www.securitybydefault.com Open in urlscan Pro
2a00:1450:400a:808::2013 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html
Submission Tags: falconsandbox
Submission: On September 14 via api (September 14th 2022, 2:08:42 pm UTC) from US — Scanned from DE

Summary HTTP 123 Redirects Links 100 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 15 domains to perform 123 HTTP transactions. The main IP is 2a00:1450:400a:808::2013, located in Zurich, Switzerland and belongs to GOOGLE, US. The main domain is www.securitybydefault.com.

This is the only time www.securitybydefault.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a00:1450:400... 2a00:1450:400a:808::2013	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:803::2009	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
47	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:49::60 2620:1ec:49::60	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400a:803::200e	15169 (GOOGLE) (GOOGLE)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1 1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	104.20.228.67 104.20.228.67	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.20.229.67 104.20.229.67	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 10	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
4	199.232.198.49 199.232.198.49	54113 (FASTLY) (FASTLY)
2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
29	2600:9000:21f... 2600:9000:21f3:f400:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	151.101.0.134 151.101.0.134	54113 (FASTLY) (FASTLY)
1	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
2	2606:4700::68... 2606:4700::6810:a00d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	199.232.196.64 199.232.196.64	54113 (FASTLY) (FASTLY)
123	20

2 2a00:1450:400a:808::2013 (Zurich, Switzerland)

ASN15169 (GOOGLE, US)

www.securitybydefault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:803::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:49::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.secureworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400a:803::200e (Zurich, Switzerland)

ASN15169 (GOOGLE, US)

feeds.feedburner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

sites.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.228.67 (None, )

ASN13335 (CLOUDFLARENET, US)

www.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.229.67 (None, )

ASN13335 (CLOUDFLARENET, US)

c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 199.232.196.134 (United States) 5 redirects

ASN54113 (FASTLY, US)

securitybydefault.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.232.198.49 (United States)

ASN54113 (FASTLY, US)

a.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2600:9000:21f3:f400:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.0.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:a00d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.232.196.64 (United States)

ASN54113 (FASTLY, US)

links.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 8550 3.bp.blogspot.com — Cisco Umbrella Rank: 11572 2.bp.blogspot.com — Cisco Umbrella Rank: 12056 4.bp.blogspot.com — Cisco Umbrella Rank: 11427	2 MB
33	disquscdn.com a.disquscdn.com — Cisco Umbrella Rank: 9507 c.disquscdn.com — Cisco Umbrella Rank: 4085	1 MB
22	disqus.com 5 redirects securitybydefault.disqus.com disqus.com — Cisco Umbrella Rank: 2150 referrer.disqus.com — Cisco Umbrella Rank: 6222 links.services.disqus.com — Cisco Umbrella Rank: 11384	126 KB
7	blogger.com www.blogger.com — Cisco Umbrella Rank: 6949	463 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1004 syndication.twitter.com — Cisco Umbrella Rank: 1252	152 KB
2	viglink.com cdn.viglink.com — Cisco Umbrella Rank: 7868	1 KB
2	statcounter.com www.statcounter.com — Cisco Umbrella Rank: 16482 c.statcounter.com — Cisco Umbrella Rank: 10654	15 KB
2	google.com 1 redirects sites.google.com — Cisco Umbrella Rank: 8528 www.google.com — Cisco Umbrella Rank: 19	537 B
2	securitybydefault.com www.securitybydefault.com	71 KB
1	twimg.com cdn.syndication.twimg.com — Cisco Umbrella Rank: 2766	702 B
1	feedburner.com feeds.feedburner.com — Cisco Umbrella Rank: 15413	1 KB
1	blogblog.com resources.blogblog.com — Cisco Umbrella Rank: 15340	628 B
1	gstatic.com fonts.gstatic.com	10 KB
1	secureworks.com www.secureworks.com — Cisco Umbrella Rank: 746315
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 120	1 KB
123	15

	Domain	Requested by
29	c.disquscdn.com	securitybydefault.disqus.com disqus.com c.disquscdn.com
15	2.bp.blogspot.com	www.securitybydefault.com
14	1.bp.blogspot.com	www.securitybydefault.com
10	3.bp.blogspot.com	www.securitybydefault.com
9	securitybydefault.disqus.com	5 redirects www.securitybydefault.com securitybydefault.disqus.com
8	disqus.com	securitybydefault.disqus.com c.disquscdn.com
8	4.bp.blogspot.com	www.securitybydefault.com
7	www.blogger.com	www.securitybydefault.com www.blogger.com
4	links.services.disqus.com	c.disquscdn.com
4	a.disquscdn.com	www.securitybydefault.com c.disquscdn.com
4	platform.twitter.com	www.securitybydefault.com platform.twitter.com
2	cdn.viglink.com	www.securitybydefault.com
2	syndication.twitter.com	platform.twitter.com www.securitybydefault.com
2	www.securitybydefault.com	www.securitybydefault.com
1	referrer.disqus.com	www.securitybydefault.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	c.statcounter.com	www.statcounter.com
1	www.statcounter.com	www.securitybydefault.com
1	www.google.com	www.securitybydefault.com
1	sites.google.com	1 redirects
1	feeds.feedburner.com	www.securitybydefault.com
1	resources.blogblog.com	www.securitybydefault.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.secureworks.com	www.securitybydefault.com
1	fonts.googleapis.com	www.securitybydefault.com
123	25

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
feeds.feedburner.com
www.linkedin.com
1.bp.blogspot.com
www.decryptcryptolocker.com
www.bbc.com
www.secureworks.com
www.nist.gov
en.wikipedia.org
3.bp.blogspot.com
www.bleepingcomputer.com
www.security-projects.com
www.easysyncsolutions.com
www.incibe.es
www.virustotal.com
www.cuckoosandbox.org
4.bp.blogspot.com
www.ubuntu.com
www.enisa.europa.eu
windows.microsoft.com
2.bp.blogspot.com
www.aldeid.com
exeinfo.atwebpages.com
www.delphibasics.info
www.angusj.com
www.mcafee.com
es.wikipedia.org
technet.microsoft.com
sourceforge.net
bitcoin.org
lenschulwitz.com
www.python.org
github.com
34r6hq26q2h4jkzj.42k2bu15.com
34r6hq26q2h4jkzj.79fhdm16.com
34r6hq26q2h4jkzj.tor2web.blutmagie.de
torproject.org
34r6hq26q2h4jkzj.onion
www.gmer.net
aes.online-domain-tools.com
www.blogger.com
www.inetsim.org
7tno4hib47vlep5o.63ghdye17.com
7tno4hib47vlep5o.79fhdm16.com
go.microsoft.com
spynet2.microsoft.com
time.windows.com
www.symantec.com
microsoft.com
windowsupdate.com
msftncsi.com
ipinfo.io
www.amazon.com
labs.bromium.com
www.youtube.com
madrid.universidadeuropea.es
gmail.com
outlook.com
creativecommons.org
www.fabthemes.com

Subject Issuer	Validity	Valid
*.blogger.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
us-dallas.statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-06` - `2022-12-06`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
a.disquscdn.com Amazon	`2021-10-31` - `2022-11-28`	a year	crt.sh
*.disqus.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-20` - `2023-04-20`	a year	crt.sh
*.disquscdn.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2022-01-03` - `2023-02-04`	a year	crt.sh
*.services.disqus.com GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-01-31` - `2023-03-04`	a year	crt.sh

This page contains 5 frames:

Primary Page: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html
Frame ID: 07844264B3B0641E3B0E94195B2B376D
Requests: 87 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=http%3A%2F%2Fwww.securitybydefault.com
Frame ID: 72A1EF8172D7CE669FEC0E084BB79F1A
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.c4bdc17e77719578b594d5555bee90db.es.html
Frame ID: 48FB0A63C50DA35C379F5645D57661DE
Requests: 3 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=securitybydefault&t_u=http%3A%2F%2Fwww.securitybydefault.com%2F2015%2F06%2Fanalisis-de-un-ransomware-de-cifrado.html&t_d=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default&t_t=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default&s_o=default
Frame ID: 9C3BA5FA5749FAF5E5A181BDD83D8727
Requests: 16 HTTP requests in this frame

Frame: https://disqus.com/recommendations/?base=default&f=securitybydefault&t_u=http%3A%2F%2Fwww.securitybydefault.com%2F2015%2F06%2Fanalisis-de-un-ransomware-de-cifrado.html&t_d=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default&t_t=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default
Frame ID: 5AD93841B8948E4E647437B97A5B9843
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Análisis de un Ransomware de Cifrado ~ Security By Default

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Statcounter (Analytics) Expand

Overall confidence: 100%
Detected patterns

statcounter\.com/counter/counter

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Page Statistics

123
Requests

46 %
HTTPS

65 %
IPv6

15
Domains

25
Subdomains

20
IPs

4
Countries

3679 kB
Transfer

5400 kB
Size

6
Cookies

100 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/secbydefault

Search URL Search Domain Scan URL

URL: https://www.facebook.com/secbydefaultcom

Search URL Search Domain Scan URL

URL: http://feeds.feedburner.com/SecurityByDefault

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/groups?gid=2087754

Search URL Search Domain Scan URL

URL: http://1.bp.blogspot.com/-_ciidIto10Q/VW7ZvyOl8TI/AAAAAAAAAU8/R7YEIh989fw/s1600/tira%2B1.jpg

Search URL Search Domain Scan URL

URL: https://www.decryptcryptolocker.com/
Title: https://www.decryptcryptolocker.com/

Search URL Search Domain Scan URL

URL: http://www.bbc.com/news/technology-28661463
Title: http://www.bbc.com/news/technology-28661463

Search URL Search Domain Scan URL

URL: http://www.secureworks.com/
Title: Dell Secure Works

Search URL Search Domain Scan URL

URL: http://www.secureworks.com/cyber-threat-intelligence/threats/cryptolocker-ransomware/
Title: Imagen gracias a Dell SecureWorks

Search URL Search Domain Scan URL

URL: http://www.nist.gov/itl/upload/BITS-Malware-Report-Jun2011.pdf
Title: NIST en su informe sobre el malware de Junio de 2011

Search URL Search Domain Scan URL

URL: http://en.wikipedia.org/wiki/Botnet
Title: botnets

Search URL Search Domain Scan URL

URL: http://en.wikipedia.org/wiki/Zeus
Title: Zeus

Search URL Search Domain Scan URL

URL: http://en.wikipedia.org/wiki/Block_cipher_mode_of_operation
Title: AES-CBC

Search URL Search Domain Scan URL

URL: http://3.bp.blogspot.com/-BXepZ2JZ0jY/VYFEcH-t25I/AAAAAAAAAYE/6WQcqbznc8c/s1600/TIRA%2B2.jpg

Search URL Search Domain Scan URL

URL: http://www.bleepingcomputer.com/forums/t/511780/dns-sinkhole-campaign-underway-for-cryptolocker/
Title: DNS Sink Holes

Search URL Search Domain Scan URL

URL: http://en.wikipedia.org/wiki/Command_and_control_%28malware%29
Title: Command & Control (C&C)

Search URL Search Domain Scan URL

URL: http://en.wikipedia.org/wiki/Honeypot_%28computing%29
Title: tarros de miel

Search URL Search Domain Scan URL

URL: http://www.security-projects.com/?Anti_Ransom
Title: Anti Ransom

Search URL Search Domain Scan URL

URL: https://www.easysyncsolutions.com/cryptomonitordetails.html
Title: Crypto Monitor

Search URL Search Domain Scan URL

URL: http://www.incibe.es/
Title: Instituto Nacional de CiberSeguridad (INCIBE)

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/
Title: virustotal

Search URL Search Domain Scan URL

URL: http://en.wikipedia.org/wiki/Portable_Executable
Title: PE (Portable Executable)

Search URL Search Domain Scan URL

URL: http://en.wikipedia.org/wiki/Executable_compression
Title: packers.

Search URL Search Domain Scan URL

URL: http://www.cuckoosandbox.org/
Title: cuckoo sandbox

Search URL Search Domain Scan URL

URL: http://4.bp.blogspot.com/-HkNiQtsYK8g/VWcGbMTyzVI/AAAAAAAAAP4/vRNG0evF_ko/s1600/proceso%2Banalisis.png

Search URL Search Domain Scan URL

URL: http://www.ubuntu.com/download/server
Title: Ubuntu server

Search URL Search Domain Scan URL

URL: https://www.enisa.europa.eu/activities/cert/training/training-resources/resources
Title: Training Resources

Search URL Search Domain Scan URL

URL: https://www.enisa.europa.eu/
Title: ENISA

Search URL Search Domain Scan URL

URL: http://windows.microsoft.com/es-es/windows/home
Title: Microsoft Windows

Search URL Search Domain Scan URL

URL: http://1.bp.blogspot.com/-0tdgi-E-0Yg/VWcLjT58YiI/AAAAAAAAAQI/W9J_CzR1lIM/s1600/virustotal.png

Search URL Search Domain Scan URL

URL: http://1.bp.blogspot.com/-TJeeWFLgpU4/VWcMuF33LVI/AAAAAAAAAQU/FhCSzdI6090/s1600/Virustotal2.png

Search URL Search Domain Scan URL

URL: http://2.bp.blogspot.com/-KzTZKp1idXQ/VWcNgx5D9tI/AAAAAAAAAQc/GZdtBXC_OPw/s1600/Virustotal3.png

Search URL Search Domain Scan URL

URL: http://2.bp.blogspot.com/-t6SiZyp1quE/VWcPL2G4LBI/AAAAAAAAAQo/YiEguxSSVoA/s1600/peid.png

Search URL Search Domain Scan URL

URL: http://www.aldeid.com/wiki/PEiD
Title: PEiD

Search URL Search Domain Scan URL

URL: http://exeinfo.atwebpages.com/
Title: ExeInfoPE

Search URL Search Domain Scan URL

URL: http://4.bp.blogspot.com/-qigl571Zgkk/VXqkH5FXkQI/AAAAAAAAAV4/qdd01snOkNs/s1600/Analisis%2BAvanzado%2Ben%2BExeInfoPE.png

Search URL Search Domain Scan URL

URL: http://www.delphibasics.info/home/delphibasicscounterstrikewireleases/polymorphiccrypter-morphine27byholyfather
Title: Polymorphic Crypter - Morphine 2.7 by Holy_Father

Search URL Search Domain Scan URL

URL: http://www.angusj.com/resourcehacker/
Title: Resource Hacker

Search URL Search Domain Scan URL

URL: http://3.bp.blogspot.com/-iD9mUh29NMc/VWcQWGsaMHI/AAAAAAAAAQ0/EItJncRtSrQ/s1600/resource%2Bhacker.png

Search URL Search Domain Scan URL

URL: http://www.mcafee.com/us/downloads/free-tools/bintext.aspx
Title: binText

Search URL Search Domain Scan URL

URL: http://es.wikipedia.org/wiki/Ofuscaci%C3%B3n
Title: ofuscación

Search URL Search Domain Scan URL

URL: https://technet.microsoft.com/en-us/sysinternals/bb896653.aspx
Title: Process Explorer

Search URL Search Domain Scan URL

URL: https://technet.microsoft.com/en-us/library/bb896645.aspx
Title: Process Monitor

Search URL Search Domain Scan URL

URL: http://sourceforge.net/projects/regshot/
Title: RegShot

Search URL Search Domain Scan URL

URL: http://4.bp.blogspot.com/-Mqtg18e8prU/VWcYHPSs60I/AAAAAAAAARE/-Mnnhjld_W4/s1600/pantalla%2Bcryptolocker.png

Search URL Search Domain Scan URL

URL: http://2.bp.blogspot.com/-j86zJhfBQms/VWcb8615kNI/AAAAAAAAARQ/F_8-QfD8Tbs/s1600/process%2Bmonitor.png

