www.netsec.news Open in urlscan Pro
104.21.50.203 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks
Effective URL:
https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/
Submission: On January 28 via manual (January 28th 2022, 10:52:23 pm UTC) from JM — Scanned from DE

Summary HTTP 55 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 55 HTTP transactions. The main IP is 104.21.50.203, located in and belongs to CLOUDFLARENET, US. The main domain is www.netsec.news.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.

This is the only time www.netsec.news was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 18	104.21.50.203 104.21.50.203	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	18.66.247.90 18.66.247.90	16509 (AMAZON-02) (AMAZON-02)
7	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
3	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1 2	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
20	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
55	10

18 104.21.50.203 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.netsec.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.247.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-247-90.dus51.r.cloudfront.net

cdn-images.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.8 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	twimg.com cdn.syndication.twimg.com — Cisco Umbrella Rank: 1493 pbs.twimg.com — Cisco Umbrella Rank: 668	210 KB
18	netsec.news 2 redirects www.netsec.news	324 KB
9	twitter.com 1 redirects platform.twitter.com — Cisco Umbrella Rank: 592 syndication.twitter.com — Cisco Umbrella Rank: 844	214 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	158 KB
2	gstatic.com fonts.gstatic.com	91 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	2 KB
1	mailchimp.com cdn-images.mailchimp.com — Cisco Umbrella Rank: 5534	1 KB
55	8

	Domain	Requested by
19	pbs.twimg.com	www.netsec.news
18	www.netsec.news	2 redirects www.netsec.news
7	platform.twitter.com	www.netsec.news platform.twitter.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	www.netsec.news www.googletagmanager.com
2	syndication.twitter.com	1 redirects platform.twitter.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	www.netsec.news
1	cdn.syndication.twimg.com	platform.twitter.com
1	cdn-images.mailchimp.com	www.netsec.news
55	10

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.ic3.gov

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
cdn-images.mailchimp.com Amazon	`2021-07-21` - `2022-08-19`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/
Frame ID: 1831569694AF0853C835DBF6FC628E48
Requests: 34 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html?origin=https%3A%2F%2Fwww.netsec.news
Frame ID: B5A94BFFE9F2DA2A38A507BB94386647
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.dark.ltr.css
Frame ID: F54F999AE4910B1B1CA3D4332EC43990
Requests: 24 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: B2008C0012EA23A60EA0E29C6CD75CA1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FBI Shares IoCs Associated with Diavol Ransomware Attacks - NetSec.News

Page URL History Show full URLs

http://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks HTTP 301
https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks HTTP 301
https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

MailChimp (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

cdn-images\.mailchimp\.com/[^>]*\.css

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

55
Requests

100 %
HTTPS

67 %
IPv6

8
Domains

10
Subdomains

10
IPs

3
Countries

1019 kB
Transfer

2352 kB
Size

4
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.netsec.news%2Ffbi-shares-iocs-associated-with-diavol-ransomware-attacks%2F&t=FBI%20Shares%20IoCs%20Associated%20with%20Diavol%20Ransomware%20Attacks
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=FBI%20Shares%20IoCs%20Associated%20with%20Diavol%20Ransomware%20Attacks&url=https%3A%2F%2Fwww.netsec.news%2Ffbi-shares-iocs-associated-with-diavol-ransomware-attacks%2F
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.netsec.news%2Ffbi-shares-iocs-associated-with-diavol-ransomware-attacks%2F&title=FBI%20Shares%20IoCs%20Associated%20with%20Diavol%20Ransomware%20Attacks
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.ic3.gov/Media/News/2022/220120.pdf
Title: TLP:WHITE Flash Alert

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks HTTP 301
https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks HTTP 301
https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

55 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/
Redirect Chain

http://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks
https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks
https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/

39 KB
12 KB

1430ms
1429ms

Document
text/html

104.21.50.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.50.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24f52e30629b604301f365607f3e875c9cd0ac75fb7b66362a49fec7e77ce4e6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 28 Jan 2022 22:52:17 GMT
content-type: text/html; charset=UTF-8
link: <https://www.netsec.news/wp-json/>; rel="https://api.w.org/", <https://www.netsec.news/wp-json/wp/v2/posts/10648>; rel="alternate"; type="application/json", <https://www.netsec.news/?p=10648>; rel=shortlink
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 28 Jan 2022 22:52:17 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o2QFRKPz%2BA5L%2Buqe5h1PqOOepCunQx9vNtPreV6H8%2BJxm7HkH6ad0or3vDY%2BIxvlAPigJpEvtqMAP8q0oIV%2FdTThyyRqf%2BfAcY4aAtx7fgfd%2FMJPyXDQfV7pbNT8GqApV5g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d4dca480a459107-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Fri, 28 Jan 2022 22:52:15 GMT
content-type: text/html; charset=UTF-8
location: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/
x-redirect-by: WordPress
cache-control: max-age=14400
cf-cache-status: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iNBWZcKjRvUkS%2FedDFJGU2OKHOkMPAwlVCG%2BFz8IxbWTboOJ8mdA6yQAaUXAFwBMu1dtY76riS3IafRaxGX%2FV9sma4isJ3A9Kawgp%2B65KxYWv1MFa87dh9bliNzDzL%2Bb6PA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6d4dca40df049107-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 autoptimize_086e511a71b17ed002993bb3551a9ad4.css
www.netsec.news/wp-content/cache/autoptimize/css/ 296 KB
43 KB 663ms
662ms Stylesheet
text/css 104.21.50.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netsec.news/wp-content/cache/autoptimize/css/autoptimize_086e511a71b17ed002993bb3551a9ad4.css
Requested by: Host: www.netsec.news
URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.50.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e41b0b32fc19d92b042ded05032c6429255f4406c8b851084aa49e6022a5c3f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:18 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 08 Jan 2022 23:42:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rjnJWF2yE7ZF79Jap1C2lhZv5nIaKfg3B6w4DAvmraZLsCA7QK7Iw1%2BZ0GtbtPu9WUmQa6T4s%2Bd%2BabBdnV9RBlg1pthlrLjVQo5r2ENmDuM4f77cUj0uc%2BsZz24MKgYg3TY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=30672000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d4dca5118b79107-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 18 Jan 2023 22:52:17 GMT

