padding-bottom: 7px; } #error-page { margin-top: 50px; } #error-page p, #error-page .wp-die-message { font-size: 14px; line-height: 1.5; margin: 25px 0 20px; } #error-page code { font-family: Consolas, Monaco, monospace; } ul li { margin-bottom: 10px; font-size: 14px ; } a { color: #2271b1; } a:hover, a:active { color: #135e96; } a:focus { color: #043959; box-shadow: 0 0 0 2px #2271b1; outline: 2px solid transparent; } .button { background: #f3f5f6; border: 1px solid #016087; color: #016087; display: inline-block; text-decoration: none; font-size: 13px; line-height: 2; height: 28px; margin: 0; padding: 0 10px 1px; cursor: pointer; -webkit-border-radius: 3px; -webkit-appearance: none; border-radius: 3px; white-space: nowrap; -webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box; vertical-align: top; } .button.button-large { line-height: 2.30769231; min-height: 32px; padding: 0 12px; } .button:hover, .button:focus { background: #f1f1f1; } .button:focus { background: #f3f5f6; border-color: #007cba; -webkit-box-shadow: 0 0 0 1px #007cba; box-shadow: 0 0 0 1px #007cba; color: #016087; outline: 2px solid transparent; outline-offset: 0; } .button:active { background: #f3f5f6; border-color: #7e8993; -webkit-box-shadow: none; box-shadow: none; } </style> </head> <body id="error-page"> <div class="wp-die-message">Access denied</div></body> </html>Found 2026-01-12 by HttpPluginCreate report
-
Open service 192.0.66.114:80 · product-summit.voxmedia.com
2026-01-10 09:14
HTTP/1.1 301 Moved Permanently Server: nginx Date: Sat, 10 Jan 2026 09:14:32 GMT Content-Type: text/html Content-Length: 162 Connection: close Location: https://product-summit.voxmedia.com/ Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>nginx</center> </body> </html>
Found 2026-01-10 by HttpPluginCreate report
-
Open service 192.0.66.114:443 · product-summit.voxmedia.com
2026-01-10 09:14
HTTP/1.1 200 OK Server: nginx Date: Sat, 10 Jan 2026 09:14:33 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding X-hacker: If you're reading this, you should visit https://join.a8c.com/viphacker and apply to join the fun, mention this header. X-Powered-By: WordPress VIP <https://wpvip.com> Host-Header: a9130478a60e5f9135f765b23f26593b Link: <https://product-summit.voxmedia.com/wp-json/>; rel="https://api.w.org/" Link: <https://product-summit.voxmedia.com/wp-json/wp/v2/pages/22>; rel="alternate"; title="JSON"; type="application/json" Link: <https://product-summit.voxmedia.com/>; rel=shortlink x-rq: lhr3 0 30 9980 cache-control: max-age=300, must-revalidate accept-ranges: bytes x-cache: HIT
Found 2026-01-10 by HttpPluginCreate report
-
Open service 192.0.66.114:443 · staging.mendocinobeacon.com
2026-01-10 00:35
HTTP/1.1 200 OK Server: nginx Date: Sat, 10 Jan 2026 00:35:33 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Content-Security-Policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob: *.visualwebsiteoptimizer.com; style-src 'unsafe-inline' https: *.visualwebsiteoptimizer.com app.vwo.com; img-src data: https: blob: *.visualwebsiteoptimizer.com app.vwo.com useruploads.vwo.io; font-src data: https:; connect-src https: data: blob: *.visualwebsiteoptimizer.com app.vwo.com; media-src blob: data: https:; object-src https:; child-src https: data: blob: 'self' *.visualwebsiteoptimizer.com app.vwo.com; upgrade-insecure-requests; block-all-mixed-content; X-hacker: If you're reading this, you should visit https://join.a8c.com/viphacker and apply to join the fun, mention this header. X-Powered-By: WordPress VIP <https://wpvip.com> Host-Header: a9130478a60e5f9135f765b23f26593b X-Robots-Tag: noindex, nofollow Link: <https://staging.mendocinobeacon.com/index.php?rest_route=/>; rel="https://api.w.org/" x-rq: jfk1 0 20 9980 cache-control: max-age=300, must-revalidate accept-ranges: bytes x-cache: HIT
Found 2026-01-10 by HttpPluginCreate report
-
Open service 192.0.66.114:443 · www.rollingstone.com
2026-01-09 23:27
