auth.sta.catonet.works Open in urlscan Pro
107.154.248.90 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://auth.sta.catonet.works/
Submission: On August 15 via automatic, source certstream-suspicious (August 15th 2021, 12:29:05 am UTC)

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 16 HTTP transactions. The main IP is 107.154.248.90, located in United States and belongs to INCAPSULA, US. The main domain is auth.sta.catonet.works.
TLS certificate: Issued by Cato Networks CA on September 8th 2020. Valid for: 2 years.

This is the only time auth.sta.catonet.works was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	107.154.248.90 107.154.248.90	19551 (INCAPSULA) (INCAPSULA)
6	2606:4700:7::... 2606:4700:7::a29f:872a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba2a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
16	3

6 107.154.248.90 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.248.90.ip.incapdns.net

auth.sta.catonet.works	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:7::a29f:872a (United States)

ASN13335 (CLOUDFLARENET, US)

catonewwebsite.kinsta.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	kinsta.cloud catonewwebsite.kinsta.cloud	16 KB
6	catonet.works auth.sta.catonet.works	64 KB
4	typekit.net use.typekit.net	97 KB
16	3

	Domain	Requested by
6	catonewwebsite.kinsta.cloud	auth.sta.catonet.works catonewwebsite.kinsta.cloud
6	auth.sta.catonet.works	auth.sta.catonet.works
4	use.typekit.net	catonewwebsite.kinsta.cloud
16	3

This site contains no links.

Subject Issuer	Validity	Valid
auth.sta.catonet.works Cato Networks CA	`2020-09-08` - `2022-12-08`	2 years	crt.sh
kinsta.cloud Cloudflare Inc ECC CA-3	`2021-02-11` - `2022-02-10`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2020-11-03` - `2021-11-07`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://auth.sta.catonet.works/
Frame ID: AF3C5C0DCD87664F496533541ADF3D64
Requests: 6 HTTP requests in this frame

Frame: https://catonewwebsite.kinsta.cloud/ransomware-attackers-defenders-and-fbis-perspective/
Frame ID: B53E8D259CD0D7D0A731C75BDCBFE8BE
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

16
Requests

63 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

177 kB
Transfer

432 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
auth.sta.catonet.works/ 9 KB
4 KB 190ms
108ms Document
text/html 107.154.248.90
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.sta.catonet.works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.248.90 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.248.90.ip.incapdns.net

Software

nginx/1.19.6 /

Resource Hash

771b296d95818c3a0be52735f3eafee61c4cad993b28504dc3165ddf7748ebd7

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Security-Policy	script-src 'self' 'unsafe-eval' https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:method: GET
:authority: auth.sta.catonet.works
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 00:28:48 GMT
content-type: text/html;charset=UTF-8
set-cookie: AWSALB=eAtu3fws+tUDSqkeQieKoBa+BE2yn4bsdVBy9g3Lb+6rdZPkt9zrNRlALg4zzgL5rNg1MI3bE6Txoapz/XdK9R9VF1f/CsXEW1lT3f/uYFBnRcMdONihVI5UmU/1; Expires=Sun, 22 Aug 2021 00:28:48 GMT; Path=/ AWSALBCORS=eAtu3fws+tUDSqkeQieKoBa+BE2yn4bsdVBy9g3Lb+6rdZPkt9zrNRlALg4zzgL5rNg1MI3bE6Txoapz/XdK9R9VF1f/CsXEW1lT3f/uYFBnRcMdONihVI5UmU/1; Expires=Sun, 22 Aug 2021 00:28:48 GMT; Path=/; SameSite=None; Secure XSRF-TOKEN=9aaebe5e-6a6b-4ffd-96d7-c7dbf9595a41; Path=/; HttpOnly; Secure auth-session=B7ECC3B5794EC542E1C7C3BC5EC997D7; Path=/; HttpOnly; Secure visid_incap_2380834=OdHO2YJXSWGiH/KjBj/tar9fGGEAAAAAQUIPAAAAAAA9x4VMTsFrnqXWiOC9wzZE; expires=Sun, 14 Aug 2022 17:07:34 GMT; HttpOnly; path=/; Domain=.sta.catonet.works; Secure; SameSite=None nlbi_2380834=0SxkfhbH4gj9UDpLTTb3iwAAAACyQykz3TFygkTXBzruGR/5; path=/; Domain=.sta.catonet.works; Secure; SameSite=None incap_ses_467_2380834=7NJLAT5AGV3z6SNfbx57BsBfGGEAAAAAlU0hJIAzFMwxHMQEnijwcg==; path=/; Domain=.sta.catonet.works; Secure; SameSite=None
server: nginx/1.19.6
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
content-language: en-US
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: script-src 'self' 'unsafe-eval' https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
x-content-security-policy: script-src 'self' 'unsafe-eval' https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
x-cdn: Imperva
content-encoding: gzip
x-iinfo: 5-43144412-43144413 NNYN CT(19 39 0) RT(1628987327957 0) q(0 0 1 0) r(1 1) U12

GET
H2 200 bootstrap.min.css
auth.sta.catonet.works/webjars/bootstrap/4.3.1/css/ 152 KB
23 KB 101ms
101ms Stylesheet
text/css 107.154.248.90
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.sta.catonet.works/webjars/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: auth.sta.catonet.works
URL: https://auth.sta.catonet.works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.248.90 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.248.90.ip.incapdns.net

