thedfirreport.com Open in urlscan Pro
2606:4700:3036::ac43:bd2f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://thedfirreport.com/
Effective URL:
https://thedfirreport.com/
Submission Tags: falconsandbox
Submission: On February 04 via api (February 4th 2024, 12:06:31 am UTC) from US — Scanned from DE

Summary HTTP 76 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 10 domains to perform 76 HTTP transactions. The main IP is 2606:4700:3036::ac43:bd2f, located in United States and belongs to CLOUDFLARENET, US. The main domain is thedfirreport.com. The Cisco Umbrella rank of the primary domain is 947076.
TLS certificate: Issued by E1 on January 18th 2024. Valid for: 3 months.

This is the only time thedfirreport.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3035::6815:950	13335 (CLOUDFLAR...) (CLOUDFLARENET)
45	2606:4700:303... 2606:4700:3036::ac43:bd2f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
76	16

1 2606:4700:3035::6815:950 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

thedfirreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 2606:4700:3036::ac43:bd2f (United States)

ASN13335 (CLOUDFLARENET, US)

thedfirreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	thedfirreport.com 1 redirects thedfirreport.com — Cisco Umbrella Rank: 947076	4 MB
13	wp.com c0.wp.com — Cisco Umbrella Rank: 8666 stats.wp.com — Cisco Umbrella Rank: 2723 pixel.wp.com — Cisco Umbrella Rank: 2679	120 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	11 KB
3	google.com translate.google.com — Cisco Umbrella Rank: 1164 region1.analytics.google.com — Cisco Umbrella Rank: 2616 www.google.com — Cisco Umbrella Rank: 2	32 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6518	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79	397 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	149 KB
1	googleapis.com translate.googleapis.com — Cisco Umbrella Rank: 800	72 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 811	7 KB
76	10

	Domain	Requested by
46	thedfirreport.com	1 redirects thedfirreport.com static.cloudflareinsights.com
11	c0.wp.com	thedfirreport.com
3	www.gstatic.com	www.gstatic.com
2	www.google.de
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	thedfirreport.com www.googletagmanager.com
1	fonts.gstatic.com
1	pixel.wp.com
1	translate.googleapis.com
1	www.google.com
1	region1.analytics.google.com	www.googletagmanager.com
1	stats.wp.com	thedfirreport.com
1	translate.google.com	thedfirreport.com
1	static.cloudflareinsights.com	thedfirreport.com
76	15

This site contains links to these domains. Also see Links.

Domain
translate.google.com
wordpress.org

Subject Issuer	Validity	Valid
thedfirreport.com E1	`2024-01-18` - `2024-04-17`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://thedfirreport.com/
Frame ID: 6B8BAFF2F1AD8A37F9D308A327616061
Requests: 76 HTTP requests in this frame

Frame: data://truncated
Frame ID: 721B5785639A02D89DB807F849394B4D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The DFIR Report - Real Intrusions by Real Attackers, The Truth Behind the Intrusion

Page URL History Show full URLs

http://thedfirreport.com/ HTTP 301
https://thedfirreport.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

76
Requests

99 %
HTTPS

87 %
IPv6

10
Domains

15
Subdomains

16
IPs

3
Countries

4018 kB
Transfer

5137 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://translate.google.com/
Title: Google Übersetzer

Search URL Search Domain Scan URL

URL: https://wordpress.org/
Title: Proudly powered by WordPress

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://thedfirreport.com/ HTTP 301
https://thedfirreport.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

76 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
thedfirreport.com/
Redirect Chain

http://thedfirreport.com/
https://thedfirreport.com/

92 KB
15 KB

641ms
587ms

Document
text/html

2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thedfirreport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f2647df72613ebf6bc260de06e75b9417f61118a8f8df12727492d98c2385a7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84feaae9abca5d61-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 04 Feb 2024 00:06:26 GMT
link: <https://thedfirreport.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KutxIEdThDWdGfFfUomZjkSKs5pDby93tdkxV3pH9iuPgOoKRfiAmWKwtKD%2FFT4YqGALNmDSo2SPEZ4mIEgzgSoIRT3%2BrxfBn5Yx12Y%2Bt069P4B3JKseFTl3dGOLz3CtFR5jgBLk206JVPlEwAYE%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 84feaae8882c44e3-ATL
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Date: Sun, 04 Feb 2024 00:06:25 GMT
Location: https://thedfirreport.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a9q5AXUz%2Bjo4S8wZhB6i8tiBZndwMikzG8hx%2Bsi6RbWnL9voO5n0LU%2Fy8adS3mi45hP5Lgh2qnnt20bkFAWdc%2BnlkTNbSMSTulUWPl9GLC7XX1qtKtQS%2BwtHGuIxVckouMhOGRqX4pSvSxb48iNrrw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.min.css
c0.wp.com/c/6.4.3/wp-includes/css/dist/block-library/ 108 KB
15 KB 64ms
19ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.3/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: thedfirreport.com
URL: https://thedfirreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 04 Feb 2024 00:06:26 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Wed, 24 Jan 2024 19:02:28 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 03 Feb 2025 00:06:26 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
c0.wp.com/c/6.4.3/wp-includes/js/mediaelement/ 11 KB
3 KB 64ms
19ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.3/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

Requested by

Host: thedfirreport.com
URL: https://thedfirreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 04 Feb 2024 00:06:26 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 03 Feb 2025 00:06:26 GMT

GET
H2 200 wp-mediaelement.min.css
c0.wp.com/c/6.4.3/wp-includes/js/mediaelement/ 4 KB
1 KB 63ms
19ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.3/wp-includes/js/mediaelement/wp-mediaelement.min.css

Requested by

Host: thedfirreport.com
URL: https://thedfirreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 04 Feb 2024 00:06:26 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 03 Feb 2025 00:06:26 GMT

GET
H2 200 style.css
thedfirreport.com/wp-content/themes/freenews/ 60 KB
13 KB 32ms
31ms Stylesheet
text/css 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thedfirreport.com/wp-content/themes/freenews/style.css?ver=6.4.3
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78d3032d2b15d8f0037a7e1d63f38ee3212ad16e8b43972cb70b01c80f44691a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3248
cf-polished: origSize=82083
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 29 Oct 2023 16:37:52 GMT
server: cloudflare
etag: W/"140a3-608dd8af44084-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ob5nsDCaEzBawMRPdxQ%2BuyfFVQ%2BssBqV8SjyhS2d%2BCV%2FKo6Mb9xBL4l9PFkabYHg4Iq15tw2maZoVuGY0rq8m7vRqU%2F9%2FknIXu7fMstAQnW9c0%2F6WbRbRA69Le59nbgy1xM0gpouiCfheHz8oLmLzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 84feaaed6dba5d61-FRA

GET
H2 200 all.min.css
thedfirreport.com/wp-content/themes/freenews/assets/library/fontawesome/css/ 100 KB
23 KB 30ms
29ms Stylesheet
text/css 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thedfirreport.com/wp-content/themes/freenews/assets/library/fontawesome/css/all.min.css?ver=6.4.3
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 29 Oct 2023 16:37:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7143
etag: W/"18f49-608dd8af3f264-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dEWi%2B9Lp8I9Y1m0txy78%2Fv%2BLKo7VwMaFLlc8UUie1w83psMK%2Ffrkn%2BtUYSQ%2BLvZgKNw3sx2qE8k6veNdRS6ItQ8MlDUr7HH7Nk0pI1TaFQitzX%2BOFOCxCTlUUZaRsT103zLS3NTqCe3ZMXrJczosCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 84feaaed6dbb5d61-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 d92fef3d9e5de6f7993b11046e265436.css
thedfirreport.com/wp-content/fonts/ 4 KB
947 B 29ms
28ms Stylesheet
text/css 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thedfirreport.com/wp-content/fonts/d92fef3d9e5de6f7993b11046e265436.css
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b59d766ccd09e7b386bb88fb30e8b2fcb634d8bf11bdddfdc42779c4979b0796