GET
H2 200 autoptimize_e2f0786612ea1d4d5fe3fc865a814103.css
www.netsec.news/wp-content/cache/autoptimize/css/ 16 KB
4 KB 401ms
400ms Stylesheet
text/css 104.21.50.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netsec.news/wp-content/cache/autoptimize/css/autoptimize_e2f0786612ea1d4d5fe3fc865a814103.css
Requested by: Host: www.netsec.news
URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.50.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f94c6bbe07a0c1cd75db3f68c3297f6442f3e57bd9bee499ff5130690790501

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 13 Jan 2022 01:34:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YIYtg%2FM%2BRALhF%2F%2F0Uj9DCNCERnLquSrEsMpliNnbrSt%2FUUikFtUB7AYyL8gpBiScG7mRqn3t9PG0ANGpUKmvx%2FiYps%2FOaAcfi7cn1%2F4%2Bo138kKNpPhIGuTvZhV5YQK3qAzI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=30672000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d4dca5118b99107-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 18 Jan 2023 22:52:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 148ms
61ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-80120350-1

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d719546b79f2c8402130de3319b7f282481bc2c09eff92d6fdd1e847230cdef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.netsec.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36064
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Jan 2022 22:52:17 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 132ms
47ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4b31f597e9852f3e8ef045d9f6032a8ecfe9d8e5c6cde3196c6964e193fe6615

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.netsec.news/
Origin: https://www.netsec.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 22:22:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 28 Jan 2022 22:52:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Jan 2022 22:52:17 GMT

GET
H2 200 css
fonts.googleapis.com/ 31 KB
1 KB 134ms
50ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,800italic,400,300,700,800|Raleway:400,200,100,500,700,800,900&subset=latin,latin-ext

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a7ddc6120915b8db963cd9b51c4d87d414ca2fae42ff978f8dc194aefd8efd65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.netsec.news/
Origin: https://www.netsec.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 22:31:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 28 Jan 2022 22:52:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Jan 2022 22:52:17 GMT

GET
H2 200 jquery.min.js Show response
www.netsec.news/wp-includes/js/jquery/ 87 KB
32 KB 405ms
404ms Script
application/javascript 104.21.50.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netsec.news/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.netsec.news
URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.50.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:17 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 01 Sep 2021 12:02:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hiuInh7il71c3m09YM35YkN495YS0G49G6hn4sgbb%2Bjgaw%2BjEuLscU6SXH3QAmSr0uBi7P0Vahx7HsxqE63YTo70aWlsEsE87%2FV%2FwcEH1%2BHc6ikZE4nH0CVhXbKoN%2BFGdtA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d4dca5118ba9107-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 modules.ttf
www.netsec.news/wp-content/plugins/monarch/core/admin/fonts/ 90 KB
37 KB 411ms
410ms Font
font/ttf 104.21.50.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netsec.news/wp-content/plugins/monarch/core/admin/fonts/modules.ttf
Requested by: Host: www.netsec.news
URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.50.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09

Request headers

Referer: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/
Origin: https://www.netsec.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:17 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 04 May 2021 18:44:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ytDJhrOKgk8AE4Zz7LWCKziDs1tpxxSdHQV2P%2BlNnN8fEvzPGaqxmvZz63xwsC6nBVhJiwuIS5pGsG2eyjA9BUWe48nL0yaqEMssCSGNglmWKhIWI0hmH275GzdMzK6Tibc%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d4dca5118bb9107-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 165 KB
61 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0XGB9QEGFK

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f699b5dd75e5b9409ca80814b62d1e99e902b637bff6a1a22cd928f3bbc8c0c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.netsec.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:18 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62371
x-xss-protection: 0
expires: Fri, 28 Jan 2022 22:52:18 GMT

GET
H/1.1 200
OK slim-10_7.css
cdn-images.mailchimp.com/embedcode/ 2 KB
1 KB 55ms
10ms Stylesheet
text/css 18.66.247.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-images.mailchimp.com/embedcode/slim-10_7.css
Requested by: Host: www.netsec.news
URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.247.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-247-90.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f0b7264810a4f05251ac724721a5a3a61887cff9bd30e1fbbc1bc832e94d38a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.netsec.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 28 Jan 2022 22:07:20 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Dec 2015 20:19:39 GMT
Server: AmazonS3
Age: 2697
ETag: W/"d67b6072a15510e2010ad947aa1213c3"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: qqPp7SCojTfxDv9jDg025EvwczgBUewqroBcThgjZLQOYbHZpfj-uQ==