Software

nginx/1.19.6 /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Security-Policy	script-src 'self' 'unsafe-eval' https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:path: /webjars/bootstrap/4.3.1/css/bootstrap.min.css
pragma: no-cache
cookie: AWSALB=eAtu3fws+tUDSqkeQieKoBa+BE2yn4bsdVBy9g3Lb+6rdZPkt9zrNRlALg4zzgL5rNg1MI3bE6Txoapz/XdK9R9VF1f/CsXEW1lT3f/uYFBnRcMdONihVI5UmU/1; AWSALBCORS=eAtu3fws+tUDSqkeQieKoBa+BE2yn4bsdVBy9g3Lb+6rdZPkt9zrNRlALg4zzgL5rNg1MI3bE6Txoapz/XdK9R9VF1f/CsXEW1lT3f/uYFBnRcMdONihVI5UmU/1; XSRF-TOKEN=9aaebe5e-6a6b-4ffd-96d7-c7dbf9595a41; auth-session=B7ECC3B5794EC542E1C7C3BC5EC997D7; visid_incap_2380834=OdHO2YJXSWGiH/KjBj/tar9fGGEAAAAAQUIPAAAAAAA9x4VMTsFrnqXWiOC9wzZE; nlbi_2380834=0SxkfhbH4gj9UDpLTTb3iwAAAACyQykz3TFygkTXBzruGR/5; incap_ses_467_2380834=7NJLAT5AGV3z6SNfbx57BsBfGGEAAAAAlU0hJIAzFMwxHMQEnijwcg==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: auth.sta.catonet.works
referer: https://auth.sta.catonet.works/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.sta.catonet.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 00:28:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 5-43144422-43141102 2NYN RT(1628987328068 0) q(0 0 0 -1) r(1 1) U2
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block 1; mode=block
pragma: no-cache
last-modified: Thu, 08 Jul 2021 06:56:37 GMT
server: nginx/1.19.6
x-frame-options: DENY
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
content-type: text/css
access-control-allow-origin: *
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'self' 'unsafe-eval' https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
set-cookie: AWSALB=bDWtaMjRgvxHMkrTaHNXc7yzYFYCSaFYgMNLUU2MrXZG6JdlcH1gBeKMznPi9ZPi8MYZtGzHP90Uo0ohT1XtglwDmsPJ5ranCJtdf+92Tr1MKclFPzAeTBs7IqJT; Expires=Sun, 22 Aug 2021 00:28:48 GMT; Path=/ AWSALBCORS=bDWtaMjRgvxHMkrTaHNXc7yzYFYCSaFYgMNLUU2MrXZG6JdlcH1gBeKMznPi9ZPi8MYZtGzHP90Uo0ohT1XtglwDmsPJ5ranCJtdf+92Tr1MKclFPzAeTBs7IqJT; Expires=Sun, 22 Aug 2021 00:28:48 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
x-content-security-policy: script-src 'self' 'unsafe-eval' https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'

GET
H2 200 logo.svg
auth.sta.catonet.works/resources/images/ 3 KB
2 KB 45ms
44ms Image
image/svg+xml 107.154.248.90
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.sta.catonet.works/resources/images/logo.svg

Requested by

Host: auth.sta.catonet.works
URL: https://auth.sta.catonet.works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.248.90 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.248.90.ip.incapdns.net

Software

nginx/1.19.6 /

Resource Hash

3d363a72bb9b5999575abd2f90c9f51560ffac9a0330afaa617faaa0cd9df4b0

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Security-Policy	script-src 'self' 'unsafe-eval' https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
X-Xss-Protection	1; mode=block

Request headers

:path: /resources/images/logo.svg
pragma: no-cache
cookie: AWSALB=eAtu3fws+tUDSqkeQieKoBa+BE2yn4bsdVBy9g3Lb+6rdZPkt9zrNRlALg4zzgL5rNg1MI3bE6Txoapz/XdK9R9VF1f/CsXEW1lT3f/uYFBnRcMdONihVI5UmU/1; AWSALBCORS=eAtu3fws+tUDSqkeQieKoBa+BE2yn4bsdVBy9g3Lb+6rdZPkt9zrNRlALg4zzgL5rNg1MI3bE6Txoapz/XdK9R9VF1f/CsXEW1lT3f/uYFBnRcMdONihVI5UmU/1; XSRF-TOKEN=9aaebe5e-6a6b-4ffd-96d7-c7dbf9595a41; auth-session=B7ECC3B5794EC542E1C7C3BC5EC997D7; visid_incap_2380834=OdHO2YJXSWGiH/KjBj/tar9fGGEAAAAAQUIPAAAAAAA9x4VMTsFrnqXWiOC9wzZE; nlbi_2380834=0SxkfhbH4gj9UDpLTTb3iwAAAACyQykz3TFygkTXBzruGR/5; incap_ses_467_2380834=7NJLAT5AGV3z6SNfbx57BsBfGGEAAAAAlU0hJIAzFMwxHMQEnijwcg==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: auth.sta.catonet.works
referer: https://auth.sta.catonet.works/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.sta.catonet.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 00:28:48 GMT
content-encoding: gzip
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
last-modified: Thu, 08 Jul 2021 06:56:37 GMT
server: nginx/1.19.6
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
x-iinfo: 5-43144423-43144413 PNYN RT(1628987328070 0) q(0 0 0 -1) r(0 0) U18
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-eval' https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
set-cookie: AWSALB=y1TxHlTXH6AWmCfD4KZRjgFwRNA1UIutSHDuY5+scw9b18ohg4lboHXlhyCfchiMVNi8sNZIePDs1EAyww/FQAUGmOTu1UpbtzjYIJIN6T/imCE9kYyM3IvVKasR; Expires=Sun, 22 Aug 2021 00:28:48 GMT; Path=/ AWSALBCORS=y1TxHlTXH6AWmCfD4KZRjgFwRNA1UIutSHDuY5+scw9b18ohg4lboHXlhyCfchiMVNi8sNZIePDs1EAyww/FQAUGmOTu1UpbtzjYIJIN6T/imCE9kYyM3IvVKasR; Expires=Sun, 22 Aug 2021 00:28:48 GMT; Path=/; SameSite=None; Secure auth-session=1F45DD6A13523819D39DD5C6B3F0C405; Path=/; HttpOnly; Secure
accept-ranges: bytes
x-cdn: Imperva
x-content-security-policy: script-src 'self' 'unsafe-eval' https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'