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3248
cf-polished: origSize=4388
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 04 Dec 2022 16:17:57 GMT
server: cloudflare
etag: W/"1124-5ef02e9effbc6-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XVRzL%2B5lLOVsxqbSX7Cl5vIPPRfeicw%2B%2F8SMbh3oSz%2FC%2FES8mbLyJ94POtG7yO52OlIFbKM9JBRBeVoAg4VnGd4Y0V9rHb1G6BSLpR6J71PK0SbIkcxHV1fqKGwPxEz%2F3wPMn1NOU%2Bnivo5e%2B0QYSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 84feaaed6dbc5d61-FRA

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/13.0/css/ 99 KB
19 KB 63ms
19ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/13.0/css/jetpack.css

Requested by

Host: thedfirreport.com
URL: https://thedfirreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

274928f2bf62780b9b7e9d27705d30ed9647c4243ae6a0abf1fa53fc1b6c1989

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 04 Feb 2024 00:06:26 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Mon, 08 Jan 2024 20:42:15 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 03 Feb 2025 00:06:26 GMT

GET
H2 200 IMG_6538-765x500.jpg
thedfirreport.com/wp-content/uploads/2024/01/ 76 KB
76 KB 32ms
32ms Image
image/jpeg 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedfirreport.com/wp-content/uploads/2024/01/IMG_6538-765x500.jpg
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fcc62cfad32864a04e3f2bc349476b803879efbc9c3f581309a260710c8d727

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
cf-cache-status: HIT
last-modified: Sun, 28 Jan 2024 13:33:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7142
etag: "12fd3-6100194497c73"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HEAusVzNoopsKZ1XrHVAatpCrGSAUBg3jLQ3%2BSUIR3xrwL0F6R7qdTXkaiemuHgZNhSs6v7vbWozCznJLp3YiVjFyLRdxbp%2FclfJZs4uLyugeq2rJT8p0I2Q22LrDfu8keu9LEevvHuoO1ixaQ9mVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84feaaed6dbd5d61-FRA
alt-svc: h3=":443"; ma=86400
content-length: 77779

GET
H2 200 DALL-E-xmas-dfir-final-765x500.png
thedfirreport.com/wp-content/uploads/2023/12/ 625 KB
626 KB 51ms
51ms Image
image/png 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedfirreport.com/wp-content/uploads/2023/12/DALL-E-xmas-dfir-final-765x500.png
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e61e68d20b708b8495b97c4f0c823d53763357941f5f5102ae2393701147eb31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 00:37:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 289
etag: "9c55f-60cbdf6004454"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yrS1VD5y3djNhrbmkD4hFaLv%2B7bHW6XB3w0GlOlguD3u7Ln8RlBmJbZUgwerOjaHtqsxEkKrshBkLVUsB7443El9IAqdLYYhkd7jpl9PWcSkFK6%2F9qboex0ufIVGhdZL0JLJp2tYBjDC9Mt2H%2BjeAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84feaaed6dbe5d61-FRA
alt-svc: h3=":443"; ma=86400
content-length: 640351

GET
H3 200 P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcABrB.woff2
thedfirreport.com/wp-content/fonts/arimo/ 10 KB
10 KB 332ms
331ms Font
font/woff2 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thedfirreport.com/wp-content/fonts/arimo/P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcABrB.woff2
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/wp-content/fonts/d92fef3d9e5de6f7993b11046e265436.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2cd3e005de210fcbb5372b4267c5d3d067e0564f017dd5ccba202d040f820d7

Request headers

Referer: https://thedfirreport.com/wp-content/fonts/d92fef3d9e5de6f7993b11046e265436.css
Origin: https://thedfirreport.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 04 Dec 2022 16:17:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2720-5ef02e9ec7187"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5GaC9TTLETPaBlTU9xI%2BHlWirvgpQRjzkKyGNmyNJ5NZTTMqBLCkVvQNNSeXicyPH5G5imzAtBNhgsWce36v3cXmC50qGxa6pKQSKiDdVuylaUJ7FxPsDnAvijLs%2BaP2aYMbtzG87N1H4J7swOoDkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84feaaee0c6f025f-CDG
alt-svc: h3=":443"; ma=86400
content-length: 10016
priority: u=0,i=?0

GET
H3 200 NGS6v5_NC0k9P9H2TbE.woff2
thedfirreport.com/wp-content/fonts/heebo/ 26 KB
27 KB 298ms
298ms Font
font/woff2 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thedfirreport.com/wp-content/fonts/heebo/NGS6v5_NC0k9P9H2TbE.woff2
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/wp-content/fonts/d92fef3d9e5de6f7993b11046e265436.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b38977ea35fde92fe200fa14ac7cc55e2edce54b998ce9a08734ba1dd9053fed

Request headers

Referer: https://thedfirreport.com/wp-content/fonts/d92fef3d9e5de6f7993b11046e265436.css
Origin: https://thedfirreport.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 04 Dec 2022 16:17:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "69ec-5ef02e9efec26"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7jmFXRySykLkNbryhB7gsLO%2F9qUxf71FxPOH%2BTTgSzsKQwr3vZAplqLNsGFQNrGLscRrdSyBvCiG8cWcfgdjds8M8Q1l6qoqxZ5%2F9oFCoDNYuI3P6lKyubSAsaaCIXKN4mfT8CsP0xeZu9hdye1mHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84feaaee0c72025f-CDG
alt-svc: h3=":443"; ma=86400
content-length: 27116
priority: u=0,i=?0

GET
H3 200 fa-solid-900.woff2
thedfirreport.com/wp-content/themes/freenews/assets/library/fontawesome/webfonts/ 147 KB
147 KB 364ms
364ms Font
font/woff2 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thedfirreport.com/wp-content/themes/freenews/assets/library/fontawesome/webfonts/fa-solid-900.woff2
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/wp-content/themes/freenews/assets/library/fontawesome/css/all.min.css?ver=6.4.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9

Request headers

Referer: https://thedfirreport.com/wp-content/themes/freenews/assets/library/fontawesome/css/all.min.css?ver=6.4.3
Origin: https://thedfirreport.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 29 Oct 2023 16:37:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "24a04-608dd8af411a4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BYyvziehk24clQ1RDQvMHjXnpC34p4U71E08fHwrrVIXxiykCacX%2FWqjbI7ODx6G2R11o7KbEnQlJ3qJo1X6F1W7dX732jfRQbBFYwV13ZlSLorB0lnqziYcBi2EQU89zNJheKNjedYWpV%2Be0Go7wg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84feaaee0c74025f-CDG
alt-svc: h3=":443"; ma=86400
content-length: 150020
priority: u=0,i=?0

GET
H3 200 19208-006-765x500.png
thedfirreport.com/wp-content/uploads/2023/12/ 89 KB
89 KB 419ms
418ms Image
image/png 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedfirreport.com/wp-content/uploads/2023/12/19208-006-765x500.png
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 352523d949e1e7a02f2db68671149309f95dcd0974e587ea950e984cc4d70988

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 02 Dec 2023 15:36:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1633d-60b88a5c9e063"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VqfK1OCd5Vpvz%2FnXnTVVBRbAVOu0FBE9N2mzTsMY4MmitXEL6ubUrlhqRRbEyH%2FYI5nTlw6g7u6Pel84XOGNZLRQroOm%2FCRiyZ5u%2FfkPLKiGE1WF4Ch5JPr3chSftB%2FAsvE9G9NBgrys%2Fx265sRunA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84feaaee1c90025f-CDG
alt-svc: h3=":443"; ma=86400
content-length: 90941
priority: u=3,i