HTTP/1.1 200 OK Server: nginx Date: Fri, 09 Jan 2026 23:27:47 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding X-hacker: If you're reading this, you should visit https://join.a8c.com/viphacker and apply to join the fun, mention this header. X-Powered-By: WordPress VIP <https://wpvip.com> Host-Header: a9130478a60e5f9135f765b23f26593b X-UA-Compatible: IE=Edge Content-Security-Policy: upgrade-insecure-requests Content-Security-Policy: frame-ancestors 'none' Content-Security-Policy-Report-Only: default-src data: 'unsafe-inline' 'unsafe-eval' https: blob: http://*.files.wordpress.com wss://www.rollingstone.com; report-uri https://pmcuri.report-uri.com/r/d/csp/reportOnly Link: <https://www.rollingstone.com/wp-json/>; rel="https://api.w.org/" Link: <https://wp.me/a2tH9>; rel=shortlink x-rq: hhn1 0 30 9980 cache-control: max-age=300, must-revalidate accept-ranges: bytes x-cache: HIT Strict-Transport-Security: max-age=300
Found 2026-01-09 by HttpPluginCreate report
-
Open service 192.0.66.114:443 · product-summit.voxmedia.com
2026-01-09 16:10
HTTP/1.1 200 OK Server: nginx Date: Fri, 09 Jan 2026 16:10:13 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding X-hacker: If you're reading this, you should visit https://join.a8c.com/viphacker and apply to join the fun, mention this header. X-Powered-By: WordPress VIP <https://wpvip.com> Host-Header: a9130478a60e5f9135f765b23f26593b Link: <https://product-summit.voxmedia.com/wp-json/>; rel="https://api.w.org/" Link: <https://product-summit.voxmedia.com/wp-json/wp/v2/pages/22>; rel="alternate"; title="JSON"; type="application/json" Link: <https://product-summit.voxmedia.com/>; rel=shortlink x-rq: sin1 0 30 9980 accept-ranges: bytes cache-control: max-age=300, must-revalidate x-cache: HIT
Found 2026-01-09 by HttpPluginCreate report
-
Open service 192.0.66.114:443 · contenthub.medianewsgroup.com
2026-01-09 14:54
HTTP/1.1 200 OK Server: nginx Date: Fri, 09 Jan 2026 14:54:43 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Content-Security-Policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob: *.visualwebsiteoptimizer.com; style-src 'unsafe-inline' https: *.visualwebsiteoptimizer.com app.vwo.com; img-src data: https: blob: *.visualwebsiteoptimizer.com app.vwo.com useruploads.vwo.io; font-src data: https:; connect-src https: data: blob: *.visualwebsiteoptimizer.com app.vwo.com; media-src blob: data: https:; object-src https:; child-src https: data: blob: 'self' *.visualwebsiteoptimizer.com app.vwo.com; upgrade-insecure-requests; block-all-mixed-content; accept-ranges: bytes cache-control: max-age=300, must-revalidate x-rq: yyz1 179 253 80 x-cache: HIT Strict-Transport-Security: max-age=31536000;includeSubdomains <!doctype html><html><body> </body></html>
Found 2026-01-09 by HttpPluginCreate report
-
Open service 192.0.66.114:443 · bestof.dailymail.com
2026-01-09 13:24
HTTP/1.1 200 OK Server: nginx Date: Fri, 09 Jan 2026 13:24:29 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Set-Cookie: PHPSESSID=db0d86e4b72cf87f1cd9c5f559d667f3; path=/ Pragma: no-cache X-hacker: If you're reading this, you should visit https://join.a8c.com/viphacker and apply to join the fun, mention this header. X-Powered-By: WordPress VIP <https://wpvip.com> Host-Header: a9130478a60e5f9135f765b23f26593b Link: <https://bestof.dailymail.com/wp-json/>; rel="https://api.w.org/" x-rq: jfk1 0 10 9980 accept-ranges: bytes cache-control: no-cache, must-revalidate, max-age=0, no-store x-cache: BYPASS
Found 2026-01-09 by HttpPluginCreate report
-
Open service 192.0.66.114:80 · www.rollingstone.com
2026-01-08 00:35
HTTP/1.1 301 Moved Permanently Server: nginx Date: Thu, 08 Jan 2026 00:35:31 GMT Content-Type: text/html Content-Length: 162 Connection: close Location: https://www.rollingstone.com/ Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>nginx</center> </body> </html>
Found 2026-01-08 by HttpPluginCreate report
-
Open service 192.0.66.114:443 · www.rollingstone.com