Search URL Search Domain Scan URL

URL: http://en.wikipedia.org/wiki/Locale
Title: locale

Search URL Search Domain Scan URL

URL: http://2.bp.blogspot.com/-X6eWvzxLUcs/VWcdBaeLXsI/AAAAAAAAARc/wzIeOtRKq-g/s1600/process%2Bmonitor2.png

Search URL Search Domain Scan URL

URL: http://1.bp.blogspot.com/-4VGvE7SjdH4/VWhdOgsRyOI/AAAAAAAAARw/MiD2Hblgftg/s1600/ficheros%2Btrampa.png

Search URL Search Domain Scan URL

URL: http://2.bp.blogspot.com/-_WsblJHTdZ0/VWl7qcGG8NI/AAAAAAAAASU/o5UN7X3EPks/s1600/Configuracion%2BAvanzada%2BCarpetas.png

Search URL Search Domain Scan URL

URL: https://bitcoin.org/es/
Title: bitcoin

Search URL Search Domain Scan URL

URL: http://2.bp.blogspot.com/-6L8RFTv8uBE/VXrBo66NPsI/AAAAAAAAAWI/iropSk3ZTWQ/s1600/key.dat.png

Search URL Search Domain Scan URL

URL: http://lenschulwitz.com/base58
Title: Base58 Encode, Decode, and Validate

Search URL Search Domain Scan URL

URL: http://3.bp.blogspot.com/-qiMSvrIoOVU/VXrCHoMRhaI/AAAAAAAAAWQ/DmPlyLfoujk/s1600/validacion%2Bbitcoin%2Baddress%2Ben%2Bkey.dat.png

Search URL Search Domain Scan URL

URL: http://www.python.org/
Title: Python

Search URL Search Domain Scan URL

URL: https://github.com/jesusarnaizcts/ransomwareAnalysis
Title: el siguiente repositorio en GitHub

Search URL Search Domain Scan URL

URL: http://3.bp.blogspot.com/-ypNCf7Y9Cio/VYKeGh1Z7uI/AAAAAAAAAYo/CQWYnsOAzqY/s1600/codigo%2Bpython.png

Search URL Search Domain Scan URL

URL: http://34r6hq26q2h4jkzj.42k2bu15.com/
Title: http://34r6hq26q2h4jkzj.42k2bu15.com

Search URL Search Domain Scan URL

URL: http://34r6hq26q2h4jkzj.79fhdm16.com/
Title: http://34r6hq26q2h4jkzj.79fhdm16.com

Search URL Search Domain Scan URL

URL: https://34r6hq26q2h4jkzj.tor2web.blutmagie.de/
Title: https://34r6hq26q2h4jkzj.tor2web.blutmagie.de/

Search URL Search Domain Scan URL

URL: http://torproject.org/
Title: http://torproject.org

Search URL Search Domain Scan URL

URL: http://34r6hq26q2h4jkzj.onion/
Title: http://34r6hq26q2h4jkzj.onion/

Search URL Search Domain Scan URL

URL: http://1.bp.blogspot.com/-xlZQviAKmZk/VWmwvjLPiPI/AAAAAAAAAS0/Dwg_K3GKwtA/s1600/log%2Bde%2Bficheros%2Bcifrados.png

Search URL Search Domain Scan URL

URL: http://2.bp.blogspot.com/-6C3MiItHKi8/VWyH19p6TwI/AAAAAAAAATM/eectO9vs34Q/s1600/fondo%2Bde%2Bpantalla%2Bcryptolocker.png

Search URL Search Domain Scan URL

URL: http://www.gmer.net/
Title: GMER

Search URL Search Domain Scan URL

URL: http://en.wikipedia.org/wiki/Rootkit
Title: rootkits

Search URL Search Domain Scan URL

URL: http://4.bp.blogspot.com/-kKS6wGxVg0o/VWyI9nYX17I/AAAAAAAAATU/r_uwn5IaCDE/s1600/md5%2Bficheros%2Btrampa.png

Search URL Search Domain Scan URL

URL: http://en.wikipedia.org/wiki/Endianness
Title: Little-Endian

Search URL Search Domain Scan URL

URL: http://1.bp.blogspot.com/-od_hEpWZXLU/VWyMZyMtchI/AAAAAAAAATg/2c92J7q40Rc/s1600/honey1.txt.ecc.png

Search URL Search Domain Scan URL

URL: http://3.bp.blogspot.com/-OzTolJwmd7A/VWyMsFNsDeI/AAAAAAAAATo/-KWL_fApOvQ/s1600/honey2.txt.ecc.png

Search URL Search Domain Scan URL

URL: http://3.bp.blogspot.com/-jHrwybW7q9Q/VXl0hVwdijI/AAAAAAAAAVY/mKuXaq4WDI8/s1600/Prueba%2Bde%2Bcifrado%2BAES-CBC.png

Search URL Search Domain Scan URL

URL: http://aes.online-domain-tools.com/
Title: esta

Search URL Search Domain Scan URL

URL: http://2.bp.blogspot.com/-avuToPmgfII/VXl2bp6PyAI/AAAAAAAAAVk/9Zxn5WNxu7U/s1600/Esquema%2BECC.png

Search URL Search Domain Scan URL

URL: https://www.blogger.com/www.python.org
Title: Python

Search URL Search Domain Scan URL

URL: https://github.com/jesusarnaizcts/ransomwareAnalysis/
Title: el siguiente repositorio en GitHub

Search URL Search Domain Scan URL

URL: http://www.inetsim.org/
Title: inetsim

Search URL Search Domain Scan URL

URL: http://7tno4hib47vlep5o.63ghdye17.com/
Title: 7tno4hib47vlep5o.63ghdye17.com

Search URL Search Domain Scan URL

URL: http://7tno4hib47vlep5o.79fhdm16.com/
Title: 7tno4hib47vlep5o.79fhdm16.com

Search URL Search Domain Scan URL

URL: http://go.microsoft.com/
Title: go.microsoft.com

Search URL Search Domain Scan URL

URL: http://spynet2.microsoft.com/
Title: spynet2.microsoft.com

Search URL Search Domain Scan URL

URL: http://time.windows.com/
Title: time.windows.com

Search URL Search Domain Scan URL

URL: http://www.symantec.com/security_response/writeup.jsp?docid=2015-030201-5710-99&tabid=2
Title: informe de 2 de Marzo de 2015.

Search URL Search Domain Scan URL

URL: http://microsoft.com/
Title: microsoft.com

Search URL Search Domain Scan URL

URL: http://windowsupdate.com/
Title: windowsupdate.com

Search URL Search Domain Scan URL

URL: http://msftncsi.com/
Title: msftncsi.com

Search URL Search Domain Scan URL

URL: http://ipinfo.io/ip
Title: http://ipinfo.io/ip

Search URL Search Domain Scan URL

URL: http://7tno4hib47vlep5o.63ghdye17.com/state1.php
Title: http://7tno4hib47vlep5o.63ghdye17.com/state1.php

Search URL Search Domain Scan URL

URL: http://7tno4hib47vlep5o.79fhdm16.com/state1.php
Title: http://7tno4hib47vlep5o.79fhdm16.com/state1.php

Search URL Search Domain Scan URL

URL: http://2.bp.blogspot.com/-8F9nQm1D6Ms/VWyTGpzB18I/AAAAAAAAAT4/IX5FIDsZAZ4/s1600/base%2B58%2Bvalidacion%2Bdireccion%2Bbitcoin.png

Search URL Search Domain Scan URL

URL: http://www.amazon.com/Malware-Analysts-Cookbook-DVD-Techniques/dp/0470613033
Title: Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code Paperback

Search URL Search Domain Scan URL

URL: http://labs.bromium.com/2013/11/27/the-holiday-season-and-ransomware/
Title: The holiday season and ransomware

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=35teUHnZNGU
Title: Reverse Engineering Malware For Newbies ToorCon 16

Search URL Search Domain Scan URL

URL: http://madrid.universidadeuropea.es/estudios-universitarios/master-universitario-en-seguridad-de-tecnologias-de-la-informacion-y-de-las-comunicaciones
Title: MÁSTER UNIVERSITARIO EN SEGURIDAD DE TECNOLOGÍAS DE LA INFORMACIÓN Y DE LAS COMUNICACIONES

Search URL Search Domain Scan URL

URL: http://madrid.universidadeuropea.es/
Title: Universidad Europea de Madrid.

Search URL Search Domain Scan URL

URL: http://gmail.com/
Title: gmail.com

Search URL Search Domain Scan URL

URL: http://outlook.com/
Title: outlook.com

Search URL Search Domain Scan URL

URL: http://4.bp.blogspot.com/-UChUcPthtHE/VWXnK_r8JXI/AAAAAAAAAPk/pmfZH-ddlqE/s1600/boceto.png

Search URL Search Domain Scan URL

URL: http://creativecommons.org/licenses/by-nc/2.5/es/

Search URL Search Domain Scan URL

URL: http://www.fabthemes.com/
Title: Fabthemes

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

http://www.secureworks.com/assets/image_store/png/page.intelligence.threats.cryptolocker.14.png HTTP 307
https://www.secureworks.com/assets/image_store/png/page.intelligence.threats.cryptolocker.14.png

Request Chain 56

http://sites.google.com/a/securitybydefault.com/static/88x31.png HTTP 307
https://sites.google.com/a/securitybydefault.com/static/88x31.png HTTP 302
https://www.google.com/a/securitybydefault.com/ServiceLogin?service=jotspot&passive=1209600&continue=https://sites.google.com/a/securitybydefault.com/static/88x31.png&followup=https://sites.google.com/a/securitybydefault.com/static/88x31.png&ul=1

Request Chain 62

http://securitybydefault.disqus.com/blogger_item.js HTTP 301
https://securitybydefault.disqus.com/blogger_item.js HTTP 302
https://a.disquscdn.com/blogger_item.js

Request Chain 63

http://securitybydefault.disqus.com/count.js HTTP 301
https://securitybydefault.disqus.com/count.js

Request Chain 64

http://securitybydefault.disqus.com/blogger_index.js HTTP 301
https://securitybydefault.disqus.com/blogger_index.js HTTP 302
https://a.disquscdn.com/blogger_index.js

Request Chain 66

http://securitybydefault.disqus.com/count-data.js?2=http%3A%2F%2Fwww.securitybydefault.com%2F2015%2F06%2Fanalisis-de-un-ransomware-de-cifrado.html HTTP 307
https://securitybydefault.disqus.com/count-data.js?2=http%3A%2F%2Fwww.securitybydefault.com%2F2015%2F06%2Fanalisis-de-un-ransomware-de-cifrado.html

Request Chain 68

http://securitybydefault.disqus.com/embed.js HTTP 307
https://securitybydefault.disqus.com/embed.js

Request Chain 121

http://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d HTTP 307
https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d

123 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request analisis-de-un-ransomware-de-cifrado.html Show response
www.securitybydefault.com/2015/06/ 623 KB
64 KB 525ms
455ms Document
text/html 2a00:1450:400a:808::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:400a:808::2013 Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0642026749789f24663728276a96121ddeae707570de3cf02bf903c8626842c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, max-age=0
Content-Encoding: gzip
Content-Length: 65229
Content-Type: text/html; charset=UTF-8
Date: Wed, 14 Sep 2022 14:08:35 GMT
ETag: W/"3c5522afcadeef838c1b0d4a1c2bc3adef32108ee0c52640488c595a9f71ca49"
Expires: Wed, 14 Sep 2022 14:08:35 GMT
Last-Modified: Tue, 16 Aug 2022 06:17:09 GMT
Server: GSE
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H2 200 55013136-widget_css_bundle.css
www.blogger.com/static/v1/widgets/ 30 KB
30 KB 127ms
26ms Stylesheet
text/css 2a00:1450:4001:803::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 12:22:12 GMT
x-content-type-options: nosniff
age: 6384
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30597
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 20:54:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 14 Sep 2023 12:22:12 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 2 KB
1 KB 50ms
31ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Oswald

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

647df2b0673786858974703dfc659a70944cf08acb17bd6a0d9bb03d9036eee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Wed, 14 Sep 2022 14:08:35 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 14 Sep 2022 14:08:35 GMT

GET
H/1.1 200
OK logo%2526url.png
1.bp.blogspot.com/-XRSUy_fAFo4/UYOC-D6jTgI/AAAAAAAAADg/xJl50ha9UFA/s1600/ 27 KB
28 KB 69ms
34ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/-XRSUy_fAFo4/UYOC-D6jTgI/AAAAAAAAADg/xJl50ha9UFA/s1600/logo%2526url.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5cc0b7853e8aa733f5db845cce96c1315f7fd2552e2fc56f47661f7f25077ad9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:35 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v39"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="logo&url.png"
Timing-Allow-Origin: *
Content-Length: 27874
X-XSS-Protection: 0
Expires: Tue, 06 Sep 2022 00:34:20 GMT

GET
H/1.1 200
OK twit.png
3.bp.blogspot.com/-Ye2FcFwWhwo/UFLgzb29tNI/AAAAAAAAGBw/XOOMO7135zg/s1600/ 800 B
1 KB 54ms
31ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/-Ye2FcFwWhwo/UFLgzb29tNI/AAAAAAAAGBw/XOOMO7135zg/s1600/twit.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f0ea4b82e584328898359bfd5ec178817759941ae75442540332224a982a314

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v181c"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="twit.png"
Timing-Allow-Origin: *
Content-Length: 800
X-XSS-Protection: 0
Expires: Mon, 22 Aug 2022 08:34:31 GMT

GET
H/1.1 200
OK facebook.png
2.bp.blogspot.com/-7IjAUuqP6OQ/UFLgmUOCd_I/AAAAAAAAGAM/0Mb2JhYzeKw/s1600/ 681 B
1 KB 75ms
34ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-7IjAUuqP6OQ/UFLgmUOCd_I/AAAAAAAAGAM/0Mb2JhYzeKw/s1600/facebook.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c644357ad1f1dc62ae5ef1bf272533e81058bf23915e8a39a65daeb7121d43cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v1803"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="facebook.png"
Timing-Allow-Origin: *
Content-Length: 681
X-XSS-Protection: 0
Expires: Tue, 06 Sep 2022 15:29:41 GMT

GET
H/1.1 200
OK rss.png
3.bp.blogspot.com/-eoHsXfmKOtE/UFLguBx6lgI/AAAAAAAAGBI/RO0psHrleRo/s1600/ 796 B
1 KB 52ms
33ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/-eoHsXfmKOtE/UFLguBx6lgI/AAAAAAAAGBI/RO0psHrleRo/s1600/rss.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ac343681a5deab2df6b80cd6d0fa20a58a71aac7e030df0d912bfdbcfc2e28d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v1812"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="rss.png"
Timing-Allow-Origin: *
Content-Length: 796
X-XSS-Protection: 0
Expires: Mon, 22 Aug 2022 08:34:31 GMT

GET
H/1.1 200
OK in.png
1.bp.blogspot.com/-DvnzELf7PB0/UFLgpqZ0XrI/AAAAAAAAGAo/vTO3kLX_zck/s1600/ 736 B
1 KB 39ms
32ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/-DvnzELf7PB0/UFLgpqZ0XrI/AAAAAAAAGAo/vTO3kLX_zck/s1600/in.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8e188eacfffe6284653c83616523f4c946ae59d881b3eb49d55630930f7cb153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v180a"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="in.png"
Timing-Allow-Origin: *
Content-Length: 736
X-XSS-Protection: 0
Expires: Thu, 01 Sep 2022 07:12:04 GMT

GET
H/1.1 200
OK tira%2B1.jpg
1.bp.blogspot.com/-_ciidIto10Q/VW7ZvyOl8TI/AAAAAAAAAU8/R7YEIh989fw/s640/ 33 KB
34 KB 351ms
314ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/-_ciidIto10Q/VW7ZvyOl8TI/AAAAAAAAAU8/R7YEIh989fw/s640/tira%2B1.jpg

