urlscan.io logo urlscan.io
SecurityTrails logo

analyst1.com Open in urlscan Pro
2606:4700:20::681a:18c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://hubspot.fedscoop.com/e3t/Ctc/GA+113/cfHw104/VVYmbt6wtydyN8xN56CVR5CsW8XrjSc4VX1MSN8JCsCy2-M93V1-WJV7CgPq6W5RXrH96Tv5t...
Effective URL: https://analyst1.com/ransomware-diaries-volume-1/
Submission: On January 19 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 4 countries across 18 domains to perform 95 HTTP transactions. The main IP is 2606:4700:20::681a:18c, located in United States and belongs to CLOUDFLARENET, US. The main domain is analyst1.com.
TLS certificate: Issued by GTS CA 1P5 on January 9th 2023. Valid for: 3 months.
This is the only time analyst1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:2c40::c7... 209242 (CLOUDFLAR...)
46 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
8 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 34.107.254.219 396982 (GOOGLE-CL...)
4 54.243.239.236 14618 (AMAZON-AES)
1 65.9.66.123 16509 (AMAZON-02)
1 2 37.252.172.123 29990 (ASN-APPNEX)
1 2600:9000:206... 16509 (AMAZON-02)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
2 34.111.208.231 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 143.204.215.25 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 143.204.215.95 16509 (AMAZON-02)
1 54.229.129.43 16509 (AMAZON-02)
95 26
2    2606:2c40::c73c:67e1 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
hubspot.fedscoop.com
46    2606:4700:20::681a:18c (United States)

ASN13335 (CLOUDFLARENET, US)
analyst1.com
2    2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2606:4700:10::6816:47c5 (United States)

ASN13335 (CLOUDFLARENET, US)
static.addtoany.com
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
10    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700::6812:d9f (United States)

ASN13335 (CLOUDFLARENET, US)
trk.techtarget.com
1    2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    34.107.254.219 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 219.254.107.34.bc.googleusercontent.com
www.influ2.com
4    54.243.239.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-239-236.compute-1.amazonaws.com
tags.srv.stackadapt.com
1    65.9.66.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-123.fra56.r.cloudfront.net
static.hotjar.com
2    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    2600:9000:206f:fe00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.linkedin.oribi.io
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
2    34.111.208.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.208.111.34.bc.googleusercontent.com
ibc-flow.techtarget.com
1    2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    143.204.215.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-25.fra53.r.cloudfront.net
script.hotjar.com
2    2a00:1450:4001:828::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
t.influ2.com
1    2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    143.204.215.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-95.fra53.r.cloudfront.net
vars.hotjar.com
1    54.229.129.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-129-43.eu-west-1.compute.amazonaws.com
in.hotjar.com
Apex Domain
Subdomains		 Transfer
46 analyst1.com
analyst1.com
2 MB
10 gstatic.com
fonts.gstatic.com
218 KB
8 addtoany.com
static.addtoany.com — Cisco Umbrella Rank: 3824
30 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 373
www.linkedin.com — Cisco Umbrella Rank: 592
px4.ads.linkedin.com — Cisco Umbrella Rank: 6336
3 KB
4 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 606
script.hotjar.com — Cisco Umbrella Rank: 725
vars.hotjar.com — Cisco Umbrella Rank: 866
in.hotjar.com — Cisco Umbrella Rank: 1650
73 KB
4 stackadapt.com
tags.srv.stackadapt.com — Cisco Umbrella Rank: 3162
7 KB
3 influ2.com
www.influ2.com — Cisco Umbrella Rank: 42842
t.influ2.com — Cisco Umbrella Rank: 37972
4 KB
3 techtarget.com
trk.techtarget.com — Cisco Umbrella Rank: 14658
ibc-flow.techtarget.com — Cisco Umbrella Rank: 18915
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 22
region1.google-analytics.com — Cisco Umbrella Rank: 2439
21 KB
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 413
2 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 41
141 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
2 KB
2 fedscoop.com
hubspot.fedscoop.com — Cisco Umbrella Rank: 285044
4 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 5983
548 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
548 B
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 820
375 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 675
5 KB
95 18
Domain Requested by
46 analyst1.com hubspot.fedscoop.com
analyst1.com
10 fonts.gstatic.com fonts.googleapis.com
8 static.addtoany.com analyst1.com
static.addtoany.com
4 tags.srv.stackadapt.com hubspot.fedscoop.com
tags.srv.stackadapt.com
2 t.influ2.com www.influ2.com
analyst1.com
2 ibc-flow.techtarget.com trk.techtarget.com
2 px.ads.linkedin.com 2 redirects
2 secure.adnxs.com 1 redirects analyst1.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com analyst1.com
www.googletagmanager.com
2 fonts.googleapis.com analyst1.com
2 hubspot.fedscoop.com 1 redirects
1 in.hotjar.com script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 www.google.de analyst1.com
1 www.google.com analyst1.com
1 script.hotjar.com static.hotjar.com
1 region1.google-analytics.com www.googletagmanager.com
1 stats.g.doubleclick.net www.google-analytics.com
1 px4.ads.linkedin.com analyst1.com
1 www.linkedin.com 1 redirects
1 cdn.linkedin.oribi.io snap.licdn.com
1 static.hotjar.com hubspot.fedscoop.com
1 www.influ2.com www.googletagmanager.com
1 snap.licdn.com hubspot.fedscoop.com
1 trk.techtarget.com hubspot.fedscoop.com
1 googleads.g.doubleclick.net www.googletagmanager.com
95 27
Subject Issuer Validity Valid
hubspot.fedscoop.com
Cloudflare Inc ECC CA-3		 2022-05-16 -
2023-05-16		 a year crt.sh
*.analyst1.com
GTS CA 1P5		 2023-01-09 -
2023-04-09		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-04 -
2023-06-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
influ2.com
GTS CA 1D4		 2022-12-12 -
2023-03-12		 3 months crt.sh
*.srv.stackadapt.com
Amazon		 2022-10-09 -
2023-11-07		 a year crt.sh
*.hotjar.com
Amazon		 2022-10-25 -
2023-11-23		 a year crt.sh
linkedin.oribi.io
Amazon		 2022-07-07 -
2023-08-06		 a year crt.sh
ibc-flow.techtarget.com
GTS CA 1D4		 2022-12-09 -
2023-03-09		 3 months crt.sh
t.influ2.com
GTS CA 1D4		 2023-01-08 -
2023-04-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://analyst1.com/ransomware-diaries-volume-1/
Frame ID: 100A597C2D35B1A5C2AD363CAA6A3126
Requests: 102 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.24.html
Frame ID: D86154B643F29B20C37D381041B6093B
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-ff00c703c3bbdf54ae44ee858d64f69e.html
Frame ID: 8F3F2AD2C73296AF6F1512884BCB90A3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ransomware Diaries: Volume 1 | Analyst1

Page URL History Show full URLs

  1. https://hubspot.fedscoop.com/e3t/Ctc/GA+113/cfHw104/VVYmbt6wtydyN8xN56CVR5CsW8XrjSc4VX1MSN8JCsCy2-M93V1-W... Page URL
  2. https://hubspot.fedscoop.com/events/public/v1/encoded/track/tc/GA+113/cfHw104/VVYmbt6wtydyN8xN56CVR5CsW8X... HTTP 307
    https://analyst1.com/ransomware-diaries-volume-1/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • addtoany\.com/menu/page\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

95
Requests

97 %
HTTPS

65 %
IPv6

18
Domains

27
Subdomains

26
IPs

4
Countries

2172 kB
Transfer

3782 kB
Size

31
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hubspot.fedscoop.com/e3t/Ctc/GA+113/cfHw104/VVYmbt6wtydyN8xN56CVR5CsW8XrjSc4VX1MSN8JCsCy2-M93V1-WJV7CgPq6W5RXrH96Tv5t-W7JN05z1X5-yKW42Lcg14GBWTTVKJCnr8dG-ZsW8YBHk_3jmbStN6hTRKV_PCr8W7KqS_P2fPqRWW6zDjZ14zW0PsW7kMHJR3HymmcW5crtzk7Q54T9W7KTWz45kmBV8W3njCMm1Qqxr2W4PlF1-5XRJptW25W-5Y93DRkzW5TR3qK28l5rxW97tmKW83m-mV3fBd1 Page URL
  2. https://hubspot.fedscoop.com/events/public/v1/encoded/track/tc/GA+113/cfHw104/VVYmbt6wtydyN8xN56CVR5CsW8XrjSc4VX1MSN8JCsCy2-M93V1-WJV7CgPq6W5RXrH96Tv5t-W7JN05z1X5-yKW42Lcg14GBWTTVKJCnr8dG-ZsW8YBHk_3jmbStN6hTRKV_PCr8W7KqS_P2fPqRWW6zDjZ14zW0PsW7kMHJR3HymmcW5crtzk7Q54T9W7KTWz45kmBV8W3njCMm1Qqxr2W4PlF1-5XRJptW25W-5Y93DRkzW5TR3qK28l5rxW97tmKW83m-mV3fBd1?_ud=1c1b8103-18ad-4a58-af8c-20af451f024a&_jss=1&_fl=8&_pl=3&_hc=4&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
    https://analyst1.com/ransomware-diaries-volume-1/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83
  • https://secure.adnxs.com/px?id=1576800&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1576800%26t%3D2
Request Chain 86
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3412169&time=1674165319586&url=https%3A%2F%2Fanalyst1.com%2Fransomware-diaries-volume-1%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3412169%26time%3D1674165319586%26url%3Dhttps%253A%252F%252Fanalyst1.com%252Fransomware-diaries-volume-1%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3412169&time=1674165319586&url=https%3A%2F%2Fanalyst1.com%2Fransomware-diaries-volume-1%2F&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3412169&time=1674165319586&url=https%3A%2F%2Fanalyst1.com%2Fransomware-diaries-volume-1%2F&liSync=true&e_ipv6=AQIgjwsj8_ykjAAAAYXMB3nDapqUkTg-WNsz4ad-erNekz5b6Mjl1IzcwD-WAPVE17QTHACm