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 74ms
6ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.netsec.news
URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674D) /
Resource Hash: aec1273daa6df2443053427acbd188f229d60ed9d83ef9bccba3f8a8f21fc3dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.netsec.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 28 Jan 2022 22:52:18 GMT
Content-Encoding: gzip
Age: 922
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 29180
x-tw-cdn: VZ
Last-Modified: Wed, 19 Jan 2022 19:22:23 GMT
Server: ECS (frb/674D)
Etag: "e92bd51c447ba1dbd509a1e23d3a8521+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 lazysizes.min.js Show response
www.netsec.news/wp-content/plugins/autoptimize/classes/external/js/ 10 KB
5 KB 392ms
391ms Script
application/javascript 104.21.50.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netsec.news/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.9.2
Requested by: Host: www.netsec.news
URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.50.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:18 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 01 Sep 2021 12:01:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YmtNyLAH9RhIhHnWTXVfDGjNs7VC8i%2BhcOOsZDsSfRQLvXCbBoegDLkdeYesALGXm2fIvBMAdj86Hnt6GB15oGjIIfWqm6x736gTf3Icq%2BskbfW0GwEQVD6ZM9veOc5hYeo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d4dca557f149107-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 regenerator-runtime.min.js Show response
www.netsec.news/wp-includes/js/dist/vendor/ 6 KB
3 KB 400ms
400ms Script
application/javascript 104.21.50.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netsec.news/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
Requested by: Host: www.netsec.news
URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.50.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 01 Sep 2021 12:02:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8busDtmvqJa7MeuBIja5XDXUaEzaUhauP5KdHPB%2BEk4b%2BjSaPS3h%2FfHy6mZOHMSKeoWlYpy8Nlb9NL2PUyR8pJ23jQPeRnFJlx3wsxkdKP45P3cHyHPTwWB5A78IAFJ7y3c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d4dca5118bc9107-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 wp-polyfill.min.js Show response
www.netsec.news/wp-includes/js/dist/vendor/ 16 KB
6 KB 409ms
409ms Script
application/javascript 104.21.50.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netsec.news/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: www.netsec.news
URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.50.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 01 Sep 2021 12:02:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3WnP%2Fb3NUrIHw5HSKeGn8uKxGQ6EiqCPcZBAe2Rtbxt1b494Bk75Pv65yiv6ChXjZSu0m9E4gSraw9NgngH1IPJIuse8idqh6xG5htEKFVpjVaa%2Fh7JdIGqkurvlZgoboU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d4dca5118bd9107-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 autoptimize_c437d56a31adb0fbf9e86e14b17c97d7.js Show response
www.netsec.news/wp-content/cache/autoptimize/js/ 147 KB
43 KB 661ms
660ms Script
application/javascript 104.21.50.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netsec.news/wp-content/cache/autoptimize/js/autoptimize_c437d56a31adb0fbf9e86e14b17c97d7.js
Requested by: Host: www.netsec.news
URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.50.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09e82a832beba6ed0258e42b0b7970422c4b85e006a82344877fb85455c026cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:18 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 13 Jan 2022 01:34:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jupxQd648%2F%2FI569AWTxVo2ePIzQ5yZIpwKOUsXoKksRlxZqeATm44oOGaygH5WP9VUMX4w31NKTyMwKJGQwsoeJtfhh9J3shEUaSv9LmjvyKD2oTfpEDpzs%2FolfPtOV6naM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=30672000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d4dca557f179107-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 18 Jan 2023 22:52:18 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-80120350-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.netsec.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4644
date: Fri, 28 Jan 2022 21:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 28 Jan 2022 23:34:54 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.netsec.news/wp-includes/js/ 18 KB
5 KB 418ms
418ms Script
application/javascript 104.21.50.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netsec.news/wp-includes/js/wp-emoji-release.min.js?ver=5.8.3
Requested by: Host: www.netsec.news
URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.50.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:18 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 01 Sep 2021 12:02:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xxg0TVnfgjSYTnrEaHr6gbs8wwdy1ZzDkytT9hl%2BIu1fDmyapaenVoCZkaDEIdMAVdA%2Fz3VZ37p%2BqL3pv0KAxqMVPv5HzRugvi40VZC32hgzXJZXxmC%2FdaNmM7S3sPUB670%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d4dca557f189107-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 165 KB
61 KB 54ms
53ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0XGB9QEGFK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-80120350-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eb56338623c9a5fccd9ac2269960cf07a04e6be46b0e3182cbf6ea4cb04fa5fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.netsec.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:18 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62381
x-xss-protection: 0
expires: Fri, 28 Jan 2022 22:52:18 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9dc60c88435895c2c30837a2f4f572c35042908e79992df178ff1a496c37dff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62c623520b5a7c0276d410d5ebe5fad9f44a58e7581e3e628de473293351b321

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 revil-ransomware-decryptor-release.jpg
www.netsec.news/wp-content/uploads/2021/09/ 96 KB
96 KB 669ms
668ms Image
image/jpeg 104.21.50.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.netsec.news/wp-content/uploads/2021/09/revil-ransomware-decryptor-release.jpg
Requested by: Host: www.netsec.news
URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.50.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 027f26519a9567a5a996cafb735fb75ac4182e6d6b158409eeef00801bcb5a33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:18 GMT
cf-cache-status: MISS
last-modified: Fri, 17 Sep 2021 12:16:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UWeJdbl4XWGusCZSXBgi3ujUikg48Zot4bVrcez%2FAuo5mp7%2F5B7oeXIgXvT6PRPIKZtmyjknQKkdkULYgiHlXdVmSujM%2BvZBqj33mUT%2F6HSdk2D4rnZe2mUDIYZVkSUdLPk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d4dca558f2a9107-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 98164

GET
H2 200 title-shadow.png
www.netsec.news/wp-content/themes/Nexus/images/ 277 B
558 B 401ms
400ms Image
image/png 104.21.50.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.netsec.news/wp-content/themes/Nexus/images/title-shadow.png
Requested by: Host: www.netsec.news
URL: https://www.netsec.news/wp-content/cache/autoptimize/css/autoptimize_086e511a71b17ed002993bb3551a9ad4.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.50.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51f6757186bc2ffd28f2c2aab16b1b86ee001cc5bff18fa322129f3419c41b91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.netsec.news/wp-content/cache/autoptimize/css/autoptimize_086e511a71b17ed002993bb3551a9ad4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:18 GMT
cf-cache-status: MISS
last-modified: Wed, 17 Apr 2019 11:22:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GccQc%2Bg80fic%2BwHKFa6IDD8RcpaeOd3qIv%2Bue3u1gdDWUQJnlxkOr5R58BoRCxRhW8PPIJlbMhNnz5ydfgYAuqhEq1EVKxzWL3LjVTEW6hiMUK4H%2BL5rAJr7qlChPHkzQg8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d4dca558f2d9107-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 277

GET
H2 200 breadcrumbs_separator.png
www.netsec.news/wp-content/themes/Nexus/images/ 1 KB
1 KB 400ms
400ms Image
image/png 104.21.50.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.netsec.news/wp-content/themes/Nexus/images/breadcrumbs_separator.png
Requested by: Host: www.netsec.news
URL: https://www.netsec.news/wp-content/cache/autoptimize/css/autoptimize_086e511a71b17ed002993bb3551a9ad4.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.50.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6935b2c1940b4f74e22834aa671716c4f1a8f15c581e11fe02e21f4e4bf54cc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.netsec.news/wp-content/cache/autoptimize/css/autoptimize_086e511a71b17ed002993bb3551a9ad4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:18 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 17 Apr 2019 11:22:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LOwNKTiBXevPN9ooRJxk5m8IjB4lRZS5S29esO0onmlFpxqB7b5vPwGr1u7VdzcvJva%2BJdNd3Htjc98%2F10E1hkG%2B5NsTjMVkAhNU9TsU%2BjUzQbZwMP98axVDWmoQ8T1gDkc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d4dca558f309107-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1210