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3d31d15b603df36a0a251c9acdf32e1d862677674fd5119ab9cab945be47cbc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v14f"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="tira 1.jpg"
Timing-Allow-Origin: *
Content-Length: 34242
X-XSS-Protection: 0
Expires: Thu, 15 Sep 2022 14:08:36 GMT

GET
H2

404

page.intelligence.threats.cryptolocker.14.png
www.secureworks.com/assets/image_store/png/
Redirect Chain

http://www.secureworks.com/assets/image_store/png/page.intelligence.threats.cryptolocker.14.png
https://www.secureworks.com/assets/image_store/png/page.intelligence.threats.cryptolocker.14.png

0
0

1162ms
1080ms

Image
text/html

2620:1ec:49::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.secureworks.com/assets/image_store/png/page.intelligence.threats.cryptolocker.14.png
Requested by: Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html
Protocol: H2
Server: 2620:1ec:49::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Redirect headers

Location: https://www.secureworks.com/assets/image_store/png/page.intelligence.threats.cryptolocker.14.png
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK TIRA%2B2.jpg
3.bp.blogspot.com/-BXepZ2JZ0jY/VYFEcH-t25I/AAAAAAAAAYE/6WQcqbznc8c/s640/ 47 KB
48 KB 392ms
367ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/-BXepZ2JZ0jY/VYFEcH-t25I/AAAAAAAAAYE/6WQcqbznc8c/s640/TIRA%2B2.jpg

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cce4e74df5bbd0ad455d61c3e72746bde25a08937ee4897c86141b4e3544acfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v182"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="TIRA 2.jpg"
Timing-Allow-Origin: *
Content-Length: 48523
X-XSS-Protection: 0
Expires: Thu, 15 Sep 2022 14:08:36 GMT

GET
H/1.1 200
OK proceso%2Banalisis.png
4.bp.blogspot.com/-HkNiQtsYK8g/VWcGbMTyzVI/AAAAAAAAAP4/vRNG0evF_ko/s400/ 40 KB
40 KB 297ms
269ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://4.bp.blogspot.com/-HkNiQtsYK8g/VWcGbMTyzVI/AAAAAAAAAP4/vRNG0evF_ko/s400/proceso%2Banalisis.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9e273fd35e0754185e00582743e2f22b06ae9b945918a4847a6007e90a94d33f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "vff"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="proceso analisis.png"
Timing-Allow-Origin: *
Content-Length: 41001
X-XSS-Protection: 0
Expires: Thu, 15 Sep 2022 14:08:36 GMT

GET
H/1.1 200
OK virustotal.png
1.bp.blogspot.com/-0tdgi-E-0Yg/VWcLjT58YiI/AAAAAAAAAQI/W9J_CzR1lIM/s400/ 29 KB
30 KB 370ms
334ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/-0tdgi-E-0Yg/VWcLjT58YiI/AAAAAAAAAQI/W9J_CzR1lIM/s400/virustotal.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

941fedd3b9ab7f5e772ab0c91b0b37e8859e5da2f190f199ef52c7951df8bba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v103"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="virustotal.png"
Timing-Allow-Origin: *
Content-Length: 30010
X-XSS-Protection: 0
Expires: Thu, 15 Sep 2022 14:08:36 GMT

GET
H/1.1 200
OK Virustotal2.png
1.bp.blogspot.com/-TJeeWFLgpU4/VWcMuF33LVI/AAAAAAAAAQU/FhCSzdI6090/s400/ 13 KB
14 KB 264ms
226ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/-TJeeWFLgpU4/VWcMuF33LVI/AAAAAAAAAQU/FhCSzdI6090/s400/Virustotal2.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5aa0f383173b91e5517c4fab750dd38fbd80d79bc000bd12622e262ba06f1219

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v106"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Virustotal2.png"
Timing-Allow-Origin: *
Content-Length: 13399
X-XSS-Protection: 0
Expires: Thu, 15 Sep 2022 14:08:36 GMT

GET
H/1.1 200
OK Virustotal3.png
2.bp.blogspot.com/-KzTZKp1idXQ/VWcNgx5D9tI/AAAAAAAAAQc/GZdtBXC_OPw/s400/ 27 KB
28 KB 359ms
337ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-KzTZKp1idXQ/VWcNgx5D9tI/AAAAAAAAAQc/GZdtBXC_OPw/s400/Virustotal3.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c8a3c55176c567129af684cc313c34c17e59fbca2d2e649ccb4a2ce770c49699

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v108"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Virustotal3.png"
Timing-Allow-Origin: *
Content-Length: 27747
X-XSS-Protection: 0
Expires: Thu, 15 Sep 2022 14:08:36 GMT

GET
H/1.1 200
OK peid.png
2.bp.blogspot.com/-t6SiZyp1quE/VWcPL2G4LBI/AAAAAAAAAQo/YiEguxSSVoA/s400/ 40 KB
40 KB 363ms
342ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-t6SiZyp1quE/VWcPL2G4LBI/AAAAAAAAAQo/YiEguxSSVoA/s400/peid.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

31b217378ce7f322ee500f31f5ba3fb5452518271439c994886d74b5293e36fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v10b"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="peid.png"
Timing-Allow-Origin: *
Content-Length: 40479
X-XSS-Protection: 0
Expires: Thu, 15 Sep 2022 14:08:36 GMT

GET
H/1.1 200
OK Analisis%2BAvanzado%2Ben%2BExeInfoPE.png
4.bp.blogspot.com/-qigl571Zgkk/VXqkH5FXkQI/AAAAAAAAAV4/qdd01snOkNs/s400/ 49 KB
49 KB 488ms
468ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://4.bp.blogspot.com/-qigl571Zgkk/VXqkH5FXkQI/AAAAAAAAAV4/qdd01snOkNs/s400/Analisis%2BAvanzado%2Ben%2BExeInfoPE.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4cf0f18987d0cd94cc00e8a1c686dfc72d759fb259595da6af77cdd359bd3723

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v15f"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Analisis Avanzado en ExeInfoPE.png"
Timing-Allow-Origin: *
Content-Length: 49949
X-XSS-Protection: 0
Expires: Thu, 15 Sep 2022 14:08:36 GMT

GET
H/1.1 200
OK resource%2Bhacker.png
3.bp.blogspot.com/-iD9mUh29NMc/VWcQWGsaMHI/AAAAAAAAAQ0/EItJncRtSrQ/s400/ 50 KB
50 KB 374ms
353ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/-iD9mUh29NMc/VWcQWGsaMHI/AAAAAAAAAQ0/EItJncRtSrQ/s400/resource%2Bhacker.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

950316148a0018d60880c9a84385b3aff596ab545ebc3811ad6a406ee680afc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v10e"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="resource hacker.png"
Timing-Allow-Origin: *
Content-Length: 50718
X-XSS-Protection: 0
Expires: Thu, 15 Sep 2022 14:08:36 GMT

GET
H/1.1 200
OK pantalla%2Bcryptolocker.png
4.bp.blogspot.com/-Mqtg18e8prU/VWcYHPSs60I/AAAAAAAAARE/-Mnnhjld_W4/s400/ 105 KB
105 KB 361ms
341ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://4.bp.blogspot.com/-Mqtg18e8prU/VWcYHPSs60I/AAAAAAAAARE/-Mnnhjld_W4/s400/pantalla%2Bcryptolocker.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ccf4cdaba8c9724b55205e7dd7dcc3d64ec603b5c17756a311bdabbd9d2b6ee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v112"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="pantalla cryptolocker.png"
Timing-Allow-Origin: *
Content-Length: 107385
X-XSS-Protection: 0
Expires: Thu, 15 Sep 2022 14:08:36 GMT

GET
H/1.1 200
OK process%2Bmonitor.png
2.bp.blogspot.com/-j86zJhfBQms/VWcb8615kNI/AAAAAAAAARQ/F_8-QfD8Tbs/s400/ 172 KB
172 KB 386ms
365ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-j86zJhfBQms/VWcb8615kNI/AAAAAAAAARQ/F_8-QfD8Tbs/s400/process%2Bmonitor.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb74914a5c7052569ef50b9ae522cb3f20c4c7c14c091e3a750bd57eec5f61e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v115"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="process monitor.png"
Timing-Allow-Origin: *
Content-Length: 175909
X-XSS-Protection: 0
Expires: Thu, 15 Sep 2022 14:08:36 GMT

GET
H/1.1 200
OK process%2Bmonitor2.png
2.bp.blogspot.com/-X6eWvzxLUcs/VWcdBaeLXsI/AAAAAAAAARc/wzIeOtRKq-g/s400/ 50 KB
50 KB 368ms
368ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-X6eWvzxLUcs/VWcdBaeLXsI/AAAAAAAAARc/wzIeOtRKq-g/s400/process%2Bmonitor2.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1bf7babbe97b5c174778b80f863d196e7505bc5f0b3407a2363ca2c2fb5e58a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v118"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="process monitor2.png"
Timing-Allow-Origin: *
Content-Length: 51099
X-XSS-Protection: 0
Expires: Thu, 15 Sep 2022 14:08:36 GMT

GET
H/1.1 200
OK ficheros%2Btrampa.png
1.bp.blogspot.com/-4VGvE7SjdH4/VWhdOgsRyOI/AAAAAAAAARw/MiD2Hblgftg/s400/ 42 KB
42 KB 322ms
322ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/-4VGvE7SjdH4/VWhdOgsRyOI/AAAAAAAAARw/MiD2Hblgftg/s400/ficheros%2Btrampa.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

734faeee7101d507c3ebba13430e834e454f504f33beda6048c078a81b1347c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v11d"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="ficheros trampa.png"
Timing-Allow-Origin: *
Content-Length: 42579
X-XSS-Protection: 0
Expires: Thu, 15 Sep 2022 14:08:36 GMT

GET
H/1.1 200
OK Configuracion%2BAvanzada%2BCarpetas.png
2.bp.blogspot.com/-_WsblJHTdZ0/VWl7qcGG8NI/AAAAAAAAASU/o5UN7X3EPks/s400/ 54 KB
54 KB 317ms
317ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-_WsblJHTdZ0/VWl7qcGG8NI/AAAAAAAAASU/o5UN7X3EPks/s400/Configuracion%2BAvanzada%2BCarpetas.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

12f66d4a76b194828a1d13cbcf2e2d942d65dd35003272408016477c023c9d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v126"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Configuracion Avanzada Carpetas.png"
Timing-Allow-Origin: *
Content-Length: 55128
X-XSS-Protection: 0
Expires: Thu, 15 Sep 2022 14:08:36 GMT

GET
H/1.1 200
OK key.dat.png
2.bp.blogspot.com/-6L8RFTv8uBE/VXrBo66NPsI/AAAAAAAAAWI/iropSk3ZTWQ/s400/ 136 KB
136 KB 365ms
365ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-6L8RFTv8uBE/VXrBo66NPsI/AAAAAAAAAWI/iropSk3ZTWQ/s400/key.dat.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

82367687ec6737e451c4898edd832726d78e28f55c8fc49c6edcfd3edafaefa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v163"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="key.dat.png"
Timing-Allow-Origin: *
Content-Length: 139135
X-XSS-Protection: 0
Expires: Thu, 15 Sep 2022 14:08:36 GMT

GET
H/1.1 200
OK validacion%2Bbitcoin%2Baddress%2Ben%2Bkey.dat.png
3.bp.blogspot.com/-qiMSvrIoOVU/VXrCHoMRhaI/AAAAAAAAAWQ/DmPlyLfoujk/s400/ 50 KB
51 KB 351ms
351ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/-qiMSvrIoOVU/VXrCHoMRhaI/AAAAAAAAAWQ/DmPlyLfoujk/s400/validacion%2Bbitcoin%2Baddress%2Ben%2Bkey.dat.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a7fa5961cbd928cce993bc7b252e42748ba981801797ab0642eddd47a4b71f62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v165"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="validacion bitcoin address en key.dat.png"
Timing-Allow-Origin: *
Content-Length: 51576
X-XSS-Protection: 0
Expires: Thu, 15 Sep 2022 14:08:36 GMT

GET
H/1.1 200
OK codigo%2Bpython.png
3.bp.blogspot.com/-ypNCf7Y9Cio/VYKeGh1Z7uI/AAAAAAAAAYo/CQWYnsOAzqY/s400/ 63 KB
63 KB 241ms
240ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/-ypNCf7Y9Cio/VYKeGh1Z7uI/AAAAAAAAAYo/CQWYnsOAzqY/s400/codigo%2Bpython.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

dd931003979b56635a56c10b38c0ae71e54e476967ecb6bec82c193f3097f517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v18b"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="codigo python.png"
Timing-Allow-Origin: *
Content-Length: 64075
X-XSS-Protection: 0
Expires: Thu, 15 Sep 2022 14:08:36 GMT

GET
H/1.1 200
OK log%2Bde%2Bficheros%2Bcifrados.png
1.bp.blogspot.com/-xlZQviAKmZk/VWmwvjLPiPI/AAAAAAAAAS0/Dwg_K3GKwtA/s400/ 85 KB
85 KB 327ms
327ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/-xlZQviAKmZk/VWmwvjLPiPI/AAAAAAAAAS0/Dwg_K3GKwtA/s400/log%2Bde%2Bficheros%2Bcifrados.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fda2561bc8cfc69b54245a5bc1525919e0c25a3add196dc23bf8528db3842b78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v12e"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="log de ficheros cifrados.png"
Timing-Allow-Origin: *
Content-Length: 87042
X-XSS-Protection: 0
Expires: Thu, 15 Sep 2022 14:08:36 GMT

GET
H/1.1 200
OK fondo%2Bde%2Bpantalla%2Bcryptolocker.png
2.bp.blogspot.com/-6C3MiItHKi8/VWyH19p6TwI/AAAAAAAAATM/eectO9vs34Q/s400/ 94 KB
95 KB 323ms
323ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-6C3MiItHKi8/VWyH19p6TwI/AAAAAAAAATM/eectO9vs34Q/s400/fondo%2Bde%2Bpantalla%2Bcryptolocker.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cc1f2a8a1cdeee6e619223ca05af8552e8c91365c2f3af306c5cd1d7ed1eadab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v134"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="fondo de pantalla cryptolocker.png"
Timing-Allow-Origin: *
Content-Length: 96648
X-XSS-Protection: 0
Expires: Thu, 15 Sep 2022 14:08:36 GMT

GET
H/1.1 200
OK md5%2Bficheros%2Btrampa.png
4.bp.blogspot.com/-kKS6wGxVg0o/VWyI9nYX17I/AAAAAAAAATU/r_uwn5IaCDE/s400/ 39 KB
39 KB 338ms
338ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://4.bp.blogspot.com/-kKS6wGxVg0o/VWyI9nYX17I/AAAAAAAAATU/r_uwn5IaCDE/s400/md5%2Bficheros%2Btrampa.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9d4c1415f5b1107950646d6c2078f884b6de86ad9342aa36de8cc645577f1597

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v136"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="md5 ficheros trampa.png"
Timing-Allow-Origin: *
Content-Length: 39580
X-XSS-Protection: 0
Expires: Thu, 15 Sep 2022 14:08:36 GMT

GET
H/1.1 200
OK honey1.txt.ecc.png
1.bp.blogspot.com/-od_hEpWZXLU/VWyMZyMtchI/AAAAAAAAATg/2c92J7q40Rc/s400/ 41 KB
41 KB 256ms
255ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/-od_hEpWZXLU/VWyMZyMtchI/AAAAAAAAATg/2c92J7q40Rc/s400/honey1.txt.ecc.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

31aeb9c4483463889cd2b71fc9c9873724fa7d0a5d31ce09e985721b8eea966d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v139"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="honey1.txt.ecc.png"
Timing-Allow-Origin: *
Content-Length: 42012
X-XSS-Protection: 0
Expires: Thu, 15 Sep 2022 14:08:36 GMT