2026-01-08 00:35
HTTP/1.1 200 OK Server: nginx Date: Thu, 08 Jan 2026 00:35:32 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding X-hacker: If you're reading this, you should visit https://join.a8c.com/viphacker and apply to join the fun, mention this header. X-Powered-By: WordPress VIP <https://wpvip.com> Host-Header: a9130478a60e5f9135f765b23f26593b X-UA-Compatible: IE=Edge Content-Security-Policy: upgrade-insecure-requests Content-Security-Policy: frame-ancestors 'none' Content-Security-Policy-Report-Only: default-src data: 'unsafe-inline' 'unsafe-eval' https: blob: http://*.files.wordpress.com wss://www.rollingstone.com; report-uri https://pmcuri.report-uri.com/r/d/csp/reportOnly Link: <https://www.rollingstone.com/wp-json/>; rel="https://api.w.org/" Link: <https://wp.me/a2tH9>; rel=shortlink cache-control: max-age=300, must-revalidate x-cache: HIT accept-ranges: bytes x-rq: sin1 0 30 9980 Strict-Transport-Security: max-age=300
Found 2026-01-08 by HttpPluginCreate report
-
Open service 192.0.66.114:443 · rollingstone.com
2026-01-08 00:35
HTTP/1.1 301 Moved Permanently Server: nginx Date: Thu, 08 Jan 2026 00:35:31 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close Location: https://www.rollingstone.com/ x-rq: ams7 0 30 9980 x-cache: HIT Strict-Transport-Security: max-age=300
Found 2026-01-08 by HttpPluginCreate report
-
Open service 192.0.66.114:80 · rollingstone.com
2026-01-08 00:35
HTTP/1.1 301 Moved Permanently Server: nginx Date: Thu, 08 Jan 2026 00:35:31 GMT Content-Type: text/html Content-Length: 162 Connection: close Location: https://rollingstone.com/ Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>nginx</center> </body> </html>
Found 2026-01-08 by HttpPluginCreate report
-
Open service 192.0.66.114:443 · product-summit.voxmedia.com
2026-01-02 22:07
HTTP/1.1 200 OK Server: nginx Date: Fri, 02 Jan 2026 22:07:16 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding X-hacker: If you're reading this, you should visit https://join.a8c.com/viphacker and apply to join the fun, mention this header. X-Powered-By: WordPress VIP <https://wpvip.com> Host-Header: a9130478a60e5f9135f765b23f26593b Link: <https://product-summit.voxmedia.com/wp-json/>; rel="https://api.w.org/" Link: <https://product-summit.voxmedia.com/wp-json/wp/v2/pages/22>; rel="alternate"; title="JSON"; type="application/json" Link: <https://product-summit.voxmedia.com/>; rel=shortlink cache-control: max-age=300, must-revalidate x-rq: hhn1 0 30 9980 accept-ranges: bytes x-cache: EXPIRED
Found 2026-01-02 by HttpPluginCreate report
-
Open service 192.0.66.114:443 · staging.mendocinobeacon.com
2026-01-02 20:06
HTTP/1.1 200 OK Server: nginx Date: Fri, 02 Jan 2026 20:06:36 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Content-Security-Policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob: *.visualwebsiteoptimizer.com; style-src 'unsafe-inline' https: *.visualwebsiteoptimizer.com app.vwo.com; img-src data: https: blob: *.visualwebsiteoptimizer.com app.vwo.com useruploads.vwo.io; font-src data: https:; connect-src https: data: blob: *.visualwebsiteoptimizer.com app.vwo.com; media-src blob: data: https:; object-src https:; child-src https: data: blob: 'self' *.visualwebsiteoptimizer.com app.vwo.com; upgrade-insecure-requests; block-all-mixed-content; X-hacker: If you're reading this, you should visit https://join.a8c.com/viphacker and apply to join the fun, mention this header. X-Powered-By: WordPress VIP <https://wpvip.com> Host-Header: a9130478a60e5f9135f765b23f26593b X-Robots-Tag: noindex, nofollow Link: <https://staging.mendocinobeacon.com/index.php?rest_route=/>; rel="https://api.w.org/" cache-control: max-age=300, must-revalidate x-rq: hhn1 0 20 9980 accept-ranges: bytes x-cache: HIT
Found 2026-01-02 by HttpPluginCreate report
-
Open service 192.0.66.114:443 · contenthub.medianewsgroup.com
2026-01-02 14:42