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 129ms
39ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.netsec.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:14:34 GMT
x-content-type-options: nosniff
age: 254264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 26 Jan 2023 00:14:34 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v22/ 46 KB
46 KB 166ms
84ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,800italic,400,300,700,800|Raleway:400,200,100,500,700,800,900&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.netsec.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 20:12:54 GMT
x-content-type-options: nosniff
age: 268764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47312
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 19:40:30 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 20:12:54 GMT

GET
H2 200 monarch.ttf
www.netsec.news/wp-content/plugins/monarch/css/fonts/ 15 KB
10 KB 506ms
505ms Font
font/ttf 104.21.50.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netsec.news/wp-content/plugins/monarch/css/fonts/monarch.ttf
Requested by: Host: www.netsec.news
URL: https://www.netsec.news/wp-content/cache/autoptimize/css/autoptimize_086e511a71b17ed002993bb3551a9ad4.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.50.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c102baea959329be23bb8a5d6bc268ce1668484995f0d23c2f88b46d7653c4f

Request headers

Referer: https://www.netsec.news/wp-content/cache/autoptimize/css/autoptimize_086e511a71b17ed002993bb3551a9ad4.css
Origin: https://www.netsec.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:18 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 04 May 2021 18:44:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UjSiLfLVzkwK%2FKSQ7VvGVVcHBo0msNmwFhmta%2FMbyOjXAH5%2B%2F49JhcMseKQDBURHwvuyhH7jKT3SnpaD4jUEZgmJit6Et9ZrxeDtpDLbUiFfUUXczrXfO1E7xx6xZBlbbDA%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d4dca559f499107-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 204 collect
www.google-analytics.com/g/ 0
162 B 64ms
52ms Ping
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-0XGB9QEGFK&gtm=2oe1q0&_p=427483597&sr=1600x1200&gdid=dZGIzZG&ul=en-us&cid=1657704235.1643410338&_s=1&dl=https%3A%2F%2Fwww.netsec.news%2Ffbi-shares-iocs-associated-with-diavol-ransomware-attacks%2F&dt=FBI%20Shares%20IoCs%20Associated%20with%20Diavol%20Ransomware%20Attacks%20-%20NetSec.News&sid=1643410338&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0XGB9QEGFK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.netsec.news/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 22:52:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.netsec.news
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html Show response
platform.twitter.com/widgets/ Frame B5A9 319 KB
104 KB 7ms
7ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html?origin=https%3A%2F%2Fwww.netsec.news
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6731) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.netsec.news/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 81958
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 28 Jan 2022 22:52:18 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Wed, 19 Jan 2022 19:04:27 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6731)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 settings Show response
syndication.twitter.com/ Frame B5A9 232 B
447 B 137ms
111ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=132915d70dce0ead3ad7a2f7af1f47ea434196be

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html?origin=https%3A%2F%2Fwww.netsec.news

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time: 105
date: Fri, 28 Jan 2022 22:52:17 GMT
content-encoding: gzip
last-modified: Fri, 28 Jan 2022 22:52:18 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: aca9ff6d39e40a8e29c1221da2b2913f3f9421b305f80723e5fd527119452860
content-length: 166

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 95ms
47ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=427483597&t=pageview&_s=1&dl=https%3A%2F%2Fwww.netsec.news%2Ffbi-shares-iocs-associated-with-diavol-ransomware-attacks%2F&ul=en-us&de=UTF-8&dt=FBI%20Shares%20IoCs%20Associated%20with%20Diavol%20Ransomware%20Attacks%20-%20NetSec.News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1593931997&gjid=1063707110&cid=1657704235.1643410338&tid=UA-80120350-1&_gid=491540068.1643410338&_r=1&gtm=2ou1q0&did=dZGIzZG&gdid=dZGIzZG&z=114390355

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.netsec.news/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 22:52:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.netsec.news
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js Show response
platform.twitter.com/js/ 25 KB
8 KB 8ms
8ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6738) /
Resource Hash: 48c9a4d4aa290a866126159687441006eb39adf48ae31e1910aa0f21e0b21376

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.netsec.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 28 Jan 2022 22:52:18 GMT
Content-Encoding: gzip
Age: 81959
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 8012
x-tw-cdn: VZ
Last-Modified: Wed, 19 Jan 2022 19:04:21 GMT
Server: ECS (frb/6738)
Etag: "3123bdaf11a1d77bcf1836091c9b4631+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.34cf38a85ac899f1d6a0438a1659decc.js Show response
platform.twitter.com/js/ 20 KB
7 KB 19ms
10ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.34cf38a85ac899f1d6a0438a1659decc.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674D) /
Resource Hash: 8875e0e5a0f6bfaf4d66fde0622a609e9fe7b599adaef3ad01d6d613574c69b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.netsec.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 28 Jan 2022 22:52:18 GMT
Content-Encoding: gzip
Age: 81955
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
Content-Length: 6444
x-tw-cdn: VZ
Last-Modified: Wed, 19 Jan 2022 19:04:21 GMT
Server: ECS (frb/674D)
Etag: "0a27acfd1028aaadad57ff8929bf7266+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 125 KB
8 KB 247ms
204ms Script
application/javascript 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_Net_Sec_News_old&dnt=false&domain=www.netsec.news&lang=en&screen_name=Net_Sec_News&suppress_response_codes=true&t=1826011&tz=GMT%2B0000&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

778c5ca400b0663fa62472a643f74535217aac3c220c0e5c7374c71b4d7945bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.netsec.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=197
content-length: 7247
x-xss-protection: 0
access-contol-allow-origin: platform.twitter.com
x-response-time: 182
last-modified: Fri, 28 Jan 2022 22:52:18 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
strict-transport-security: max-age=631138519
x-tw-cdn: VZ", VZ, VZ
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: 308e3fd05ced56d4622b8dcdacdfbf12460e13a332eff5664a9f5cee8648963f
timing-allow-origin: *
x-transaction: 0c678e0817e40d9b
expires: Fri, 28 Jan 2022 22:57:18 GMT