GET
H3 200 rocket-loader.min.js Show response
thedfirreport.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 36ms
36ms Script
application/javascript 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thedfirreport.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: thedfirreport.com
URL: https://thedfirreport.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 30 Jan 2024 18:47:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65b94449-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ip%2Bom8mJe5Am4QSWdfQhm%2FmHAlHXKZhtbqmsh02HdGQv2zU1v2gmyPNm%2BIGGSOZQh1NvT7g%2FPmrra0NR7oZszigIqzQ3o9Lf%2FQjM7RYK3qdFjYFUWarnsr4T2EgCwvTovMmmYNnC%2FzpR%2Fpuxx2VgGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 84feaaee2c9d025f-CDG
expires: Tue, 06 Feb 2024 00:06:26 GMT

GET
H3 200 19348-006-765x500.png
thedfirreport.com/wp-content/uploads/2023/10/ 195 KB
196 KB 403ms
403ms Image
image/png 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedfirreport.com/wp-content/uploads/2023/10/19348-006-765x500.png
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82a98807da498eaf38ad2b8d6b65e9bc485e6a4da8c57fae93fa718d644347a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 29 Oct 2023 17:18:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "30c6c-608de1c422153"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nsIqYlHdnDeuh5%2B%2B%2BTcAKdCoUwcbAc5cR14UcEAFMFm4Y8vy3MnVvrAdq8ygo2xQCNo021IiWppsVTchtHbvb76kZy2IFPKIoY9bG9sZVvHrF3TIr9oinfc3lMf7GdxWfdh3sJ46tWTV7Zgwe0Bq6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84feaaee3ca7025f-CDG
alt-svc: h3=":443"; ma=86400
content-length: 199788
priority: u=3,i

GET
H3 200 18364-057.png
thedfirreport.com/wp-content/uploads/2023/09/ 216 KB
217 KB 403ms
402ms Image
image/png 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedfirreport.com/wp-content/uploads/2023/09/18364-057.png
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44a8375ebb9a902dec3809c4ec91c619e3077d76dad1e5167e81c24adc954fa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 23 Sep 2023 14:40:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "35ff8-60607b3ced272"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=obFGrDzzrK%2FhSWApvR5acPGXBN4P1i%2FUuO712QqF7J1ZOYid66yPGMX0f2IfbwqQdNlp4cx2xjGT5KjJMgDfJY5jI5QgV%2FMpB60%2B9t7UuEp%2BCLkbVreXBpN6V7HUT%2B5gSQRYA%2BC4WIS19MICFyqoog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84feaaee3ca9025f-CDG
alt-svc: h3=":443"; ma=86400
content-length: 221176
priority: u=3,i

GET
H3 200 18543-001-765x500.png
thedfirreport.com/wp-content/uploads/2023/08/ 244 KB
245 KB 404ms
402ms Image
image/png 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedfirreport.com/wp-content/uploads/2023/08/18543-001-765x500.png
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d38218f0dc3dcb8bf6bd6aac7e3881435877fc96c06b43e2d6558bb524fef8cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 22 Aug 2023 19:37:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3d154-603881ebc964d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o0%2F9tjzRk09NkN6oE5XCd2OW3%2FJeCCwRQaWJMpAb1LvofkAaAdb9R2%2FRkxCAAlN2vsjTTpqELMg%2FKifSz3LIWF%2Fx2DWoKma5Q1y%2BQtpiGq%2Bsvu%2FX0DsezZ8quSbXVsq9S5CTkCMkej3xu09m7tWIqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84feaaee3caa025f-CDG
alt-svc: h3=":443"; ma=86400
content-length: 250196
priority: u=3,i

GET
H3 200 21619-003-765x500.png
thedfirreport.com/wp-content/uploads/2023/06/ 199 KB
200 KB 404ms
403ms Image
image/png 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedfirreport.com/wp-content/uploads/2023/06/21619-003-765x500.png
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62fbbb2f4e4f5546b5257a30e0b6c7bf902918b92e8e1f136f51f4707c5e8002

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 08 Jun 2023 14:26:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "31d17-5fd9f084a7135"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=As1TEoYkwM2Ww2yHD8D3FUKhkAxp95gXaoGdMtZxhRBGQUluCKZsBlsC0AuE%2BMXBfHQqoUkft%2FPSoLDsjlVPk%2FvuzHbVMub2D%2Ff5vQLHi7MkOr3NukodBazPIaFk8SE%2Bea8QnzdoyvwEda7Somub8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84feaaee3cab025f-CDG
alt-svc: h3=":443"; ma=86400
content-length: 204055
priority: u=3,i

GET
H3 200 18190-002-765x500.png
thedfirreport.com/wp-content/uploads/2023/05/ 208 KB
208 KB 405ms
403ms Image
image/png 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedfirreport.com/wp-content/uploads/2023/05/18190-002-765x500.png
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7953f3c8cc3712f2dc802a29f9d902704137bfd374b87af8e9e2e4521268a310

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 21 May 2023 14:13:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "33e09-5fc34c2fc6fca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6df7lI4mKd4ZnYEUCjH7WRxfjNj0DzFvZxFVkd03WDkohttft094Iq83iRuWYdZPfZZ7oYYwRMquex3ll5AvHRSiDHVxBZBHwTuwt%2FmqFhnO0qHp6oRk8oBNoNiU21mE8OwD47IZ4e%2FgT%2BAOWMS8SA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84feaaee3cac025f-CDG
alt-svc: h3=":443"; ma=86400
content-length: 212489
priority: u=3,i

GET
H3 200 18041-001-765x500.png
thedfirreport.com/wp-content/uploads/2023/04/ 218 KB
219 KB 405ms
404ms Image
image/png 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedfirreport.com/wp-content/uploads/2023/04/18041-001-765x500.png
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c78824ca1aa2fc659ab499dfd7d2853409a423382fd632a04b879e9753d39b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 02 Apr 2023 19:36:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3685a-5f85f8f67b320"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Puh7qNVUL6h0U32CB1Zif75xwgKwMtWv2jUQcBg87NXXJVW0CorWEfrj9y1ThzxfPtQRUqFrMA72yHJ8SuqLX9LoLvSCHzEBcLPC0ol5v8%2FVpytBYwe8JKEwxcZtEd1Oo6RiwR%2BEeEnuFBTZdxlHuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84feaaee3cad025f-CDG
alt-svc: h3=":443"; ma=86400
content-length: 223322
priority: u=3,i

GET
H3 200 2022-54-765x500.png
thedfirreport.com/wp-content/uploads/2023/03/ 131 KB
132 KB 406ms
404ms Image
image/png 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedfirreport.com/wp-content/uploads/2023/03/2022-54-765x500.png
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4baf1ee37da6af27b5ca35f0b9dc84c8b78e60ed2f2b48ccc3d67c6c031dcf2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 06 Mar 2023 01:49:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "20c60-5f631833b1658"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ySGbEzRYZ4YVh1tGW24Cy4l9c4EYCzv5LAUtl7%2FcTq2fSF1Qy4SUE0lc4fG6gIsx6LYKPrAk%2FAbJ0BCcGJjumUgka2%2BlJnzJWwu5cDj8QaqVy%2BGs4pNkqwZufZ7gmAomvcEhDO1BEU6lPBOHVx2KIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84feaaee3cb0025f-CDG
alt-svc: h3=":443"; ma=86400
content-length: 134240
priority: u=3,i

GET
H3 200 17333-003-765x500.png
thedfirreport.com/wp-content/uploads/2023/02/ 257 KB
258 KB 406ms
405ms Image
image/png 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedfirreport.com/wp-content/uploads/2023/02/17333-003-765x500.png
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed3942ba83558bdea90545ba97b487bed40f02534021b684040e28bc8d46446e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 05 Feb 2023 20:53:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "403cf-5f3fa1c081222"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O4DfKRWeF2XhuNAczjx9M2YAvknIFL02ifsFiZNwFNr5wBZCiSBGHY2zmbRJih55PTiAZEUx9B%2FdJiXqFZcwPkPyRd8%2BOPloA%2FZbefRD88VLI%2BgRzwVdRHfGfbw3x%2FlU8C8LgCkT2%2B66Pv9UpEU31A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84feaaee3cb1025f-CDG
alt-svc: h3=":443"; ma=86400
content-length: 263119
priority: u=3,i