95 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
VVYmbt6wtydyN8xN56CVR5CsW8XrjSc4VX1MSN8JCsCy2-M93V1-WJV7CgPq6W5RXrH96Tv5t-W7JN05z1X5-yKW42Lcg14GBWTTVKJCnr8dG-ZsW8YBHk_3jmbStN6hTRKV_PCr8W7KqS_P2fPqRWW6zDjZ14zW0PsW7kMHJR3HymmcW5crtzk7Q54T9W7KTWz45...
hubspot.fedscoop.com/e3t/Ctc/GA+113/cfHw104/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hubspot.fedscoop.com/e3t/Ctc/GA+113/cfHw104/VVYmbt6wtydyN8xN56CVR5CsW8XrjSc4VX1MSN8JCsCy2-M93V1-WJV7CgPq6W5RXrH96Tv5t-W7JN05z1X5-yKW42Lcg14GBWTTVKJCnr8dG-ZsW8YBHk_3jmbStN6hTRKV_PCr8W7KqS_P2fPqRWW6zDjZ14zW0PsW7kMHJR3HymmcW5crtzk7Q54T9W7KTWz45kmBV8W3njCMm1Qqxr2W4PlF1-5XRJptW25W-5Y93DRkzW5TR3qK28l5rxW97tmKW83m-mV3fBd1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
false
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
MISS
cf-ray
78c2d04c3e398fda-FRA
content-encoding
br
content-type
text/html;charset=utf-8
date
Thu, 19 Jan 2023 21:55:16 GMT
last-modified
Thu, 19 Jan 2023 21:55:16 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vvr5czFBJxZPB1E9bwp8nvfHgXECtOqG0K61%2Fmez5kfhVeaRjQW%2FfDG88k2HBEMUs2kTTq2Vz8InrtpopPePZvTlq1HCHKkMSq7QU4L6OuC3cH87XOryjUpNnwUkTaemwkRuwfzcnhWcOWxmEAsh4ZIl"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
origin, Accept-Encoding
x-hubspot-correlation-id
f23ac559-08de-444b-b32d-a6f32f747fee
x-robots-tag
none
Primary Request /
analyst1.com/ransomware-diaries-volume-1/
Redirect Chain
  • https://hubspot.fedscoop.com/events/public/v1/encoded/track/tc/GA+113/cfHw104/VVYmbt6wtydyN8xN56CVR5CsW8XrjSc4VX1MSN8JCsCy2-M93V1-WJV7CgPq6W5RXrH96Tv5t-W7JN05z1X5-yKW42Lcg14GBWTTVKJCnr8dG-ZsW8YBHk_...
  • https://analyst1.com/ransomware-diaries-volume-1/
288 KB
80 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/ransomware-diaries-volume-1/
Requested by
Host: hubspot.fedscoop.com
URL: https://hubspot.fedscoop.com/e3t/Ctc/GA+113/cfHw104/VVYmbt6wtydyN8xN56CVR5CsW8XrjSc4VX1MSN8JCsCy2-M93V1-WJV7CgPq6W5RXrH96Tv5t-W7JN05z1X5-yKW42Lcg14GBWTTVKJCnr8dG-ZsW8YBHk_3jmbStN6hTRKV_PCr8W7KqS_P2fPqRWW6zDjZ14zW0PsW7kMHJR3HymmcW5crtzk7Q54T9W7KTWz45kmBV8W3njCMm1Qqxr2W4PlF1-5XRJptW25W-5Y93DRkzW5TR3qK28l5rxW97tmKW83m-mV3fBd1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caed9ef021bfa5c3debf80fe3456c46c0373e304634be39c1b18526e2d7bc83f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hubspot.fedscoop.com/e3t/Ctc/GA+113/cfHw104/VVYmbt6wtydyN8xN56CVR5CsW8XrjSc4VX1MSN8JCsCy2-M93V1-WJV7CgPq6W5RXrH96Tv5t-W7JN05z1X5-yKW42Lcg14GBWTTVKJCnr8dG-ZsW8YBHk_3jmbStN6hTRKV_PCr8W7KqS_P2fPqRWW6zDjZ14zW0PsW7kMHJR3HymmcW5crtzk7Q54T9W7KTWz45kmBV8W3njCMm1Qqxr2W4PlF1-5XRJptW25W-5Y93DRkzW5TR3qK28l5rxW97tmKW83m-mV3fBd1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-apo-via
origin,no-cache
cf-cache-status
BYPASS
cf-edge-cache
cache,platform=wordpress
cf-ray
78c2d04eb9cc30e2-FRA
content-encoding
br
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-type
text/html; charset=UTF-8
date
Thu, 19 Jan 2023 21:55:18 GMT
link
<https://analyst1.com/wp-json/>; rel="https://api.w.org/", <https://analyst1.com/wp-json/wp/v2/posts/2589>; rel="alternate"; type="application/json", <https://analyst1.com/?p=2589>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uJ3qwaYV%2B7oAIeRmQ8V7NBP7WNeIRgEi3C8xwnU0yNEc%2BxN8FHdYVEklc9CU7IVtECdMPTVniC8iAloNZKPms0LDP4%2FbBSZXcjcMz1QxREi9CDBBrNGfJV28lYPUnfqzb5RKoAPdVwOccg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-credentials
false
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
MISS
cf-ray
78c2d04d4fbf8fda-FRA
date
Thu, 19 Jan 2023 21:55:16 GMT
link
<https://analyst1.com/ransomware-diaries-volume-1/>; rel="canonical"
location
https://analyst1.com/ransomware-diaries-volume-1/
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rPtdQriutdyrfl6VMz7OkBfRWhHQ96DnCe9RoUdS02OW1bVQ22LSQv%2BgaKLxgKzzndtTL%2F3y6AV0X38JdXis5GOQ5hzdNyFwyFJultovmiEJ8%2BhN5usaKYUgbDrniqkdXqFQX9zzzqxqb63Qv5v9i9nr"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
origin, Accept-Encoding
x-hubspot-correlation-id
72ef7a35-c448-4901-b064-70ee3f53668e
x-robots-tag
none
theme.css
analyst1.com/wp-content/uploads/dsmp-assets/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/wp-content/uploads/dsmp-assets/theme.css
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ff8e4b5b9f5ff680c854dbc1ae0bc31541871b7e8f5487a9b761a39043e061c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262317
cf-polished
origSize=5055
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Tue, 06 Sep 2022 07:19:50 GMT
server
cloudflare
etag
W/"6316f496-13bf"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iGfLUl9yV1a0pkQE9NWAdl5UBMM6mncSr5sjWwZa3cW2eJl0MPYiJ4KjNcRz6MJL0TPdfGTuWJNjcA38C3oSVJZt9wdBk5xumyL4HWo%2F83rYxD8PuiqFrGphdqTx7vB%2FIY1cUdAMK%2BCFag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
78c2d05bf8ae30e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
css2
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Barlow%3Aital%2Cwght%400%2C700%3B0%2C900%3B1%2C700%3B1%2C900&display=swap&ver=6.1.1
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ec08cd9cd26f002f23c506133e240e39eab34c596471595ceb7a0381ad85659f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 19 Jan 2023 21:55:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 19 Jan 2023 21:55:19 GMT
css2
fonts.googleapis.com/ 		7 KB
685 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Barlow+Condensed%3Aital%2Cwght%400%2C400%3B0%2C600%3B0%2C700%3B1%2C400%3B1%2C600%3B1%2C700&display=swap&ver=6.1.1
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0acd24a496a49dbc84d21e9a50be567abad4e0a185ecc0ed69b0cdb0365d3774
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 19 Jan 2023 21:55:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 19 Jan 2023 21:55:19 GMT
style.min.css
analyst1.com/wp-includes/css/dist/block-library/ 		93 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262317
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
last-modified
Fri, 11 Nov 2022 14:56:45 GMT
server
cloudflare
etag
W/"636e62ad-172a9"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yjblBV3UtRa6ueJ4wLTPSs9CBoYhIIuMtzKSAz7I7QfWnqgiks0gIV%2Fm8EiWMrKBsekBGZtmET8AlAipnnH9WnQVbnb%2Bxvt2pEGTQya1eqIL3RlDmz5pK2IfIuC1utp7hiHHbtOUuywE9w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
78c2d05bf8bf30e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
classic-themes.min.css
analyst1.com/wp-includes/css/ 		217 B
484 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262317
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
last-modified
Tue, 25 Oct 2022 13:45:16 GMT
server
cloudflare
etag
W/"6357e86c-d9"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3lULMRR7VOE1xcqdzUuwU2tq5joT22oTzldNUrFMr5mIpTQu%2FL%2FPmLFjwUS1p0YkuYs%2F77s%2FFznkCkFjf7U8TtLO78XHaCaVhny6h4aW%2BvO%2BhQxO7C6euGprMDMDKXcz2xPCVaP3%2BQ0tZg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
78c2d05bf8c430e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
styles.css
analyst1.com/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb12708d973e6b9354f367a6780e5a166b0da7d2721d856da7f9d57130883eaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262317
cf-polished
origSize=2731
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Mon, 16 Jan 2023 19:27:49 GMT
server
cloudflare
etag
W/"63c5a535-aab"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F9ChUm6bmIl1TcHQk7KT14m5zru6KzU7FgMs0l%2BnSRg%2FReUPRkTVzEjdg84MiokxWi%2BtW05s6Igtu4mgJWIQsdsXWryHuq%2BtTloYw%2FigwM2R2guxyzM0ctTuOHiRyMv0JnjnHmYFOTPBmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
78c2d05bf8c730e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
screen.min.css
analyst1.com/wp-content/plugins/easy-table-of-contents/assets/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=2.0.43
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10a2439001d53cac93726a7b6f5b1fbc3dc1af341589c3a1759703c66bf21fed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
last-modified
Mon, 16 Jan 2023 19:27:51 GMT
server
cloudflare
etag
W/"63c5a537-15f8"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9cqURcezndkj34CgfhIfvYozsmCBkM9Ym1o0mCqJOVckdD%2BBNdJUKqTwfCK%2B3ypoyadJtbmQUPQcoHXtDy1hQS1g%2Bbu5j09%2BwM%2FG5tZw08NPqTaAyydAStVn6HRwZxW4byxVEunxWOlicQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
78c2d05bf8c930e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
default.css
analyst1.com/wp-content/plugins/tablepress/css/build/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/wp-content/plugins/tablepress/css/build/default.css?ver=2.0.3
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
564f1d25ee0e18954b6d8e392bc4c074968aefcbfa2258d8f7d019b91d6376fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262317
cf-polished
origSize=6055
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Mon, 16 Jan 2023 19:27:57 GMT
server
cloudflare
etag
W/"63c5a53d-17a7"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5fbhBuBWRVGZYzu%2FGPRWcS5GwZMQZQ73skQoQnWSmp46TCD1VeLvWyivzS%2F88yOV%2FD%2BMlCWGYJQ3RCxSdt%2Brxox0v2d%2BC%2F0Zj2Pn5msIx1oYLFQmg83Of9sIhzQqZJ%2BvYtqU1pk2eTZQqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
78c2d05bf8cb30e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
tablepress-responsive.min.css
analyst1.com/wp-content/plugins/tablepress-responsive-tables/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/wp-content/plugins/tablepress-responsive-tables/css/tablepress-responsive.min.css?ver=1.7
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70a5b0b12138d72265e36399b36ce4590a9df3bd22ee73c201d269b109a8177a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
240240
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
last-modified
Mon, 16 Jan 2023 19:27:58 GMT
server
cloudflare
etag
W/"63c5a53e-2176"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NnUQlyrulmre3sPtvNySEyFwrnHVk3oWOqLCN1MyH3i%2FxdDo1RTiN%2BPvCTTaSIKDdNOF1z%2FfFg4ptN5KZFasT%2Bg9%2B3eoenrSNElis6Wrromw%2BeIb%2FiHjkKzIaW2XxOcIZIv0TaXFlTXjdw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
78c2d05bf8ce30e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
addtoany.min.css
analyst1.com/wp-content/plugins/add-to-any/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262317
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
last-modified
Mon, 16 Jan 2023 19:27:44 GMT
server
cloudflare
etag
W/"63c5a530-5ef"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UIggxDCTA4UR%2BGi6ZDLkt8pdB%2Faq5kXNuijnz9e6MJtKS%2Bqff4DeAFkQtQtaFmA1NzV87Cyl51nYEl%2FsupG1VpX1vqDKsHcRC51LGlZ%2Bk7ZEPB7MHpFGSuBBWgcFB50SSvXPaPKMOReBgw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
78c2d05bf8d230e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
critical.css
analyst1.com/wp-content/themes/digitalexpress1/assets/_dist/css/ 		72 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/wp-content/themes/digitalexpress1/assets/_dist/css/critical.css?ver=1.8
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5018c5752e97dcfe08335450df8ed285dfce328bca23a82d6132f5138c80fe1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262317
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Mon, 16 Jan 2023 19:27:16 GMT