GET
H2 200 netsec-news.png
www.netsec.news/wp-content/uploads/2018/05/ 20 KB
21 KB 416ms
415ms Image
image/png 104.21.50.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.netsec.news/wp-content/uploads/2018/05/netsec-news.png
Requested by: Host: www.netsec.news
URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.50.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3e624223bc003d9f797b156318573ddb101d9c3ce43cb5bc311d8da6f0f2cf8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:18 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 04 May 2018 09:16:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sABwg9wdyk2kYlBIIvFkLCswCd%2BDonfHpSVUhX7HacQOzv3rR%2ForhYFwOw7L%2FdCcnLF9ccp9EJJ9OkVymyNLhd5CuVaUeVQ4QSmRp%2FXh9cn2MP4WaNkUXJUdpzySiF7f8hc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d4dca57fb1d9107-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20892

GET
H2 200 banner2.png
www.netsec.news/wp-content/uploads/2018/05/ 5 KB
5 KB 146ms
146ms Image
image/png 104.21.50.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.netsec.news/wp-content/uploads/2018/05/banner2.png
Requested by: Host: www.netsec.news
URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.50.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb99e87e32945ea008d93fbe9e4c95915164a2b86df735b62de52296ac834fbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:18 GMT
cf-cache-status: MISS
last-modified: Thu, 03 May 2018 08:30:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TjklwA43a%2FA3vRJqXZsh9yOaIky7IFFKVsG8y2z8FRBzblNsPfgv4toqDt1e9t7I8n2NbIRcZhdKu4I7GZpfuYVScw2BZPvYr61wd1YavxMrD%2BZNfOIc6VOy09efN02KZBI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d4dca57fb1e9107-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5253

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.dark.ltr.css
platform.twitter.com/css/ Frame F54F 53 KB
12 KB 7ms
7ms Stylesheet
text/css 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.dark.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: 32ae1222c34ac8d4ca2dcd6455e4b25c789515cbc05291c565dc49c64c21675e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 28 Jan 2022 22:52:18 GMT
Content-Encoding: gzip
Age: 81959
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 12179
x-tw-cdn: VZ
Last-Modified: Wed, 19 Jan 2022 19:04:18 GMT
Server: ECS (frb/6796)
Etag: "436682de2fd3039cb30ca50d238371c0+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.dark.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 8ms
8ms Image
text/css 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.dark.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.netsec.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 28 Jan 2022 22:52:18 GMT
Content-Encoding: gzip
Age: 81959
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 12179
x-tw-cdn: VZ
Last-Modified: Wed, 19 Jan 2022 19:04:18 GMT
Server: ECS (frb/6796)
Etag: "436682de2fd3039cb30ca50d238371c0+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 Uz4xXtJ6_normal.jpg
pbs.twimg.com/profile_images/755458469151576064/ Frame F54F 2 KB
2 KB 10ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/755458469151576064/Uz4xXtJ6_normal.jpg

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6723) /

Resource Hash

a7d9b24f8abfe28ea374668e4119a86b6c2577a9f8fa834b88ed43086f467ad9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:18 GMT
x-content-type-options: nosniff
age: 448468
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 1579
x-response-time: 123
surrogate-key: profile_images profile_images/bucket/8 profile_images/755458469151576064
last-modified: Tue, 19 Jul 2016 17:43:09 GMT
server: ECS (frb/6723)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c5a750c505be112b5a9ed691aa829d3867c5cd7045eed61a9d6513029295a229
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 DVXKogfVQAA0EDu
pbs.twimg.com/media/ Frame F54F 10 KB
10 KB 13ms
10ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DVXKogfVQAA0EDu?format=jpg&name=240x240

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6731) /

Resource Hash

56fc5b359c0c8f98097c869b6fb012ccab9ae8a3c0b7386c661d94beee9f2c1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:18 GMT
x-content-type-options: nosniff
age: 448468
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length: 9916
x-response-time: 123
surrogate-key: media media/bucket/7 media/960896892778397696
last-modified: Tue, 06 Feb 2018 15:22:06 GMT
server: ECS (frb/6731)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ebc6aca3d269c5460647f94ef2f11a32c04ef1b0b3610c0b8c7e442d4eb609e1
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 DVWpT5kVwAEJxUs
pbs.twimg.com/media/ Frame F54F 13 KB
14 KB 18ms
16ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DVWpT5kVwAEJxUs?format=jpg&name=240x240

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6713) /

Resource Hash

9ab4c21647322d4780f40416b99f52406a9fabd9f017bca6ac64f5ee31ef65d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:18 GMT
x-content-type-options: nosniff
age: 42808
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length: 13744
x-response-time: 109
surrogate-key: media media/bucket/6 media/960860254849318913
last-modified: Tue, 06 Feb 2018 12:56:31 GMT
server: ECS (frb/6713)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a36585205b53095511060bae3b495d1da6922c3eeb3f2385333b342453681b01
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 DVWEWRGVoAA3Uz6
pbs.twimg.com/media/ Frame F54F 9 KB
9 KB 17ms
15ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DVWEWRGVoAA3Uz6?format=jpg&name=240x240

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/674B) /

Resource Hash

5a40edeb56fe54a4f2e5091858b2a859678a8c2a38368871aaf2cb3f818fa997

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:18 GMT
x-content-type-options: nosniff
age: 448468
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length: 9333
x-response-time: 111
surrogate-key: media media/bucket/3 media/960819613595443200
last-modified: Tue, 06 Feb 2018 10:15:01 GMT
server: ECS (frb/674B)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c782e75a9356f5218b31363aa25501c93d15a47755ac0cfb43159fbed723e346
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 DVCk_H6VAAYM4t0
pbs.twimg.com/media/ Frame F54F 14 KB
14 KB 11ms
9ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DVCk_H6VAAYM4t0?format=jpg&name=240x240