GET
H3 200 ShareFinder-640x500.png
thedfirreport.com/wp-content/uploads/2023/01/ 45 KB
45 KB 407ms
406ms Image
image/png 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedfirreport.com/wp-content/uploads/2023/01/ShareFinder-640x500.png
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23277f389eac391c6547882c006eb19c0e4ebb787ecadd79adbc12425fe078e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 23 Jan 2023 00:55:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "b3e2-5f2e3d9eaea01"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A41wc1S1%2Ffr4EH3AXFqhmvxGxwss7KWNbb14Xch9JGz3AjZeavAE6sOJLn3nCcWeCEtyNNVZzXtJUpxGyZFCTh3YKqxERRrqlwVN32k8UNkYSzGujhx2gVGcYzHSuRKt883aIrwz8iNejms70G82hA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84feaaee3cb2025f-CDG
alt-svc: h3=":443"; ma=86400
content-length: 46050
priority: u=3,i

GET
H3 200 ursnif_3-765x500.jpg
thedfirreport.com/wp-content/uploads/2023/01/ 38 KB
39 KB 407ms
406ms Image
image/jpeg 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedfirreport.com/wp-content/uploads/2023/01/ursnif_3-765x500.jpg
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c4297bfc1fa951be8bceae696e7c1f45b5e553efb1f82af3bdddfb4a67e77c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 08 Jan 2023 19:07:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "98f0-5f1c55e69dba8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wp8DgTLEdczDwjBAtJodIBEENTD6eoMPV9y98O0v22rOEJ%2Bw%2B3DOBgrbPGZ9Eq8tqmVUMV9LKg0nZAiz2%2BKttLJa6iJzDvhadbW%2B6vq6cGczsaisKd18WO4%2FbZqXX9gBCf%2BUVrNros%2FSbN6%2FLOCtNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84feaaee3cb3025f-CDG
alt-svc: h3=":443"; ma=86400
content-length: 39152
priority: u=3,i

GET
H3 200 15184-001-723x500.png
thedfirreport.com/wp-content/uploads/2022/11/ 40 KB
40 KB 408ms
407ms Image
image/png 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedfirreport.com/wp-content/uploads/2022/11/15184-001-723x500.png
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b967a344b9ea6849efcb4517b0b24981a040b145ebf2173b263b42f2aa5782a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 27 Nov 2022 16:37:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "9fb1-5ee765dfd8280"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nit%2FjnG5IGCHBoX80dBfS%2FIkaVolyCZmyq%2FPXm%2FZ3JNZJrw%2BK%2FvVt4eNKXuBQOS215vGPEmo21Cn%2F9bTmnF9xObf%2BCW9ZkjxXP%2BoJ0y6gxepA15LjTIrKVKxhGK15%2Bu7qBeXW9M8LsnbNtgA796Xvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84feaaee3cb4025f-CDG
alt-svc: h3=":443"; ma=86400
content-length: 40881
priority: u=3,i

GET
H3 200 13842-003-765x500.png
thedfirreport.com/wp-content/uploads/2022/11/ 108 KB
108 KB 408ms
407ms Image
image/png 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedfirreport.com/wp-content/uploads/2022/11/13842-003-765x500.png
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71af6deefd260ee28eab31a59d4d190a0f12436dd046b79b37b9ddbc28fdbccc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 13 Nov 2022 16:09:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1aeff-5ed5c58320300"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OwMQ2NitL%2FrPevxYs7%2FBMQzjWEAlS%2BT1XwFxFAy5QFRs0jsqkSdK8h3nQJcQIWo%2FCFvzPr0l1PRf3yM0DlLq%2BwbDe9lrx5pFbAYz642AKlgGHI9k8MPstqrZqJerFD312pnj5hHmNUhzVisms6kbhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84feaaee3cb5025f-CDG
alt-svc: h3=":443"; ma=86400
content-length: 110335
priority: u=3,i

GET
H3 200 14894-002-765x500.png
thedfirreport.com/wp-content/uploads/2022/10/ 208 KB
209 KB 409ms
408ms Image
image/png 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedfirreport.com/wp-content/uploads/2022/10/14894-002-765x500.png
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05739c089fe7e751c83cea9f00bce9aa67bc2b156f9b86c8fb73bde08c2b3a09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 25 Oct 2022 01:46:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3402e-5ebd212957ec0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y7uj%2BLcKBk5Ldd58Sc7o3r0qMTBBobHZthSjzHIWtb7sApF3Efbx8TQEKhZs2Ee4hjtUt3dJstQCMrWe7f6hqALDF3GUjZiYamwU147HIFZ%2F5OMQ4fbhnbKAvFRjCeiEfc1cxTxThAzmRXVQBGRQOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84feaaee3cb7025f-CDG
alt-svc: h3=":443"; ma=86400
content-length: 213038
priority: u=3,i

GET
H3 200 Bumblebee-Execution-v1-765x500.png
thedfirreport.com/wp-content/uploads/2022/09/ 239 KB
239 KB 409ms
408ms Image
image/png 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedfirreport.com/wp-content/uploads/2022/09/Bumblebee-Execution-v1-765x500.png
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fa05d1f0d72a65ba2981de1427f305f27ac98ebaa5f79ed4771db7b46e53d19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 25 Sep 2022 23:30:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3bba3-5e988cb77bf80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e6HVGSNyUqqxJTm5RqKrlX8nEOk5oZPLgf2reE6x43z0WZv%2F%2FuQSHcyGhuw3gDONNxfZghFPoAsskSEEXMUxJS%2FWwwldy1TvbbzFt5XJzWj7%2FHKCFP5SkrpUJdmmqet4iPyRo6LVkjAoHcbIzni80A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84feaaee3cb9025f-CDG
alt-svc: h3=":443"; ma=86400
content-length: 244643
priority: u=3,i

GET
H3 200 14335-001-765x500.png
thedfirreport.com/wp-content/uploads/2022/09/ 119 KB
120 KB 410ms
409ms Image
image/png 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedfirreport.com/wp-content/uploads/2022/09/14335-001-765x500.png
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41bc8be6b51f6bdf9a48584d346dfb13f39f36a9c9b6b586d5727afb2ddc2666

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 10 Sep 2022 20:01:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1dc42-5e8582231ac00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Jj4TKBJ3pVTrUAFyYzNxClBRT%2BGb5OCEI5D13s2BnPVU9LQFVqb5faFJ65gmGPeMJMpG1edVWOU7jtRfuzqa5RKnScg%2B5llRZj2q3IR4IZx%2Fb%2FpZHGeavtLZEvfZF6W3NzxG8iQkz%2F2aGymcZO%2Fog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84feaaee3cba025f-CDG
alt-svc: h3=":443"; ma=86400
content-length: 121922
priority: u=3,i

GET
H3 200 monitor5-s.png
thedfirreport.com/wp-content/uploads/2023/09/ 12 KB
13 KB 410ms
409ms Image
image/png 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedfirreport.com/wp-content/uploads/2023/09/monitor5-s.png
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae29216f58cbe66f5cb9665e54a082b21c63666ea719e80d4c9873fb64aa91d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 17 Sep 2023 14:11:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3072-6058e99bc3d81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eHpQ1laRUL8cqOiDd7dh42o2z2pFv1IhpfUeUuZQ4Y52rBEUu5wL2bpmFkIHDN7QT9JoxrmcLsgUK%2FdLfVos2cjlOQ83%2FDv1ZAIQJG72qYJubIl7OsPuNwBIwVHSLsGnb3mgK1ViI%2F7ugTh7A3uyEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84feaaee3cbb025f-CDG
alt-svc: h3=":443"; ma=86400
content-length: 12402
priority: u=3,i