GET
H/1.1 200
OK honey2.txt.ecc.png
3.bp.blogspot.com/-OzTolJwmd7A/VWyMsFNsDeI/AAAAAAAAATo/-KWL_fApOvQ/s400/ 42 KB
42 KB 406ms
406ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/-OzTolJwmd7A/VWyMsFNsDeI/AAAAAAAAATo/-KWL_fApOvQ/s400/honey2.txt.ecc.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1e4002386162dcc048a7c27b1691b8de5cc2dd0adee958ed2b386032ac866210

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:37 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v13b"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="honey2.txt.ecc.png"
Timing-Allow-Origin: *
Content-Length: 42857
X-XSS-Protection: 0
Expires: Thu, 15 Sep 2022 14:08:37 GMT

GET
H/1.1 200
OK Prueba%2Bde%2Bcifrado%2BAES-CBC.png
3.bp.blogspot.com/-jHrwybW7q9Q/VXl0hVwdijI/AAAAAAAAAVY/mKuXaq4WDI8/s400/ 33 KB
33 KB 364ms
363ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/-jHrwybW7q9Q/VXl0hVwdijI/AAAAAAAAAVY/mKuXaq4WDI8/s400/Prueba%2Bde%2Bcifrado%2BAES-CBC.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ede6447850cc7dbf69cd847ebb7d6ad90ce0b1c7e924e5c6e47e272114c684d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:37 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v157"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Prueba de cifrado AES-CBC.png"
Timing-Allow-Origin: *
Content-Length: 33471
X-XSS-Protection: 0
Expires: Thu, 15 Sep 2022 14:08:37 GMT

GET
H/1.1 200
OK Esquema%2BECC.png
2.bp.blogspot.com/-avuToPmgfII/VXl2bp6PyAI/AAAAAAAAAVk/9Zxn5WNxu7U/s400/ 11 KB
11 KB 322ms
322ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-avuToPmgfII/VXl2bp6PyAI/AAAAAAAAAVk/9Zxn5WNxu7U/s400/Esquema%2BECC.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

db61b7a8b60845821f0b00c0d87967607748b7f499898796ec34fc9c4158ae85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:37 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v15a"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Esquema ECC.png"
Timing-Allow-Origin: *
Content-Length: 11156
X-XSS-Protection: 0
Expires: Thu, 15 Sep 2022 14:08:37 GMT

GET
H/1.1 200
OK base%2B58%2Bvalidacion%2Bdireccion%2Bbitcoin.png
2.bp.blogspot.com/-8F9nQm1D6Ms/VWyTGpzB18I/AAAAAAAAAT4/IX5FIDsZAZ4/s400/ 50 KB
51 KB 329ms
328ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-8F9nQm1D6Ms/VWyTGpzB18I/AAAAAAAAAT4/IX5FIDsZAZ4/s400/base%2B58%2Bvalidacion%2Bdireccion%2Bbitcoin.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e26b47632ed27ea21dd2df642d96f36c3519a8529fd228af2df171439521b9ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:37 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v13f"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="base 58 validacion direccion bitcoin.png"
Timing-Allow-Origin: *
Content-Length: 51358
X-XSS-Protection: 0
Expires: Thu, 15 Sep 2022 14:08:37 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
688 B 126ms
123ms Stylesheet
text/css 2a00:1450:4001:803::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5399811056563385935&zx=b627e51b-d3d6-4535-9221-b6457af8b16d

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Sep 2022 14:08:36 GMT
server: GSE
date: Wed, 14 Sep 2022 14:08:36 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK body.png
1.bp.blogspot.com/-yN4ZjJeQB78/UFLggyCc4WI/AAAAAAAAF_o/XFGNpafLffU/s1600/ 8 KB
9 KB 44ms
34ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/-yN4ZjJeQB78/UFLggyCc4WI/AAAAAAAAF_o/XFGNpafLffU/s1600/body.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

dccc16fcac41c7dc0e04650cce3c3a406e73777d2e203b9c8faef3e3659feb50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v17fa"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="body.png"
Timing-Allow-Origin: *
Content-Length: 8488
X-XSS-Protection: 0
Expires: Tue, 30 Aug 2022 13:34:31 GMT

GET
H/1.1 200
OK mainhead.png
2.bp.blogspot.com/-0GK8AWo6rVY/UFLgsXvnfpI/AAAAAAAAGA4/PyG4fSjf2hg/s1600/ 222 B
677 B 94ms
92ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-0GK8AWo6rVY/UFLgsXvnfpI/AAAAAAAAGA4/PyG4fSjf2hg/s1600/mainhead.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

adeb65d6211cf5253896096eaa2fddceba84a4c22c0af823d473310c7da4a1ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v180e"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="mainhead.png"
Timing-Allow-Origin: *
Content-Length: 222
X-XSS-Protection: 0
Expires: Tue, 06 Sep 2022 15:29:41 GMT

GET
H/1.1 200
OK search.png
1.bp.blogspot.com/-bEdoiOWiO84/UFLgwNTbdrI/AAAAAAAAGBU/7crLqbaxBEY/s1600/ 1 KB
1 KB 38ms
32ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/-bEdoiOWiO84/UFLgwNTbdrI/AAAAAAAAGBU/7crLqbaxBEY/s1600/search.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c36c602f92e4d1cf88440d9d31e921d7014dba660caaa95ceebf0eb0350b21f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v1815"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="search.png"
Timing-Allow-Origin: *
Content-Length: 1044
X-XSS-Protection: 0
Expires: Tue, 30 Aug 2022 13:34:31 GMT

GET
H/1.1 200
OK sbutton.png
2.bp.blogspot.com/-Arn2wxppmfU/UFLgvZ4zK9I/AAAAAAAAGBQ/HAo5brZU9UM/s1600/ 871 B
1 KB 54ms
35ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-Arn2wxppmfU/UFLgvZ4zK9I/AAAAAAAAGBQ/HAo5brZU9UM/s1600/sbutton.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6091f688c9fdbc620a9a0c4b2bd0fea343ed389bcf26b7bd2d6f8addacd21d3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v1814"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="sbutton.png"
Timing-Allow-Origin: *
Content-Length: 871
X-XSS-Protection: 0
Expires: Tue, 06 Sep 2022 15:29:41 GMT

GET
H/1.1 200
OK casing.png
1.bp.blogspot.com/-LggooRjz3mg/UFLgjKwHK9I/AAAAAAAAF_4/6dqPKL-DG34/s1600/ 267 B
720 B 47ms
35ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/-LggooRjz3mg/UFLgjKwHK9I/AAAAAAAAF_4/6dqPKL-DG34/s1600/casing.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e175f6426bd917196cb04bc51cc0e5e3e42b6748a8fc02d5dfb944baacc2d87c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v17fe"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="casing.png"
Timing-Allow-Origin: *
Content-Length: 267
X-XSS-Protection: 0
Expires: Tue, 30 Aug 2022 13:34:31 GMT

GET
H/1.1 200
OK TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/ 10 KB
10 KB 40ms
20ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Oswald

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://www.securitybydefault.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 22:52:05 GMT
X-Content-Type-Options: nosniff
Age: 573391
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 9840
X-XSS-Protection: 0
Last-Modified: Mon, 18 Jul 2022 19:24:04 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Thu, 07 Sep 2023 22:52:05 GMT

GET
H/1.1 200
OK user.png
4.bp.blogspot.com/-h0XM0XeztiM/UFLg0ZN342I/AAAAAAAAGB4/RJvaBsZPdXE/s1600/ 378 B
829 B 36ms
35ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://4.bp.blogspot.com/-h0XM0XeztiM/UFLg0ZN342I/AAAAAAAAGB4/RJvaBsZPdXE/s1600/user.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

054ccbce9ca15b7c8d64d73d3c70001100d55407572473ec78a5d115291d05b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v181e"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="user.png"
Timing-Allow-Origin: *
Content-Length: 378
X-XSS-Protection: 0
Expires: Sat, 10 Sep 2022 08:38:00 GMT

GET
H/1.1 200
OK clock.png
3.bp.blogspot.com/-GmhDu_1m5DU/UFLgj-bDvbI/AAAAAAAAGAA/fsaj4qesWq8/s1600/ 512 B
964 B 33ms
33ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/-GmhDu_1m5DU/UFLgj-bDvbI/AAAAAAAAGAA/fsaj4qesWq8/s1600/clock.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

082dfb2c62e05641db3dfad2da7763bcc344bfd184f5a2d0f70033b605d51b16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v1800"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="clock.png"
Timing-Allow-Origin: *
Content-Length: 512
X-XSS-Protection: 0
Expires: Sat, 10 Sep 2022 08:38:00 GMT

GET
H/1.1 200
OK tag.png
3.bp.blogspot.com/-_HG7wLzfdWs/UFLgxFIW06I/AAAAAAAAGBg/gVPXQ3k96cE/s1600/ 369 B
819 B 32ms
32ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/-_HG7wLzfdWs/UFLgxFIW06I/AAAAAAAAGBg/gVPXQ3k96cE/s1600/tag.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fe9d2604db114d74e64d705a34c79b1a55699b63bc485be72e3014916b2871bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v1818"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="tag.png"
Timing-Allow-Origin: *
Content-Length: 369
X-XSS-Protection: 0
Expires: Sat, 10 Sep 2022 08:38:00 GMT

GET
H/1.1 200
OK boceto.png
4.bp.blogspot.com/-UChUcPthtHE/VWXnK_r8JXI/AAAAAAAAAPk/pmfZH-ddlqE/s320/ 138 KB
139 KB 246ms
245ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://4.bp.blogspot.com/-UChUcPthtHE/VWXnK_r8JXI/AAAAAAAAAPk/pmfZH-ddlqE/s320/boceto.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4f041877c6e79dc0af844ec35ec3e46ae27802312bd8b1d1fa91cd4c9d0c6792

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:37 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "vfa"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="boceto.png"
Timing-Allow-Origin: *
Content-Length: 141620
X-XSS-Protection: 0
Expires: Thu, 15 Sep 2022 14:08:37 GMT

GET
H/1.1 200
OK blank.gif
resources.blogblog.com/img/ 43 B
628 B 55ms
20ms Image
image/gif 2a00:1450:4001:803::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://resources.blogblog.com/img/blank.gif

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:803::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 14:28:45 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 06 Sep 2022 14:52:26 GMT
Server: sffe
Age: 603591
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type: image/gif
Cache-Control: public, max-age=604800
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 43
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Expires: Wed, 14 Sep 2022 14:28:45 GMT

GET
H/1.1 200
OK icon_delete13.gif
www.blogger.com/img/ 140 B
726 B 40ms
20ms Image
image/gif 2a00:1450:4001:803::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.blogger.com/img/icon_delete13.gif

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:803::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69ff07a31a102649f3e0d08a967c39b134286293b85aac0885b3102a9120f1a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 21:41:27 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 07 Sep 2022 09:00:41 GMT
Server: sffe
Age: 577629
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type: image/gif
Cache-Control: public, max-age=604800
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 140
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Expires: Wed, 14 Sep 2022 21:41:27 GMT

GET
H/1.1 200
OK SecurityByDefault
feeds.feedburner.com/~fc/ 1 KB
1 KB 117ms
51ms Image
image/gif 2a00:1450:400a:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://feeds.feedburner.com/~fc/SecurityByDefault?bg=3E3F41&fg=ffffff&anim=0

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:400a:803::200e Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

89f8f191ee344e6a5ddac88b9c1a9332dc3e142ac30f2c49de09d3df1b2d7d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: GSE
Content-Type: image/gif
Cache-Control: max-age=7200
Content-Length: 1278
X-XSS-Protection: 1; mode=block
Expires: Wed, 14 Sep 2022 16:08:36 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 62ms
19ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6752) /
Resource Hash: 8f4fc0f336126492b535be2e0b29fbb538a3079547d19a81368aec9268a54f26

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
Content-Encoding: gzip
Age: 486
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 29220
x-tw-cdn: VZ
Last-Modified: Wed, 31 Aug 2022 20:41:50 GMT
Server: ECS (frb/6752)
Etag: "f116c7e6b28e2aebeb60ade5bdc8e2b4+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H/1.1 200
OK btn-secmanabn.png
4.bp.blogspot.com/-VyUL72QN0Vk/UY5zcwjrT9I/AAAAAAAACNI/VNJyjok0n8Y/s1600/ 14 KB
15 KB 215ms
195ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://4.bp.blogspot.com/-VyUL72QN0Vk/UY5zcwjrT9I/AAAAAAAACNI/VNJyjok0n8Y/s1600/btn-secmanabn.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8de6b9db3f76645c102d0c1172d41b5bd054de765a744ddf01e98a457d53792c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v8d2"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="btn-secmanabn.png"
Timing-Allow-Origin: *
Content-Length: 14505
X-XSS-Protection: 0
Expires: Wed, 07 Sep 2022 14:21:33 GMT

GET
H/1.1 200
OK btn-cinedehackers.png
1.bp.blogspot.com/-loRWDmX-n48/UYPjOQEkWxI/AAAAAAAAAFI/Qtg1NkoTvVQ/s1600/ 8 KB
9 KB 39ms
39ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/-loRWDmX-n48/UYPjOQEkWxI/AAAAAAAAAFI/Qtg1NkoTvVQ/s1600/btn-cinedehackers.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3dc1683bb2d601077a15cbf724b3c21407dc6df709e662ef520d8606908237e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v57"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="btn-cinedehackers.png"
Timing-Allow-Origin: *
Content-Length: 8249
X-XSS-Protection: 0
Expires: Tue, 06 Sep 2022 00:34:29 GMT

GET
H/1.1 200
OK btn-entrevistas.png
2.bp.blogspot.com/-J1kYF7OKfHY/UYPjOTtysNI/AAAAAAAAAFM/IsbccZfAHsg/s1600/ 6 KB
6 KB 41ms
40ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-J1kYF7OKfHY/UYPjOTtysNI/AAAAAAAAAFM/IsbccZfAHsg/s1600/btn-entrevistas.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5548dca5945c9b947b277dba14bf5ced188f4388b155b6a4c17595012ff32aa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v5a"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="btn-entrevistas.png"
Timing-Allow-Origin: *
Content-Length: 5879
X-XSS-Protection: 0
Expires: Sun, 11 Sep 2022 14:55:29 GMT

GET
H/1.1 200
OK btn-ethernetexposed.png
2.bp.blogspot.com/-8DU4vFDjNvA/UYPjOQCY3uI/AAAAAAAAAFE/5Npj7i_Zwpw/s1600/ 4 KB
5 KB 39ms
37ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-8DU4vFDjNvA/UYPjOQCY3uI/AAAAAAAAAFE/5Npj7i_Zwpw/s1600/btn-ethernetexposed.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

22f7b206dc766742f25c62de34b4f120ff1b6075cf54788b08279287c1e98abe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v56"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="btn-ethernetexposed.png"
Timing-Allow-Origin: *
Content-Length: 4420
X-XSS-Protection: 0
Expires: Thu, 15 Sep 2022 00:33:21 GMT

GET
H/1.1 200
OK btn-eventos.png
1.bp.blogspot.com/-AkrhGvWxPdM/UYPjOz0osgI/AAAAAAAAAFQ/r0Ta6iO-V6A/s1600/ 6 KB
7 KB 34ms
34ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/-AkrhGvWxPdM/UYPjOz0osgI/AAAAAAAAAFQ/r0Ta6iO-V6A/s1600/btn-eventos.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ee17f66035e73736eb6efe5f45e44569cd39875c5de41cbaf822227dc7244617

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v5c"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="btn-eventos.png"
Timing-Allow-Origin: *
Content-Length: 6387
X-XSS-Protection: 0
Expires: Thu, 15 Sep 2022 00:33:21 GMT

GET
H/1.1 200
OK btn-hackeosmemorables.png
1.bp.blogspot.com/-jqmRAFPrH_s/UYPjPB2x3PI/AAAAAAAAAFU/qRRCMLyhcuI/s1600/ 15 KB
15 KB 39ms
39ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/-jqmRAFPrH_s/UYPjPB2x3PI/AAAAAAAAAFU/qRRCMLyhcuI/s1600/btn-hackeosmemorables.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d3b8e80957b56e303a3fc8ee918a5755e067c7998ad6b802bfbcb710a8be7a84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v5b"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="btn-hackeosmemorables.png"
Timing-Allow-Origin: *
Content-Length: 15235
X-XSS-Protection: 0
Expires: Thu, 15 Sep 2022 00:33:21 GMT

GET
H/1.1 200
OK btn-herramientas.png
2.bp.blogspot.com/-UC_sDW6ItZ8/UYPjPaSZMVI/AAAAAAAAAFg/hxSbHwX4MxE/s1600/ 7 KB
7 KB 38ms
37ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-UC_sDW6ItZ8/UYPjPaSZMVI/AAAAAAAAAFg/hxSbHwX4MxE/s1600/btn-herramientas.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

09e204a15d148e1b269d80490636e129377693cce3ffaddb34f548be9ef55c21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v5d"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="btn-herramientas.png"
Timing-Allow-Origin: *
Content-Length: 6993
X-XSS-Protection: 0
Expires: Sun, 11 Sep 2022 14:55:29 GMT

GET
H/1.1 200
OK btn-libros.png
4.bp.blogspot.com/-BAL8t2zLWS8/UYPjPg-8QmI/AAAAAAAAAFk/URSNOkK2L94/s1600/ 7 KB
8 KB 301ms
281ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://4.bp.blogspot.com/-BAL8t2zLWS8/UYPjPg-8QmI/AAAAAAAAAFk/URSNOkK2L94/s1600/btn-libros.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

408459cee068b3b153847825ebe1fbfeff89a6d7b69b5b08ff096d1534453a17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v5e"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="btn-libros.png"
Timing-Allow-Origin: *
Content-Length: 7621
X-XSS-Protection: 0
Expires: Wed, 07 Sep 2022 14:21:34 GMT

GET
H2

200

ServiceLogin
www.google.com/a/securitybydefault.com/
Redirect Chain

http://sites.google.com/a/securitybydefault.com/static/88x31.png
https://sites.google.com/a/securitybydefault.com/static/88x31.png
https://www.google.com/a/securitybydefault.com/ServiceLogin?service=jotspot&passive=1209600&continue=https://sites.google.com/a/securitybydefault.com/static/88x31.png&followup=https://sites.google....