GET
H2 200 _Incapsula_Resource Show response
auth.sta.catonet.works/ 134 KB
19 KB 27ms
27ms Script
application/javascript 107.154.248.90
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.sta.catonet.works/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1044780904

Requested by

Host: auth.sta.catonet.works
URL: https://auth.sta.catonet.works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.248.90 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.248.90.ip.incapdns.net

Software

Resource Hash

0348b04510ad6121223ba358542503732fc30a8286c1cca85d34b4f5641f2c42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:path: /_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1044780904
pragma: no-cache
cookie: XSRF-TOKEN=9aaebe5e-6a6b-4ffd-96d7-c7dbf9595a41; visid_incap_2380834=OdHO2YJXSWGiH/KjBj/tar9fGGEAAAAAQUIPAAAAAAA9x4VMTsFrnqXWiOC9wzZE; nlbi_2380834=0SxkfhbH4gj9UDpLTTb3iwAAAACyQykz3TFygkTXBzruGR/5; incap_ses_467_2380834=7NJLAT5AGV3z6SNfbx57BsBfGGEAAAAAlU0hJIAzFMwxHMQEnijwcg==; AWSALB=y1TxHlTXH6AWmCfD4KZRjgFwRNA1UIutSHDuY5+scw9b18ohg4lboHXlhyCfchiMVNi8sNZIePDs1EAyww/FQAUGmOTu1UpbtzjYIJIN6T/imCE9kYyM3IvVKasR; AWSALBCORS=y1TxHlTXH6AWmCfD4KZRjgFwRNA1UIutSHDuY5+scw9b18ohg4lboHXlhyCfchiMVNi8sNZIePDs1EAyww/FQAUGmOTu1UpbtzjYIJIN6T/imCE9kYyM3IvVKasR; auth-session=1F45DD6A13523819D39DD5C6B3F0C405
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: auth.sta.catonet.works
referer: https://auth.sta.catonet.works/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.sta.catonet.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 19609
content-type: application/javascript

GET
H2 200 / Show response
catonewwebsite.kinsta.cloud/ransomware-attackers-defenders-and-fbis-perspective/ Frame B53E 5 KB
2 KB 733ms
706ms Document
text/html 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://catonewwebsite.kinsta.cloud/ransomware-attackers-defenders-and-fbis-perspective/

Requested by

Host: auth.sta.catonet.works
URL: https://auth.sta.catonet.works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1026dc166b3810934084d2b1700cfb1f3c99e72c676d0acb25d697bc4312833d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: catonewwebsite.kinsta.cloud
:scheme: https
:path: /ransomware-attackers-defenders-and-fbis-perspective/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://auth.sta.catonet.works/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://auth.sta.catonet.works/

Response headers

date: Sun, 15 Aug 2021 00:28:49 GMT
content-type: text/html; charset=UTF-8
cf-ray: 67ee4e158b964a5c-FRA
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://catonewwebsite.kinsta.cloud/wp-json/>; rel="https://api.w.org/", <https://catonewwebsite.kinsta.cloud/wp-json/wp/v2/pages/16668>; rel="alternate"; type="application/json", <https://catonewwebsite.kinsta.cloud/?p=16668>; rel=shortlink
set-cookie: PHPSESSID=8c41affa0bdb17667c6d2eedf501782b; path=/ pll_language=en; expires=Mon, 15-Aug-2022 00:01:59 GMT; Max-Age=31536000; path=/; secure; SameSite=Lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ki-edge: v=16.1
pragma: no-cache
x-content-type-options: nosniff
x-edge-location-klb: 1
x-kinsta-cache: HIT
x-robots-tag: noindex, nofollow, nosnippet, noarchive
server: cloudflare
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 roboto-v18-latin-regular.woff2
auth.sta.catonet.works/resources/fonts/ 15 KB
15 KB 43ms
43ms Font
application/font-woff2 107.154.248.90
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.sta.catonet.works/resources/fonts/roboto-v18-latin-regular.woff2

Requested by

Host: auth.sta.catonet.works
URL: https://auth.sta.catonet.works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.248.90 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.248.90.ip.incapdns.net