server
cloudflare
etag
W/"63c5a514-11cd8"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LXTJoegV45O%2B8NM2yxaysKt2Gl%2FzGXSWZjKsNsYlaqX0Lksb6tD8OvPtsNSKiaNpxehkA6QXO6WH2BMrxyemjOwzmaal0flh%2B8h6tStxhQyNtgPeaSofS004QimdtRCwmX8A1rvJyz7AvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
78c2d05bf8d430e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
blog.css
analyst1.com/wp-content/themes/digitalexpress1/assets/_dist/css/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/wp-content/themes/digitalexpress1/assets/_dist/css/blog.css?ver=1.8
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57cbaf43f6f0b3dacfae04e26e977746e2f08cfbe590dc56dcd410a1ac7505cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262317
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Mon, 16 Jan 2023 19:27:16 GMT
server
cloudflare
etag
W/"63c5a514-5d99"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLHcgy1Ek7TerLLSBBJjeEsKx%2Fz9%2FTgG4Lgo1Msd3wQ0osP1HoHQgPa32FHGn217%2BfMZgUgybK5nuR2MY45sEfCryYNK7Miqjs%2FFa6AERCtnoxLSq%2FG%2BxX3tAWCTA1wunaVDBKXTKsBllg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
78c2d05bf8d630e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.css
analyst1.com/wp-content/themes/digitalexpress1/assets/_dist/css/ 		207 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/wp-content/themes/digitalexpress1/assets/_dist/css/main.css?ver=1.8
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
783ef886dfd8de6a9b8be7c61d1295970df0209a13ae02f2eaa8d6b5222b202b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262317
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Mon, 16 Jan 2023 19:27:16 GMT
server
cloudflare
etag
W/"63c5a514-33041"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EGGKFYaP8pdENTojBUXtc%2B%2B4NDmfQ02RtOTi4r%2BcRDJrJ2Y26zM5NI%2FYtU87jwE0PtnIu9yIHyfKCvx9lubDE3CzH1ouF%2FgkcN40q3g1RPQ9ZCLd8luO8rc7fkDwz8K3ZNqVc1UvR62W3A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
78c2d05c08f030e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
swiper-bundle.min.css
analyst1.com/wp-content/themes/digitalexpress1/assets/vendors/swiper/ 		15 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/wp-content/themes/digitalexpress1/assets/vendors/swiper/swiper-bundle.min.css?ver=1.8
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3371f801000f02d00a3011c06bd012698f91b361b6d8d4bb76816e8dba84d22f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262317
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
last-modified
Mon, 16 Jan 2023 19:27:16 GMT
server
cloudflare
etag
W/"63c5a514-3ccb"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4FsTxpkLbS5Hc7lJ8IQ6P6R1jJWn3pMehdU8oHy4LcyueSzroGolSROQi7L64nw6wekpZIfjFjR5JdrUAGoLf9%2BTjGL%2FZOHo7jVXJikYgR0BnNGO4gqd7DPMBIyorfauAeGAWzKTJTcQw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
78c2d05c08f330e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
floatbox.css
analyst1.com/wp-content/themes/digitalexpress1/assets/vendors/floatbox/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/wp-content/themes/digitalexpress1/assets/vendors/floatbox/floatbox.css?ver=1.8
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a3980b661a1d8d94121ee05f98645238d047b0fc6d0263f707cb10cbb9b3aeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262317
cf-polished
origSize=4694
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Mon, 16 Jan 2023 19:27:16 GMT
server
cloudflare
etag
W/"63c5a514-1256"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UU3%2FiWstNBfhHb7vvcg5Ym4IVbqQVH%2BJu2pXOi%2Fvv2aZra%2Fr9FZOm6t9HfyRjAJhIGYJDmPmm%2Fe6w12ESzyNsd39gzHikURzqsrkOMm2f%2F4kNf29BudtvA7IMyYg9dGxpHXNWqlbrJSq3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
78c2d05c08f430e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
gdpr-main-nf.css
analyst1.com/wp-content/plugins/gdpr-cookie-compliance/dist/styles/ 		80 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/wp-content/plugins/gdpr-cookie-compliance/dist/styles/gdpr-main-nf.css?ver=4.9.7
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69b1f951c07ce2839a40adc4f83fc11de9211d4b39d322361f8ecb02ea31a1fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262317
cf-polished
origSize=82009
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Mon, 16 Jan 2023 19:27:52 GMT
server
cloudflare
etag
W/"63c5a538-14059"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BDHz1%2BqPRBs6cRem4Urs8Bf%2B13R%2FNfcMn%2BBr1iPZ7%2FOFbnEX4MoVWLjkn2fNfjdrKB8cPjvl50W6%2FVd4kga1jCvf4i7EORsJOUnwq7aezrICVTrksvYke%2FTvh98BqI%2F%2FBmmJELdLBIxmzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
78c2d05c08f530e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
page.js
static.addtoany.com/menu/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/page.js
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c5cc47eb8499efe3f4353bc50b38690756e78da21b0e158e14293b39c5ef812
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
via
e4s
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
74371
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 11 Jan 2023 01:11:30 GMT
server
cloudflare
etag
W/"c04-5f1f2ae2e431b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=172800
cf-ray
78c2d05dcdbb9b1b-FRA
jquery.min.js
analyst1.com/wp-includes/js/jquery/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262317
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
last-modified
Mon, 19 Sep 2022 14:16:24 GMT
server
cloudflare
etag
W/"632879b8-15e54"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1brWxnFgY608Yxo8rjX22JN4vBfjY2cuEUTesFYhOnvN9kZad83O%2Bn2N4qrGCcN9PJzcidJVDr2UPCLuxV1mm9R70iogssun4lx3XbLhFzD1R4G3BVYmML6KhUmiNd2GPDq9qVKWsBBCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
78c2d05c08f630e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-migrate.min.js
analyst1.com/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262317
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
cloudflare
etag
W/"5fb4e3fe-2bd8"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xlbK0K8eHz1raariZ97KiM2lpBp05Xku6t54Ef3ZCHyWbh3KEJwwj3Ao7hlHfa%2FdbHG%2F1oQdzh6%2BWucOaDt%2FmjX19q4pMiipQg7kA8tbPiOKgooeCFfGwCTeR9qxAANv5KgVjbNMu0rQYg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
78c2d05c08f730e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
addtoany.min.js
analyst1.com/wp-content/plugins/add-to-any/ 		129 B
421 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262317
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
last-modified
Mon, 16 Jan 2023 19:27:44 GMT
server
cloudflare
etag
W/"63c5a530-81"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZUSaq0LH38r4%2FmXkUGqlUqYyWZxiWhnDiDirevcNaR6kIP%2BSyNI5f5WeX478XIPLUGkH4vaiYvfpyfD5l3FYyyO0Htu6z9sJ6yFMGcoIhnZOr5hFROYG%2FUiB0N3n%2BGWjvkZEBpfC9AN6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
78c2d05c699c30e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
cssrelpreload.js
analyst1.com/wp-content/themes/digitalexpress1/assets/vendors/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/wp-content/themes/digitalexpress1/assets/vendors/cssrelpreload.js
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
664f6d2b747d802a76801d4948aa59ce5c7dcb25c5e245c813c42a2346efb867
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262317
cf-polished
origSize=3017
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Mon, 16 Jan 2023 19:27:16 GMT
server
cloudflare
etag
W/"63c5a514-bc9"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X7v80lIU075XVvc6VYqoLyqjEAY8m7tsfjLAyWB9X4uNYLLU4eHd1wPrMMy2RCt8APIARrjWahM08Pj5q9S7LUKTb9OqGAcidCycieLo3TRooUQz%2BXl9kR8oejcZZqEIjm9Bvb34aN7Q0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
78c2d05c69a030e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
modernizr-custom.js
analyst1.com/wp-content/themes/digitalexpress1/assets/vendors/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/wp-content/themes/digitalexpress1/assets/vendors/modernizr-custom.js
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c25fb28f6f44215a4ccb741d6e9647bfc47392a942ae3a8c32e4b3868ee157a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262317
cf-polished
origSize=3401
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Mon, 16 Jan 2023 19:27:16 GMT
server
cloudflare
etag
W/"63c5a514-d49"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qHSSK3EalYVbM1SGkBPZ86qQqxEuZyF7Osn4ry21BQ00mzbVWS%2BPgd%2BYh%2FsbB1I3%2B4Zb5rZDQmTwQMKB5PltkZ2hIDFwIwwOtJckD4PgXojasQbqQ7IvoVqfZeGncELNahh2FNsmwiT3Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
78c2d05c69a330e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Ransom-Diaries-Part-I_Analyst1_Joe-Dimaggio.png
analyst1.com/wp-content/uploads/2023/01/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyst1.com/wp-content/uploads/2023/01/Ransom-Diaries-Part-I_Analyst1_Joe-Dimaggio.png
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82ae3253c906fba5bbaa45ae842a17f04f9160f61231b1970baf7c34fa89d83a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
264562
cf-polished
origSize=1228662
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-length
1226874
x-xss-protection
1; mode=block
cf-bgj
imgq:100,h2pri
last-modified
Sun, 15 Jan 2023 16:39:54 GMT
server
cloudflare
etag
"63c42c5a-12bf76"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mTDhm51BTfNa%2F3r7P4O9LlwGHdRBZ0RcpfniA98l1X%2FZaXEfPHsIDLCVjUtJCVq%2BmeACpdY9nFRc5M9O9wGoILF%2BPNMT6TwuJFcxkoZcZMwE4p78qQ7KLH7kfqtendlCj5Oixd34mJMqdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
78c2d05c69a430e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
606f1cd60bc13-1.jpg
analyst1.com/wp-content/uploads/2023/01/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyst1.com/wp-content/uploads/2023/01/606f1cd60bc13-1.jpg
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5797e28115381658e0304278977522b2491a862001f90a8b9bb33b3c61b4a118
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262317
cf-polished
origSize=48620
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-length
48261
x-xss-protection
1; mode=block
cf-bgj
imgq:100,h2pri
last-modified
Mon, 09 Jan 2023 10:39:01 GMT
server
cloudflare
etag
"63bbeec5-bdec"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ARNh3zmRHtPgPu%2FwzanHu6n%2BjgHuxnz%2FeXvDrUItcxMQfX9jtHqpbWQt7ALl%2BKmVogRQh0PSc8SCueC97wa5Wm9cjo5WuH2jix0NG4JxS5InDM98ZzkYV5kZRSO9oC8xdzhEOA6trQKcmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
78c2d05c69a630e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
gtm.js
www.googletagmanager.com/ 		181 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5X55QVN
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a7513ba9fc6d5b3d9db73acdfd34ba6978f220e024b7782ea968a7c84d8dd9df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66418
x-xss-protection
0
last-modified
Thu, 19 Jan 2023 21:03:53 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 19 Jan 2023 21:55:19 GMT
truncated
/ 		420 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d21258c59af6cc22fc9e133894e06810471800a806cfbfb06466b0dbe2493248