HTTP/1.1 200 OK Server: nginx Date: Fri, 02 Jan 2026 14:42:32 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Content-Security-Policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob: *.visualwebsiteoptimizer.com; style-src 'unsafe-inline' https: *.visualwebsiteoptimizer.com app.vwo.com; img-src data: https: blob: *.visualwebsiteoptimizer.com app.vwo.com useruploads.vwo.io; font-src data: https:; connect-src https: data: blob: *.visualwebsiteoptimizer.com app.vwo.com; media-src blob: data: https:; object-src https:; child-src https: data: blob: 'self' *.visualwebsiteoptimizer.com app.vwo.com; upgrade-insecure-requests; block-all-mixed-content; x-rq: hhn1 0 40 9980 cache-control: max-age=300, must-revalidate accept-ranges: bytes x-cache: HIT Strict-Transport-Security: max-age=31536000;includeSubdomains <!doctype html><html><body> </body></html>
Found 2026-01-02 by HttpPluginCreate report
-
Open service 192.0.66.114:443 · www.rollingstone.com
2026-01-02 14:22
HTTP/1.1 200 OK Server: nginx Date: Fri, 02 Jan 2026 14:22:12 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding X-hacker: If you're reading this, you should visit https://join.a8c.com/viphacker and apply to join the fun, mention this header. X-Powered-By: WordPress VIP <https://wpvip.com> Host-Header: a9130478a60e5f9135f765b23f26593b X-UA-Compatible: IE=Edge Content-Security-Policy: upgrade-insecure-requests Content-Security-Policy: frame-ancestors 'none' Content-Security-Policy-Report-Only: default-src data: 'unsafe-inline' 'unsafe-eval' https: blob: http://*.files.wordpress.com wss://www.rollingstone.com; report-uri https://pmcuri.report-uri.com/r/d/csp/reportOnly Link: <https://www.rollingstone.com/wp-json/>; rel="https://api.w.org/" Link: <https://wp.me/a2tH9>; rel=shortlink cache-control: max-age=300, must-revalidate x-cache: HIT accept-ranges: bytes x-rq: hhn1 0 30 9980 Strict-Transport-Security: max-age=300
Found 2026-01-02 by HttpPluginCreate report
-
Open service 192.0.66.114:443 · bestof.dailymail.com
2026-01-01 21:15
HTTP/1.1 200 OK Server: nginx Date: Thu, 01 Jan 2026 21:15:13 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Set-Cookie: PHPSESSID=37a409d63348a9ba04167c27340f776e; path=/ Pragma: no-cache X-hacker: If you're reading this, you should visit https://join.a8c.com/viphacker and apply to join the fun, mention this header. X-Powered-By: WordPress VIP <https://wpvip.com> Host-Header: a9130478a60e5f9135f765b23f26593b Link: <https://bestof.dailymail.com/wp-json/>; rel="https://api.w.org/" cache-control: no-cache, must-revalidate, max-age=0, no-store x-rq: hhn1 182 249 80 accept-ranges: bytes x-cache: BYPASS
Found 2026-01-01 by HttpPluginCreate report
-
Open service 192.0.66.114:80 · engineering.salesforce.com
2025-12-23 16:32
HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 23 Dec 2025 16:32:20 GMT Content-Type: text/html Content-Length: 162 Connection: close Location: https://engineering.salesforce.com/ Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>nginx</center> </body> </html>
Found 2025-12-23 by HttpPluginCreate report
-
Open service 192.0.66.114:443 · contenthub.medianewsgroup.com
2025-12-23 06:07
HTTP/1.1 200 OK Server: nginx Date: Tue, 23 Dec 2025 06:07:54 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Content-Security-Policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob: *.visualwebsiteoptimizer.com; style-src 'unsafe-inline' https: *.visualwebsiteoptimizer.com app.vwo.com; img-src data: https: blob: *.visualwebsiteoptimizer.com app.vwo.com useruploads.vwo.io; font-src data: https:; connect-src https: data: blob: *.visualwebsiteoptimizer.com app.vwo.com; media-src blob: data: https:; object-src https:; child-src https: data: blob: 'self' *.visualwebsiteoptimizer.com app.vwo.com; upgrade-insecure-requests; block-all-mixed-content; x-rq: sjc3 0 40 9980 accept-ranges: bytes cache-control: max-age=300, must-revalidate x-cache: HIT Strict-Transport-Security: max-age=31536000;includeSubdomains <!doctype html><html><body> </body></html>