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/674C) /

Resource Hash

671e327390728f7437837158698294f2396b70c9e9a30cbb86804316b75e60dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:18 GMT
x-content-type-options: nosniff
age: 448467
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 13830
x-response-time: 111
surrogate-key: media media/bucket/6 media/959448124992323590
last-modified: Fri, 02 Feb 2018 15:25:13 GMT
server: ECS (frb/674C)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e5e446ff5024d88b0fda376f9aba292a0329aeee37fbbb886fe738fe94402052
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 DVB-8jWUQAAgC49
pbs.twimg.com/media/ Frame F54F 14 KB
15 KB 9ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DVB-8jWUQAAgC49?format=jpg&name=240x240

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6760) /

Resource Hash

04f40b8405d03fb7493221724b0dc346c7cf4d32eb5c2d8ab13b4fec5978f0bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:18 GMT
x-content-type-options: nosniff
age: 448467
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 14730
x-response-time: 117
surrogate-key: media media/bucket/3 media/959406299376009216
last-modified: Fri, 02 Feb 2018 12:39:01 GMT
server: ECS (frb/6760)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 12568f0d2a284dfa4c80e25980b6b24bb0cc89d737bfa58f02c91d8d8f9bfc9e
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 DVBsml5U8AESsBQ
pbs.twimg.com/media/ Frame F54F 9 KB
9 KB 12ms
11ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DVBsml5U8AESsBQ?format=jpg&name=240x240

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67E2) /

Resource Hash

9df2010a3420d443c6e9a81ade8f4a29de4da7c63575a652b74f4b23b3f9a467

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:18 GMT
x-content-type-options: nosniff
age: 448467
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=4
content-length: 8893
x-response-time: 109
surrogate-key: media media/bucket/5 media/959386130893303809
last-modified: Fri, 02 Feb 2018 11:18:52 GMT
server: ECS (frb/67E2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: dd685ed91f62ff62bbc5105a2f443a3e6a02d35e388f464e418b276e30d4c65d
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 DU9x_7GVAAApCKK
pbs.twimg.com/media/ Frame F54F 13 KB
13 KB 8ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DU9x_7GVAAApCKK?format=jpg&name=240x240

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C1) /

Resource Hash

d915138d6a8baf3395d29080836cc8a2f88798560cf5a0f08c413ec23c8ccf9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:18 GMT
x-content-type-options: nosniff
age: 448467
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 13106
x-response-time: 143
surrogate-key: media media/bucket/2 media/959110588663136256
last-modified: Thu, 01 Feb 2018 17:03:58 GMT
server: ECS (frb/67C1)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9bbd459755b99a84c3d2a10414e570f4500ee54704ff8014f1bfab4b58913211
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 DU85VJeVwAIbyG-
pbs.twimg.com/media/ Frame F54F 3 KB
3 KB 8ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DU85VJeVwAIbyG-?format=jpg&name=240x240

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6760) /

Resource Hash

a56667106154757d7e032440f4c98d3d85293039a4c886f19404df27cc8a6b78

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:18 GMT
x-content-type-options: nosniff
age: 448467
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 2751
x-response-time: 118
surrogate-key: media media/bucket/6 media/959048281136414722
last-modified: Thu, 01 Feb 2018 12:56:23 GMT
server: ECS (frb/6760)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b2fe5d29d8f89d2ff68fa9e7eaf8741e44743117f05b1aad0fad3052a99cf7b9
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 DU830BCUQAArOan
pbs.twimg.com/media/ Frame F54F 3 KB
3 KB 10ms
9ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DU830BCUQAArOan?format=jpg&name=240x240

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6725) /

Resource Hash

16a209f438db74603320e77965dfd754a34ea25fa9522219e84f23d9c3b122fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:18 GMT
x-content-type-options: nosniff
age: 42808
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=3
content-length: 2998
x-response-time: 108
surrogate-key: media media/bucket/3 media/959046612424081408
last-modified: Thu, 01 Feb 2018 12:49:45 GMT
server: ECS (frb/6725)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a83110c0618697ee7616d4456e6396b03e4af613390e3e3a3e051946ed485f1a
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 DU8hFcXU8AAoJzv
pbs.twimg.com/media/ Frame F54F 37 KB
37 KB 10ms
10ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DU8hFcXU8AAoJzv?format=jpg&name=small

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6794) /

Resource Hash

0c50428ad6bd3ae464796a32968d0e8b292da4ff6ffd5f89fd29606a24c3fee2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:18 GMT
x-content-type-options: nosniff
age: 379660
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=3
content-length: 37668
x-response-time: 119
surrogate-key: media media/bucket/6 media/959021623050301440
last-modified: Thu, 01 Feb 2018 11:10:27 GMT
server: ECS (frb/6794)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f8df2111a3fed5b08b42165cc4d35e23244c345a23f345ba8924fa59298d2f3f
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 DU4hLSoVMAAEJ50
pbs.twimg.com/media/ Frame F54F 9 KB
9 KB 12ms
12ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DU4hLSoVMAAEJ50?format=jpg&name=240x240

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67E2) /

Resource Hash

f68a73bd171214db397963d9d5b7d97b4cd47d637f77af79fb6112b263acac47

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:18 GMT
x-content-type-options: nosniff
age: 448467
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length: 9049
x-response-time: 111
surrogate-key: media media/bucket/6 media/958740248539770880
last-modified: Wed, 31 Jan 2018 16:32:22 GMT
server: ECS (frb/67E2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 30b68f7b33d714087322d03d275cc20f2c379624cbfb98f749a63584497107f9
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 DU4ZZ6JV4AAfrsX
pbs.twimg.com/media/ Frame F54F 6 KB
7 KB 10ms
9ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DU4ZZ6JV4AAfrsX?format=jpg&name=240x240

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668B) /

Resource Hash

d13fb1fb8aedda068cbcbc05bdb2b6de9552c4ad88d735a543cc4c8d043efa77

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:18 GMT
x-content-type-options: nosniff
age: 448467
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 6552
x-response-time: 115
surrogate-key: media media/bucket/7 media/958731703572357120
last-modified: Wed, 31 Jan 2018 15:58:25 GMT
server: ECS (frb/668B)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 0f0a265f46f840a1858693c54aedae90d63087351d7aba02e803778d4c140d14
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 DU4HiB6U8AAnVNN
pbs.twimg.com/media/ Frame F54F 6 KB
6 KB 12ms
11ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DU4HiB6U8AAnVNN?format=jpg&name=240x240