Request headers

Referer
Origin
https://analyst1.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		508 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10cf7df99fd57a9c91e2363b1583ddb35d143edd83f724e036585894cd6b38ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		604 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba4036b1cf30d0dcaa7730ba42f4242ab23c45a06aaf4697c100853dd8a6ccd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		358 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
367c6b92e99ed19c91186df719125768dbedbc25f17f566e47f94425e461e52e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		358 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ef9a1ded66723d10a1eabf9d943b0155b3af6566e5ef9837a5a30449e5764f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		522 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a08bd07a9da277d25a591727b8f5f249e677a9cebe6c2c3b7ebf3e71d3e7c2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
logo.svg
analyst1.com/wp-content/uploads/2022/05/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyst1.com/wp-content/uploads/2022/05/logo.svg
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c33a5639cb3feb8a4e6ff3c19edb8947caf54f2aab52d1ebe97fd10f3bcb9a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262317
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
last-modified
Mon, 09 May 2022 10:21:02 GMT
server
cloudflare
etag
W/"6278eb0e-1ba1"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XpqCvs9JXZj3YDBLLSP2VzeE23ivPvwJRdOiHQ3zeMxJ1muw7OKPuip%2F1X8tcHouZvJwm2ehckNQe7jyFQSP9lLPazLmpaahpVgEdHbRzGFPeNyi%2BFMaB7vJtolaLY1EaODKhefdmZ0%2FNA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
78c2d05cea7030e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
arc-footer.png
analyst1.com/wp-content/themes/digitalexpress1/assets/_dist/images/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyst1.com/wp-content/themes/digitalexpress1/assets/_dist/images/arc-footer.png
Requested by
Host: analyst1.com
URL: https://analyst1.com/wp-content/themes/digitalexpress1/assets/_dist/css/main.css?ver=1.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58239e32c45cf12f04e22800dfbb50f614dcf2afa117abf3a72a8427a41e1a8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/wp-content/themes/digitalexpress1/assets/_dist/css/main.css?ver=1.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262316
cf-polished
origSize=44437
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-length
44127
x-xss-protection
1; mode=block
cf-bgj
imgq:100,h2pri
last-modified
Mon, 16 Jan 2023 19:27:16 GMT
server
cloudflare
etag
"63c5a514-ad95"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tVFWuX4%2FtdrDa%2Bw5AF8f3WMtAqOHiJidnRI12ZAq2uScK%2FnuG2eOzzL0ZWqjJrvdCq0G1EIVesgh3tDIwGDm4HAvZA%2FIvyqDjyjhBuQjZqvzPxYzCYayFACne8%2B6qpWYp83C2xEckJeSIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
78c2d05cfa7e30e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
form-eagle.svg
analyst1.com/wp-content/themes/digitalexpress1/assets/_dist/images/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyst1.com/wp-content/themes/digitalexpress1/assets/_dist/images/form-eagle.svg
Requested by
Host: analyst1.com
URL: https://analyst1.com/wp-content/themes/digitalexpress1/assets/_dist/css/main.css?ver=1.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2e1ac3dcd6c0894b40555e69ca72ea6fbf6a61837294bce204587bbb56c5c44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/wp-content/themes/digitalexpress1/assets/_dist/css/main.css?ver=1.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262316
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
last-modified
Mon, 16 Jan 2023 19:27:16 GMT
server
cloudflare
etag
W/"63c5a514-a66"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bg4csddrx%2B15KrsTgsQ7YyJcQOaZRcSvTA3xTpXJugBcQMwxyWgT%2B1nknCWMhQdLi2s8nzGArQAeg%2BwjykgI9ZSr8Ane6NpDjOUHDXUBuSDKlIOOQEK9SYS8KBq5J0MLrRW5AuyJ78Si%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
78c2d05cfa8330e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
lib-icon-arrow4.svg
analyst1.com/wp-content/themes/digitalexpress1/assets/_dist/images/svg-icons/ 		170 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyst1.com/wp-content/themes/digitalexpress1/assets/_dist/images/svg-icons/lib-icon-arrow4.svg
Requested by
Host: analyst1.com
URL: https://analyst1.com/wp-content/themes/digitalexpress1/assets/_dist/css/main.css?ver=1.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e3407f64548ade7888540e2a758d7c1aaa0eda31a3d897ef24ed4cd768d22c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/wp-content/themes/digitalexpress1/assets/_dist/css/main.css?ver=1.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
52286
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
last-modified
Mon, 16 Jan 2023 19:27:16 GMT
server
cloudflare
etag
W/"63c5a514-aa"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q4HAD6YLykxqVhH1a4pX77dXulZva%2BlkpoQKZVZ5R2NOyhr5CSacRkQfTJVPU72to8I0b01SDv8G1mDzj6y1f%2BEckHiIaGEQ0OmxBpy32xQJJcfrE5%2Ffk77LLWn4FXSbUMWBORTbw82NMw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
78c2d05d0a8630e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
dscf7db.min.js
analyst1.com/wp-content/plugins/ds-contact-form-cfdb7/js/ 		1 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/wp-content/plugins/ds-contact-form-cfdb7/js/dscf7db.min.js?ver=1.4.2
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad885a3acd4e3eedbab23408591a81dc3aed9b4b402e991e7004d2aff5de80f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
57241
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
last-modified
Mon, 16 Jan 2023 19:27:49 GMT
server
cloudflare
etag
W/"63c5a535-4d8"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F22iEPvAttAu4SuiurKN8WfEfrIR0vVt4E4K18%2FSvIvucZUdbF8eZ7Vu%2FttFEcsLSYpE4EfSEZKErG%2FL6SloHTSfcPi6dLZbed393GskAD1F9R0qeIYGAGzgJQBgACZoXjD0tkq04boTuw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
78c2d05d3ae930e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
index.js
analyst1.com/wp-content/plugins/contact-form-7/includes/swv/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29e8de26576208c07ba0845f604e65c9273b93f9f4d1d66214eb4c586f9938c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262317
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Mon, 16 Jan 2023 19:27:49 GMT
server
cloudflare
etag
W/"63c5a535-25d0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yts2txrevq93zUgXTb0uLBc91%2FasgZ5VR9JXQw4XdeOHy3thDPdbvGBUzOVBAW5%2Fwc390VoY6I7AxccPfyM%2Fh62Z3VgGSSm0g5Pk7TAgYuwbVJ4oq3oQGmpcSBoD51h19ed6%2B%2Ff0qvaAvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
78c2d05d3aed30e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
index.js
analyst1.com/wp-content/plugins/contact-form-7/includes/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
985fdd42398281348ca133a44750a56fe4909a806b9c075c9443a5d0bd6d2e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262317
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Mon, 16 Jan 2023 19:27:49 GMT
server
cloudflare
etag
W/"63c5a535-2fb3"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9C17RAiD4YicBYAK0vgyaj4q9p26qQjIs6w6QQu6ppD5uLqIcKO5uKwn9TRQUm9Svt4S3jMcQ00KAotm09pSsBxv6%2B7Ybsn2515JVND6LIFUyqo4EUxkKpVka%2FOhb5NsIFV4E0lEcDVAZw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
78c2d05d3aee30e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
app_blog.js
analyst1.com/wp-content/themes/digitalexpress1/assets/_dist/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/wp-content/themes/digitalexpress1/assets/_dist/js/app_blog.js?ver=1
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58c3c69c9ff0fee850e57e79208491fd3bf1075bf2e5b0b523274b2fc439df53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262317
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Mon, 16 Jan 2023 19:27:16 GMT
server
cloudflare
etag
W/"63c5a514-1069"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JFkeHVldA3plc8zZIvJQHr9K57gDmKLCof%2FuKsevqAFZPDPBi%2B7Mmmup6E6N6PnOdT%2BIk7bIlFGCqC8lU9vSROJbF11KfNcCa2qXfHMgfkMP0kWK%2Fk1q8GxWI0aCm7Ld0FstlueDKND0qA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
78c2d05d3aef30e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
swiper-bundle.min.js
analyst1.com/wp-content/themes/digitalexpress1/assets/vendors/swiper/ 		132 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/wp-content/themes/digitalexpress1/assets/vendors/swiper/swiper-bundle.min.js?ver=1
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e43a5802d5ed9337da2e507c39c43080de4305db7e520e22fe3ec9fd83c1b72f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262317
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
last-modified
Mon, 16 Jan 2023 19:27:16 GMT
server
cloudflare
etag
W/"63c5a514-211fc"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oGDaA6WBx0KN2x%2FFDcAHDtHwaEpHP4JmMtNT%2ByZ2FXn2wm1PVitLXoRC1XVU63S%2B56EV1eFEdLJHidniFpyJcf4EABT0ic9SCtOfFVEtv5NK7gRww9aXPn1Wde1EKA2mUhAFURHX58xx%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
78c2d05d3af130e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
lazyload.min.js
analyst1.com/wp-content/themes/digitalexpress1/assets/vendors/lazyload/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/wp-content/themes/digitalexpress1/assets/vendors/lazyload/lazyload.min.js?ver=1
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea0bff4c09b2d825e704cc95a9621d5584d6e7e334d7d2bc1d6d432a376ca566
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262317
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
last-modified
Mon, 16 Jan 2023 19:27:16 GMT
server
cloudflare
etag
W/"63c5a514-1f25"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AKN73AIPL2WhNZnGaFqL3U9HsJiW%2BNJ2WjlKe7fh4R2MacC67wfcj6Ep7tpiaqA5u9Zrj3CBUD6qhc14JphQR8d5yPi3%2FG0LaR4N9p2RTjVgNKzwRKiDpdNwQljGcvuziHMhCQAJxsnmoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
78c2d05d3af430e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
app.js
analyst1.com/wp-content/themes/digitalexpress1/assets/_dist/js/ 		86 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/wp-content/themes/digitalexpress1/assets/_dist/js/app.js?ver=1
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ceb25bbaa91ca3c855ef4871a9511829e6590573b44a0d2f557ebd90c0a43f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262317
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Mon, 16 Jan 2023 19:27:16 GMT
server
cloudflare
etag
W/"63c5a514-15614"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kw3iQk06w0LlFSut0PM6dI2rKHa3%2B%2F2RBFgkWO5yJeXHs%2FKfFa0JfoZOiBJT1pd6zFy2bJZmQ5%2BWf8pZKsxjhEhopIjmcbGRzv3JWd8vzSG6mq1OBwpV1RLEn8Exgr4IkV9BAlh3KAqTFw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
78c2d05d3af530e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
vendor.js
analyst1.com/wp-content/themes/digitalexpress1/assets/_dist/js/ 		0
285 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/wp-content/themes/digitalexpress1/assets/_dist/js/vendor.js?ver=1
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262317
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-length
0
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Mon, 16 Jan 2023 19:27:16 GMT
server
cloudflare
etag
"63c5a514-0"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHZJb02o95SX5I5Vi1kWt1JxywYpSENqrubfNhsfJSYJHUW3MxvNdZH%2Bu40suTh1q0WvMMozV9rmiYhVONsDGF%2Br15LBjYI1uaSl7wvfi1X8BEcDsOdeFkWMb6PlVr9dMDZO2rkIJW8QTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
78c2d05d3af630e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
floatbox.js
analyst1.com/wp-content/themes/digitalexpress1/assets/vendors/floatbox/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/wp-content/themes/digitalexpress1/assets/vendors/floatbox/floatbox.js?ver=1
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b507d035bb7c0e0d06f4245d4b48321216f291abc57739a5013ea1c67b9a1c7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262317
cf-polished
origSize=8671
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Mon, 16 Jan 2023 19:27:16 GMT
server
cloudflare
etag
W/"63c5a514-21df"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2BQA3G1f%2BHipksukQwdpfs0t%2FCQfEL99aSLVa3%2BYD1zuOjdmWAKwS2iSNlxwGjhO3nDDYemF3jNzNSfT1Foa%2Fk4OfOJi5ja%2FwlfJQlACtcuCDS6AKOIGGj0EbPZe3equ%2BtNCEscgxyIqlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
78c2d05d3af730e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.js
analyst1.com/wp-content/plugins/gdpr-cookie-compliance/dist/scripts/ 		58 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/wp-content/plugins/gdpr-cookie-compliance/dist/scripts/main.js?ver=4.9.7
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92ac684480425375b109c92ebaee4ae9223cbb40454c7bd4907b17cecc174689
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262317
cf-polished
origSize=59417
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Mon, 16 Jan 2023 19:27:52 GMT
server
cloudflare
etag
W/"63c5a538-e819"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8DoUS4MKEiAxQaFvEGeOqIiEBPimM1jXboB5POjxTc2cOp4VDGEjIeK6MC7Ngz4llpwtxivHSb%2FF7cDLg0ppPhl81XETYJEqCCSzh0nv4I2Ev7vJitDPBSK99WUNpTHo4tNKBtuVCKOQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
78c2d05d3af930e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
js.cookie.min.js
analyst1.com/wp-content/plugins/easy-table-of-contents/vendor/js-cookie/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/wp-content/plugins/easy-table-of-contents/vendor/js-cookie/js.cookie.min.js?ver=2.2.1
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef09f4bec10862578ab2a20b0b0f5cff4faef4b3ce0fe01872a1460ad0d72c50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262317
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
last-modified
Mon, 16 Jan 2023 19:27:51 GMT
server
cloudflare
etag
W/"63c5a537-9ee"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ZkBjW90p7xn8mt0yzHOSHPpfSlMBlgUefzek4pbtL3Zxcm8Mwt9I%2BFf0oAVowfPViQUJ9dyW%2BuXY%2F%2FhFaP20XelUY93Vj6nVTCNAOI1DE33YCa%2BOV8PUpGSnHx0LmJxTBscA03qC93laQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
78c2d05d3afa30e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.sticky-kit.min.js
analyst1.com/wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/jquery.sticky-kit.min.js?ver=1.9.2
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66361c617e79f2f0643b4ce1a922a59cb6d4e048fa3ee5cbc2309ab826af40ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262317
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
last-modified
Mon, 16 Jan 2023 19:27:51 GMT
server
cloudflare
etag
W/"63c5a537-b5b"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F1IlujMpFdjqcxQHkYONYcLDQsyfFP4hWEFTi71IGQIKlc9fFveQZWWszko9eawehBV0NAxEASFN%2FGuQOvASPMH2VBAXao5MjxJMhBt43TaEliD%2F7fGgolg3JZK9ecny0RMfGbXrsVkBaw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
78c2d05d3afb30e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
front.min.js
analyst1.com/wp-content/plugins/easy-table-of-contents/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/wp-content/plugins/easy-table-of-contents/assets/js/front.min.js?ver=2.0.43-1673897271
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb34e3177517592aa392bbf68281a10d218f51f6f427d217110de0015eaf6872
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262317
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
last-modified
Mon, 16 Jan 2023 19:27:51 GMT
server
cloudflare
etag
W/"63c5a537-b59"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2F65Aun4gAF8FK5dkiihTjkF3JWfggMew%2BsIV2SWln1QRDPub8gAdqQeGLDjRruGE%2Fegu5fcjHnartfpsKd43pt8NwroAKTVsnxDkgXaL4OQcMrIufLjGwxZxm9z8A7BjGlC57Q18ryzmg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
78c2d05d3afc30e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
akismet-frontend.js
analyst1.com/wp-content/plugins/akismet/_inc/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1673897266
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a88ba0b09a4416c080044dc095eabf66ca59e4d12a1d6201457b693687be85d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262317
cf-polished
origSize=10733
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Mon, 16 Jan 2023 19:27:46 GMT
server
cloudflare
etag
W/"63c5a532-29ed"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KN5pwAO6fZLY9YJS%2B%2BDnoAv00BEu9c6m76l%2BbQJzPk9pVrmzYmBnNmyGgAwAYux1PtWf%2BXJXAzZ62zw0VvaH9DL4cNLaE5aXYUZ5iWlZn0wo5%2F0CbGcydWvyOo7x%2Fh%2FmpHm%2BHLJoJeRo0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
78c2d05d3aff30e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
A1-Brand-Identity-Color.svg
analyst1.com/wp-content/uploads/2022/09/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyst1.com/wp-content/uploads/2022/09/A1-Brand-Identity-Color.svg
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
961e3016095d7e6f244ff538020cebbc52e2beca851b51e4f0a4ef44c4648a63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262317
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
last-modified
Fri, 30 Sep 2022 19:14:43 GMT
server
cloudflare
etag
W/"63374023-1801"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C6kP6Wpt0bj%2F0Zq0th7SAWNHJvTEWSPkL4geJf5H6bPCW4ZGWVPrk2UJQIBfhQsYhtF8Wj%2FxACjrkWn6IjmSOpyGN71XLRogAH1RjRBb6ZzeEI0wx8pd5flGl6HcBmjB%2FE6uCBZ13M22eg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
78c2d05d3b0130e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		44 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		90 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/webp
schema
analyst1.com/wp-json/contact-form-7/v1/contact-forms/456/feedback/ 		235 B
743 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/wp-json/contact-form-7/v1/contact-forms/456/feedback/schema
Requested by
Host: analyst1.com
URL: https://analyst1.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31e5e79748e64c0108644809e60a179f15793311fe21c03f46c15db44fbb0ba8
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, */*;q=0.1
Referer
https://analyst1.com/ransomware-diaries-volume-1/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