GET
H3 200 cloud4-s.png
thedfirreport.com/wp-content/uploads/2023/09/ 16 KB
16 KB 410ms
410ms Image
image/png 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedfirreport.com/wp-content/uploads/2023/09/cloud4-s.png
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd9deeeda732605e55b86620fb2826df09c308ada3108333ec104a75afa52650

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 17 Sep 2023 14:14:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3f5a-6058ea57e5c4f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AR5z0DPxp6u2jeBZzrzZ4gSyZtI5YjNzPHHFzxOAInqLhq5lO4aLaenQzBrX2NK1j7R5lzkLtGkv8QquuQ8MLH2e1AQSg6TpRcZqQTbb85kHCuoAsgtsNMQ3oObCjF7h8KG%2FVahl%2BDJMqkWfFaDd5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84feaaee3cbd025f-CDG
alt-svc: h3=":443"; ma=86400
content-length: 16218
priority: u=3,i

GET
H3 200 warning4-s.png
thedfirreport.com/wp-content/uploads/2023/09/ 11 KB
11 KB 411ms
410ms Image
image/png 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedfirreport.com/wp-content/uploads/2023/09/warning4-s.png
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d39834086b6021b46bd051ac46cc41227eb396e21546edc7639ea582a0927bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 17 Sep 2023 14:15:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2c09-6058ea908baa7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e7QdfKCYQdniYcKNV%2FFYw8TPOpJA0WsZP2WZW8ElvwbwMELC8%2Ft4UiUYy5mvJUfh7X7DU5V%2FcZ4n2RX2j1%2BxdlM5slBIPfT2cNOHSV8eYgTJpdk7C5knOYSWCxvyFDfHa6riRF0%2F0QI7ZAu%2FMlMjwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84feaaee3cbe025f-CDG
alt-svc: h3=":443"; ma=86400
content-length: 11273
priority: u=3,i

GET
H3 200 artifact4-s.png
thedfirreport.com/wp-content/uploads/2023/09/ 8 KB
9 KB 411ms
411ms Image
image/png 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedfirreport.com/wp-content/uploads/2023/09/artifact4-s.png
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c426b919582109bc92f11696dc77bf1253039f3a877cf3226520d70e85a34c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 17 Sep 2023 15:00:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "20a3-6058f4aaaead4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tQv310OdgsXk23We4cGtlOqY6UaWNvXghJ%2B29g0TtIDZP212h3i3H9DTw42FlIGqdZF2OlE5fM9Cs4B9PGb1xhZtNKQn2P3PLGUcxpeITE86Pg8E8VQin86LTdBTbOV1FfEx%2Fy%2FrZdmKSNUi47Y33A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84feaaee3cbf025f-CDG
alt-svc: h3=":443"; ma=86400
content-length: 8355
priority: u=3,i

GET
H3 200 help4-s.png
thedfirreport.com/wp-content/uploads/2023/09/ 14 KB
14 KB 412ms
411ms Image
image/png 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedfirreport.com/wp-content/uploads/2023/09/help4-s.png
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ce4fcff403a4a73c39694880c0f7a1773d2d5abc2f99fbcb91444094b311a0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 17 Sep 2023 14:14:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3736-6058ea38bc42e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m2FUJMxcPnWJ6Tvm7rzzm7HiLSc6ze09EzidOxSIRyuPiTiplio4TbJ4jtHPo0NjSoxF%2BqMAHm8xJiPaoHskC4hTZJ9xSh8oBNDCeE1KEAknFKnOT%2Bl471UL14E%2F%2Fd35tYIur3i7%2B%2BScSKFKz0lGIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84feaaee3cc0025f-CDG
alt-svc: h3=":443"; ma=86400
content-length: 14134
priority: u=3,i

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 103ms
53ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://thedfirreport.com/
Origin: https://thedfirreport.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 84feaaee8ee94d2b-FRA

GET
H3 200 view.js Show response
thedfirreport.com/wp-content/plugins/jetpack/_inc/blocks/subscriptions/ 4 KB
2 KB 367ms
367ms Script
text/javascript 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thedfirreport.com/wp-content/plugins/jetpack/_inc/blocks/subscriptions/view.js?minify=false&ver=13.0
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f11243b14b5926ad4d6d3c0e946d4ac89bfb32ce6102bf7e22036520dfa73dc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 12 Jan 2024 18:26:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"f7a-60ec3cd7d7e1d-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qXbtPi7uusQVp5jEDc1BadRe3Acl%2BIDtevYTy%2BNF4cFbPnskElvH5K96SOCg2hqyPeqljglbPXgJidkAUTt48KnA5LlyOB%2F6iTlrtTdWgC%2B6l9I%2BFeEP42MFkkTivm8umIbY4N7iHdYlh150hLZOOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 84feaaee6cdc025f-CDG
alt-svc: h3=":443"; ma=86400
priority: u=1,i=?0

GET
H2 200 dom-ready.min.js Show response
c0.wp.com/c/6.4.3/wp-includes/js/dist/ 498 B
839 B 21ms
18ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.3/wp-includes/js/dist/dom-ready.min.js

Requested by

Host: thedfirreport.com
URL: https://thedfirreport.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 04 Feb 2024 00:06:26 GMT
strict-transport-security: max-age=15552000
last-modified: Thu, 21 Sep 2023 13:26:32 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
content-length: 498
expires: Mon, 03 Feb 2025 00:06:26 GMT

GET
H2 200 wp-polyfill.min.js Show response
c0.wp.com/c/6.4.3/wp-includes/js/dist/vendor/ 112 KB
36 KB 21ms
19ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.3/wp-includes/js/dist/vendor/wp-polyfill.min.js

Requested by

Host: thedfirreport.com
URL: https://thedfirreport.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 04 Feb 2024 00:06:26 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 26 Sep 2023 14:23:26 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 03 Feb 2025 00:06:26 GMT

GET
H2 200 regenerator-runtime.min.js Show response
c0.wp.com/c/6.4.3/wp-includes/js/dist/vendor/ 6 KB
3 KB 21ms
19ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.3/wp-includes/js/dist/vendor/regenerator-runtime.min.js

Requested by

Host: thedfirreport.com
URL: https://thedfirreport.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 04 Feb 2024 00:06:26 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 19 Sep 2023 19:30:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 03 Feb 2025 00:06:26 GMT

GET
H2 200 wp-polyfill-inert.min.js Show response
c0.wp.com/c/6.4.3/wp-includes/js/dist/vendor/ 8 KB
3 KB 31ms
29ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.3/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js

Requested by

Host: thedfirreport.com
URL: https://thedfirreport.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 04 Feb 2024 00:06:26 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Wed, 18 Jan 2023 11:16:33 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 03 Feb 2025 00:06:26 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 88 KB
31 KB 90ms
40ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit&ver=13.0

Requested by

Host: thedfirreport.com
URL: https://thedfirreport.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

54cac4a0c46454a00b9e386b4d7960bcbe25e2c6d5c5d0459c3c4f48102653ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 00:06:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google-translate.min.js Show response
c0.wp.com/p/jetpack/13.0/_inc/build/widgets/google-translate/ 796 B
776 B 31ms
29ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/13.0/_inc/build/widgets/google-translate/google-translate.min.js

Requested by

Host: thedfirreport.com
URL: https://thedfirreport.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

23a3fe27a84c2a2efe9b4099b5f05546b6b83418ddb0560548004323ac02e4ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 04 Feb 2024 00:06:26 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 14 Nov 2023 17:55:07 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 03 Feb 2025 00:06:26 GMT

GET
H2 200 e-202405.js Show response
stats.wp.com/ 7 KB
3 KB 67ms
20ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202405.js
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT hhn
date: Sun, 04 Feb 2024 00:06:26 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/14377-1704402358485.9985
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Mon, 27 Jan 2025 14:01:09 GMT