Found 2025-12-23 by HttpPluginCreate report
-
Open service 192.0.66.114:443 · bestof.dailymail.com
2025-12-23 04:08
HTTP/1.1 200 OK Server: nginx Date: Tue, 23 Dec 2025 04:08:54 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Set-Cookie: PHPSESSID=bf2d2e4d569deef7f04dfd01651e8de0; path=/ Pragma: no-cache X-hacker: If you're reading this, you should visit https://join.a8c.com/viphacker and apply to join the fun, mention this header. X-Powered-By: WordPress VIP <https://wpvip.com> Host-Header: a9130478a60e5f9135f765b23f26593b Link: <https://bestof.dailymail.com/wp-json/>; rel="https://api.w.org/" x-rq: jfk1 0 10 9980 accept-ranges: bytes cache-control: no-cache, must-revalidate, max-age=0, no-store x-cache: BYPASS
Found 2025-12-23 by HttpPluginCreate report
-
Open service 192.0.66.114:443 · product-summit.voxmedia.com
2025-12-23 04:01
HTTP/1.1 200 OK Server: nginx Date: Tue, 23 Dec 2025 04:01:08 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding X-hacker: If you're reading this, you should visit https://join.a8c.com/viphacker and apply to join the fun, mention this header. X-Powered-By: WordPress VIP <https://wpvip.com> Host-Header: a9130478a60e5f9135f765b23f26593b Link: <https://product-summit.voxmedia.com/wp-json/>; rel="https://api.w.org/" Link: <https://product-summit.voxmedia.com/wp-json/wp/v2/pages/22>; rel="alternate"; title="JSON"; type="application/json" Link: <https://product-summit.voxmedia.com/>; rel=shortlink cache-control: max-age=300, must-revalidate x-rq: sin1 0 30 9980 accept-ranges: bytes x-cache: EXPIRED
Found 2025-12-23 by HttpPluginCreate report
-
Open service 192.0.66.114:443 · www.rollingstone.com
2025-12-23 03:03
HTTP/1.1 200 OK Server: nginx Date: Tue, 23 Dec 2025 03:03:18 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding X-hacker: If you're reading this, you should visit https://join.a8c.com/viphacker and apply to join the fun, mention this header. X-Powered-By: WordPress VIP <https://wpvip.com> Host-Header: a9130478a60e5f9135f765b23f26593b X-UA-Compatible: IE=Edge Content-Security-Policy: upgrade-insecure-requests Content-Security-Policy: frame-ancestors 'none' Content-Security-Policy-Report-Only: default-src data: 'unsafe-inline' 'unsafe-eval' https: blob: http://*.files.wordpress.com wss://www.rollingstone.com; report-uri https://pmcuri.report-uri.com/r/d/csp/reportOnly Link: <https://www.rollingstone.com/wp-json/>; rel="https://api.w.org/" Link: <https://wp.me/a2tH9>; rel=shortlink x-rq: sin1 0 30 9980 accept-ranges: bytes cache-control: max-age=300, must-revalidate x-cache: HIT Strict-Transport-Security: max-age=300
Found 2025-12-23 by HttpPluginCreate report
-
Open service 192.0.66.114:443 · staging.mendocinobeacon.com
2025-12-22 20:53
HTTP/1.1 200 OK Server: nginx Date: Mon, 22 Dec 2025 20:53:15 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Content-Security-Policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob: *.visualwebsiteoptimizer.com; style-src 'unsafe-inline' https: *.visualwebsiteoptimizer.com app.vwo.com; img-src data: https: blob: *.visualwebsiteoptimizer.com app.vwo.com useruploads.vwo.io; font-src data: https:; connect-src https: data: blob: *.visualwebsiteoptimizer.com app.vwo.com; media-src blob: data: https:; object-src https:; child-src https: data: blob: 'self' *.visualwebsiteoptimizer.com app.vwo.com; upgrade-insecure-requests; block-all-mixed-content; X-hacker: If you're reading this, you should visit https://join.a8c.com/viphacker and apply to join the fun, mention this header. X-Powered-By: WordPress VIP <https://wpvip.com> Host-Header: a9130478a60e5f9135f765b23f26593b X-Robots-Tag: noindex, nofollow Link: <https://staging.mendocinobeacon.com/index.php?rest_route=/>; rel="https://api.w.org/" cache-control: max-age=300, must-revalidate x-rq: jfk1 0 20 9980 accept-ranges: bytes x-cache: HIT
Found 2025-12-22 by HttpPluginCreate report