Software

nginx/1.19.6 /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Security-Policy	script-src 'self' 'unsafe-eval' https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://auth.sta.catonet.works
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: XSRF-TOKEN=9aaebe5e-6a6b-4ffd-96d7-c7dbf9595a41; visid_incap_2380834=OdHO2YJXSWGiH/KjBj/tar9fGGEAAAAAQUIPAAAAAAA9x4VMTsFrnqXWiOC9wzZE; nlbi_2380834=0SxkfhbH4gj9UDpLTTb3iwAAAACyQykz3TFygkTXBzruGR/5; incap_ses_467_2380834=7NJLAT5AGV3z6SNfbx57BsBfGGEAAAAAlU0hJIAzFMwxHMQEnijwcg==; auth-session=1F45DD6A13523819D39DD5C6B3F0C405; AWSALB=bDWtaMjRgvxHMkrTaHNXc7yzYFYCSaFYgMNLUU2MrXZG6JdlcH1gBeKMznPi9ZPi8MYZtGzHP90Uo0ohT1XtglwDmsPJ5ranCJtdf+92Tr1MKclFPzAeTBs7IqJT; AWSALBCORS=bDWtaMjRgvxHMkrTaHNXc7yzYFYCSaFYgMNLUU2MrXZG6JdlcH1gBeKMznPi9ZPi8MYZtGzHP90Uo0ohT1XtglwDmsPJ5ranCJtdf+92Tr1MKclFPzAeTBs7IqJT
:path: /resources/fonts/roboto-v18-latin-regular.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: auth.sta.catonet.works
referer: https://auth.sta.catonet.works/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://auth.sta.catonet.works
Referer: https://auth.sta.catonet.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 00:28:48 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
last-modified: Thu, 08 Jul 2021 06:56:37 GMT
server: nginx/1.19.6
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/font-woff2
access-control-allow-origin: *
x-iinfo: 5-43144430-43144413 PNNN RT(1628987328238 0) q(0 0 0 -1) r(0 0) U12
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-eval' https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
set-cookie: AWSALB=ScjL3hAEUA9M0jF9RXDcqiwtHXiugWM48i7sm7/Gga0ljRkC4MjTby9ycDOJfIvbNYfhTfLROv8iqT2yp7gJP/nYvavmerR9Sw+FKnzkdyLGnvrjrMy8c2B4Hich; Expires=Sun, 22 Aug 2021 00:28:48 GMT; Path=/ AWSALBCORS=ScjL3hAEUA9M0jF9RXDcqiwtHXiugWM48i7sm7/Gga0ljRkC4MjTby9ycDOJfIvbNYfhTfLROv8iqT2yp7gJP/nYvavmerR9Sw+FKnzkdyLGnvrjrMy8c2B4Hich; Expires=Sun, 22 Aug 2021 00:28:48 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
content-length: 15344
x-cdn: Imperva
x-content-security-policy: script-src 'self' 'unsafe-eval' https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'

GET
H2 200 _Incapsula_Resource
auth.sta.catonet.works/ 1 B
36 B 20ms
20ms Image
text/plain 107.154.248.90
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.sta.catonet.works/_Incapsula_Resource?SWKMTFSR=1&e=0.20383730926025456