0
0

152ms
99ms

Image
text/html

2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/a/securitybydefault.com/ServiceLogin?service=jotspot&passive=1209600&continue=https://sites.google.com/a/securitybydefault.com/static/88x31.png&followup=https://sites.google.com/a/securitybydefault.com/static/88x31.png&ul=1
Requested by: Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html
Protocol: H2
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Redirect headers

date: Wed, 14 Sep 2022 14:08:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://www.google.com/a/securitybydefault.com/ServiceLogin?service=jotspot&passive=1209600&continue=https://sites.google.com/a/securitybydefault.com/static/88x31.png&followup=https://sites.google.com/a/securitybydefault.com/static/88x31.png&ul=1
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 1; mode=block
expires: Wed, 14 Sep 2022 14:08:37 GMT

GET
H/1.1 200
OK counter_xhtml.js Show response
www.statcounter.com/counter/ 43 KB
14 KB 59ms
29ms Script
application/javascript 104.20.228.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.statcounter.com/counter/counter_xhtml.js
Requested by: Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html
Protocol: HTTP/1.1
Server: 104.20.228.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38773f599cca495f0904c3d5a9981fc081b743a8d9aa106ed17e0d9b03ae6598

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
User-Cache-Control: max-age=43200
Age: 9208
Transfer-Encoding: chunked
P3P: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 10:13:25 GMT
Server: cloudflare
ETag: W/"aa70-5e8a06127b7b0"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=43200
CF-RAY: 74a9b2124dcb9279-FRA
Expires: Wed, 14 Sep 2022 23:35:08 GMT

GET
H/1.1 200
OK cookienotice.js Show response
www.securitybydefault.com/js/ 6 KB
7 KB 27ms
26ms Script
text/javascript 2a00:1450:400a:808::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.securitybydefault.com/js/cookienotice.js

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

2a00:1450:400a:808::2013 Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 08:59:54 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 14 Sep 2022 07:50:45 GMT
Server: sffe
Age: 18522
Vary: Accept-Encoding
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type: text/javascript
Cache-Control: public, max-age=604800
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 6513
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Expires: Wed, 21 Sep 2022 08:59:54 GMT

GET
H3 200 3753684042-widgets.js Show response
www.blogger.com/static/v1/widgets/ 154 KB
56 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:803::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3753684042-widgets.js

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

493ab3b4b04a8f0a5e78f3dc70ccde31314e5915d8d2a68c49a9af3edba1b461

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 12:22:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6384
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57039
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 20:54:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 14 Sep 2023 12:22:12 GMT

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 120ms
119ms Stylesheet
text/css 2a00:1450:4001:803::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5399811056563385935&zx=b627e51b-d3d6-4535-9221-b6457af8b16d

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Sep 2022 14:08:36 GMT
server: GSE
date: Wed, 14 Sep 2022 14:08:36 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
526 B 213ms
149ms XHR
application/json 104.20.229.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=4681204&u1=27EC796D020C4FEC897B6ABA3EC702B1&java=1&security=567e475f&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=http%3A//www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html&t=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default&invisible=1&sc_rum_e_s=867&sc_rum_e_e=872&get_config=true
Requested by: Host: www.statcounter.com
URL: http://www.statcounter.com/counter/counter_xhtml.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.229.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 14:08:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74a9b212ede392b1-FRA
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin: http://www.securitybydefault.com
access-control-allow-credentials: true
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

blogger_item.js Show response
a.disquscdn.com/
Redirect Chain

http://securitybydefault.disqus.com/blogger_item.js
https://securitybydefault.disqus.com/blogger_item.js
https://a.disquscdn.com/blogger_item.js

861 B
496 B

82ms
30ms

Script
application/javascript

199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a.disquscdn.com/blogger_item.js

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

4559ecf7c24450ca8840d1f5d5c18927f4a0bde223905e9741e5fdcc5e5a624f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 14:08:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 127
etag: "60395f01-16c"
strict-transport-security: max-age=300; includeSubdomains
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: max-age=300, public
x-amz-cf-pop: FRA2-C2
content-length: 364
x-amz-cf-id: shNr9qCyWfrFndfuH5cNgmmfogFYq-6iTGwtTp3mEwx0zmP4QtxGDQ==
expires: Thu, 08 Sep 2022 10:22:07 GMT

Redirect headers

Date: Wed, 14 Sep 2022 14:08:37 GMT
Server: Varnish
Strict-Transport-Security: max-age=300; includeSubdomains
Location: https://a.disquscdn.com/blogger_item.js
Cache-Control: public, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 0

GET
H/1.1

200
OK

count.js Show response
securitybydefault.disqus.com/
Redirect Chain

http://securitybydefault.disqus.com/count.js
https://securitybydefault.disqus.com/count.js

1 KB
2 KB

67ms
22ms

Script
application/javascript

199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://securitybydefault.disqus.com/count.js

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 355
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 14 Sep 2022 12:38:01 GMT
Server: nginx
ETag: "6321cb29-367"
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: DFW3-C1
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: V77kFNH8qag4AQIB6JYVWowGmuJ6s8XHlKC_aLIttiPa-uS6CpW1uQ==

Redirect headers

Date: Wed, 14 Sep 2022 14:08:36 GMT
Server: Varnish
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: text/html
Location: https://securitybydefault.disqus.com/count.js
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 219

GET
H2

200

blogger_index.js Show response
a.disquscdn.com/
Redirect Chain

http://securitybydefault.disqus.com/blogger_index.js
https://securitybydefault.disqus.com/blogger_index.js
https://a.disquscdn.com/blogger_index.js

5 KB
2 KB

79ms
30ms

Script
application/javascript

199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a.disquscdn.com/blogger_index.js

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

7ccbba1d8b0fd4c6b878ba336c1400be1f6abdcef6229813cae941d145711a9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 14:08:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 270
etag: "60395f01-542"
strict-transport-security: max-age=300; includeSubdomains
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: max-age=300, public
x-amz-cf-pop: FRA6-C1
content-length: 1346
x-amz-cf-id: TYkd4hXxvjcqUy_FROcMlA-qh6LR0_P-9b2RvGFPBYz3_6RL51bCyQ==
expires: Wed, 14 Sep 2022 13:44:07 GMT

Redirect headers

Date: Wed, 14 Sep 2022 14:08:37 GMT
Server: Varnish
Strict-Transport-Security: max-age=300; includeSubdomains
Location: https://a.disquscdn.com/blogger_index.js
Cache-Control: public, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 0

GET
H/1.1 200
OK widget_iframe.c4bdc17e77719578b594d5555bee90db.html Show response
platform.twitter.com/widgets/ Frame 72A1 320 KB
104 KB 84ms
21ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=http%3A%2F%2Fwww.securitybydefault.com
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6723) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: http://www.securitybydefault.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1185897
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Wed, 14 Sep 2022 14:08:37 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 31 Aug 2022 20:40:57 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6723)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H/1.1

200
OK

count-data.js Show response
securitybydefault.disqus.com/
Redirect Chain

http://securitybydefault.disqus.com/count-data.js?2=http%3A%2F%2Fwww.securitybydefault.com%2F2015%2F06%2Fanalisis-de-un-ransomware-de-cifrado.html
https://securitybydefault.disqus.com/count-data.js?2=http%3A%2F%2Fwww.securitybydefault.com%2F2015%2F06%2Fanalisis-de-un-ransomware-de-cifrado.html

327 B
910 B

120ms
120ms

Script
application/javascript

199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://securitybydefault.disqus.com/count-data.js?2=http%3A%2F%2Fwww.securitybydefault.com%2F2015%2F06%2Fanalisis-de-un-ransomware-de-cifrado.html

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

4baf5f5fa30c14e767dfc87d464e1fdd6e182150ed12cacdf00252064c4e7354

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:37 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 950
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary: Accept-Encoding
Cache-Control: public, max-age=600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 327
X-XSS-Protection: 1; mode=block

Redirect headers

Location: https://securitybydefault.disqus.com/count-data.js?2=http%3A%2F%2Fwww.securitybydefault.com%2F2015%2F06%2Fanalisis-de-un-ransomware-de-cifrado.html
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 72A1 724 B
597 B 174ms
128ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=e0688b9380755e450a80736d1e515cf3a1aee462

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=http%3A%2F%2Fwww.securitybydefault.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

658963e97a4f53a58ec63b900758063245a5507f026a070f8096bda6128ee703

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-response-time: 109
date: Wed, 14 Sep 2022 14:08:36 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2022 14:08:37 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: efb78d8e79c62f32702844927a7d5504d550005f0f7b2136639a0f3d9b7c68e0
content-length: 315

GET
H/1.1

200
OK

embed.js Show response
securitybydefault.disqus.com/
Redirect Chain

http://securitybydefault.disqus.com/embed.js
https://securitybydefault.disqus.com/embed.js

78 KB
25 KB

207ms
166ms

Script
application/javascript

199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://securitybydefault.disqus.com/embed.js

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

425a16feead2b8d7a9e0bf8af861bfc40afa531fcc904174aefb506f72a91548

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:37 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 25378
Cross-Origin-Resource-Policy: cross-origin

Redirect headers

Location: https://securitybydefault.disqus.com/embed.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK button.c6c95b9789db97ea1e9742d215fff751.js Show response
platform.twitter.com/js/ 7 KB
3 KB 21ms
21ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.c6c95b9789db97ea1e9742d215fff751.js
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C0) /
Resource Hash: 98b3ff3a8543eaee1f9946fde06f31cd9bb98f9e57cd431e0234db57c221334e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:37 GMT
Content-Encoding: gzip
Age: 1185918
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 2361
x-tw-cdn: VZ
Last-Modified: Wed, 31 Aug 2022 20:40:49 GMT
Server: ECS (frb/67C0)
Etag: "3b5d132d3d3780b86a6d19d169faef45+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK follow_button.c4bdc17e77719578b594d5555bee90db.es.html Show response
platform.twitter.com/widgets/ Frame 48FB 41 KB
16 KB 21ms
21ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.c4bdc17e77719578b594d5555bee90db.es.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C0) /
Resource Hash: bc60025acb6cd0405548e21d7c5c8593ccf0c94c601961403d1e12820b0f4f72

Request headers

Referer: http://www.securitybydefault.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1185471
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 15360
Content-Type: text/html; charset=utf-8
Date: Wed, 14 Sep 2022 14:08:37 GMT
Etag: "0acd786617f9c3ce202b3b74592218f8+gzip"
Last-Modified: Wed, 31 Aug 2022 20:40:50 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67C0)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
88 B 135ms
135ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.securitybydefault.com%2F2015%2F06%2Fanalisis-de-un-ransomware-de-cifrado.html%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22es%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1663164517322%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221bfeb5c3714e8%3A1661975971032%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=e0688b9380755e450a80736d1e515cf3a1aee462

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-response-time: 115
date: Wed, 14 Sep 2022 14:08:36 GMT
last-modified: Wed, 14 Sep 2022 14:08:37 GMT
server: tsa_o
vary: Origin
content-type: image/gif
cache-control: must-revalidate, max-age=600
x-connection-hash: efb78d8e79c62f32702844927a7d5504d550005f0f7b2136639a0f3d9b7c68e0
strict-transport-security: max-age=631138519
content-length: 43

GET
H2 200 lounge.9772024640e1cec8d973cd80fb62abd8.css
c.disquscdn.com/next/embed/styles/ 0
26 KB 119ms
24ms Other
text/css 2600:9000:21f3:f400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.9772024640e1cec8d973cd80fb62abd8.css

Requested by

Host: securitybydefault.disqus.com
URL: http://securitybydefault.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:f400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 19:34:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153268
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 26136
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 12 Sep 2022 19:13:42 GMT
server: nginx
etag: "631f84e6-6618"
content-type: text/css; charset=utf-8
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
expires: Tue, 12 Sep 2023 19:34:09 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: RhOctSbIquufax0D5uJ30wbW939zfBpyHi2_okKHUXFCPqw8VdpaAQ==
x-cache-hits: 0

GET
H2 200 common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
c.disquscdn.com/next/embed/ 0
93 KB 136ms
41ms Other
application/javascript 2600:9000:21f3:f400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js

Requested by

Host: securitybydefault.disqus.com
URL: http://securitybydefault.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:f400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 05:21:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4438028
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94755
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 22 Jul 2022 12:02:54 GMT
server: nginx
etag: "62da91ee-17223"
content-type: application/javascript; charset=utf-8
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
expires: Tue, 25 Jul 2023 05:21:29 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: AaHrTMMTd07It4mnwWrfAiN6agc6d8KZKc0lJ7jQuyX5TfH27Wqa8g==
x-cache-hits: 0

GET
H2 200 lounge.bundle.29e6af40821697bba1cb55aca8ebe0da.js
c.disquscdn.com/next/embed/ 0
122 KB 159ms
64ms Other
application/javascript 2600:9000:21f3:f400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.29e6af40821697bba1cb55aca8ebe0da.js

Requested by

Host: securitybydefault.disqus.com
URL: http://securitybydefault.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:f400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 19:34:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153268
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 124008
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 12 Sep 2022 19:13:42 GMT
server: nginx
etag: "631f84e6-1e468"
content-type: application/javascript; charset=utf-8
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
expires: Tue, 12 Sep 2023 19:34:09 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: GNXkyBEP8221RAS4caCrteQS46xxnzT02lvSlA5FFtFWBTR-OeWFzA==
x-cache-hits: 0

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
16 KB 73ms
21ms Other
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: securitybydefault.disqus.com
URL: http://securitybydefault.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:37 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 55
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 16127
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK recommendations.js Show response
securitybydefault.disqus.com/ 64 KB
21 KB 144ms
144ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://securitybydefault.disqus.com/recommendations.js

Requested by

Host: securitybydefault.disqus.com
URL: http://securitybydefault.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