cf-edge-cache
cache,platform=wordpress
date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
server
cloudflare
allow
GET
vary
Origin, Accept-Encoding
content-type
application/json; charset=UTF-8
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5P6DFPHoT2xudRODopheT64hbkMzK3yQ%2FoU2gurO81%2BopdPSxvrBMglbap%2FChHxe%2BVpi4ipYXqdCrgf8QU0jfqWW%2BykB%2BJzWwQhEmYuJh1psUrBWS3TmeXMaZx7yJHc9OXLnr6OXkWrWsg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cf-apo-via
origin,no-cache
cf-ray
78c2d05dec1b30e2-FRA
link
<https://analyst1.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-robots-tag
noindex
fbOptions.js
analyst1.com/wp-content/themes/digitalexpress1/assets/vendors/floatbox/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/wp-content/themes/digitalexpress1/assets/vendors/floatbox/fbOptions.js?ver=1
Requested by
Host: analyst1.com
URL: https://analyst1.com/wp-content/themes/digitalexpress1/assets/vendors/floatbox/floatbox.js?ver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23c99f08780f2ea57e7b6356e6700c3ccb6ef1bcc9e9ecbb56bf1db6e5bfc889
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262316
cf-polished
origSize=1982
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Mon, 16 Jan 2023 19:27:16 GMT
server
cloudflare
etag
W/"63c5a514-7be"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AKbLoeYL6%2FPAAufxnz%2BjuJJgut9Uc2HLD%2B6C3hbEf%2BkPZDxMan0%2B963onO0nDH%2BWn2Z2H%2BPnAaDMB%2FhMooWGWmfAZ232vPKZ9X3kQKRikLlyu94vbG9P5TAiOa%2FTsoMd9kcRvh%2Bqi4n0Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
78c2d05e0c4230e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
sm.24.html
static.addtoany.com/menu/ Frame D861 		677 B
538 B 		Document
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/sm.24.html
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://analyst1.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
222356
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=315360000, immutable
cf-cache-status
HIT
cf-ray
78c2d05e0e119b1b-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 19 Jan 2023 21:55:19 GMT
etag
W/"2a5-5edb40e6d10d8"
last-modified
Fri, 18 Nov 2022 00:47:55 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
e4s
x-content-type-options
nosniff
core.26680508.js
static.addtoany.com/menu/modules/ 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/modules/core.26680508.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73cfb0ed71e314a835831530e27ba1fde5609b224781f7dbc2dd3eb9a08603cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://analyst1.com/
Origin
https://analyst1.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
via
e2s
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
283032
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 11 Jan 2023 01:11:29 GMT
server
cloudflare
etag
W/"11452-5f1f2ae24215b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
cf-ray
78c2d05e2f4d2c75-FRA
core.js
analyst1.com/wp-content/themes/digitalexpress1/assets/vendors/floatbox/ 		53 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/wp-content/themes/digitalexpress1/assets/vendors/floatbox/core.js?ver=1
Requested by
Host: analyst1.com
URL: https://analyst1.com/wp-content/themes/digitalexpress1/assets/vendors/floatbox/floatbox.js?ver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3718fda8a144cc27a8b3808a93629f9e70892bdd15767284a30deb82dc4ab40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262316
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Mon, 16 Jan 2023 19:27:16 GMT
server
cloudflare
etag
W/"63c5a514-d5a3"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g1UC%2FbZ4%2F5Q4bghh369SullCUhlojdnQ58JgPe0vKSAHFPpejc8YALAI7QBm88lBKoBbcovky%2BmSM9mBQcmSae0SR%2Fl618rtX%2FdA8ojZeEkZAlUeC8zBNmkLrSOL7pUmhDtNsuQpjdiI%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
78c2d05e8cfb30e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlowcondensed/v12/HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow+Condensed%3Aital%2Cwght%400%2C400%3B0%2C600%3B0%2C700%3B1%2C400%3B1%2C600%3B1%2C700&display=swap&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af91213cd670d6270b32ebdeb00a09625f6b74ccd780d12ff6724a14ea1efaff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://analyst1.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 02:34:10 GMT
x-content-type-options
nosniff
age
328869
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20200
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:28:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Jan 2024 02:34:10 GMT
7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow%3Aital%2Cwght%400%2C700%3B0%2C900%3B1%2C700%3B1%2C900&display=swap&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://analyst1.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 22:13:31 GMT
x-content-type-options
nosniff
age
517308
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21724
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:29:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Jan 2024 22:13:31 GMT
HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3bWuQ.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3bWuQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow+Condensed%3Aital%2Cwght%400%2C400%3B0%2C600%3B0%2C700%3B1%2C400%3B1%2C600%3B1%2C700&display=swap&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8320299532b4b81498d5b3714d49c9d5938883b55f4c2a1efe6f105bf4a942bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://analyst1.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 19:17:24 GMT
x-content-type-options
nosniff
age
95875
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21440
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:46:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Jan 2024 19:17:24 GMT
HTxwL3I-JCGChYJ8VI-L6OO_au7B4873z3bWuQ.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B4873z3bWuQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow+Condensed%3Aital%2Cwght%400%2C400%3B0%2C600%3B0%2C700%3B1%2C400%3B1%2C600%3B1%2C700&display=swap&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b281bf2f4179c06ba68f0a427f2341287c41eacc2ce9d534c6f5c513ac633fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://analyst1.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 10:04:31 GMT
x-content-type-options
nosniff
age
301848
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21352
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:30:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Jan 2024 10:04:31 GMT
HTxyL3I-JCGChYJ8VI-L6OO_au7B6xTrY3Tmu4kG.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlowcondensed/v12/HTxyL3I-JCGChYJ8VI-L6OO_au7B6xTrY3Tmu4kG.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow+Condensed%3Aital%2Cwght%400%2C400%3B0%2C600%3B0%2C700%3B1%2C400%3B1%2C600%3B1%2C700&display=swap&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aeb1b16ad1d9bf8d2654c0eca63f5c6b28b9d0e903f110971082b437cd8b190e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://analyst1.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 10:04:38 GMT
x-content-type-options
nosniff
age
301841
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22768
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:34:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Jan 2024 10:04:38 GMT
7cHqv4kjgoGqM7E3j-ws51os.woff2
fonts.gstatic.com/s/barlow/v12/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3j-ws51os.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow%3Aital%2Cwght%400%2C700%3B0%2C900%3B1%2C700%3B1%2C900&display=swap&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9bfb04a18c8be687fadacd7f67647b65113ee8d1aabcb0f410eac21681fa7ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://analyst1.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 22:40:10 GMT
x-content-type-options
nosniff
age
256509
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21416
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:56:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Jan 2024 22:40:10 GMT
HTxxL3I-JCGChYJ8VI-L6OO_au7B6xTj2FHz.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlowcondensed/v12/HTxxL3I-JCGChYJ8VI-L6OO_au7B6xTj2FHz.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow+Condensed%3Aital%2Cwght%400%2C400%3B0%2C600%3B0%2C700%3B1%2C400%3B1%2C600%3B1%2C700&display=swap&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3130cfe8b7c49789517a61b7b34c6f35f25b994147f6dd30b40721458f0cf74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://analyst1.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 18:39:29 GMT
x-content-type-options
nosniff
age
357350
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22900
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:42:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 Jan 2024 18:39:29 GMT
7cHsv4kjgoGqM7E_CfOA5WouvTo.woff2
fonts.gstatic.com/s/barlow/v12/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHsv4kjgoGqM7E_CfOA5WouvTo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow%3Aital%2Cwght%400%2C700%3B0%2C900%3B1%2C700%3B1%2C900&display=swap&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb5b9606af67dddd2d12d66ae06688d5b57725f9774d68a7c7c4fb409b54efa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://analyst1.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 18:35:07 GMT
x-content-type-options
nosniff
age
357612
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23368
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:11:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 Jan 2024 18:35:07 GMT
HTxyL3I-JCGChYJ8VI-L6OO_au7B6xTrB3Xmu4kG.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlowcondensed/v12/HTxyL3I-JCGChYJ8VI-L6OO_au7B6xTrB3Xmu4kG.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow+Condensed%3Aital%2Cwght%400%2C400%3B0%2C600%3B0%2C700%3B1%2C400%3B1%2C600%3B1%2C700&display=swap&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e020fe384e6b7ca4629d67540ea087125f55bd43864f3caf2263e889a33d9203
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://analyst1.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 18:53:49 GMT
x-content-type-options
nosniff
age
356490
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22972
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:38:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 Jan 2024 18:53:49 GMT
7cHsv4kjgoGqM7E_CfO452ouvTo.woff2
fonts.gstatic.com/s/barlow/v12/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHsv4kjgoGqM7E_CfO452ouvTo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow%3Aital%2Cwght%400%2C700%3B0%2C900%3B1%2C700%3B1%2C900&display=swap&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
003c13928a978425cdff47fcac9aaf82af882f227f45bbd6da80871d16c29209
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://analyst1.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 18:53:27 GMT
x-content-type-options
nosniff
age
356512
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22804
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:06:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 Jan 2024 18:53:27 GMT
linkedin.js
static.addtoany.com/menu/svg/icons/ 		447 B
568 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/svg/icons/linkedin.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.26680508.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98a4e1fdf290cfc7c5d58fd5688a45f0348db9ea62eceefad96a75569cae2a2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://analyst1.com/
Origin
https://analyst1.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
via
e2s
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
283032
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 18 Nov 2022 01:01:37 GMT
server
cloudflare
etag
W/"1bf-5edb43f69a778"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=7776000
cf-ray
78c2d05f08ab2c75-FRA
facebook.js
static.addtoany.com/menu/svg/icons/ 		318 B
501 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/svg/icons/facebook.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.26680508.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a19ff3554a1e589f756a92be8263726674127c133feb1d333095668b77ba08c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://analyst1.com/
Origin
https://analyst1.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
via
e4s
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
283032
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 18 Nov 2022 01:01:36 GMT
server
cloudflare
etag
W/"13e-5edb43f5ee978"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=7776000
cf-ray
78c2d05f08ad2c75-FRA
twitter.js
static.addtoany.com/menu/svg/icons/ 		695 B
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/svg/icons/twitter.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.26680508.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74ec1e2bfcf647ccdeaf5b127294db846ee4a6f8ffd6c909d4938370d4187d1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://analyst1.com/
Origin
https://analyst1.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
via
e3s
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
283032
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 18 Nov 2022 01:01:39 GMT
server
cloudflare
etag
W/"2b7-5edb43f86f378"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=7776000
cf-ray
78c2d05f08b12c75-FRA
email.js
static.addtoany.com/menu/svg/icons/ 		393 B
545 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/svg/icons/email.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.26680508.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15684309274ca43c5240c88c5be2c9ed2f56ed2b38d0367dc372760f9e287c50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://analyst1.com/
Origin
https://analyst1.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
via
e4s
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
283032
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 18 Nov 2022 01:01:36 GMT
server
cloudflare
etag
W/"189-5edb43f5e5cd8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=7776000
cf-ray
78c2d05f08b42c75-FRA
a2a.js
static.addtoany.com/menu/svg/icons/ 		182 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/svg/icons/a2a.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.26680508.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dab93242ee573bbcfc22c9d15acd47794e500ed44e6bd48a35400b39d65aa43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://analyst1.com/
Origin
https://analyst1.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
via
e3s
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
283032
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 18 Nov 2022 01:01:36 GMT
server
cloudflare
etag
W/"b6-5edb43f58ee38"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=7776000
cf-ray
78c2d05f08b72c75-FRA
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/481621745/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/481621745/?random=1674165319528&cv=11&fst=1674165319528&bg=ffffff&guid=ON&async=1&gtm=2wg1i0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fanalyst1.com%2Fransomware-diaries-volume-1%2F&tiba=Ransomware%20Diaries%3A%20Volume%201%20%7C%20Analyst1&auid=1302760891.1674165320&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5X55QVN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5742ce0d7e09d6d6b71e5c634f7a9f720bcfe1ae00da9fcaa2b71df032e1e031
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
885
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5X55QVN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 19 Jan 2023 20:36:45 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
4714
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20085
expires
Thu, 19 Jan 2023 22:36:45 GMT
tracking.js
trk.techtarget.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk.techtarget.com/tracking.js
Requested by
Host: hubspot.fedscoop.com
URL: https://hubspot.fedscoop.com/e3t/Ctc/GA+113/cfHw104/VVYmbt6wtydyN8xN56CVR5CsW8XrjSc4VX1MSN8JCsCy2-M93V1-WJV7CgPq6W5RXrH96Tv5t-W7JN05z1X5-yKW42Lcg14GBWTTVKJCnr8dG-ZsW8YBHk_3jmbStN6hTRKV_PCr8W7KqS_P2fPqRWW6zDjZ14zW0PsW7kMHJR3HymmcW5crtzk7Q54T9W7KTWz45kmBV8W3njCMm1Qqxr2W4PlF1-5XRJptW25W-5Y93DRkzW5TR3qK28l5rxW97tmKW83m-mV3fBd1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 13 Dec 2022 15:01:39 GMT
server
cloudflare
age
177
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=1200
cf-ray
78c2d05f4d026957-FRA
expires
Thu, 19 Jan 2023 22:02:22 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: hubspot.fedscoop.com
URL: https://hubspot.fedscoop.com/e3t/Ctc/GA+113/cfHw104/VVYmbt6wtydyN8xN56CVR5CsW8XrjSc4VX1MSN8JCsCy2-M93V1-WJV7CgPq6W5RXrH96Tv5t-W7JN05z1X5-yKW42Lcg14GBWTTVKJCnr8dG-ZsW8YBHk_3jmbStN6hTRKV_PCr8W7KqS_P2fPqRWW6zDjZ14zW0PsW7kMHJR3HymmcW5crtzk7Q54T9W7KTWz45kmBV8W3njCMm1Qqxr2W4PlF1-5XRJptW25W-5Y93DRkzW5TR3qK28l5rxW97tmKW83m-mV3fBd1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
gzip
last-modified
Tue, 10 Jan 2023 17:22:56 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=70402
accept-ranges
bytes
content-length
4777
tracker
www.influ2.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.influ2.com/tracker?clid=19622639-70cd-43f9-ad54-eb46578774f0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5X55QVN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.219 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
219.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
f91642a739cc5638bf30222d4345cc76335a784fefdc8495d011aa332d5cfe78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 google
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
events.js
tags.srv.stackadapt.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: hubspot.fedscoop.com
URL: https://hubspot.fedscoop.com/e3t/Ctc/GA+113/cfHw104/VVYmbt6wtydyN8xN56CVR5CsW8XrjSc4VX1MSN8JCsCy2-M93V1-WJV7CgPq6W5RXrH96Tv5t-W7JN05z1X5-yKW42Lcg14GBWTTVKJCnr8dG-ZsW8YBHk_3jmbStN6hTRKV_PCr8W7KqS_P2fPqRWW6zDjZ14zW0PsW7kMHJR3HymmcW5crtzk7Q54T9W7KTWz45kmBV8W3njCMm1Qqxr2W4PlF1-5XRJptW25W-5Y93DRkzW5TR3qK28l5rxW97tmKW83m-mV3fBd1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.239.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-239-236.compute-1.amazonaws.com
Software
/
Resource Hash
af6cf4cd5bca6cec0b6b7a10515cb21936e87715a1e5244d32357501f0e7d830