Requested by

Host: auth.sta.catonet.works
URL: https://auth.sta.catonet.works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.248.90 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.248.90.ip.incapdns.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:path: /_Incapsula_Resource?SWKMTFSR=1&e=0.20383730926025456
pragma: no-cache
cookie: XSRF-TOKEN=9aaebe5e-6a6b-4ffd-96d7-c7dbf9595a41; visid_incap_2380834=OdHO2YJXSWGiH/KjBj/tar9fGGEAAAAAQUIPAAAAAAA9x4VMTsFrnqXWiOC9wzZE; nlbi_2380834=0SxkfhbH4gj9UDpLTTb3iwAAAACyQykz3TFygkTXBzruGR/5; incap_ses_467_2380834=7NJLAT5AGV3z6SNfbx57BsBfGGEAAAAAlU0hJIAzFMwxHMQEnijwcg==; auth-session=1F45DD6A13523819D39DD5C6B3F0C405; AWSALB=ScjL3hAEUA9M0jF9RXDcqiwtHXiugWM48i7sm7/Gga0ljRkC4MjTby9ycDOJfIvbNYfhTfLROv8iqT2yp7gJP/nYvavmerR9Sw+FKnzkdyLGnvrjrMy8c2B4Hich; AWSALBCORS=ScjL3hAEUA9M0jF9RXDcqiwtHXiugWM48i7sm7/Gga0ljRkC4MjTby9ycDOJfIvbNYfhTfLROv8iqT2yp7gJP/nYvavmerR9Sw+FKnzkdyLGnvrjrMy8c2B4Hich; ___utmvc=TnXBHoW+uLQOxv7k9qIlrfk9Qw7E/LUibOTbrMwAo4zcwYQ5rYyol6c0pFRBhfc1NE8k5xQuWrixDKMhJVBGdGHblQAYVkUETI+vgLV1CvochlBR1bVid3QjBuSOPNK1UM6R8NOZ6Kwn3H2sLltiV1jkT6qN8Ot/dWME/VaPym9CdQIHBN0NZdokstdvJIZzLI+Y0CFvFRZDtxk62miH5R4VeRm8a8ByTYwMcEhUMheaozDV+jSQVXYa4AsztX2+osOPOV3lkpXmAtL0qoq+weLtFw30GdyMVYdh5ZyY2yDNQbmHOJdaET9CoClRLFgh4HsxJ4uJdVimtslFajkg7M18bjHYBD9Uxx80gIOiEkGmhWpoGhHKf2LdkTkR1fFB5tPKjNBeFBKwmlkPdp9wHhKbB3QHXJVo0F0ERjgWQaawGSHz8K/3MbiPjc2SMB7167+CiYZnOrtc2Hs8WL/2Svh7ND9pzbfa0DMnbvrBKyB8/15vAvHfewpAmUFDgOSHzNhqOuB4AaQCnUA5W0SAwBVRG/3P7VymWTJ39VD1lmf0eFGeLz/iejvOohoHmeqyZ1SpDMavKRfTOwwhLva+ZW9XTD14vAx5s2P/vEE6Uk2FLANX0PJm0Mc+gFeVoD2+38r+PA1hKyT6q9X8ClPejWzrGBSl4c2pMaAUm9tLWffLyIcff767MO7t1ehXBp6k8DW9hOz4RIylpREwDTSk9chQjxXFu31ECoOjXTHpgB32Hs80pzZywrN1epahbFtfJkU+catE8ou/cQ4ruJ4HYKJmcY6eSFV8/5I04RW3RN4Tnfr/LGg+n4zJqxAwkR9wcg1ARMDm2PUnYL78Di5evJ7Wn/EM91TQ3OikFvl0zxUgLfg+DKG1Bc8GaT4A2jFLbMj8wdr/Yh5TVlFNCZLUIBIO3D2XXBFip3aOsD48IbVkvHgKyaqJOXOPKWM901vUWpLT3+1u8vSkAizbeHsNFd9h0CRyxa2G50UwNUr4hdRYXFZ0EVuzpNyYFq8/uzQBvokrvevBUHXP9Fsh+34EN2djCvqvcEpwgU5G5Mj/t7abxHpkmQwKQeSvHtBcJvlNxxdyqRRPa6ozgQ+netF+KpPk39sd3wHhP18a4Ox/O4W58dpa/5YFbuvYSNOgEECQW2GyKAegGkZu+0r5Q3MEh1KyqU28CuUWXUYfs5cYLm+69432ObwMbTJ6/Mmb0HQKt+ruyPwI0TvtOsINudHpncRqW7ZE0qKAwQZH901CWcP51G7olQBrjcGQfCj3a6x8XOQnx6xxxlEu3qnDEyqE9mUteVBSAP8Ks8F5wdgLd7Lg1Sxd4+Gnn03s9S9W5iFUYJryv/4iTzweF+RqA8urrasibIKF9SB9mZL0liXkPqK990nNlJ1ijsOMGNIFIXvFjhHcTPNwjr4P1F0dVyOEL+TGQgxEuzUGclX2XBR3g/rShzLIpGY5HdzI8J0ZO0OydxJox45mdkqpv5Kko3/M3kdus4dqpCzJluyW3GLRtjspWLVZL2ZNFI4ldedwqGyFbhSPxsEKSKOFekU/0HfJbFNkYXHbdTjKZd5r53WwgZnF8szAM8KJ5iLX06K3Hpq4dRAXqAtdHZSz8Si4AypHF2bF8d8GcokseRnAEA6GH8adJ/HTdKj0LOpn6U/IkKA3gWGXXZ57fbkW3SWHFrPacJQB1Jby5xfcz//xAgXO/jK2+GchOOHvnJPyLAq0rZDtdz5PA1OXvnyFmqk14u1Ws/lOvg7Rh0G4wR9tqX8Y49ECfaB+741U5Bxe6uCoccAML01MRxd/iL2cVZg8Ho97FZbWbI/egfRvzQ4OEnSITAOsqddfXTTFzrshFnKVuSTZDwmDQHmo0lllayLcynmtWvUN4AKm2d/h7FPmIOq5AXFMNgpsJurlbft0mVNYoqV1PTck3vac0ZML3zHwRR+ZC94Qu+B1rcWlL2HDFPZx+fr6ASdZSVxn+8tznq9c6HSBxoZpJ50d3tKgFYWORA3TwJ4zPD+FxrqLIxGLL33C5dsMPzGy+EqLhiG6Z/Iwu+8ALGRpZ2VzdD0xNDA0NjAscz05YmE0N2I5ODg1Njg3NDhhOTY4NzhlOGE5YThkNzc5ZDdmYTU4NTg2NjQ3ZTZkODI5Mjk1NWI1Zjg5YTY5ZjdmODE5ZGE5YTY4Njg1NmQ3MQ==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: auth.sta.catonet.works
referer: https://auth.sta.catonet.works/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://auth.sta.catonet.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H3-29 200 cc2-template-green.css
catonewwebsite.kinsta.cloud/wp-content/themes/cato/assets/styles/ Frame B53E 3 KB
1 KB 568ms
557ms Stylesheet
text/css 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://catonewwebsite.kinsta.cloud/wp-content/themes/cato/assets/styles/cc2-template-green.css

Requested by

Host: catonewwebsite.kinsta.cloud
URL: https://catonewwebsite.kinsta.cloud/ransomware-attackers-defenders-and-fbis-perspective/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a24c07e70c9abb4af416b2f6b8f8b7ba85d42b3f84b4931d0c243ada61c0ea1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://catonewwebsite.kinsta.cloud/ransomware-attackers-defenders-and-fbis-perspective/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 00:28:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.1
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-robots-tag: noindex, nofollow, nosnippet, noarchive
last-modified: Tue, 03 Aug 2021 09:44:51 GMT
server: cloudflare
etag: W/"61091013-bf6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 67ee4e1a0d5b42e1-FRA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 neil-mcdonald-web.png
catonewwebsite.kinsta.cloud/wp-content/uploads/2021/06/ Frame B53E 4 KB
5 KB 564ms
552ms Image
image/png 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://catonewwebsite.kinsta.cloud/wp-content/uploads/2021/06/neil-mcdonald-web.png

