urlscan.io logo urlscan.io
SecurityTrails logo

lockbitvictims.ic3.gov Open in urlscan Pro
2001:489a:3403::5e0  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://lockbitvictims.ic3.gov/
Effective URL: https://lockbitvictims.ic3.gov/
Submission: On February 27 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 32 HTTP transactions. The main IP is 2001:489a:3403::5e0, located in San Antonio, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is lockbitvictims.ic3.gov.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on February 14th 2024. Valid for: a year.
This is the only time lockbitvictims.ic3.gov was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

16    2001:489a:3403::5e0 (San Antonio, United States)

ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lockbitvictims.ic3.gov
5    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2600:9000:211e:b800:5:83ea:ba80:93a1 (United States)

ASN16509 (AMAZON-02, US)
dap.digitalgov.gov
6    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
16 ic3.gov
lockbitvictims.ic3.gov
347 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
657 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
39 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
21 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
85 KB
1 digitalgov.gov
dap.digitalgov.gov — Cisco Umbrella Rank: 5102
7 KB
32 6
Domain Requested by
16 lockbitvictims.ic3.gov lockbitvictims.ic3.gov
6 www.gstatic.com www.google.com
www.gstatic.com
5 www.google.com lockbitvictims.ic3.gov
www.gstatic.com
www.google.com
2 www.google-analytics.com dap.digitalgov.gov
www.google-analytics.com
1 fonts.gstatic.com www.google.com
1 www.googletagmanager.com dap.digitalgov.gov
1 dap.digitalgov.gov lockbitvictims.ic3.gov
32 7
Subject Issuer Validity Valid
lockbitvictims.ic3.gov
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-14 -
2025-02-14		 a year crt.sh
www.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
dap.digitalgov.gov
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://lockbitvictims.ic3.gov/
Frame ID: 3F6467F139EEC9BC5448EEC4D5D1A871
Requests: 23 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfaXhUTAAAAAAvKw_sNVIyc7f7wmqPdxd6p1hO9&co=aHR0cHM6Ly9sb2NrYml0dmljdGltcy5pYzMuZ292OjQ0Mw..&hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&size=normal&cb=jkubnduou93r
Frame ID: CA2888DDF816ECFBB89D2A2D8B9A26EC
Requests: 9 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&k=6LfaXhUTAAAAAAvKw_sNVIyc7f7wmqPdxd6p1hO9
Frame ID: 0936912C1E494F39F10ADDC447415333
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Form - LockBit Victim Reporting FormLock

Page URL History Show full URLs

  1. http://lockbitvictims.ic3.gov/ HTTP 307
    https://lockbitvictims.ic3.gov/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