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 19 Jan 2023 21:55:19 GMT
Cache-Control
max-age=5
Content-Encoding
gzip
Connection
keep-alive
Content-Length
5395
Content-Type
text/javascript
hotjar-2795099.js
static.hotjar.com/c/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2795099.js?sv=6
Requested by
Host: hubspot.fedscoop.com
URL: https://hubspot.fedscoop.com/e3t/Ctc/GA+113/cfHw104/VVYmbt6wtydyN8xN56CVR5CsW8XrjSc4VX1MSN8JCsCy2-M93V1-WJV7CgPq6W5RXrH96Tv5t-W7JN05z1X5-yKW42Lcg14GBWTTVKJCnr8dG-ZsW8YBHk_3jmbStN6hTRKV_PCr8W7KqS_P2fPqRWW6zDjZ14zW0PsW7kMHJR3HymmcW5crtzk7Q54T9W7KTWz45kmBV8W3njCMm1Qqxr2W4PlF1-5XRJptW25W-5Y93DRkzW5TR3qK28l5rxW97tmKW83m-mV3fBd1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-123.fra56.r.cloudfront.net
Software
/
Resource Hash
8cdbb7a3c0d419d561a53bc7ac9535e596e95dfad5ed69a97aee129a23443dcc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Thu, 19 Jan 2023 21:55:19 GMT
via
1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
etag
W/4333aa499c22412790eb89ac69e6576c
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
1upjWGMtbNyq7wlp3l03D2AvndX0qKGhhxnU4MVi2IPcjiWaj5vuow==
js
www.googletagmanager.com/gtag/ 		217 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-M2K2VMB2HV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5X55QVN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
037430c8105ce61f5eee3398524bd6e4330340fcf3f9572f3f8aa91d30372dd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77686
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 19 Jan 2023 21:55:19 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1576800&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1576800%26t%3D2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1576800%26t%3D2
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
HTTP/1.1
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 19 Jan 2023 21:55:19 GMT
AN-X-Request-Uuid
97eb49e4-c434-4bca-8b23-ea711648646b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.168; 185.213.155.168; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 19 Jan 2023 21:55:19 GMT
AN-X-Request-Uuid
befa6a05-9ab7-472c-b255-c008c11d1edb
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1576800%26t%3D2
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.168; 185.213.155.168; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
wait.gif
analyst1.com/wp-content/themes/digitalexpress1/assets/vendors/floatbox/resources/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyst1.com/wp-content/themes/digitalexpress1/assets/vendors/floatbox/resources/wait.gif
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf73f9da2d31ae08d447ba0b38fb1ac24c45f3ea5aad9f26ca45d61f6c968c67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262315
cf-polished
status=not_needed
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-length
10283
x-xss-protection
1; mode=block
cf-bgj
imgq:100,h2pri
last-modified
Mon, 16 Jan 2023 19:27:16 GMT
server
cloudflare
etag
"63c5a514-282b"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sHQ1bfcM7miSdDpq4WiZVgRUW1BcKFtduiMvhZKFhs84xKRaD99bjpaH%2BPRfNjZ9CCNDmycJ3wM45wwIJlVzfisS77xai6Mv7i%2Fj6BDfVTsNkko5lt5wNXO%2BQj2x7Yy8nBFqdwDLe%2Fn9NQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
vary
Accept-Encoding
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
78c2d05f2dda30e2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
token
cdn.linkedin.oribi.io/partner/3412169/domain/analyst1.com/ 		36 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/3412169/domain/analyst1.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:fe00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://analyst1.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:26:15 GMT
content-encoding
gzip
via
1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
1744
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
WZsOcT6CiFwAgzQc0nQK6rxsEMMV11VRK02HWJfJqhDqt9-tm505GQ==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3412169&time=1674165319586&url=https%3A%2F%2Fanalyst1.com%2Fransomware-diaries-volume-1%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3412169%26time%3D1674165319586%26url%3Dhttps%253A%252F%252Fanalyst1.com%252Franso...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3412169&time=1674165319586&url=https%3A%2F%2Fanalyst1.com%2Fransomware-diaries-volume-1%2F&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3412169&time=1674165319586&url=https%3A%2F%2Fanalyst1.com%2Fransomware-diaries-volume-1%2F&liSync=true&e_ipv6=AQIgjwsj8_ykjAAAAYXMB3nDapqUkTg-WNs...
0
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3412169&time=1674165319586&url=https%3A%2F%2Fanalyst1.com%2Fransomware-diaries-volume-1%2F&liSync=true&e_ipv6=AQIgjwsj8_ykjAAAAYXMB3nDapqUkTg-WNsz4ad-erNekz5b6Mjl1IzcwD-WAPVE17QTHACm
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: D6CC6C85506A4DA28C1FDF0C9A0DD66D Ref B: FRAEDGE1414 Ref C: 2023-01-19T21:55:20Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXypP022hCttk0J+Z6ZWA==

Redirect headers

date
Thu, 19 Jan 2023 21:55:19 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 8987C5569A8A4166BABDB27836BF721C Ref B: FRAEDGE1522 Ref C: 2023-01-19T21:55:20Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3412169&time=1674165319586&url=https%3A%2F%2Fanalyst1.com%2Fransomware-diaries-volume-1%2F&liSync=true&e_ipv6=AQIgjwsj8_ykjAAAAYXMB3nDapqUkTg-WNsz4ad-erNekz5b6Mjl1IzcwD-WAPVE17QTHACm
x-li-proto
http/2
content-length
0
x-li-uuid
AAXypP0zh8VYZJW6yNXFHw==
collect
www.google-analytics.com/j/ 		4 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=398435077&t=pageview&_s=1&dl=https%3A%2F%2Fanalyst1.com%2Fransomware-diaries-volume-1%2F&ul=en-us&de=UTF-8&dt=Ransomware%20Diaries%3A%20Volume%201%20%7C%20Analyst1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=863022700&gjid=2021478584&cid=194144260.1674165320&tid=UA-166324371-1&_gid=512828444.1674165320&_r=1&_slc=1&gtm=2wg1i05X55QVN&z=1222162093
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://analyst1.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 21:55:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://analyst1.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
gif.gif
ibc-flow.techtarget.com/a/ 		43 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=20973056&r=1674165319602&ref=https%3A%2F%2Fanalyst1.com%2Fransomware-diaries-volume-1%2F&version=2.4
Requested by
Host: trk.techtarget.com
URL: https://trk.techtarget.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.208.111.34.bc.googleusercontent.com
Software
nginx/1.20.2 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