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6776) /

Resource Hash

49c956c834ace3c111887f01f735acf4e74d9dc3bce21f599617dc240abd602a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:18 GMT
x-content-type-options: nosniff
age: 448467
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 6232
x-response-time: 113
surrogate-key: media media/bucket/3 media/958712051886518272
last-modified: Wed, 31 Jan 2018 14:40:19 GMT
server: ECS (frb/6776)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 0fe80f61a9a291f25f80eda99bb827b4632349c448f023663e6c48f4f0f996f6
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 DUtyw0oVQAExiSl
pbs.twimg.com/media/ Frame F54F 12 KB
12 KB 10ms
10ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DUtyw0oVQAExiSl?format=jpg&name=240x240

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BD) /

Resource Hash

baa7aaef58fc9be26018414f272937093a73446b9c3650a1f65c8da6bd417ef1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:18 GMT
x-content-type-options: nosniff
age: 448467
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 12434
x-response-time: 114
surrogate-key: media media/bucket/6 media/957985528833458177
last-modified: Mon, 29 Jan 2018 14:33:23 GMT
server: ECS (frb/67BD)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1e2fae3033eb062f14778aef76e4650cf70d22906cd7e8a25942bb6bd6e1f8a5
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 DUdJ09LUQAUvwyk
pbs.twimg.com/media/ Frame F54F 7 KB
7 KB 8ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DUdJ09LUQAUvwyk?format=jpg&name=240x240

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/669E) /

Resource Hash

c8442d68d8e0cc1522844fb95cbf7e27c67ee001baf5b3365ab925874b7d97a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:18 GMT
x-content-type-options: nosniff
age: 448467
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 7284
x-response-time: 118
surrogate-key: media media/bucket/8 media/956814619963572229
last-modified: Fri, 26 Jan 2018 09:00:36 GMT
server: ECS (frb/669E)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1ee8eb270a2f19e39405661f02890ffd8f05a793228307c97ec047eefe8e0d1f
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 DUc_ThsUQAAAyKL
pbs.twimg.com/media/ Frame F54F 13 KB
13 KB 8ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DUc_ThsUQAAAyKL?format=jpg&name=240x240

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668C) /

Resource Hash

a9fd0e36448cb5b01c30f9887ae727c45dc5f409646114041795ec1a1970177d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:18 GMT
x-content-type-options: nosniff
age: 448467
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 12878
x-response-time: 121
surrogate-key: media media/bucket/7 media/956803050533830656
last-modified: Fri, 26 Jan 2018 08:14:38 GMT
server: ECS (frb/668C)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e54eddaafd558aa34ad26fa65b5739c9f66a3727dec9d0ebb7d6f4d891a19b18
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 DUZGIruU0AIdfga
pbs.twimg.com/media/ Frame F54F 10 KB
10 KB 9ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DUZGIruU0AIdfga?format=jpg&name=240x240

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6776) /

Resource Hash

2a48ba38367b79f1705b99481965681726bf226d26ac75c45f63e4346c61508f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:18 GMT
x-content-type-options: nosniff
age: 448466
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 9984
x-response-time: 115
surrogate-key: media media/bucket/1 media/956529085852733442
last-modified: Thu, 25 Jan 2018 14:06:00 GMT
server: ECS (frb/6776)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2c1bad9e91d7b56c46227bf292a396657079f9561dc618c7eddecd797a2c98cf
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 DUOfghmUQAAdggx
pbs.twimg.com/media/ Frame F54F 9 KB
10 KB 9ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DUOfghmUQAAdggx?format=jpg&name=240x240

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D4) /

Resource Hash

83d7b3035e3fc431629f86042c85c4e400440ffdc4dfae4c35dc1c6363754e73

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:52:18 GMT
x-content-type-options: nosniff
age: 379660
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 9698
x-response-time: 115
surrogate-key: media media/bucket/9 media/955782927056388096
last-modified: Tue, 23 Jan 2018 12:41:02 GMT
server: ECS (frb/67D4)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f27416322f9d6379712164205c0a21824af7837faa1f0c20cbeae87c84ca9c45
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
DATA 200
OK truncated
/ Frame F54F 503 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aac05095d40ef0103466fa75159c0fcc72baf7f2ec1335e20d0ca05b7fdc919d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame F54F 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7617ed30b8adef52b9e11ad72dd08abec0947acf8a609e599093efa9f83b28af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame F54F 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d67cbe62c3c2c50fa3af647e3f7910c28a9927aeca37463ae28ffff9a240376d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame F54F 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46448909ce97ba850c6c0753a47bba758da621333b0fa3a11931a396a8bac43e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1

200
OK

jot.html Show response
platform.twitter.com/ Frame B200
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

80 B
634 B

7ms
7ms

Document
text/html

2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D3) /
Resource Hash: 90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.netsec.news
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 81960
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 28 Jan 2022 22:52:19 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Wed, 19 Jan 2022 19:22:23 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67D3)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 80

Redirect headers

date: Fri, 28 Jan 2022 22:52:19 GMT
pragma: no-cache
server: tsa_o
status: 302 Found
expires: Tue, 31 Mar 1981 05:00:00 GMT
location: https://platform.twitter.com/jot.html
content-type: text/html;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified: Fri, 28 Jan 2022 22:52:19 GMT
x-transaction: 360b02939c80ab20
content-length: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
x-response-time: 121
x-connection-hash: aca9ff6d39e40a8e29c1221da2b2913f3f9421b305f80723e5fd527119452860