Requested by

Host: catonewwebsite.kinsta.cloud
URL: https://catonewwebsite.kinsta.cloud/ransomware-attackers-defenders-and-fbis-perspective/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92909ad6218b9a5dba941c54eba518393fed452e1809029707bbef128c6d18e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://catonewwebsite.kinsta.cloud/ransomware-attackers-defenders-and-fbis-perspective/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 00:28:50 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.1
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4377
x-robots-tag: noindex, nofollow, nosnippet, noarchive
last-modified: Mon, 21 Jun 2021 09:28:49 GMT
server: cloudflare
etag: "60d05bd1-1119"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 67ee4e1a0d5a42e1-FRA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 GARTNER-LOGO.svg
catonewwebsite.kinsta.cloud/wp-content/uploads/2021/06/ Frame B53E 2 KB
2 KB 561ms
551ms Image
image/svg+xml 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://catonewwebsite.kinsta.cloud/wp-content/uploads/2021/06/GARTNER-LOGO.svg

Requested by

Host: catonewwebsite.kinsta.cloud
URL: https://catonewwebsite.kinsta.cloud/ransomware-attackers-defenders-and-fbis-perspective/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

861aaf89316ed2341227ca815cd69820a58f07a7b780803bf720e23b93f9f540

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://catonewwebsite.kinsta.cloud/ransomware-attackers-defenders-and-fbis-perspective/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 00:28:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.1
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-robots-tag: noindex, nofollow, nosnippet, noarchive
last-modified: Mon, 21 Jun 2021 09:29:04 GMT
server: cloudflare
etag: W/"60d05be0-913"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 67ee4e1a0d5042e1-FRA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 Yishay-Yovel-web.png
catonewwebsite.kinsta.cloud/wp-content/uploads/2021/06/ Frame B53E 4 KB
4 KB 555ms
545ms Image
image/png 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://catonewwebsite.kinsta.cloud/wp-content/uploads/2021/06/Yishay-Yovel-web.png

Requested by

Host: catonewwebsite.kinsta.cloud
URL: https://catonewwebsite.kinsta.cloud/ransomware-attackers-defenders-and-fbis-perspective/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb5a2e651878bde1c26eef8a31810fb7d4890d6e465d2901d3d64a9efbedffb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://catonewwebsite.kinsta.cloud/ransomware-attackers-defenders-and-fbis-perspective/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 00:28:50 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.1
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4046
x-robots-tag: noindex, nofollow, nosnippet, noarchive
last-modified: Mon, 21 Jun 2021 09:29:29 GMT
server: cloudflare
etag: "60d05bf9-fce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 67ee4e1a0d5342e1-FRA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 cato-logo-2021-02.svg
catonewwebsite.kinsta.cloud/wp-content/uploads/2021/06/ Frame B53E 4 KB
2 KB 564ms
553ms Image
image/svg+xml 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://catonewwebsite.kinsta.cloud/wp-content/uploads/2021/06/cato-logo-2021-02.svg

Requested by

Host: catonewwebsite.kinsta.cloud
URL: https://catonewwebsite.kinsta.cloud/ransomware-attackers-defenders-and-fbis-perspective/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

257a7803b0fb3bf8927656b014b9c5ae7ecb90f166db0d746dd08b58c9c603d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://catonewwebsite.kinsta.cloud/ransomware-attackers-defenders-and-fbis-perspective/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 00:28:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.1
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-robots-tag: noindex, nofollow, nosnippet, noarchive
last-modified: Mon, 21 Jun 2021 09:25:56 GMT
server: cloudflare
etag: W/"60d05b24-1044"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 67ee4e1a0d5642e1-FRA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 l
use.typekit.net/af/28f000/00000000000000003b9b2048/27/ Frame B53E 23 KB
23 KB 33ms
6ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/28f000/00000000000000003b9b2048/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: catonewwebsite.kinsta.cloud
URL: https://catonewwebsite.kinsta.cloud/ransomware-attackers-defenders-and-fbis-perspective/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 21401cceea1bdefe201130dd7544e61fe474be3769631cc0d51c1d0a0dca0c44

Request headers

Origin: https://catonewwebsite.kinsta.cloud
Referer: https://catonewwebsite.kinsta.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 00:28:50 GMT
server: nginx
etag: "5d5df1b25290dc82b22a668f0395604299f16750"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 23180

GET
H2 200 l
use.typekit.net/af/8a200c/00000000000000003b9b204a/27/ Frame B53E 24 KB
24 KB 34ms
7ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8a200c/00000000000000003b9b204a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: catonewwebsite.kinsta.cloud
URL: https://catonewwebsite.kinsta.cloud/ransomware-attackers-defenders-and-fbis-perspective/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6a3ca54f77d4efa225bb8d473c8460fd76c1fd1be46e58c6ea069e6780bafaa9