ibc_rate_tier
20973056
Referer
https://analyst1.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:55:19 GMT
via
1.1 google
x-guploader-uploadid
ADPycdvzaiLapeL_mz3-fLowipLVUFSkXuXt5RXqoafRKoCzJ5oRWNgMIFf3kG8fjekEv15YvkO2fZ6ikbbFluAFEaDpBA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
last-modified
Thu, 08 Dec 2022 21:19:29 GMT
server
nginx/1.20.2
etag
"fc94fb0c3ed8a8f909dbc7630a0987ff"
vary
Origin
x-goog-generation
1670534369365034
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=7uenZA==, md5=/JT7DD7YqPkJ28djCgmH/w==
cache-control
public, max-age=3600
access-control-allow-methods
GET, POST, OPTIONS
x-goog-stored-content-length
43
accept-ranges
bytes
access-control-allow-headers
ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
expires
Thu, 19 Jan 2023 22:55:19 GMT
gif.gif
ibc-flow.techtarget.com/a/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=20973056&r=1674165319602&ref=https%3A%2F%2Fanalyst1.com%2Fransomware-diaries-volume-1%2F&version=2.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.208.111.34.bc.googleusercontent.com
Software
nginx/1.20.2 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
ibc_rate_tier
Access-Control-Request-Method
GET
Origin
https://analyst1.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers
ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 19 Jan 2023 21:55:19 GMT
expires
Thu, 19 Jan 2023 21:55:19 GMT
server
nginx/1.20.2
vary
Origin
via
1.1 google
x-guploader-uploadid
ADPycduy8Ue6UBiOi_ywXo5DK9z8KKD4tkXb0HSyv41-PwI5fNEYfUCkzYnA8rCzYL2UEDG39DMtYVghHlBSObrz212iTA
collect
stats.g.doubleclick.net/j/ 		1 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-166324371-1&cid=194144260.1674165320&jid=863022700&gjid=2021478584&_gid=512828444.1674165320&_u=YEBAAEAAAAAAACAAI~&z=1002205921
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://analyst1.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 19 Jan 2023 21:55:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://analyst1.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
344 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-M2K2VMB2HV&gtm=2oe1i0&_p=398435077&cid=194144260.1674165320&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1674165319&sct=1&seg=0&dl=https%3A%2F%2Fanalyst1.com%2Fransomware-diaries-volume-1%2F&dt=Ransomware%20Diaries%3A%20Volume%201%20%7C%20Analyst1&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M2K2VMB2HV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 21:55:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://analyst1.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.4829238839b92db7e6b6.js
script.hotjar.com/ 		263 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.4829238839b92db7e6b6.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2795099.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-25.fra53.r.cloudfront.net
Software
/
Resource Hash
2b9778c3376729e1f5f81f8b47fd5628f6f97ad351919921f0f2d58a2e9c16c9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 10:13:05 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
128534
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
68627
last-modified
Wed, 18 Jan 2023 10:12:30 GMT
etag
"33cdf1335ebc1b6d54f0110dc31bd36c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
1qsvIhlvN7DL4yEk_X6wCbJ6HlYM4XiScWoTWD1Zz9_kfvJ_LiIj4A==
/
t.influ2.com/u/ 		63 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.influ2.com/u/?cb=1674165319893
Requested by
Host: www.influ2.com
URL: https://www.influ2.com/tracker?clid=19622639-70cd-43f9-ad54-eb46578774f0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
45ba4af6f0fd8c5ee2ea9da0ba2e346277b61b79119f32cf71dea37c40d7797a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
https://analyst1.com
date
Thu, 19 Jan 2023 21:55:20 GMT
content-encoding
gzip
access-control-allow-credentials
true
via
1.1 google
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
/
t.influ2.com/p/vt/ 		597 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.influ2.com/p/vt/?a=&clid=19622639-70cd-43f9-ad54-eb46578774f0&caid=&cb=1674165319893&s=&dt=Ransomware%20Diaries%3A%20Volume%201%20%7C%20Analyst1&ref=https%3A%2F%2Fanalyst1.com%2Fransomware-diaries-volume-1%2F&d=0&da=0
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d267998c3594ce7f02341a5a8ef2b2705627f2552960e332d73747022406a30b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/ransomware-diaries-volume-1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 19 Jan 2023 21:55:20 GMT
via
1.1 google
access-control-allow-credentials
true
content-length
597
content-type
image/jpeg
/
www.google.com/pagead/1p-user-list/481621745/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/481621745/?random=1674165319528&cv=11&fst=1674162000000&bg=ffffff&guid=ON&async=1&gtm=2wg1i0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fanalyst1.com%2Fransomware-diaries-volume-1%2F&tiba=Ransomware%20Diaries%3A%20Volume%201%20%7C%20Analyst1&fmt=3&is_vtc=1&random=2101286106&rmt_tld=0&ipr=y
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 21:55:20 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/481621745/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/481621745/?random=1674165319528&cv=11&fst=1674162000000&bg=ffffff&guid=ON&async=1&gtm=2wg1i0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fanalyst1.com%2Fransomware-diaries-volume-1%2F&tiba=Ransomware%20Diaries%3A%20Volume%201%20%7C%20Analyst1&fmt=3&is_vtc=1&random=2101286106&rmt_tld=1&ipr=y
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 21:55:19 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csp-report
analyst1.com/ 		91 KB
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://analyst1.com/csp-report
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
529ba6ef4b206d8b34402d7b24ab3d8f88d2e82f96dbf2c105aba1a945c1c459

Request headers

Referer
https://analyst1.com/ransomware-diaries-volume-1/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/csp-report

Response headers

cf-edge-cache
cache,platform=wordpress
date
Thu, 19 Jan 2023 21:55:20 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0tZUiUQXMkxXT4v0SeiclhMD%2FhFh8p7xMvYu6gMiUFYfS7Aig%2B2TB%2F12FnFXteC1coBgabyHuDr96E5jh9ZqGA2xKhzOtOIGL7sw3JDdRHg28aJ7Xk3J4TWq%2Bkwp%2FgQMsZFRboKH%2BnoZGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
cf-ray
78c2d061597830e2-FRA
link
<https://analyst1.com/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
6680fcd7-149e-4aba-9860-59b84647cf33
https://analyst1.com/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://analyst1.com/6680fcd7-149e-4aba-9860-59b84647cf33
Requested by
Host: analyst1.com
URL: https://analyst1.com/ransomware-diaries-volume-1/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length
43
Content-Type
image/gif
box-ff00c703c3bbdf54ae44ee858d64f69e.html
vars.hotjar.com/ Frame 8F3F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-ff00c703c3bbdf54ae44ee858d64f69e.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2795099.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-95.fra53.r.cloudfront.net
Software
/
Resource Hash
cacf589210d4361a42eed0c4a5ac94db9d22ac0a437db9bcccb8efadc06d71aa
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://analyst1.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
128533
cache-control
max-age=31536000
content-encoding
br
content-length
1035
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 18 Jan 2023 10:13:06 GMT
etag
"730971b89ffa8b99e4157f49a4275594"
last-modified
Wed, 18 Jan 2023 10:12:30 GMT
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
via
1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-id
r50j6-0G9NZEnHyxnZ-ULKSZXlfHLbx0ulj9aP9PDRc1ohhyo8gNdQ==
x-amz-cf-pop
FRA53-C1
x-cache
Hit from cloudfront
x-robots-tag
none
sa.css
tags.srv.stackadapt.com/ 		65 B
292 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.239.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-239-236.compute-1.amazonaws.com
Software
/
Resource Hash
e0c72062260a32675dc945981dc3774b2a8588da59c5431445de0e9dfa1e1a46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 19 Jan 2023 21:55:20 GMT
Cache-Control
only-if-cached, no-transform, private, max-age=7776000
Connection
keep-alive
Content-Length
65
Content-Type
text/css
sa.jpeg
tags.srv.stackadapt.com/ 		0
881 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.239.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-239-236.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 19 Jan 2023 21:55:20 GMT
Cache-Control
only-if-cached, no-transform, private, max-age=7776000
Connection
keep-alive
Content-Length
651
Content-Type
image/jpeg
visit-data
in.hotjar.com/api/v2/client/sites/2795099/ 		147 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/2795099/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.4829238839b92db7e6b6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.129.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-129-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d5c1ad551c121bee3ab5ec67df650f929a74368057152d6c09a12c6df0651dc6

Request headers

Referer
https://analyst1.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Thu, 19 Jan 2023 21:55:20 GMT
content-encoding
br
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
saq_pxl
tags.srv.stackadapt.com/ 		116 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=FtCyemTrdDmd32raE4rsyg&is_js=true&landing_url=https%3A%2F%2Fanalyst1.com%2Fransomware-diaries-volume-1%2F&t=Ransomware%20Diaries%3A%20Volume%201%20%7C%20Analyst1&tip=p3D-q-UsdkPGKiVBx7dJnH8KNsN63HuuOrADeG0cByA&host=https://analyst1.com&sa_conv_data_css_value=%20%220-b73855aa-e911-4e38-7f0e-8df40e71dac9%22&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd957b6446be8b844246faa98dd2427f3a6b9d59ba8&sa-user-id-v2=s%253AtzhVqukRTjh_Do30DnHaybnVm6g.GpuiQjs4Ze9qgGnf%252F7bm%252F%252BzHgj9pfWmwFot2E1aNrYo&sa-user-id=s%253A0-b73855aa-e911-4e38-7f0e-8df40e71dac9.LJRX1%252BKU5zVHGkJpP%252BYMlfjNAqPPUHH4%252BcW%252FLPwtti4
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.239.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-239-236.compute-1.amazonaws.com
Software
/
Resource Hash
3ab6467049bbcbcb72dcc5cf702c37968c7ae0f5343625ec2b0203c0d4af1b75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analyst1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 19 Jan 2023 21:55:20 GMT
Access-Control-Allow-Methods
GET
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://analyst1.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
116

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontentvisibilityautostatechange object| a2a_config object| ds undefined| $ function| jQuery function| ezTocScrollScriptJS object| dataLayer object| dscf7db object| wpcf7 object| moove_frontend_gdpr_scripts string| gdpr_consent__strict string| gdpr_consent__thirdparty string| gdpr_consent__advanced string| gdpr_consent__cookies object| ezTOC function| loadCSS object| Modernizr object| swv function| Swiper function| LazyLoad object| fb function| postscribe function| gdpr_lightbox function| Cookies object| a2a function| a2a_init object| google_tag_manager object| google_tag_data function| a2a_show_dropdown function| a2a_miniLeaveDelay number| a2apage_init object| GooglebQhCsO string| GoogleAnalyticsObject function| ga object| techtargetic string| _linkedin_partner_id object| _linkedin_data_partner_ids function| saq function| _saq function| hj object| _hjSettings function| lintrk boolean| _already_called_lintrk object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| res object| saCookies string| current_window_url_param