GET
H3 200 marquee-settings.js Show response
thedfirreport.com/wp-content/themes/freenews/assets/library/marquee/ 455 B
755 B 2167ms
2166ms Script
text/javascript 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thedfirreport.com/wp-content/themes/freenews/assets/library/marquee/marquee-settings.js?ver=6.4.3
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d079e6757ff169b8252a45af5d1773b053f1b35ae7c0f3ae6a7f6a891acc28c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:28 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sun, 29 Oct 2023 16:37:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1c7-608dd8af411a4-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BUKiyfYmcTt60bSLQhiZ5xKTbV1%2BNDU236RviwVTjNXDRY5R46Uwq2QDqNT84Ohsb68b4xinTIO6ZSOZN%2FUx6jLuMPJE%2Bzt39WIzdXgQzTyTAuSBg%2Fu8w1%2FSpIcESD5mRzgh6YYDyEisydsj3HmkAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 84feaaee6ce2025f-CDG
alt-svc: h3=":443"; ma=86400
priority: u=1,i=?0

GET
H3 200 jquery.marquee.min.js Show response
thedfirreport.com/wp-content/themes/freenews/assets/library/marquee/ 9 KB
3 KB 367ms
366ms Script
text/javascript 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thedfirreport.com/wp-content/themes/freenews/assets/library/marquee/jquery.marquee.min.js?ver=6.4.3
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1d759e86165ec9e5f9f5c9775acfe83f2c00833aa1c3522fbede166c38a2205

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sun, 29 Oct 2023 16:37:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"235d-608dd8af411a4-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zxt3I%2FWpHthVJDwwT3SKjUQf362TfbC9VUquMPU%2F6ytioyrczUIh2JXMcgAXjsYVnEbkdcPXGoMcg%2FuuicpdJdelVaaYTpVwuUuJbkihfSBgUbNJJO5e8y%2Bb4QHeJj%2BRBWmHsXqNCqHpwipuyc5fNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 84feaaee6ce3025f-CDG
alt-svc: h3=":443"; ma=86400
priority: u=1,i=?0

GET
H3 200 sticky-setting.js Show response
thedfirreport.com/wp-content/themes/freenews/assets/library/sticky/ 612 B
726 B 368ms
366ms Script
text/javascript 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thedfirreport.com/wp-content/themes/freenews/assets/library/sticky/sticky-setting.js?ver=6.4.3
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dc2e74a6570cbeba61f6b688d6300ce9a1a9cd66bc9d77f49c0f704928091df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sun, 29 Oct 2023 16:37:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"264-608dd8af411a4-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hK6tx50zMgNUeIv85RHlg8960ZiRxUTmcvFLplzjJmEE3El%2FspO1sScxAJuzHzquE11ze4vghKVoI4YBaFSpWg1EknmpfGUhGIY%2B4GSOf0VASR4BjRAdIB4ZLd1LA%2B0j2vI%2Fu0hbZfIz32QeoQhRFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 84feaaee6ce4025f-CDG
alt-svc: h3=":443"; ma=86400
priority: u=1,i=?0

GET
H3 200 jquery.sticky.js Show response
thedfirreport.com/wp-content/themes/freenews/assets/library/sticky/ 9 KB
3 KB 1050ms
1049ms Script
text/javascript 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thedfirreport.com/wp-content/themes/freenews/assets/library/sticky/jquery.sticky.js?ver=6.4.3
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa6c46550cf58d88334c44050cb9db5a0f693e4f8212a977cd9fdefface9905d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:27 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sun, 29 Oct 2023 16:37:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2577-608dd8af411a4-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8So6Vw%2FqQK3HZv5z4YaT%2FvGT7u5KxHRzO26ukXAzH2CdKhpfh9Q8dPPqUzcxXIboAMJhYL%2FjqiDv%2Bq9%2BEWdo6Q4miyRNATo2IJRUnPjc8LaRntjRGaqU2FzZMTyCBQjwwAun0wM2Zv7USgLSbiYukg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 84feaaee6ce5025f-CDG
alt-svc: h3=":443"; ma=86400
priority: u=1,i=?0

GET
H3 200 slick-settings.js Show response
thedfirreport.com/wp-content/themes/freenews/assets/library/slick/ 2 KB
1 KB 368ms
367ms Script
text/javascript 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thedfirreport.com/wp-content/themes/freenews/assets/library/slick/slick-settings.js?ver=6.4.3
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cba34e474754a973830d7e0c186f151ed6ae190abdcf99efe0561db3b554feb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sun, 29 Oct 2023 16:37:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"7f3-608dd8af411a4-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IsF8RRHv9g767I08nE2MaXbeRB63qyW4MXELHUlwhvb3XcFdtCd%2BQgWuXVhX5fXbjU7N6v2yq77cwy8SgZETdcVu9phBt50EiXVqHP0SPg1Ise63yiSOU5NmvFGFSKXwgdwr4mRCz8Ini2ol%2BUb51Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 84feaaee6ce6025f-CDG
alt-svc: h3=":443"; ma=86400
priority: u=1,i=?0

GET
H3 200 slick.min.js Show response
thedfirreport.com/wp-content/themes/freenews/assets/library/slick/ 43 KB
12 KB 383ms
382ms Script
text/javascript 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thedfirreport.com/wp-content/themes/freenews/assets/library/slick/slick.min.js?ver=6.4.3
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sun, 29 Oct 2023 16:37:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"ab69-608dd8af411a4-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1zb7mx6n9Lt%2Bqyzy4jffKgyQnx9PdEdJWd2yog%2Bqvtv3CELtDJdHwmfQbfaZon8cEI9DPvP3vhFrzky2ch5mt579nmTm8zggTl657eAJv%2FwWnmM1%2Bw3jvuRir168Hy3iR762WFmySiG2KBYW0d71Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 84feaaee6ce7025f-CDG
alt-svc: h3=":443"; ma=86400
priority: u=1,i=?0

GET
H3 200 theia-sticky-sidebar.min.js Show response
thedfirreport.com/wp-content/themes/freenews/assets/library/sticky-sidebar/ 5 KB
2 KB 368ms
367ms Script
text/javascript 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thedfirreport.com/wp-content/themes/freenews/assets/library/sticky-sidebar/theia-sticky-sidebar.min.js?ver=6.4.3
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d88b2f05bcd6de59fcdc958ab1c6f63d0225f275d24ce003381c09deb3a4bf1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sun, 29 Oct 2023 16:37:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1535-608dd8af411a4-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1gBu8VLBKF3u1Tq2CXABOqtL0GC6EaaGqx1Pfzlx3kAr4eU9yMaZ3iFE%2FunYNYeTQCV7jBTT7LFEGA3Z117PnOoubhfcjTU%2F5pZIzPvPvZjDQk62ZYGMTue%2BYzZ%2FInmd3TknzkGdM5GMhDxgjE4Ecw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 84feaaee6ce8025f-CDG
alt-svc: h3=":443"; ma=86400
priority: u=1,i=?0

GET
H3 200 ResizeSensor.min.js Show response
thedfirreport.com/wp-content/themes/freenews/assets/library/sticky-sidebar/ 2 KB
1 KB 1173ms
1172ms Script
text/javascript 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thedfirreport.com/wp-content/themes/freenews/assets/library/sticky-sidebar/ResizeSensor.min.js?ver=6.4.3
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f8078d5fa79042c80aff9ac50f962fca0a2461febc620b567e38fff39ddc182

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:27 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sun, 29 Oct 2023 16:37:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"8ec-608dd8af411a4-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vBjD6qCM2qAVsxHr7k%2BsV0MwiM%2BZOfXE6l%2B92BVKPMFnox%2FwTBq599ByMx5RYZPmS9FNXRN4yPYGbRL3h%2FHAYFLVPZveIZRoCpEQxEZXM67V33kA2wovJvGSRyokiY5SjmWo6XDahl4bxwBapq9B8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 84feaaee6ce9025f-CDG
alt-svc: h3=":443"; ma=86400
priority: u=1,i=?0