Request headers

Origin: https://catonewwebsite.kinsta.cloud
Referer: https://catonewwebsite.kinsta.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 00:28:50 GMT
server: nginx
etag: "98e94e3a4f18a4bde13fe394b9115dd62fc5445b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 24444

GET
H2 200 l
use.typekit.net/af/9395af/00000000000000003b9b2046/27/ Frame B53E 24 KB
24 KB 34ms
7ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/9395af/00000000000000003b9b2046/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: catonewwebsite.kinsta.cloud
URL: https://catonewwebsite.kinsta.cloud/ransomware-attackers-defenders-and-fbis-perspective/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: ee9cd51774e3ce4eccd91266a76587108f800f7c5ed047c573db7fe35783a264

Request headers

Origin: https://catonewwebsite.kinsta.cloud
Referer: https://catonewwebsite.kinsta.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 00:28:50 GMT
server: nginx
etag: "19de6d6ee3080011144f46822cf6f3ef40f2c6a8"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 24788

GET
H2 200 l
use.typekit.net/af/d562ce/00000000000000003b9b204c/27/ Frame B53E 25 KB
25 KB 39ms
12ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/d562ce/00000000000000003b9b204c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: catonewwebsite.kinsta.cloud
URL: https://catonewwebsite.kinsta.cloud/ransomware-attackers-defenders-and-fbis-perspective/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1f86855eed5dfa085ca62ef7a301e94d1f82c34f426ddfd54fe66b15d632db90

Request headers

Origin: https://catonewwebsite.kinsta.cloud
Referer: https://catonewwebsite.kinsta.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 00:28:50 GMT
server: nginx
etag: "79b73a8b60023503d1f34e07b81f37976902b3f9"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25780

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
auth.sta.catonet.works/	1970-01-19 20:29:47	Name: ___utmvc Value: TnXBHoW+uLQOxv7k9qIlrfk9Qw7E/LUibOTbrMwAo4zcwYQ5rYyol6c0pFRBhfc1NE8k5xQuWrixDKMhJVBGdGHblQAYVkUETI+vgLV1CvochlBR1bVid3QjBuSOPNK1UM6R8NOZ6Kwn3H2sLltiV1jkT6qN8Ot/dWME/VaPym9CdQIHBN0NZdokstdvJIZzLI+Y0CFvFRZDtxk62miH5R4VeRm8a8ByTYwMcEhUMheaozDV+jSQVXYa4AsztX2+osOPOV3lkpXmAtL0qoq+weLtFw30GdyMVYdh5ZyY2yDNQbmHOJdaET9CoClRLFgh4HsxJ4uJdVimtslFajkg7M18bjHYBD9Uxx80gIOiEkGmhWpoGhHKf2LdkTkR1fFB5tPKjNBeFBKwmlkPdp9wHhKbB3QHXJVo0F0ERjgWQaawGSHz8K/3MbiPjc2SMB7167+CiYZnOrtc2Hs8WL/2Svh7ND9pzbfa0DMnbvrBKyB8/15vAvHfewpAmUFDgOSHzNhqOuB4AaQCnUA5W0SAwBVRG/3P7VymWTJ39VD1lmf0eFGeLz/iejvOohoHmeqyZ1SpDMavKRfTOwwhLva+ZW9XTD14vAx5s2P/vEE6Uk2FLANX0PJm0Mc+gFeVoD2+38r+PA1hKyT6q9X8ClPejWzrGBSl4c2pMaAUm9tLWffLyIcff767MO7t1ehXBp6k8DW9hOz4RIylpREwDTSk9chQjxXFu31ECoOjXTHpgB32Hs80pzZywrN1epahbFtfJkU+catE8ou/cQ4ruJ4HYKJmcY6eSFV8/5I04RW3RN4Tnfr/LGg+n4zJqxAwkR9wcg1ARMDm2PUnYL78Di5evJ7Wn/EM91TQ3OikFvl0zxUgLfg+DKG1Bc8GaT4A2jFLbMj8wdr/Yh5TVlFNCZLUIBIO3D2XXBFip3aOsD48IbVkvHgKyaqJOXOPKWM901vUWpLT3+1u8vSkAizbeHsNFd9h0CRyxa2G50UwNUr4hdRYXFZ0EVuzpNyYFq8/uzQBvokrvevBUHXP9Fsh+34EN2djCvqvcEpwgU5G5Mj/t7abxHpkmQwKQeSvHtBcJvlNxxdyqRRPa6ozgQ+netF+KpPk39sd3wHhP18a4Ox/O4W58dpa/5YFbuvYSNOgEECQW2GyKAegGkZu+0r5Q3MEh1KyqU28CuUWXUYfs5cYLm+69432ObwMbTJ6/Mmb0HQKt+ruyPwI0TvtOsINudHpncRqW7ZE0qKAwQZH901CWcP51G7olQBrjcGQfCj3a6x8XOQnx6xxxlEu3qnDEyqE9mUteVBSAP8Ks8F5wdgLd7Lg1Sxd4+Gnn03s9S9W5iFUYJryv/4iTzweF+RqA8urrasibIKF9SB9mZL0liXkPqK990nNlJ1ijsOMGNIFIXvFjhHcTPNwjr4P1F0dVyOEL+TGQgxEuzUGclX2XBR3g/rShzLIpGY5HdzI8J0ZO0OydxJox45mdkqpv5Kko3/M3kdus4dqpCzJluyW3GLRtjspWLVZL2ZNFI4ldedwqGyFbhSPxsEKSKOFekU/0HfJbFNkYXHbdTjKZd5r53WwgZnF8szAM8KJ5iLX06K3Hpq4dRAXqAtdHZSz8Si4AypHF2bF8d8GcokseRnAEA6GH8adJ/HTdKj0LOpn6U/IkKA3gWGXXZ57fbkW3SWHFrPacJQB1Jby5xfcz//xAgXO/jK2+GchOOHvnJPyLAq0rZDtdz5PA1OXvnyFmqk14u1Ws/lOvg7Rh0G4wR9tqX8Y49ECfaB+741U5Bxe6uCoccAML01MRxd/iL2cVZg8Ho97FZbWbI/egfRvzQ4OEnSITAOsqddfXTTFzrshFnKVuSTZDwmDQHmo0lllayLcynmtWvUN4AKm2d/h7FPmIOq5AXFMNgpsJurlbft0mVNYoqV1PTck3vac0ZML3zHwRR+ZC94Qu+B1rcWlL2HDFPZx+fr6ASdZSVxn+8tznq9c6HSBxoZpJ50d3tKgFYWORA3TwJ4zPD+FxrqLIxGLL33C5dsMPzGy+EqLhiG6Z/Iwu+8ALGRpZ2VzdD0xNDA0NjAscz05YmE0N2I5ODg1Njg3NDhhOTY4NzhlOGE5YThkNzc5ZDdmYTU4NTg2NjQ3ZTZkODI5Mjk1NWI1Zjg5YTY5ZjdmODE5ZGE5YTY4Njg1NmQ3MQ==
auth.sta.catonet.works/	1970-01-19 20:39:52	Name: AWSALB Value: ScjL3hAEUA9M0jF9RXDcqiwtHXiugWM48i7sm7/Gga0ljRkC4MjTby9ycDOJfIvbNYfhTfLROv8iqT2yp7gJP/nYvavmerR9Sw+FKnzkdyLGnvrjrMy8c2B4Hich
auth.sta.catonet.works/	1969-12-31 23:59:59	Name: auth-session Value: 1F45DD6A13523819D39DD5C6B3F0C405
.sta.catonet.works/	1969-12-31 23:59:59	Name: incap_ses_467_2380834 Value: 7NJLAT5AGV3z6SNfbx57BsBfGGEAAAAAlU0hJIAzFMwxHMQEnijwcg==
.sta.catonet.works/	1969-12-31 23:59:59	Name: nlbi_2380834 Value: 0SxkfhbH4gj9UDpLTTb3iwAAAACyQykz3TFygkTXBzruGR/5
.sta.catonet.works/	1970-01-20 05:14:56	Name: visid_incap_2380834 Value: OdHO2YJXSWGiH/KjBj/tar9fGGEAAAAAQUIPAAAAAAA9x4VMTsFrnqXWiOC9wzZE
auth.sta.catonet.works/	1970-01-19 20:39:52	Name: AWSALBCORS Value: ScjL3hAEUA9M0jF9RXDcqiwtHXiugWM48i7sm7/Gga0ljRkC4MjTby9ycDOJfIvbNYfhTfLROv8iqT2yp7gJP/nYvavmerR9Sw+FKnzkdyLGnvrjrMy8c2B4Hich
auth.sta.catonet.works/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: 9aaebe5e-6a6b-4ffd-96d7-c7dbf9595a41