6c3e44d9e5d5a5ea1e3c3978dea7d93ec88829dc748f0a3ea0df71f2b583a5be

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:37 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 21282
Cross-Origin-Resource-Policy: cross-origin

GET
DATA 200
OK truncated
/ Frame 48FB 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 info.json Show response
cdn.syndication.twimg.com/widgets/followbutton/ Frame 48FB 254 B
702 B 241ms
136ms Script
application/javascript 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/widgets/followbutton/info.json?callback=__twttr.setFollowersCountAndFollowing&lang=es&screen_names=secbydefault

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/follow_button.c4bdc17e77719578b594d5555bee90db.es.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

57f78b37eca08bf18eeb7c6745ed5e366810f674452350aea84ea95922e4f913

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 14:08:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
server-timing: x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=116
content-length: 199
x-xss-protection: 0
access-contol-allow-origin: platform.twitter.com
x-response-time: 102
last-modified: Wed, 14 Sep 2022 14:08:37 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=600
x-connection-hash: bc588e0dd07e18b74031ff74b675073629b8053f78c97be986597e8d8c8e30d6
timing-allow-origin: *
x-transaction: c0da40cff2d7723d
expires: Wed, 14 Sep 2022 14:18:37 GMT

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame 9C3B 13 KB
5 KB 128ms
128ms Document
text/html 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=securitybydefault&t_u=http%3A%2F%2Fwww.securitybydefault.com%2F2015%2F06%2Fanalisis-de-un-ransomware-de-cifrado.html&t_d=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default&t_t=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default&s_o=default

Requested by

Host: securitybydefault.disqus.com
URL: http://securitybydefault.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

8a983aeb762ff64349e56fa84144850e7bf44d82a2836bd19ad268c139decb89

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.securitybydefault.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 4212
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type: text/html; charset=utf-8
Cross-Origin-Resource-Policy: cross-origin
Date: Wed, 14 Sep 2022 14:08:37 GMT
ETag: W/"lounge:view:3857943644.cf449607d755e858c296d579dad74feb.2"
Last-Modified: Sun, 31 Jan 2021 12:57:11 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Strict-Transport-Security: max-age=300; includeSubdomains
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"

GET
H2 200 recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
c.disquscdn.com/next/recommendations/styles/ 0
3 KB 20ms
20ms Other
text/css 2600:9000:21f3:f400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css

Requested by

Host: securitybydefault.disqus.com
URL: https://securitybydefault.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:f400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 05:21:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4438028
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2978
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 22 Jul 2022 12:02:54 GMT
server: nginx
etag: "62da91ee-ba2"
content-type: text/css; charset=utf-8
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
expires: Tue, 25 Jul 2023 05:21:29 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: CWy8jiQuu_cJ_EOIHmZ4MLFn1VIncLAMdLs_07CfnnZQPDSRaAquYw==
x-cache-hits: 0

GET
H2 200 common.bundle.a59fbd11efae764ccd959d61e4925fee.js
c.disquscdn.com/next/recommendations/ 0
87 KB 21ms
21ms Other
application/javascript 2600:9000:21f3:f400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.a59fbd11efae764ccd959d61e4925fee.js

Requested by

Host: securitybydefault.disqus.com
URL: https://securitybydefault.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:f400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 05:21:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4438028
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 88804
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 22 Jul 2022 12:02:54 GMT
server: nginx
etag: "62da91ee-15ae4"
content-type: application/javascript; charset=utf-8
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
expires: Tue, 25 Jul 2023 05:21:29 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: gh_dui5wq3CPYrv0y1z4bWeA_nXPE9DwI_YZ37J4-KA0iWjIgrX7UA==
x-cache-hits: 0

GET
H2 200 recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js
c.disquscdn.com/next/recommendations/ 0
20 KB 27ms
27ms Other
application/javascript 2600:9000:21f3:f400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js

Requested by

Host: securitybydefault.disqus.com
URL: https://securitybydefault.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:f400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 05:21:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4438028
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 20244
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 22 Jul 2022 12:02:54 GMT
server: nginx
etag: "62da91ee-4f14"
content-type: application/javascript; charset=utf-8
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
expires: Tue, 25 Jul 2023 05:21:29 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: pyf60VguiYqOhCZr7NU_FhNsdwC_UUNAnuTOBcFRlQN5gBTYlohSJA==
x-cache-hits: 0

GET
H2 200 lounge.load.11e4d4419036ee9a10f4fa6b46721633.js Show response
c.disquscdn.com/next/embed/ Frame 9C3B 958 B
1 KB 67ms
22ms Script
application/javascript 2600:9000:21f3:f400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.11e4d4419036ee9a10f4fa6b46721633.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=securitybydefault&t_u=http%3A%2F%2Fwww.securitybydefault.com%2F2015%2F06%2Fanalisis-de-un-ransomware-de-cifrado.html&t_d=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default&t_t=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:f400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d3c31248b3fb04f924bfd99402102e07575ccb0da37dc0369e06477cdef7ecd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=securitybydefault&t_u=http%3A%2F%2Fwww.securitybydefault.com%2F2015%2F06%2Fanalisis-de-un-ransomware-de-cifrado.html&t_d=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default&t_t=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default&s_o=default
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 19:34:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153267
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 495
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 12 Sep 2022 19:13:42 GMT
server: nginx
etag: "631f84e6-1ef"
content-type: application/javascript; charset=utf-8
via: 1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
expires: Tue, 12 Sep 2023 19:34:10 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: Qkxr-At1WH4-frGngMVWHYgn1RXcse2yVs6hH0fyJIu08DMM9Q9vJQ==
x-cache-hits: 0

GET
H/1.1 200
OK / Show response
disqus.com/recommendations/ Frame 5AD9 5 KB
3 KB 147ms
147ms Document
text/html 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/recommendations/?base=default&f=securitybydefault&t_u=http%3A%2F%2Fwww.securitybydefault.com%2F2015%2F06%2Fanalisis-de-un-ransomware-de-cifrado.html&t_d=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default&t_t=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default

Requested by

Host: securitybydefault.disqus.com
URL: https://securitybydefault.disqus.com/recommendations.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

ed9f93fb0a529a2a1aef5b0d919275bf5de1fccf02221c48e41315453e2df88d

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.securitybydefault.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
Cache-Control: stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2292
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type: text/html; charset=utf-8
Cross-Origin-Resource-Policy: cross-origin
Date: Wed, 14 Sep 2022 14:08:37 GMT
Last-Modified: Sun, 31 Jan 2021 12:57:11 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Server: nginx
Strict-Transport-Security: max-age=300; includeSubdomains
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"

GET
H2 200 common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js Show response
c.disquscdn.com/next/embed/ Frame 9C3B 282 KB
93 KB 21ms
21ms Script
application/javascript 2600:9000:21f3:f400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.11e4d4419036ee9a10f4fa6b46721633.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:f400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

64cee676a611b27aca955c5e227666f9d955682512ec25b982bd5e2f92eb61dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=securitybydefault&t_u=http%3A%2F%2Fwww.securitybydefault.com%2F2015%2F06%2Fanalisis-de-un-ransomware-de-cifrado.html&t_d=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default&t_t=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 05:21:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4438028
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94755
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 22 Jul 2022 12:02:54 GMT
server: nginx
etag: "62da91ee-17223"
content-type: application/javascript; charset=utf-8
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
expires: Tue, 25 Jul 2023 05:21:29 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: q0weaOmlurHggGj_d5B41zMBxB23PYuX-VtuRljMl2-eQLjw4_ZghQ==
x-cache-hits: 0

GET
H2 200 lounge.9772024640e1cec8d973cd80fb62abd8.css
c.disquscdn.com/next/embed/styles/ Frame 9C3B 165 KB
26 KB 21ms
21ms Stylesheet
text/css 2600:9000:21f3:f400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.9772024640e1cec8d973cd80fb62abd8.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:f400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c43a8d413e5b24b174ce521baf90d23fd3ee9649b210ccc3847cb6943b2f28ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=securitybydefault&t_u=http%3A%2F%2Fwww.securitybydefault.com%2F2015%2F06%2Fanalisis-de-un-ransomware-de-cifrado.html&t_d=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default&t_t=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 19:34:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153268
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 26136
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 12 Sep 2022 19:13:42 GMT
server: nginx
etag: "631f84e6-6618"
content-type: text/css; charset=utf-8
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
expires: Tue, 12 Sep 2023 19:34:09 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: yhVja9KNY__ngLF-SBRY57NXO38pBwB7klrYgfpt_4iDl49jVaHK7g==
x-cache-hits: 0

GET
H2 200 lounge.bundle.29e6af40821697bba1cb55aca8ebe0da.js Show response
c.disquscdn.com/next/embed/ Frame 9C3B 480 KB
122 KB 21ms
20ms Script
application/javascript 2600:9000:21f3:f400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.29e6af40821697bba1cb55aca8ebe0da.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:f400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a7bd869151ae907d54f3e636848c0a6f06e54289df7d9e0b68b57da96c2ca77b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=securitybydefault&t_u=http%3A%2F%2Fwww.securitybydefault.com%2F2015%2F06%2Fanalisis-de-un-ransomware-de-cifrado.html&t_d=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default&t_t=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 19:34:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153268
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 124008
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 12 Sep 2022 19:13:42 GMT
server: nginx
etag: "631f84e6-1e468"
content-type: application/javascript; charset=utf-8
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
expires: Tue, 12 Sep 2023 19:34:09 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: Z-Ij7H1FhERpNnN0xV6HT3_SEXTnh2UoiegeYw-9wrLlTGeD7_WDyQ==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 9C3B 16 KB
16 KB 54ms
22ms Script
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

75408f16c4d5d7fc6a5e2efa1968549638331d1eb0552dd6437b8999062f7f9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=securitybydefault&t_u=http%3A%2F%2Fwww.securitybydefault.com%2F2015%2F06%2Fanalisis-de-un-ransomware-de-cifrado.html&t_d=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default&t_t=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:37 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 55
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 16127
X-XSS-Protection: 1; mode=block

GET
H2 200 recommendations.load.9d352c9674ae8172f8669d3aa3a905e9.js Show response
c.disquscdn.com/next/recommendations/ Frame 5AD9 923 B
1 KB 22ms
21ms Script
application/javascript 2600:9000:21f3:f400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.load.9d352c9674ae8172f8669d3aa3a905e9.js

Requested by

Host: disqus.com
URL: https://disqus.com/recommendations/?base=default&f=securitybydefault&t_u=http%3A%2F%2Fwww.securitybydefault.com%2F2015%2F06%2Fanalisis-de-un-ransomware-de-cifrado.html&t_d=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default&t_t=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:f400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9b96fe0a7d9b194599c4a2982ba5efb84aa3999dae35fd93cc1c7e64659e20b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 05:21:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4438028
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 446
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 22 Jul 2022 12:02:54 GMT
server: nginx
etag: "62da91ee-1be"
content-type: application/javascript; charset=utf-8
via: 1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
expires: Tue, 25 Jul 2023 05:21:28 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: TctMdAGrAnog9-7iAHofXJtGc8YAvk-wH7BjmXQCsa2SUcdMq6nsnw==
x-cache-hits: 0

GET
H2 200 es_ES.js Show response
c.disquscdn.com/next/current/embed/lang/ Frame 9C3B 21 KB
8 KB 21ms
20ms Script
application/javascript 2600:9000:21f3:f400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/current/embed/lang/es_ES.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:f400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cf1bda0a4de82066dcf785d79456556a1dae957e9c0a9175e5bcc22f2e8084ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=securitybydefault&t_u=http%3A%2F%2Fwww.securitybydefault.com%2F2015%2F06%2Fanalisis-de-un-ransomware-de-cifrado.html&t_d=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default&t_t=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 14:04:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 7646
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
last-modified: Mon, 12 Sep 2022 19:13:42 GMT
server: nginx
etag: "631f84e6-1dde"
content-type: application/javascript; charset=utf-8
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
expires: Wed, 14 Sep 2022 14:09:39 GMT
cache-control: max-age=300, public
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: e9a5PytyMmK0i1U6u5vm7Thnz__TETqtlqTEeHhlyR_Je-2Y5woIqg==
x-cache-hits: 0

GET
H2 200 common.bundle.a59fbd11efae764ccd959d61e4925fee.js Show response
c.disquscdn.com/next/recommendations/ Frame 5AD9 262 KB
87 KB 21ms
20ms Script
application/javascript 2600:9000:21f3:f400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.a59fbd11efae764ccd959d61e4925fee.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/recommendations.load.9d352c9674ae8172f8669d3aa3a905e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:f400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3ae0f120f30b95b1bc51b7440fb005c41cfc4560e3701763552c07b03a55a46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 05:21:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4438028
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 88804
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 22 Jul 2022 12:02:54 GMT
server: nginx
etag: "62da91ee-15ae4"
content-type: application/javascript; charset=utf-8
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
expires: Tue, 25 Jul 2023 05:21:29 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: h6uP9OFAbwhBnbwF92rvg8rmxZBXPrZtiWsAFOjgCAJCd3qFKVtuDA==
x-cache-hits: 0

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 9C3B 3 KB
3 KB 128ms
127ms XHR
application/json 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=securitybydefault&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c63bfde516db7de1382a412ee68d36842b5796757a93ab96db2e9b5841744d1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=securitybydefault&t_u=http%3A%2F%2Fwww.securitybydefault.com%2F2015%2F06%2Fanalisis-de-un-ransomware-de-cifrado.html&t_d=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default&t_t=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default&s_o=default
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:37 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3054
X-XSS-Protection: 1; mode=block

GET
H2 200 noavatar92.png
a.disquscdn.com/1663159043/images/ Frame 9C3B 2 KB
2 KB 23ms
23ms Image
image/png 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1663159043/images/noavatar92.png

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=securitybydefault&t_u=http%3A%2F%2Fwww.securitybydefault.com%2F2015%2F06%2Fanalisis-de-un-ransomware-de-cifrado.html&t_d=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default&t_t=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 14:08:37 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 4902
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA6-C1
content-length: 1644
x-amz-cf-id: 4h1Huoy0eBxR6cKQ8RofNyi3dLPycbpaZJw6TVRHbcW2hSnvbEyhZQ==
expires: Fri, 14 Oct 2022 12:46:55 GMT

GET
DATA 200
OK truncated
/ Frame 9C3B 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 9C3B 13 KB
13 KB 21ms
21ms Image
image/svg+xml 2600:9000:21f3:f400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.9772024640e1cec8d973cd80fb62abd8.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:f400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.9772024640e1cec8d973cd80fb62abd8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 05:21:30 GMT
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 4438027
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Fri, 22 Jul 2022 12:02:55 GMT
server: nginx
etag: "62da91ef-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Tue, 25 Jul 2023 05:21:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Lw_r236nMUqWh5gr1teJgaLLkicGJTK1zvFRSBmlDbyZX058RAlHSw==
x-cache-hits: 0

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame 9C3B 3 KB
3 KB 20ms
20ms Image
image/gif 2600:9000:21f3:f400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.9772024640e1cec8d973cd80fb62abd8.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:f400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.9772024640e1cec8d973cd80fb62abd8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 05:31:16 GMT
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2104641
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Thu, 18 Aug 2022 14:28:43 GMT
server: nginx
etag: "62fe4c9b-b9b"
content-type: image/gif
access-control-allow-origin: *
expires: Mon, 21 Aug 2023 05:31:16 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 966Ye2Z94CPCLv_ySZaUoZ3wNOyecliMdsore1NoeVXexfTD4vHaDw==
x-cache-hits: 0