31 Cookies

Domain/Path Name / Value
.hubspot.fedscoop.com/ Name: __cf_bm
Value: 6ZZUai9v0ySVJHx6HRjQnZ3oKcmGH8OdENHjPcptgK8-1674165316-0-AWSy9kp7ZZTP9ExW6BWD4k8x98gBaV7VIPnNJ5CJecmyvOX5evFi4ZXOh4TqmeRBZHxUVSSqU+4JqUKRYdY3P5o=
.hubspot.fedscoop.com/ Name: __cfruid
Value: 11623ac27057e79a413c3e822893ec83988f7fbb-1674165316
.analyst1.com/ Name: _gcl_au
Value: 1.1.1302760891.1674165320
.adnxs.com/ Name: uuid2
Value: 8876564702875212212
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2Hc'sf'?@!@wnf-Te9(>wL5L!!'XA$mX.[
.techtarget.com/ Name: __cf_bm
Value: xvO_89MGXVBha45j5gOlbGTLtOheCT2cVI683Rz88F8-1674165319-0-ASbLelUh+USGGDZ7QYKBLfJzcoKxfQ5Rc+6CFKQ7ocGDcCcZ+cDDoetxKdTjUbr1qGULEi6PtQkz5w3ueNou4WQ=
.analyst1.com/ Name: _gid
Value: GA1.2.512828444.1674165320
.analyst1.com/ Name: _gat_UA-166324371-1
Value: 1
analyst1.com/ Name: ln_or
Value: eyIzNDEyMTY5IjoiZCJ9
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.analyst1.com/ Name: _ga_M2K2VMB2HV
Value: GS1.1.1674165319.1.0.1674165319.0.0.0
.analyst1.com/ Name: _ga
Value: GA1.1.194144260.1674165320
.linkedin.com/ Name: UserMatchHistory
Value: AQI2TY69FkxpBwAAAYXMB3gqYNpSA-yOV-G3V93i5QIbDXtew-DakPPYmZVvHiIvP3kJ4_QXKaWu7Q
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQINbfWO1nVYTwAAAYXMB3gqBL_5TEwM0I9H7r9oKqwLvwPZjVh4SVjgrZXmMECrT3m2ONYRS_Vd7TBXZ9c8yQ
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&b7654421-c13b-4453-867e-71f2556d3c11"
.linkedin.com/ Name: lidc
Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2445:u=1:x=1:i=1674165319:t=1674251719:v=2:sig=AQG85zAykLNr4VQVrp58RuLx-OI2_dwv"
tags.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-b73855aa-e911-4e38-7f0e-8df40e71dac9.LJRX1%2BKU5zVHGkJpP%2BYMlfjNAqPPUHH4%2BcW%2FLPwtti4
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AtzhVqukRTjh_Do30DnHaybnVm6g.GpuiQjs4Ze9qgGnf%2F7bm%2F%2BzHgj9pfWmwFot2E1aNrYo
analyst1.com/ Name: sa-user-id
Value: s%253A0-b73855aa-e911-4e38-7f0e-8df40e71dac9.LJRX1%252BKU5zVHGkJpP%252BYMlfjNAqPPUHH4%252BcW%252FLPwtti4
analyst1.com/ Name: sa-user-id-v2
Value: s%253AtzhVqukRTjh_Do30DnHaybnVm6g.GpuiQjs4Ze9qgGnf%252F7bm%252F%252BzHgj9pfWmwFot2E1aNrYo
.analyst1.com/ Name: _hjSessionUser_2795099
Value: eyJpZCI6ImY4MDNlMWM5LTYyYzQtNTRiNy05NWI0LTc5ZDg1Mjk2ZDY3ZiIsImNyZWF0ZWQiOjE2NzQxNjUzMTk5NzksImV4aXN0aW5nIjpmYWxzZX0=
.analyst1.com/ Name: _hjFirstSeen
Value: 1
analyst1.com/ Name: _hjIncludedInSessionSample
Value: 0
.analyst1.com/ Name: _hjSession_2795099
Value: eyJpZCI6IjU5M2RiM2E4LTUwMTYtNGI0OS1iZGE0LWQ2ZGY4Y2E1YmM4NSIsImNyZWF0ZWQiOjE2NzQxNjUzMjAwMDIsImluU2FtcGxlIjpmYWxzZX0=
analyst1.com/ Name: _hjIncludedInPageviewSample
Value: 1
.analyst1.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&2023011921551960467027-0789-43da-8a26-e54922b3c448AQGQgUmZPUXyz3uMgPr5h1wkYqrQtv1A"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NzQxNjUzMTk7MjswMjH4pHWG+mi67OCRBdWYriUtmZTJaW12kQs+GcACB0bQHA==
.influ2.com/ Name: R
Value: 21dcf2c2a93e90cefc5cc0b5

2 Console Messages

Source Level URL
Text
security error URL: https://analyst1.com/ransomware-diaries-volume-1/
Message:
[Report Only] Refused to load the image 'blob:https://analyst1.com/6680fcd7-149e-4aba-9860-59b84647cf33' because it violates the following Content Security Policy directive: "img-src https: data:".
network error URL: https://analyst1.com/csp-report
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analyst1.com
cdn.linkedin.oribi.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hubspot.fedscoop.com
ibc-flow.techtarget.com
in.hotjar.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
script.hotjar.com
secure.adnxs.com
snap.licdn.com
static.addtoany.com
static.hotjar.com
stats.g.doubleclick.net
t.influ2.com
tags.srv.stackadapt.com
trk.techtarget.com
vars.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.influ2.com
www.linkedin.com
13.107.42.14
143.204.215.25
143.204.215.95
2001:4860:4802:32::36
2001:4860:4802:38::178
2600:9000:206f:fe00:2:53b2:240:93a1
2606:2c40::c73c:67e1
2606:4700:10::6816:47c5
2606:4700:20::681a:18c
2606:4700::6812:d9f
2620:1ec:21::14
2a00:1450:4001:80b::2003
2a00:1450:4001:827::2008
2a00:1450:4001:828::2013
2a00:1450:4001:831::2003
2a00:1450:400c:c0b::9c
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::2004
2a00:1450:400d:80c::200a
2a02:26f0:3500:16::215:14a0
34.107.254.219
34.111.208.231
37.252.172.123
54.229.129.43
54.243.239.236
65.9.66.123
003c13928a978425cdff47fcac9aaf82af882f227f45bbd6da80871d16c29209
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
037430c8105ce61f5eee3398524bd6e4330340fcf3f9572f3f8aa91d30372dd0
0acd24a496a49dbc84d21e9a50be567abad4e0a185ecc0ed69b0cdb0365d3774
0b281bf2f4179c06ba68f0a427f2341287c41eacc2ce9d534c6f5c513ac633fb
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e
0ff8e4b5b9f5ff680c854dbc1ae0bc31541871b7e8f5487a9b761a39043e061c
10a2439001d53cac93726a7b6f5b1fbc3dc1af341589c3a1759703c66bf21fed
10cf7df99fd57a9c91e2363b1583ddb35d143edd83f724e036585894cd6b38ac
15684309274ca43c5240c88c5be2c9ed2f56ed2b38d0367dc372760f9e287c50
1a3980b661a1d8d94121ee05f98645238d047b0fc6d0263f707cb10cbb9b3aeb
23c99f08780f2ea57e7b6356e6700c3ccb6ef1bcc9e9ecbb56bf1db6e5bfc889
29e8de26576208c07ba0845f604e65c9273b93f9f4d1d66214eb4c586f9938c4
2b9778c3376729e1f5f81f8b47fd5628f6f97ad351919921f0f2d58a2e9c16c9
2c33a5639cb3feb8a4e6ff3c19edb8947caf54f2aab52d1ebe97fd10f3bcb9a0
2c5cc47eb8499efe3f4353bc50b38690756e78da21b0e158e14293b39c5ef812
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31e5e79748e64c0108644809e60a179f15793311fe21c03f46c15db44fbb0ba8
3371f801000f02d00a3011c06bd012698f91b361b6d8d4bb76816e8dba84d22f
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
367c6b92e99ed19c91186df719125768dbedbc25f17f566e47f94425e461e52e
3a19ff3554a1e589f756a92be8263726674127c133feb1d333095668b77ba08c
3ab6467049bbcbcb72dcc5cf702c37968c7ae0f5343625ec2b0203c0d4af1b75
3dab93242ee573bbcfc22c9d15acd47794e500ed44e6bd48a35400b39d65aa43
45ba4af6f0fd8c5ee2ea9da0ba2e346277b61b79119f32cf71dea37c40d7797a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ceb25bbaa91ca3c855ef4871a9511829e6590573b44a0d2f557ebd90c0a43f1
5018c5752e97dcfe08335450df8ed285dfce328bca23a82d6132f5138c80fe1b
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
529ba6ef4b206d8b34402d7b24ab3d8f88d2e82f96dbf2c105aba1a945c1c459
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
564f1d25ee0e18954b6d8e392bc4c074968aefcbfa2258d8f7d019b91d6376fb
5742ce0d7e09d6d6b71e5c634f7a9f720bcfe1ae00da9fcaa2b71df032e1e031
5797e28115381658e0304278977522b2491a862001f90a8b9bb33b3c61b4a118
57cbaf43f6f0b3dacfae04e26e977746e2f08cfbe590dc56dcd410a1ac7505cd
58239e32c45cf12f04e22800dfbb50f614dcf2afa117abf3a72a8427a41e1a8a
58c3c69c9ff0fee850e57e79208491fd3bf1075bf2e5b0b523274b2fc439df53
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5c25fb28f6f44215a4ccb741d6e9647bfc47392a942ae3a8c32e4b3868ee157a
5e3407f64548ade7888540e2a758d7c1aaa0eda31a3d897ef24ed4cd768d22c2
60ef9a1ded66723d10a1eabf9d943b0155b3af6566e5ef9837a5a30449e5764f
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
66361c617e79f2f0643b4ce1a922a59cb6d4e048fa3ee5cbc2309ab826af40ac
664f6d2b747d802a76801d4948aa59ce5c7dcb25c5e245c813c42a2346efb867
69b1f951c07ce2839a40adc4f83fc11de9211d4b39d322361f8ecb02ea31a1fb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70a5b0b12138d72265e36399b36ce4590a9df3bd22ee73c201d269b109a8177a
73cfb0ed71e314a835831530e27ba1fde5609b224781f7dbc2dd3eb9a08603cd
74ec1e2bfcf647ccdeaf5b127294db846ee4a6f8ffd6c909d4938370d4187d1f
783ef886dfd8de6a9b8be7c61d1295970df0209a13ae02f2eaa8d6b5222b202b
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
82ae3253c906fba5bbaa45ae842a17f04f9160f61231b1970baf7c34fa89d83a
8320299532b4b81498d5b3714d49c9d5938883b55f4c2a1efe6f105bf4a942bd
8cdbb7a3c0d419d561a53bc7ac9535e596e95dfad5ed69a97aee129a23443dcc
92ac684480425375b109c92ebaee4ae9223cbb40454c7bd4907b17cecc174689
961e3016095d7e6f244ff538020cebbc52e2beca851b51e4f0a4ef44c4648a63
985fdd42398281348ca133a44750a56fe4909a806b9c075c9443a5d0bd6d2e51
98a4e1fdf290cfc7c5d58fd5688a45f0348db9ea62eceefad96a75569cae2a2d
9a08bd07a9da277d25a591727b8f5f249e677a9cebe6c2c3b7ebf3e71d3e7c2d
a7513ba9fc6d5b3d9db73acdfd34ba6978f220e024b7782ea968a7c84d8dd9df
a88ba0b09a4416c080044dc095eabf66ca59e4d12a1d6201457b693687be85d3
ad885a3acd4e3eedbab23408591a81dc3aed9b4b402e991e7004d2aff5de80f6
aeb1b16ad1d9bf8d2654c0eca63f5c6b28b9d0e903f110971082b437cd8b190e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af6cf4cd5bca6cec0b6b7a10515cb21936e87715a1e5244d32357501f0e7d830
af91213cd670d6270b32ebdeb00a09625f6b74ccd780d12ff6724a14ea1efaff
b3130cfe8b7c49789517a61b7b34c6f35f25b994147f6dd30b40721458f0cf74
b507d035bb7c0e0d06f4245d4b48321216f291abc57739a5013ea1c67b9a1c7f
ba4036b1cf30d0dcaa7730ba42f4242ab23c45a06aaf4697c100853dd8a6ccd5
bb34e3177517592aa392bbf68281a10d218f51f6f427d217110de0015eaf6872
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
bf73f9da2d31ae08d447ba0b38fb1ac24c45f3ea5aad9f26ca45d61f6c968c67
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
cacf589210d4361a42eed0c4a5ac94db9d22ac0a437db9bcccb8efadc06d71aa
caed9ef021bfa5c3debf80fe3456c46c0373e304634be39c1b18526e2d7bc83f
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
d21258c59af6cc22fc9e133894e06810471800a806cfbfb06466b0dbe2493248
d267998c3594ce7f02341a5a8ef2b2705627f2552960e332d73747022406a30b
d5c1ad551c121bee3ab5ec67df650f929a74368057152d6c09a12c6df0651dc6
e020fe384e6b7ca4629d67540ea087125f55bd43864f3caf2263e889a33d9203
e0c72062260a32675dc945981dc3774b2a8588da59c5431445de0e9dfa1e1a46
e2e1ac3dcd6c0894b40555e69ca72ea6fbf6a61837294bce204587bbb56c5c44
e3718fda8a144cc27a8b3808a93629f9e70892bdd15767284a30deb82dc4ab40
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43a5802d5ed9337da2e507c39c43080de4305db7e520e22fe3ec9fd83c1b72f
ea0bff4c09b2d825e704cc95a9621d5584d6e7e334d7d2bc1d6d432a376ca566
ec08cd9cd26f002f23c506133e240e39eab34c596471595ceb7a0381ad85659f
ef09f4bec10862578ab2a20b0b0f5cff4faef4b3ce0fe01872a1460ad0d72c50
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f91642a739cc5638bf30222d4345cc76335a784fefdc8495d011aa332d5cfe78
f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47
f9bfb04a18c8be687fadacd7f67647b65113ee8d1aabcb0f410eac21681fa7ef
fb12708d973e6b9354f367a6780e5a166b0da7d2721d856da7f9d57130883eaa
fb5b9606af67dddd2d12d66ae06688d5b57725f9774d68a7c7c4fb409b54efa3