32
Requests

100 %
HTTPS

100 %
IPv6

6
Domains

7
Subdomains

8
IPs

2
Countries

1155 kB
Transfer

2861 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://lockbitvictims.ic3.gov/ HTTP 307
    https://lockbitvictims.ic3.gov/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
lockbitvictims.ic3.gov/
Redirect Chain
  • http://lockbitvictims.ic3.gov/
  • https://lockbitvictims.ic3.gov/
41 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockbitvictims.ic3.gov/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:489a:3403::5e0 San Antonio, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
aebaa0a323f25d8862333a532a8370f786c901ee1c45459f60d4c640b139b34c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; upgrade-insecure-requests; frame-ancestors 'none'; font-src 'self'; img-src 'self' www.gstatic.com; frame-src www.google.com; script-src 'nonce-nca0p10avdfhkmqf' https://www.googletagmanager.com https://www.google-analytics.com; connect-src https://www.google-analytics.com; style-src 'self'; base-uri 'none'; form-action 'self'; require-trusted-types-for 'script'; trusted-types default goog#html
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-encoding
br
content-security-policy
default-src 'none'; upgrade-insecure-requests; frame-ancestors 'none'; font-src 'self'; img-src 'self' www.gstatic.com; frame-src www.google.com; script-src 'nonce-nca0p10avdfhkmqf' https://www.googletagmanager.com https://www.google-analytics.com; connect-src https://www.google-analytics.com; style-src 'self'; base-uri 'none'; form-action 'self'; require-trusted-types-for 'script'; trusted-types default goog#html
content-type
text/html; charset=utf-8
date
Tue, 27 Feb 2024 14:50:55 GMT
permissions-policy
camera=(), display-capture=(), fullscreen=(), geolocation=(), microphone=(), payment=(), publickey-credentials-get=(), web-share=()
pragma
no-cache
server
Microsoft-IIS/10.0
strict-transport-security
max-age=2592000
vary
Accept-Encoding
x-azure-ref
0z/bdZQAAAACWMDwV7/oLS6IOY7+vt8B/c24wMS1mZHYyLTZmNDhkOGM1NjktN2dxa2IANDM4ZDRhODItZTJjZC00MzQyLWIzNDAtMDZiOTA1MGMyMWUx
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://lockbitvictims.ic3.gov/
Non-Authoritative-Reason
HSTS
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: lockbitvictims.ic3.gov
URL: https://lockbitvictims.ic3.gov/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
510c92405ce7edbe9ee2be774b3cd37d4da696b91e5670da4f1cdcf2dd92285d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lockbitvictims.ic3.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 14:50:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Tue, 27 Feb 2024 14:50:55 GMT
uswds-init.min.js
lockbitvictims.ic3.gov/assets/js/ 		349 B
782 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lockbitvictims.ic3.gov/assets/js/uswds-init.min.js
Requested by
Host: lockbitvictims.ic3.gov
URL: https://lockbitvictims.ic3.gov/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:489a:3403::5e0 San Antonio, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a602434d1edf45f9766b56be9ccb4c62be3e98ee07aa958f6784b56ce1b648cc
Security Headers
Name Value
Content-Security-Policy default-src 'none'; upgrade-insecure-requests; frame-ancestors 'none'; font-src 'self'; img-src 'self' www.gstatic.com; frame-src www.google.com; script-src 'nonce-amoz3vcowaopex2t' https://www.googletagmanager.com https://www.google-analytics.com; connect-src https://www.google-analytics.com; style-src 'self'; base-uri 'none'; form-action 'self'; require-trusted-types-for 'script'; trusted-types default goog#html
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lockbitvictims.ic3.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=2592000
content-encoding
br
x-content-type-options
nosniff
content-security-policy
default-src 'none'; upgrade-insecure-requests; frame-ancestors 'none'; font-src 'self'; img-src 'self' www.gstatic.com; frame-src www.google.com; script-src 'nonce-amoz3vcowaopex2t' https://www.googletagmanager.com https://www.google-analytics.com; connect-src https://www.google-analytics.com; style-src 'self'; base-uri 'none'; form-action 'self'; require-trusted-types-for 'script'; trusted-types default goog#html
last-modified
Tue, 13 Feb 2024 12:21:36 GMT
server
Microsoft-IIS/10.0
date
Tue, 27 Feb 2024 14:50:55 GMT
etag
"1da5e772ffbc95d"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
text/javascript
x-azure-ref
0z/bdZQAAAABzyhje189rRIa5nVWgoVUfc24wMS1mZHYyLTZmNDhkOGM1NjktN2dxa2IANDM4ZDRhODItZTJjZC00MzQyLWIzNDAtMDZiOTA1MGMyMWUx
permissions-policy
camera=(), display-capture=(), fullscreen=(), geolocation=(), microphone=(), payment=(), publickey-credentials-get=(), web-share=()
accept-ranges
bytes