GET
H3 200 skip-link-focus-fix.js Show response
thedfirreport.com/wp-content/themes/freenews/assets/js/ 426 B
763 B 42ms
41ms Script
text/javascript 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thedfirreport.com/wp-content/themes/freenews/assets/js/skip-link-focus-fix.js?ver=6.4.3
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 405a5e4943b97243440d632a958bb6e79f1d1929666745000a22ebaa5fa2d819

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4296
cf-polished: origSize=684
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 29 Oct 2023 16:37:52 GMT
server: cloudflare
etag: W/"2ac-608dd8af3f264-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cFJIygqpqyoHyO3%2Fhy8LQZCkSKoc68o%2FyD3K7MiGHhcYuS9E6jEgRf4bTj6otQ8nuo6lkosvjelonK6Xpxv9mpxOGlkNhKSl3Z7deAPWaPQ264B6cAbajRx60EbXvr9qsi8aeVVzYkCUUMZ6DWdQIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 84feaaee6cea025f-CDG
priority: u=1,i=?0

GET
H3 200 navigation.min.js Show response
thedfirreport.com/wp-content/themes/freenews/assets/js/ 2 KB
1 KB 369ms
368ms Script
text/javascript 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thedfirreport.com/wp-content/themes/freenews/assets/js/navigation.min.js?ver=6.4.3
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a24f65c00a46166e180a3501c19b60562e56362308ea9363130620772de741a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sun, 29 Oct 2023 16:37:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"714-608dd8af3f264-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2FuhT4L%2B7FbxJPjhLp6Nz%2B0vYEo%2FIhYZqRxAinxJAQhTzy0q06zf4MCWvHD%2B9tfp6Jbge9JTzVk4shZIBE%2F76J3KahIx1CcNtSUg76X0eHT3SmzAcc2y2bvo3p9Jj5OY%2Bgx9Pi%2BpF5k3F7XQCIaU0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 84feaaee6ceb025f-CDG
alt-svc: h3=":443"; ma=86400
priority: u=1,i=?0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
69 KB 80ms
32ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-162747485-1

Requested by

Host: thedfirreport.com
URL: https://thedfirreport.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6ad8f1c359509a98fd3833846223a95c575d81ee7c63b40cc4b8db1dc1309933

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 69815
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 04 Feb 2024 00:06:26 GMT

GET
H3 200 global.js Show response
thedfirreport.com/wp-content/themes/freenews/assets/js/ 2 KB
1 KB 678ms
678ms Script
text/javascript 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thedfirreport.com/wp-content/themes/freenews/assets/js/global.js?ver=1
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5104dc06faffc326c8f8a5da2f0cf85c5cf35064eae62871acc3cabf8f35c78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:26 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sun, 29 Oct 2023 16:37:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"950-608dd8af3f264-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SF6vlhwSi%2FLCNWn3LuFcZdyg3eowZk%2FCCXTU6neI4IYGkdniXfuxhy%2Fq48vjuqV%2F1DgaR2aAC25%2BOZrs%2F5Hk4qQZms4KITzy9ILj6%2F0VJvcTrjGqY%2BjHjfmSFO62WgNoIK9iPExlkU9s4I21OXrAKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 84feaaee6cec025f-CDG
alt-svc: h3=":443"; ma=86400
priority: u=1,i=?0

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/6.4.3/wp-includes/js/jquery/ 13 KB
5 KB 30ms
29ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.3/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: thedfirreport.com
URL: https://thedfirreport.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 04 Feb 2024 00:06:26 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 03 Feb 2025 00:06:26 GMT

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/6.4.3/wp-includes/js/jquery/ 86 KB
31 KB 30ms
29ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.3/wp-includes/js/jquery/jquery.min.js

Requested by

Host: thedfirreport.com
URL: https://thedfirreport.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 04 Feb 2024 00:06:26 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 03 Feb 2025 00:06:26 GMT

GET
BLOB 200
OK ea74fb72-7924-41d3-a3f1-3ba695d771b7
https://thedfirreport.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://thedfirreport.com/ea74fb72-7924-41d3-a3f1-3ba695d771b7
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
80 KB 38ms
30ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N6F85L400D&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162747485-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7bef506d7edc8843eb107a3405e3aaff668b996da64a3ad559f96e89073d748f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82182
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 04 Feb 2024 00:06:27 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 76ms
21ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162747485-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 03 Feb 2024 23:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1098
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 04 Feb 2024 01:48:09 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 75ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-N6F85L400D&gtm=45je41v0v9118383779za200&_p=1707005186980&_gaz=1&gcd=11l1l1l1l1&npa=0&dma_cps=sypham&dma=1&cid=891941777.1707005187&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1707005187&sct=1&seg=0&dl=https%3A%2F%2Fthedfirreport.com%2F&dt=The%20DFIR%20Report%20-%20Real%20Intrusions%20by%20Real%20Attackers%2C%20The%20Truth%20Behind%20the%20Intrusion&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1903
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N6F85L400D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 00:06:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thedfirreport.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 83ms
28ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N6F85L400D&cid=891941777.1707005187&gtm=45je41v0v9118383779za200&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N6F85L400D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 00:06:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thedfirreport.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 78ms
30ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N6F85L400D&cid=891941777.1707005187&gtm=45je41v0v9118383779za200&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&npa=0&z=2081543907

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 00:06:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
208 B 28ms
28ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=113441198&t=pageview&_s=1&dl=https%3A%2F%2Fthedfirreport.com%2F&ul=en-us&de=UTF-8&dt=The%20DFIR%20Report%20-%20Real%20Intrusions%20by%20Real%20Attackers%2C%20The%20Truth%20Behind%20the%20Intrusion&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=528838505&gjid=1249258406&cid=891941777.1707005187&tid=UA-162747485-1&_gid=758994371.1707005187&_r=1&gtm=457e41v0za200&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=634399399

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thedfirreport.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 00:06:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thedfirreport.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 34ms
27ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-162747485-1&cid=891941777.1707005187&jid=528838505&gjid=1249258406&_gid=758994371.1707005187&_u=YADAAUAAAAAAACAAI~&z=1356156938

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thedfirreport.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 04 Feb 2024 00:06:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thedfirreport.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 79ms
30ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-162747485-1&cid=891941777.1707005187&jid=528838505&_u=YADAAUAAAAAAACAAI~&z=794790252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 00:06:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-162747485-1&cid=891941777.1707005187&jid=528838505&_u=YADAAUAAAAAAACAAI~&z=794790252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 00:06:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/ 22 KB
5 KB 71ms
20ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/m=el_main_css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.3lwYqcY9Fxg.O/am=wA/d=1/rs=AN8SPfpz6AFLZhtPTjmgrmhsH1KMmKLv8w/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 19:06:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 363570
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4144
x-xss-protection: 0
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Jan 2025 19:06:58 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.3lwYqcY9Fxg.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpmENoDSSyXOskIpqMtVc0ktr1ZCg/ 207 KB
72 KB 75ms
22ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.3lwYqcY9Fxg.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpmENoDSSyXOskIpqMtVc0ktr1ZCg/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.3lwYqcY9Fxg.O/am=wA/d=1/rs=AN8SPfpz6AFLZhtPTjmgrmhsH1KMmKLv8w/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

846db6fe57acb029e6f6774d89b4ccd41b723127afcb2d66b50434d111949ade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:48:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73112
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 22:12:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Feb 2025 12:48:58 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 29ms
23ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=175340963&post=0&tz=0&srv=thedfirreport.com&j=1%3A13.0&host=thedfirreport.com&ref=&fcp=1083&rand=0.9163269543784962
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 04 Feb 2024 00:06:28 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H3 200 wp-emoji-release.min.js Show response
thedfirreport.com/wp-includes/js/ 18 KB
5 KB 987ms
987ms Script
text/javascript 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thedfirreport.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3
Requested by: Host: thedfirreport.com
URL: https://thedfirreport.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 00:06:29 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 13 Apr 2023 13:23:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4904-5f937a028b821-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bexxuueyuPnVEsQ0q3X6mWoLJ9AtlofuFZBsaKYp6FO%2FhNgwqaVRGTa2wvDiBVK3xgH89NhOpwWuNHwMoZtOtuqT90x3sw50xi7vHBPfuRzOIX6K9ubB1pcPVL%2Bp8qTe5Hmz6BA2rzrsaxL6y%2FyCSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 84feaafc18c5025f-CDG
alt-svc: h3=":443"; ma=86400
priority: u=3,i=?0