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Security-Policy	script-src 'self' 'unsafe-eval' https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.sta.catonet.works
catonewwebsite.kinsta.cloud
use.typekit.net
107.154.248.90
2606:4700:7::a29f:872a
2a02:26f0:6c00::210:ba2a
0348b04510ad6121223ba358542503732fc30a8286c1cca85d34b4f5641f2c42
1026dc166b3810934084d2b1700cfb1f3c99e72c676d0acb25d697bc4312833d
1f86855eed5dfa085ca62ef7a301e94d1f82c34f426ddfd54fe66b15d632db90
21401cceea1bdefe201130dd7544e61fe474be3769631cc0d51c1d0a0dca0c44
257a7803b0fb3bf8927656b014b9c5ae7ecb90f166db0d746dd08b58c9c603d3
3d363a72bb9b5999575abd2f90c9f51560ffac9a0330afaa617faaa0cd9df4b0
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
6a3ca54f77d4efa225bb8d473c8460fd76c1fd1be46e58c6ea069e6780bafaa9
771b296d95818c3a0be52735f3eafee61c4cad993b28504dc3165ddf7748ebd7
861aaf89316ed2341227ca815cd69820a58f07a7b780803bf720e23b93f9f540
92909ad6218b9a5dba941c54eba518393fed452e1809029707bbef128c6d18e8
9a24c07e70c9abb4af416b2f6b8f8b7ba85d42b3f84b4931d0c243ada61c0ea1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee9cd51774e3ce4eccd91266a76587108f800f7c5ed047c573db7fe35783a264
fb5a2e651878bde1c26eef8a31810fb7d4890d6e465d2901d3d64a9efbedffb1

auth.sta.catonet.works Open in urlscan Pro 107.154.248.90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

16 Requests

63 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

177 kBTransfer

432 kBSize

8 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

8 Cookies

Security Headers

Indicators

auth.sta.catonet.works Open in urlscan Pro
107.154.248.90 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

63 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

177 kB
Transfer

432 kB
Size

8
Cookies

16 HTTP transactions
0 data transactions