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.netsec.news/	1970-01-20 18:01:22	Name: _ga_0XGB9QEGFK Value: GS1.1.1643410338.1.0.1643410338.0
.netsec.news/	1970-01-20 18:01:22	Name: _ga Value: GA1.2.1657704235.1643410338
.netsec.news/	1970-01-20 00:31:36	Name: _gid Value: GA1.2.491540068.1643410338
.netsec.news/	1970-01-20 00:30:10	Name: _gat_gtag_UA_80120350_1 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.netsec.news/fbi-shares-iocs-associated-with-diavol-ransomware-attacks/ Message: The resource https://www.netsec.news/wp-content/plugins/monarch/core/admin/fonts/modules.ttf was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-images.mailchimp.com
cdn.syndication.twimg.com
fonts.googleapis.com
fonts.gstatic.com
pbs.twimg.com
platform.twitter.com
syndication.twitter.com
www.google-analytics.com
www.googletagmanager.com
www.netsec.news
104.21.50.203
104.244.42.8
18.66.247.90
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:46c:e8b:1e2f:2bd:694
2a00:1450:4001:809::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2008
027f26519a9567a5a996cafb735fb75ac4182e6d6b158409eeef00801bcb5a33
04f40b8405d03fb7493221724b0dc346c7cf4d32eb5c2d8ab13b4fec5978f0bd
09e82a832beba6ed0258e42b0b7970422c4b85e006a82344877fb85455c026cd
0c50428ad6bd3ae464796a32968d0e8b292da4ff6ffd5f89fd29606a24c3fee2
16a209f438db74603320e77965dfd754a34ea25fa9522219e84f23d9c3b122fb
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
24f52e30629b604301f365607f3e875c9cd0ac75fb7b66362a49fec7e77ce4e6
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2a48ba38367b79f1705b99481965681726bf226d26ac75c45f63e4346c61508f
2f0b7264810a4f05251ac724721a5a3a61887cff9bd30e1fbbc1bc832e94d38a
32ae1222c34ac8d4ca2dcd6455e4b25c789515cbc05291c565dc49c64c21675e
46448909ce97ba850c6c0753a47bba758da621333b0fa3a11931a396a8bac43e
48c9a4d4aa290a866126159687441006eb39adf48ae31e1910aa0f21e0b21376
49c956c834ace3c111887f01f735acf4e74d9dc3bce21f599617dc240abd602a
4b31f597e9852f3e8ef045d9f6032a8ecfe9d8e5c6cde3196c6964e193fe6615
51f6757186bc2ffd28f2c2aab16b1b86ee001cc5bff18fa322129f3419c41b91
56fc5b359c0c8f98097c869b6fb012ccab9ae8a3c0b7386c661d94beee9f2c1d
5a40edeb56fe54a4f2e5091858b2a859678a8c2a38368871aaf2cb3f818fa997
62c623520b5a7c0276d410d5ebe5fad9f44a58e7581e3e628de473293351b321
671e327390728f7437837158698294f2396b70c9e9a30cbb86804316b75e60dd
6935b2c1940b4f74e22834aa671716c4f1a8f15c581e11fe02e21f4e4bf54cc1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
7617ed30b8adef52b9e11ad72dd08abec0947acf8a609e599093efa9f83b28af
778c5ca400b0663fa62472a643f74535217aac3c220c0e5c7374c71b4d7945bf
83d7b3035e3fc431629f86042c85c4e400440ffdc4dfae4c35dc1c6363754e73
8875e0e5a0f6bfaf4d66fde0622a609e9fe7b599adaef3ad01d6d613574c69b1
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8c102baea959329be23bb8a5d6bc268ce1668484995f0d23c2f88b46d7653c4f
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
9ab4c21647322d4780f40416b99f52406a9fabd9f017bca6ac64f5ee31ef65d9
9df2010a3420d443c6e9a81ade8f4a29de4da7c63575a652b74f4b23b3f9a467
9f94c6bbe07a0c1cd75db3f68c3297f6442f3e57bd9bee499ff5130690790501
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a56667106154757d7e032440f4c98d3d85293039a4c886f19404df27cc8a6b78
a7d9b24f8abfe28ea374668e4119a86b6c2577a9f8fa834b88ed43086f467ad9
a7ddc6120915b8db963cd9b51c4d87d414ca2fae42ff978f8dc194aefd8efd65
a9fd0e36448cb5b01c30f9887ae727c45dc5f409646114041795ec1a1970177d
aac05095d40ef0103466fa75159c0fcc72baf7f2ec1335e20d0ca05b7fdc919d
aec1273daa6df2443053427acbd188f229d60ed9d83ef9bccba3f8a8f21fc3dc
b3e624223bc003d9f797b156318573ddb101d9c3ce43cb5bc311d8da6f0f2cf8
baa7aaef58fc9be26018414f272937093a73446b9c3650a1f65c8da6bd417ef1
bb99e87e32945ea008d93fbe9e4c95915164a2b86df735b62de52296ac834fbc
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c8442d68d8e0cc1522844fb95cbf7e27c67ee001baf5b3365ab925874b7d97a7
c9dc60c88435895c2c30837a2f4f572c35042908e79992df178ff1a496c37dff
d13fb1fb8aedda068cbcbc05bdb2b6de9552c4ad88d735a543cc4c8d043efa77
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09
d67cbe62c3c2c50fa3af647e3f7910c28a9927aeca37463ae28ffff9a240376d
d719546b79f2c8402130de3319b7f282481bc2c09eff92d6fdd1e847230cdef9
d915138d6a8baf3395d29080836cc8a2f88798560cf5a0f08c413ec23c8ccf9e
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41b0b32fc19d92b042ded05032c6429255f4406c8b851084aa49e6022a5c3f6
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
eb56338623c9a5fccd9ac2269960cf07a04e6be46b0e3182cbf6ea4cb04fa5fc
f68a73bd171214db397963d9d5b7d97b4cd47d637f77af79fb6112b263acac47
f699b5dd75e5b9409ca80814b62d1e99e902b637bff6a1a22cd928f3bbc8c0c4

www.netsec.news Open in urlscan Pro 104.21.50.203 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

100 %HTTPS

67 %IPv6

8 Domains

10 Subdomains

10 IPs

3 Countries

1019 kBTransfer

2352 kBSize

4 Cookies

4 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.netsec.news Open in urlscan Pro
104.21.50.203 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

100 %
HTTPS

67 %
IPv6

8
Domains

10
Subdomains

10
IPs

3
Countries

1019 kB
Transfer

2352 kB
Size

4
Cookies

55 HTTP transactions
6 data transactions