GET
H2 200 sprite.ad630a07080a45451f139a7487853ff8.png
c.disquscdn.com/next/embed/assets/img/ Frame 9C3B 2 KB
2 KB 20ms
20ms Image
image/png 2600:9000:21f3:f400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.9772024640e1cec8d973cd80fb62abd8.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:f400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.9772024640e1cec8d973cd80fb62abd8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 05:21:30 GMT
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 4438027
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1763
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Fri, 22 Jul 2022 12:02:55 GMT
server: nginx
etag: "62da91ef-6e3"
content-type: image/png
access-control-allow-origin: *
expires: Tue, 25 Jul 2023 05:21:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: VY4hQ3Sz8eHHywBdla1M5hBNPsK4FwvbmdDhLN4Y02UXeJSLFb-f0w==
x-cache-hits: 0

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame 9C3B 8 KB
8 KB 23ms
23ms Font
application/octet-stream 2600:9000:21f3:f400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.9772024640e1cec8d973cd80fb62abd8.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:f400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.9772024640e1cec8d973cd80fb62abd8.css
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 00:45:29 GMT
via: 1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1516988
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Fri, 26 Aug 2022 22:07:42 GMT
server: nginx
etag: "6309442e-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
expires: Mon, 28 Aug 2023 00:45:29 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: To0Ua4JaMhE3U8clxoL7lxpIXwOHAEdtHrYafn4_Hr_06X-W2Wt6IA==
x-cache-hits: 0

GET
H2 200 alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js Show response
c.disquscdn.com/next/embed/ 78 KB
27 KB 22ms
22ms Script
application/javascript 2600:9000:21f3:f400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js

Requested by

Host: securitybydefault.disqus.com
URL: http://securitybydefault.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:f400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 05:21:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4438027
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 26578
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 22 Jul 2022 12:02:54 GMT
server: nginx
etag: "62da91ee-67d2"
content-type: application/javascript; charset=utf-8
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
expires: Tue, 25 Jul 2023 05:21:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: vOvWUNntk8_nY09vmssYiLZzevAlNKYDCO2jTdK7Yg9OpUeCXNxkSQ==
x-cache-hits: 0

GET
H2 200 noavatar92.png
a.disquscdn.com/1663159043/images/ Frame 9C3B 2 KB
2 KB 21ms
20ms Image
image/png 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1663159043/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.29e6af40821697bba1cb55aca8ebe0da.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=securitybydefault&t_u=http%3A%2F%2Fwww.securitybydefault.com%2F2015%2F06%2Fanalisis-de-un-ransomware-de-cifrado.html&t_d=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default&t_t=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 14:08:38 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 4902
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA6-C1
content-length: 1644
x-amz-cf-id: 4h1Huoy0eBxR6cKQ8RofNyi3dLPycbpaZJw6TVRHbcW2hSnvbEyhZQ==
expires: Fri, 14 Oct 2022 12:46:55 GMT

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 9C3B 43 B
339 B 169ms
114ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=176&event=init_embed&thread=3857943644&forum=securitybydefault&forum_id=741996&imp=2ss4jtv2jtjhto&thread_slug=analisis_de_un_ransomware_de_cifrado_security_by_default&user_type=anon&referrer=http%3A%2F%2Fwww.securitybydefault.com%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false

Requested by

Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=securitybydefault&t_u=http%3A%2F%2Fwww.securitybydefault.com%2F2015%2F06%2Fanalisis-de-un-ransomware-de-cifrado.html&t_d=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default&t_t=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
c.disquscdn.com/next/recommendations/styles/ Frame 5AD9 14 KB
3 KB 20ms
20ms Stylesheet
text/css 2600:9000:21f3:f400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.a59fbd11efae764ccd959d61e4925fee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:f400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3eee15d11eb29b6f2258cabfeeca39b3b900a7cae96fc7919b27789f3470b9f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 05:21:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4438029
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2978
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 22 Jul 2022 12:02:54 GMT
server: nginx
etag: "62da91ee-ba2"
content-type: text/css; charset=utf-8
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
expires: Tue, 25 Jul 2023 05:21:29 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: iq7N25tAEZzFi8VtUJwjzfQePVw5H7onoulodu4PMoLzNZNWrRw_TQ==
x-cache-hits: 0

GET
H2 200 recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js Show response
c.disquscdn.com/next/recommendations/ Frame 5AD9 65 KB
20 KB 21ms
20ms Script
application/javascript 2600:9000:21f3:f400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.a59fbd11efae764ccd959d61e4925fee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:f400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dbffe4825c6ba1f19ff48607381ad4384b0609b64998830502c130f00abe887d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 05:21:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4438029
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 20244
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 22 Jul 2022 12:02:54 GMT
server: nginx
etag: "62da91ee-4f14"
content-type: application/javascript; charset=utf-8
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
expires: Tue, 25 Jul 2023 05:21:29 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: sOrEC7lSRfF4sTX25XGldvu_hbzTJZG7OAxPZXw6OtLuDp2CyN0ksw==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 5AD9 16 KB
16 KB 21ms
20ms Script
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.a59fbd11efae764ccd959d61e4925fee.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

75408f16c4d5d7fc6a5e2efa1968549638331d1eb0552dd6437b8999062f7f9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/recommendations/?base=default&f=securitybydefault&t_u=http%3A%2F%2Fwww.securitybydefault.com%2F2015%2F06%2Fanalisis-de-un-ransomware-de-cifrado.html&t_d=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default&t_t=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:38 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 56
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 16127
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK pixel.gif
cdn.viglink.com/images/ 43 B
551 B 78ms
41ms Image
image/gif 2606:4700::6810:a00d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.viglink.com/images/pixel.gif?ch=1&rn=0.8420275794232019
Requested by: Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html
Protocol: HTTP/1.1
Server: 2606:4700::6810:a00d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:38 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 10 Feb 2015 03:29:39 GMT
Server: cloudflare
Age: 9
ETag: "221d8352905f2c38b3cb2bd191d630b0"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=15, must-revalidate
Content-Length: 43
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 74a9b21e1918696f-FRA
x-amz-request-id: CH0XQF3XM675NRJ9
x-amz-id-2: 1UoWBDWEeBr3lOeH/tkvkswTFWX5koUsY4uEx30iAkdps+KnfA+b+GXEmSCQDFz2xEXho7Mvj5s=

GET
H/1.1 200
OK pixel.gif
cdn.viglink.com/images/ 43 B
552 B 86ms
48ms Image
image/gif 2606:4700::6810:a00d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.viglink.com/images/pixel.gif?ch=2&rn=0.8420275794232019
Requested by: Host: www.securitybydefault.com
URL: http://www.securitybydefault.com/2015/06/analisis-de-un-ransomware-de-cifrado.html
Protocol: HTTP/1.1
Server: 2606:4700::6810:a00d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:38 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 10 Feb 2015 03:29:39 GMT
Server: cloudflare
Age: 10
ETag: "221d8352905f2c38b3cb2bd191d630b0"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=15, must-revalidate
Content-Length: 43
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 74a9b21e192e9137-FRA
x-amz-request-id: 76FTR4XJG419S0Q4
x-amz-id-2: k2QmV4lkNl+H2kRiYEcKKjsSKcKym/HhfQnUbi35JAmqQyqiePW87DIpAjOW1rPEDKnTi+cp9to=

GET
H2 200 es_ES.js Show response
c.disquscdn.com/next/current/recommendations/lang/ Frame 5AD9 21 KB
8 KB 22ms
22ms Script
application/javascript 2600:9000:21f3:f400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/current/recommendations/lang/es_ES.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.a59fbd11efae764ccd959d61e4925fee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:f400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cf1bda0a4de82066dcf785d79456556a1dae957e9c0a9175e5bcc22f2e8084ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 14:07:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 7646
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
last-modified: Mon, 12 Sep 2022 19:13:42 GMT
server: nginx
etag: "631f84e6-1dde"
content-type: application/javascript; charset=utf-8
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
expires: Wed, 14 Sep 2022 14:12:33 GMT
cache-control: max-age=300, public
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: fiHfamCxHIGgM6FMHRtwptLA3S7aVq0WKcvYZFAM3bPkjpFfEfF7Dw==
x-cache-hits: 0

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 5AD9 3 KB
3 KB 21ms
20ms XHR
application/json 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=securitybydefault&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.a59fbd11efae764ccd959d61e4925fee.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c63bfde516db7de1382a412ee68d36842b5796757a93ab96db2e9b5841744d1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/recommendations/?base=default&f=securitybydefault&t_u=http%3A%2F%2Fwww.securitybydefault.com%2F2015%2F06%2Fanalisis-de-un-ransomware-de-cifrado.html&t_d=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default&t_t=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:38 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3054
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK listRecommendations.json Show response
disqus.com/api/3.0/discovery/ Frame 5AD9 7 KB
7 KB 112ms
112ms XHR
application/json 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/discovery/listRecommendations.json?forum=securitybydefault&thread=url%3Ahttp%3A%2F%2Fwww.securitybydefault.com%2F2015%2F06%2Fanalisis-de-un-ransomware-de-cifrado.html&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.a59fbd11efae764ccd959d61e4925fee.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

a0b87b701b26c5494893d6cab30c0511f6e3cbe57cd7635116533487cbb842ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://disqus.com/recommendations/?base=default&f=securitybydefault&t_u=http%3A%2F%2Fwww.securitybydefault.com%2F2015%2F06%2Fanalisis-de-un-ransomware-de-cifrado.html&t_d=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default&t_t=An%C3%A1lisis%20de%20un%20Ransomware%20de%20Cifrado%20~%20Security%20By%20Default
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 14:08:38 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 949
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cache-Control: stale-while-revalidate=450, public, max-age=1800
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/json
Vary: Origin
Content-Length: 6801
X-XSS-Protection: 1; mode=block

GET
H3 200 3523451998-lightbox_bundle.css
www.blogger.com/static/v1/v-css/ 35 KB
6 KB 22ms
22ms Stylesheet
text/css 2a00:1450:4001:803::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/v-css/3523451998-lightbox_bundle.css

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/3753684042-widgets.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a1b182575a97818903caf7858784858599743b800864af64599b36fe9011881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 23:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 485334
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6523
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 01:13:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 08 Sep 2023 23:19:44 GMT

GET
H3 200 3044588892-lbx__es.js Show response
www.blogger.com/static/v1/jsbin/ 369 KB
369 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:803::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/jsbin/3044588892-lbx__es.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/3753684042-widgets.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0976a01ac880c9af3056e025d3ab1c6d1f26bff332fa5bac64076dff037fa189

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 01:51:52 GMT
x-content-type-options: nosniff
age: 562606
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 378040
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 22:51:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 08 Sep 2023 01:51:52 GMT

GET
H2 200 get
c.disquscdn.com/ Frame 5AD9 9 KB
10 KB 26ms
25ms Image
image/jpeg 2600:9000:21f3:f400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2F2.bp.blogspot.com%2F-4WYVwKdU9eA%2FWKDT9FwwktI%2FAAAAAAAACvA%2FddwO2TwKtM8OeA0OWQT-n0jp316Wir4FgCLcB%2Fw1200-h630-p-k-no-nu%2Ftitulo.jpg&key=1w9czux-rw6JgbMhbHk6rA&h=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:f400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e7b0faf5b6609c30da18127344b425078ed95080159b5245cf73fffc8b1e67f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 09:37:12 GMT
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 707486
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-disposition: inline;filename="titulo.jpg"
content-length: 9376
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
x-cache-hits: 0
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: 9UEi8hO1SV3Exufrj7WQVdWxjAFj9Plb4nsvIaB-ELozYv4xiBkfQQ==
expires: Thu, 06 Oct 2022 09:37:12 GMT

GET
H2 200 get
c.disquscdn.com/ Frame 5AD9 80 KB
81 KB 27ms
25ms Image
image/png 2600:9000:21f3:f400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=http%3A%2F%2F2.bp.blogspot.com%2F-Fybj3Q1RhE0%2FVopTHQYKmBI%2FAAAAAAAAIJQ%2FQWUuYCgaudU%2Fw1200-h630-p-k-no-nu%2Ff13.png&key=pdFqo3gTr86CPZmIxEh59A&h=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:f400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

03ab088e03cc1bac78f43c408e988928053e819277acce7488071ed1eb6d4cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 21:01:46 GMT
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1357612
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-disposition: inline;filename="f13.png"
content-length: 82431
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
x-cache-hits: 0
content-type: image/png
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: NC_OMd48GgFqfSqbT9GMLEnvDIiKG3CauWnNWUnzcQLfDWmSKHrO8w==
expires: Wed, 28 Sep 2022 21:01:46 GMT

GET
H2 200 get
c.disquscdn.com/ Frame 5AD9 13 KB
13 KB 32ms
30ms Image
image/jpeg 2600:9000:21f3:f400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2F3.bp.blogspot.com%2F-EnrCbymHpIg%2FV0KZP7VLWwI%2FAAAAAAAAEL0%2F0M2_fxuTpy8yCs-bCMOObhIPi1qj9ekvgCLcB%2Fw1200-h630-p-k-no-nu%2F13124763_1699078947024974_1735360501695425253_n.jpg&key=d8CzETibe2ymqjGrFwSHMA&h=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:f400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2148c5917129b2b1d523161f9d2496982b22212106a141017c89ad1606ea395f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 00:07:45 GMT
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1173653
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-disposition: inline;filename="13124763_1699078947024974_1735360501695425253_n.jpg"
content-length: 12991
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
x-cache-hits: 0
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: 16V11Q6GG1xgsVjlcFZ8DeydtejGzK1Td5idRwQ6a69uar66C4y0tg==
expires: Sat, 01 Oct 2022 00:07:45 GMT

GET
H2 200 get
c.disquscdn.com/ Frame 5AD9 9 KB
10 KB 35ms
33ms Image
image/png 2600:9000:21f3:f400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=http%3A%2F%2F4.bp.blogspot.com%2F-rfuFXbiCEj0%2FVlIhnnO_MaI%2FAAAAAAAAEEU%2F-IkjD6O_tTA%2Fw1200-h630-p-k-no-nu%2Fpengowin3.png&key=7xloKtANrG_FEZDOy_0KFw&h=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:f400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5d535b6bc8fe64058e4df5e7edc89e02c1d0e1d60a8a092f56bf95b2a968fab8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 11:47:09 GMT
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1477289
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-disposition: inline;filename="pengowin3.png"
content-length: 9242
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
x-cache-hits: 0
content-type: image/png
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: C_NZ2aQCy7uPFKYtzOhknseooXZY76JUE8CSHMkECnFVou1X3Nnu6A==
expires: Tue, 27 Sep 2022 11:47:09 GMT

GET
H2 200 get
c.disquscdn.com/ Frame 5AD9 23 KB
24 KB 30ms
29ms Image
image/jpeg 2600:9000:21f3:f400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2F1.bp.blogspot.com%2F-66k8-urSefA%2FWnD-CIATffI%2FAAAAAAAADYY%2F-HUPa-D5NkM5eRdPWYTRTsLbok314yZewCLcBGAs%2Fw1200-h630-p-k-no-nu%2Fmicrocrap.jpg&key=HTygVP08eaLvYZI2NBvwkA&h=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:f400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5530c0406067a51b4f33a48116596e0f456d16673de6dd498b08286330fa9369

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 08:57:52 GMT
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 450646
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-disposition: inline;filename="microcrap.jpg"
content-length: 23569
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
x-cache-hits: 0
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: 92Hv6aVwhYGVbkLpdEWN58ol1-A5XdrPGMueiR1uyHpDFpbpbWPvHw==
expires: Sun, 09 Oct 2022 08:57:52 GMT

GET
H2 200 get
c.disquscdn.com/ Frame 5AD9 27 KB
27 KB 36ms
35ms Image
image/png 2600:9000:21f3:f400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2F2.bp.blogspot.com%2F-aH3etczpWG4%2FV9XjOQX41eI%2FAAAAAAAAEOw%2FtxJFui9t7l8cQm0suM7nLxBhoqjoQIP1ACLcB%2Fw1200-h630-p-k-no-nu%2FCon2016.fw.png&key=kZgpkn7Ot20_XOEizPlSvg&h=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:f400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e78aa672651c45f0c6ee4fd9b33f54e3b9d885887eb456147b51c6ace6a42950