POST
H3 204 rum Show response
thedfirreport.com/cdn-cgi/ 0
142 B 36ms
36ms XHR
text/plain 2606:4700:3036::ac43:bd2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thedfirreport.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:bd2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://thedfirreport.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type: application/json

Response headers

date: Sun, 04 Feb 2024 00:06:28 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://thedfirreport.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 84feaafc38d2025f-CDG

GET
DATA 200
OK truncated Show response
/ Frame 721B 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 6 KB
4 KB 88ms
27ms Image
image/svg+xml 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 17:55:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 367833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3340
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Jan 2025 17:55:55 GMT

GET
H2 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
1 KB 26ms
25ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedfirreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:52:20 GMT
x-content-type-options: nosniff
age: 141248
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 910
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 01 Feb 2025 08:52:20 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 25ms
25ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/m=el_main_css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/m=el_main_css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sat, 03 Feb 2024 17:06:17 GMT
x-content-type-options: nosniff
age: 25211
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 02 Feb 2025 17:06:17 GMT

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.thedfirreport.com/	1970-01-21 03:46:05	Name: _ga_N6F85L400D Value: GS1.1.1707005187.1.0.1707005187.60.0.0
.thedfirreport.com/	1970-01-21 03:46:05	Name: _ga Value: GA1.2.891941777.1707005187
.thedfirreport.com/	1970-01-20 18:11:31	Name: _gid Value: GA1.2.758994371.1707005187
.thedfirreport.com/	1970-01-20 18:10:05	Name: _gat_gtag_UA_162747485_1 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c0.wp.com
fonts.gstatic.com
pixel.wp.com
region1.analytics.google.com
static.cloudflareinsights.com
stats.g.doubleclick.net
stats.wp.com
thedfirreport.com
translate.google.com
translate.googleapis.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
192.0.76.3
192.0.77.37
2001:4860:4802:32::36
2606:4700:3035::6815:950
2606:4700:3036::ac43:bd2f
2606:4700::6810:3865
2a00:1450:4001:808::200e
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:810::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2004
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9d
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
05739c089fe7e751c83cea9f00bce9aa67bc2b156f9b86c8fb73bde08c2b3a09
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
0c4297bfc1fa951be8bceae696e7c1f45b5e553efb1f82af3bdddfb4a67e77c8
166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0
1a24f65c00a46166e180a3501c19b60562e56362308ea9363130620772de741a
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
23277f389eac391c6547882c006eb19c0e4ebb787ecadd79adbc12425fe078e0
23a3fe27a84c2a2efe9b4099b5f05546b6b83418ddb0560548004323ac02e4ba
274928f2bf62780b9b7e9d27705d30ed9647c4243ae6a0abf1fa53fc1b6c1989
2ce4fcff403a4a73c39694880c0f7a1773d2d5abc2f99fbcb91444094b311a0d
2d39834086b6021b46bd051ac46cc41227eb396e21546edc7639ea582a0927bb
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2fcc62cfad32864a04e3f2bc349476b803879efbc9c3f581309a260710c8d727
31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d
352523d949e1e7a02f2db68671149309f95dcd0974e587ea950e984cc4d70988
357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d
3c78824ca1aa2fc659ab499dfd7d2853409a423382fd632a04b879e9753d39b5
405a5e4943b97243440d632a958bb6e79f1d1929666745000a22ebaa5fa2d819
41bc8be6b51f6bdf9a48584d346dfb13f39f36a9c9b6b586d5727afb2ddc2666
44a8375ebb9a902dec3809c4ec91c619e3077d76dad1e5167e81c24adc954fa8
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4baf1ee37da6af27b5ca35f0b9dc84c8b78e60ed2f2b48ccc3d67c6c031dcf2c
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4dc2e74a6570cbeba61f6b688d6300ce9a1a9cd66bc9d77f49c0f704928091df
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
54cac4a0c46454a00b9e386b4d7960bcbe25e2c6d5c5d0459c3c4f48102653ff
5c426b919582109bc92f11696dc77bf1253039f3a877cf3226520d70e85a34c7
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
62fbbb2f4e4f5546b5257a30e0b6c7bf902918b92e8e1f136f51f4707c5e8002
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
6ad8f1c359509a98fd3833846223a95c575d81ee7c63b40cc4b8db1dc1309933
71af6deefd260ee28eab31a59d4d190a0f12436dd046b79b37b9ddbc28fdbccc
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
78d3032d2b15d8f0037a7e1d63f38ee3212ad16e8b43972cb70b01c80f44691a
7953f3c8cc3712f2dc802a29f9d902704137bfd374b87af8e9e2e4521268a310
7bef506d7edc8843eb107a3405e3aaff668b996da64a3ad559f96e89073d748f
7fa05d1f0d72a65ba2981de1427f305f27ac98ebaa5f79ed4771db7b46e53d19
82a98807da498eaf38ad2b8d6b65e9bc485e6a4da8c57fae93fa718d644347a7
846db6fe57acb029e6f6774d89b4ccd41b723127afcb2d66b50434d111949ade
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9
8f8078d5fa79042c80aff9ac50f962fca0a2461febc620b567e38fff39ddc182
9f2647df72613ebf6bc260de06e75b9417f61118a8f8df12727492d98c2385a7
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
ae29216f58cbe66f5cb9665e54a082b21c63666ea719e80d4c9873fb64aa91d8
b38977ea35fde92fe200fa14ac7cc55e2edce54b998ce9a08734ba1dd9053fed
b5104dc06faffc326c8f8a5da2f0cf85c5cf35064eae62871acc3cabf8f35c78
b59d766ccd09e7b386bb88fb30e8b2fcb634d8bf11bdddfdc42779c4979b0796
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b967a344b9ea6849efcb4517b0b24981a040b145ebf2173b263b42f2aa5782a3
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c2cd3e005de210fcbb5372b4267c5d3d067e0564f017dd5ccba202d040f820d7
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cba34e474754a973830d7e0c186f151ed6ae190abdcf99efe0561db3b554feb3
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d079e6757ff169b8252a45af5d1773b053f1b35ae7c0f3ae6a7f6a891acc28c1
d38218f0dc3dcb8bf6bd6aac7e3881435877fc96c06b43e2d6558bb524fef8cd
d88b2f05bcd6de59fcdc958ab1c6f63d0225f275d24ce003381c09deb3a4bf1e
da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8
dd9deeeda732605e55b86620fb2826df09c308ada3108333ec104a75afa52650
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61e68d20b708b8495b97c4f0c823d53763357941f5f5102ae2393701147eb31
ed3942ba83558bdea90545ba97b487bed40f02534021b684040e28bc8d46446e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f11243b14b5926ad4d6d3c0e946d4ac89bfb32ce6102bf7e22036520dfa73dc4
f1d759e86165ec9e5f9f5c9775acfe83f2c00833aa1c3522fbede166c38a2205
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
fa6c46550cf58d88334c44050cb9db5a0f693e4f8212a977cd9fdefface9905d

thedfirreport.com Open in urlscan Pro 2606:4700:3036::ac43:bd2f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

76 Requests

99 %HTTPS

87 %IPv6

10 Domains

15 Subdomains

16 IPs

3 Countries

4018 kBTransfer

5137 kBSize

4 Cookies

2 Outgoing links

Page URL History

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

thedfirreport.com Open in urlscan Pro
2606:4700:3036::ac43:bd2f Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

99 %
HTTPS

87 %
IPv6

10
Domains

15
Subdomains

16
IPs

3
Countries

4018 kB
Transfer

5137 kB
Size

4
Cookies

76 HTTP transactions
1 data transactions