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 15:58:46 GMT
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2585392
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-disposition: inline;filename="Con2016.fw.png"
content-length: 27341
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
x-cache-hits: 0
content-type: image/png
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: YUYI7_uuccxds9QJ5WUqrZjQYScSwhzWNeal_l-lwFy975OkuWKrxA==
expires: Wed, 14 Sep 2022 15:58:46 GMT

GET
H2 200 get
c.disquscdn.com/ Frame 5AD9 85 KB
86 KB 31ms
30ms Image
image/png 2600:9000:21f3:f400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2F4.bp.blogspot.com%2F-uUn7poaMl1Y%2FWA5FuS_GwLI%2FAAAAAAAAAVs%2F7JT-p21ZtmgW9_f4QSc4XcDESQiSFr4tgCLcB%2Fw1200-h630-p-k-no-nu%2Fimage1.png&key=UbFwblTtzr8dhIiW-d9ZMw&h=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:f400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4d1ead160de6e6d35ac10e7c470a2c5c152fe7612ebe9ea27e890a7aed0e5b0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 14:01:59 GMT
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1555599
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-disposition: inline;filename="image1.png"
content-length: 87235
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
x-cache-hits: 0
content-type: image/png
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: 6WTbp_t2wwLsEOgJw01uCVR3hFmTKOdSs-elxLelKk3sdVaFhanJJw==
expires: Mon, 26 Sep 2022 14:01:59 GMT

GET
H2 200 get
c.disquscdn.com/ Frame 5AD9 143 KB
144 KB 37ms
37ms Image
image/png 2600:9000:21f3:f400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2F2.bp.blogspot.com%2F-wzPPzyGsDjg%2FV72DQdSDF0I%2FAAAAAAAAAgE%2FWx1HXFBweEwKJYVoLJ6hWebls12uWluzwCLcB%2Fw1200-h630-p-k-no-nu%2Fvehicle_hacking.png&key=9zfqwxAYyY_Lxrry-TdaFw&h=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:f400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

89a0a597f90ffa3a971842ecad65d1d39b00ade4a66673eca9470d91a6fb8a4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 14:30:02 GMT
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 344316
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-disposition: inline;filename="vehicle_hacking.png"
content-length: 146713
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
x-cache-hits: 0
content-type: image/png
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: F9QAX4DOZkH6tJciDkEpA7eOX32QztA2PcvQdGbruC4Ba4d5g4LOMQ==
expires: Mon, 10 Oct 2022 14:30:02 GMT

POST
H/1.1 200
OK ping Show response
links.services.disqus.com/api/ 357 B
799 B 113ms
55ms XHR
text/javascript 199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/ping
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 986cf6e15bc52c3ba3cd8ef214c2de370e27649feb52ee4b9da1ae1da2e69741

Request headers

Referer: http://www.securitybydefault.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 14 Sep 2022 14:08:38 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://www.securitybydefault.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 357
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

sync.gif
links.services.disqus.com/api/
Redirect Chain

http://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d

43 B
375 B

91ms
46ms

Image
image/gif

199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
Protocol: HTTP/1.1
Server: 199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.securitybydefault.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Sep 2022 14:08:39 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Type: image/gif;charset=UTF-8
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

POST
H/1.1 200
OK domains Show response
links.services.disqus.com/api/ 162 B
604 B 49ms
49ms XHR
text/javascript 199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/domains
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 5e68dc747adbbf96114a7d9ac09fb483166c151bb35b60979dbd6b1a9f0c352a

Request headers

Referer: http://www.securitybydefault.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 14 Sep 2022 14:08:38 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://www.securitybydefault.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 162
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK domains Show response
links.services.disqus.com/api/ 82 B
523 B 50ms
50ms XHR
text/javascript 199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/domains
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 8e5d7a9c8ba69694e9918204e0f2476203e3b542d519fdcc143fda836d87e0f9

Request headers

Referer: http://www.securitybydefault.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 14 Sep 2022 14:08:38 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://www.securitybydefault.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 82
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.securitybydefault.com/	1970-01-20 15:35:24	Name: sc_is_visitor_unique Value: rx4681204.1663164516.27EC796D020C4FEC897B6ABA3EC702B1.1.1.1.1.1.1.1.1.1
.statcounter.com/	1970-01-20 15:35:24	Name: is_unique Value: sc4681204.1663164516.0
www.secureworks.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinityCORS Value: fe782f07a4a30b728296a249197117bf
www.secureworks.com/	1969-12-31 23:59:59	Name: ASLBSACORS Value: 00035c8a916e92227202ce8fddfa7a900661f97e1db5acdc373a4a2cd421d344cea4
disqus.com/	1970-01-20 05:59:26	Name: __jid Value: 2ss4ki22dt9quf
.disqus.com/	1970-01-20 14:45:00	Name: disqus_unique Value: 2ss4kjcs3n49n

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.secureworks.com/assets/image_store/png/page.intelligence.threats.cryptolocker.14.png Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
a.disquscdn.com
c.disquscdn.com
c.statcounter.com
cdn.syndication.twimg.com
cdn.viglink.com
disqus.com
feeds.feedburner.com
fonts.googleapis.com
fonts.gstatic.com
links.services.disqus.com
platform.twitter.com
referrer.disqus.com
resources.blogblog.com
securitybydefault.disqus.com
sites.google.com
syndication.twitter.com
www.blogger.com
www.google.com
www.secureworks.com
www.securitybydefault.com
www.statcounter.com
104.20.228.67
104.20.229.67
104.244.42.72
151.101.0.134
199.232.196.134
199.232.196.64
199.232.198.49
2600:9000:21f3:f400:6:8656:f5c0:93a1
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:a00d
2620:1ec:49::60
2a00:1450:4001:803::2009
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:811::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82a::200a
2a00:1450:400a:803::200e
2a00:1450:400a:808::2013
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
03ab088e03cc1bac78f43c408e988928053e819277acce7488071ed1eb6d4cf6
054ccbce9ca15b7c8d64d73d3c70001100d55407572473ec78a5d115291d05b8
0642026749789f24663728276a96121ddeae707570de3cf02bf903c8626842c1
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
082dfb2c62e05641db3dfad2da7763bcc344bfd184f5a2d0f70033b605d51b16
0976a01ac880c9af3056e025d3ab1c6d1f26bff332fa5bac64076dff037fa189
09e204a15d148e1b269d80490636e129377693cce3ffaddb34f548be9ef55c21
12f66d4a76b194828a1d13cbcf2e2d942d65dd35003272408016477c023c9d67
1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617
1bf7babbe97b5c174778b80f863d196e7505bc5f0b3407a2363ca2c2fb5e58a6
1e4002386162dcc048a7c27b1691b8de5cc2dd0adee958ed2b386032ac866210
2148c5917129b2b1d523161f9d2496982b22212106a141017c89ad1606ea395f
22f7b206dc766742f25c62de34b4f120ff1b6075cf54788b08279287c1e98abe
2a1b182575a97818903caf7858784858599743b800864af64599b36fe9011881
31aeb9c4483463889cd2b71fc9c9873724fa7d0a5d31ce09e985721b8eea966d
31b217378ce7f322ee500f31f5ba3fb5452518271439c994886d74b5293e36fe
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
38773f599cca495f0904c3d5a9981fc081b743a8d9aa106ed17e0d9b03ae6598
3d31d15b603df36a0a251c9acdf32e1d862677674fd5119ab9cab945be47cbc5
3dc1683bb2d601077a15cbf724b3c21407dc6df709e662ef520d8606908237e6
3eee15d11eb29b6f2258cabfeeca39b3b900a7cae96fc7919b27789f3470b9f9
408459cee068b3b153847825ebe1fbfeff89a6d7b69b5b08ff096d1534453a17
425a16feead2b8d7a9e0bf8af861bfc40afa531fcc904174aefb506f72a91548
4559ecf7c24450ca8840d1f5d5c18927f4a0bde223905e9741e5fdcc5e5a624f
493ab3b4b04a8f0a5e78f3dc70ccde31314e5915d8d2a68c49a9af3edba1b461
4baf5f5fa30c14e767dfc87d464e1fdd6e182150ed12cacdf00252064c4e7354
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4cf0f18987d0cd94cc00e8a1c686dfc72d759fb259595da6af77cdd359bd3723
4d1ead160de6e6d35ac10e7c470a2c5c152fe7612ebe9ea27e890a7aed0e5b0d
4f041877c6e79dc0af844ec35ec3e46ae27802312bd8b1d1fa91cd4c9d0c6792
5530c0406067a51b4f33a48116596e0f456d16673de6dd498b08286330fa9369
5548dca5945c9b947b277dba14bf5ced188f4388b155b6a4c17595012ff32aa2
57f78b37eca08bf18eeb7c6745ed5e366810f674452350aea84ea95922e4f913
5aa0f383173b91e5517c4fab750dd38fbd80d79bc000bd12622e262ba06f1219
5cc0b7853e8aa733f5db845cce96c1315f7fd2552e2fc56f47661f7f25077ad9
5d535b6bc8fe64058e4df5e7edc89e02c1d0e1d60a8a092f56bf95b2a968fab8
5e68dc747adbbf96114a7d9ac09fb483166c151bb35b60979dbd6b1a9f0c352a
6091f688c9fdbc620a9a0c4b2bd0fea343ed389bcf26b7bd2d6f8addacd21d3b
647df2b0673786858974703dfc659a70944cf08acb17bd6a0d9bb03d9036eee9
64cee676a611b27aca955c5e227666f9d955682512ec25b982bd5e2f92eb61dd
658963e97a4f53a58ec63b900758063245a5507f026a070f8096bda6128ee703
69ff07a31a102649f3e0d08a967c39b134286293b85aac0885b3102a9120f1a6
6c3e44d9e5d5a5ea1e3c3978dea7d93ec88829dc748f0a3ea0df71f2b583a5be
6f0ea4b82e584328898359bfd5ec178817759941ae75442540332224a982a314
734faeee7101d507c3ebba13430e834e454f504f33beda6048c078a81b1347c2
75408f16c4d5d7fc6a5e2efa1968549638331d1eb0552dd6437b8999062f7f9e
7ccbba1d8b0fd4c6b878ba336c1400be1f6abdcef6229813cae941d145711a9d
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
82367687ec6737e451c4898edd832726d78e28f55c8fc49c6edcfd3edafaefa7
89a0a597f90ffa3a971842ecad65d1d39b00ade4a66673eca9470d91a6fb8a4c
89f8f191ee344e6a5ddac88b9c1a9332dc3e142ac30f2c49de09d3df1b2d7d13
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a983aeb762ff64349e56fa84144850e7bf44d82a2836bd19ad268c139decb89
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8de6b9db3f76645c102d0c1172d41b5bd054de765a744ddf01e98a457d53792c
8e188eacfffe6284653c83616523f4c946ae59d881b3eb49d55630930f7cb153
8e5d7a9c8ba69694e9918204e0f2476203e3b542d519fdcc143fda836d87e0f9
8f4fc0f336126492b535be2e0b29fbb538a3079547d19a81368aec9268a54f26
941fedd3b9ab7f5e772ab0c91b0b37e8859e5da2f190f199ef52c7951df8bba8
950316148a0018d60880c9a84385b3aff596ab545ebc3811ad6a406ee680afc9
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
986cf6e15bc52c3ba3cd8ef214c2de370e27649feb52ee4b9da1ae1da2e69741
98b3ff3a8543eaee1f9946fde06f31cd9bb98f9e57cd431e0234db57c221334e
9b96fe0a7d9b194599c4a2982ba5efb84aa3999dae35fd93cc1c7e64659e20b4
9d4c1415f5b1107950646d6c2078f884b6de86ad9342aa36de8cc645577f1597
9e273fd35e0754185e00582743e2f22b06ae9b945918a4847a6007e90a94d33f
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
a0b87b701b26c5494893d6cab30c0511f6e3cbe57cd7635116533487cbb842ad
a7bd869151ae907d54f3e636848c0a6f06e54289df7d9e0b68b57da96c2ca77b
a7fa5961cbd928cce993bc7b252e42748ba981801797ab0642eddd47a4b71f62
ac343681a5deab2df6b80cd6d0fa20a58a71aac7e030df0d912bfdbcfc2e28d4
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adeb65d6211cf5253896096eaa2fddceba84a4c22c0af823d473310c7da4a1ab
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc60025acb6cd0405548e21d7c5c8593ccf0c94c601961403d1e12820b0f4f72
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c36c602f92e4d1cf88440d9d31e921d7014dba660caaa95ceebf0eb0350b21f2
c43a8d413e5b24b174ce521baf90d23fd3ee9649b210ccc3847cb6943b2f28ac
c63bfde516db7de1382a412ee68d36842b5796757a93ab96db2e9b5841744d1b
c644357ad1f1dc62ae5ef1bf272533e81058bf23915e8a39a65daeb7121d43cb
c8a3c55176c567129af684cc313c34c17e59fbca2d2e649ccb4a2ce770c49699
cc1f2a8a1cdeee6e619223ca05af8552e8c91365c2f3af306c5cd1d7ed1eadab
cce4e74df5bbd0ad455d61c3e72746bde25a08937ee4897c86141b4e3544acfb
ccf4cdaba8c9724b55205e7dd7dcc3d64ec603b5c17756a311bdabbd9d2b6ee0
cf1bda0a4de82066dcf785d79456556a1dae957e9c0a9175e5bcc22f2e8084ad
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3b8e80957b56e303a3fc8ee918a5755e067c7998ad6b802bfbcb710a8be7a84
d3c31248b3fb04f924bfd99402102e07575ccb0da37dc0369e06477cdef7ecd7
db61b7a8b60845821f0b00c0d87967607748b7f499898796ec34fc9c4158ae85
dbffe4825c6ba1f19ff48607381ad4384b0609b64998830502c130f00abe887d
dccc16fcac41c7dc0e04650cce3c3a406e73777d2e203b9c8faef3e3659feb50
dd931003979b56635a56c10b38c0ae71e54e476967ecb6bec82c193f3097f517
e175f6426bd917196cb04bc51cc0e5e3e42b6748a8fc02d5dfb944baacc2d87c
e26b47632ed27ea21dd2df642d96f36c3519a8529fd228af2df171439521b9ce
e3ae0f120f30b95b1bc51b7440fb005c41cfc4560e3701763552c07b03a55a46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e78aa672651c45f0c6ee4fd9b33f54e3b9d885887eb456147b51c6ace6a42950
e7b0faf5b6609c30da18127344b425078ed95080159b5245cf73fffc8b1e67f0
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb74914a5c7052569ef50b9ae522cb3f20c4c7c14c091e3a750bd57eec5f61e1
ed9f93fb0a529a2a1aef5b0d919275bf5de1fccf02221c48e41315453e2df88d
ede6447850cc7dbf69cd847ebb7d6ad90ce0b1c7e924e5c6e47e272114c684d7
ee17f66035e73736eb6efe5f45e44569cd39875c5de41cbaf822227dc7244617
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
fda2561bc8cfc69b54245a5bc1525919e0c25a3add196dc23bf8528db3842b78
fe9d2604db114d74e64d705a34c79b1a55699b63bc485be72e3014916b2871bb

www.securitybydefault.com Open in urlscan Pro 2a00:1450:400a:808::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

123 Requests

46 %HTTPS

65 %IPv6

15 Domains

25 Subdomains

20 IPs

4 Countries

3679 kBTransfer

5400 kBSize

6 Cookies

100 Outgoing links

Redirected requests

123 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.securitybydefault.com Open in urlscan Pro
2a00:1450:400a:808::2013 Public Scan

Screenshot
Live screenshot

Full Image

123
Requests

46 %
HTTPS

65 %
IPv6

15
Domains

25
Subdomains

20
IPs

4
Countries

3679 kB
Transfer

5400 kB
Size

6
Cookies

123 HTTP transactions
2 data transactions