uswds.min.js
lockbitvictims.ic3.gov/assets/js/ 		85 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lockbitvictims.ic3.gov/assets/js/uswds.min.js
Requested by
Host: lockbitvictims.ic3.gov
URL: https://lockbitvictims.ic3.gov/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:489a:3403::5e0 San Antonio, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b7f9e206b845cd3c3943c06d4aa2266f95f7584e39d6485fa36ccf77d0d85e95
Security Headers
Name Value
Content-Security-Policy default-src 'none'; upgrade-insecure-requests; frame-ancestors 'none'; font-src 'self'; img-src 'self' www.gstatic.com; frame-src www.google.com; script-src 'nonce-bx3whntlr2ijpbqn' https://www.googletagmanager.com https://www.google-analytics.com; connect-src https://www.google-analytics.com; style-src 'self'; base-uri 'none'; form-action 'self'; require-trusted-types-for 'script'; trusted-types default goog#html
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lockbitvictims.ic3.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=2592000
content-encoding
br
x-content-type-options
nosniff
content-security-policy
default-src 'none'; upgrade-insecure-requests; frame-ancestors 'none'; font-src 'self'; img-src 'self' www.gstatic.com; frame-src www.google.com; script-src 'nonce-bx3whntlr2ijpbqn' https://www.googletagmanager.com https://www.google-analytics.com; connect-src https://www.google-analytics.com; style-src 'self'; base-uri 'none'; form-action 'self'; require-trusted-types-for 'script'; trusted-types default goog#html
last-modified
Tue, 13 Feb 2024 12:21:36 GMT
server
Microsoft-IIS/10.0
date
Tue, 27 Feb 2024 14:50:55 GMT
etag
"1da5e772ffa9cda"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
text/javascript
x-azure-ref
00PbdZQAAAABteljKvBEHQaASW+Vbe+nRc24wMS1mZHYyLTZmNDhkOGM1NjktN2dxa2IANDM4ZDRhODItZTJjZC00MzQyLWIzNDAtMDZiOTA1MGMyMWUx
permissions-policy
camera=(), display-capture=(), fullscreen=(), geolocation=(), microphone=(), payment=(), publickey-credentials-get=(), web-share=()
accept-ranges
bytes
uswds.min.css
lockbitvictims.ic3.gov/assets/css/ 		512 KB
91 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lockbitvictims.ic3.gov/assets/css/uswds.min.css
Requested by
Host: lockbitvictims.ic3.gov
URL: https://lockbitvictims.ic3.gov/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:489a:3403::5e0 San Antonio, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8acce06fb501041c664122ee901501f439f38ee3c2916ea37bb839ff92700459
Security Headers
Name Value
Content-Security-Policy default-src 'none'; upgrade-insecure-requests; frame-ancestors 'none'; font-src 'self'; img-src 'self' www.gstatic.com; frame-src www.google.com; script-src 'nonce-w0ptrflf1nt14wlb' https://www.googletagmanager.com https://www.google-analytics.com; connect-src https://www.google-analytics.com; style-src 'self'; base-uri 'none'; form-action 'self'; require-trusted-types-for 'script'; trusted-types default goog#html
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lockbitvictims.ic3.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=2592000
content-encoding
br
x-content-type-options
nosniff
content-security-policy
default-src 'none'; upgrade-insecure-requests; frame-ancestors 'none'; font-src 'self'; img-src 'self' www.gstatic.com; frame-src www.google.com; script-src 'nonce-w0ptrflf1nt14wlb' https://www.googletagmanager.com https://www.google-analytics.com; connect-src https://www.google-analytics.com; style-src 'self'; base-uri 'none'; form-action 'self'; require-trusted-types-for 'script'; trusted-types default goog#html
last-modified
Tue, 13 Feb 2024 12:21:16 GMT
server
Microsoft-IIS/10.0
date
Tue, 27 Feb 2024 14:50:55 GMT
etag
"1da5e772417f816"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
text/css
x-azure-ref
0z/bdZQAAAABUgL71IxvPRKiENJ5y27Czc24wMS1mZHYyLTZmNDhkOGM1NjktN2dxa2IANDM4ZDRhODItZTJjZC00MzQyLWIzNDAtMDZiOTA1MGMyMWUx
permissions-policy
camera=(), display-capture=(), fullscreen=(), geolocation=(), microphone=(), payment=(), publickey-credentials-get=(), web-share=()
accept-ranges
bytes
site.css
lockbitvictims.ic3.gov/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lockbitvictims.ic3.gov/css/site.css
Requested by
Host: lockbitvictims.ic3.gov
URL: https://lockbitvictims.ic3.gov/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:489a:3403::5e0 San Antonio, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5bd0625b351d49038c47f92b9a71f359dec362c88eebaa4c0005d181d142c5bb
Security Headers
Name Value
Content-Security-Policy default-src 'none'; upgrade-insecure-requests; frame-ancestors 'none'; font-src 'self'; img-src 'self' www.gstatic.com; frame-src www.google.com; script-src 'nonce-lsqrxwxm0sqarwiy' https://www.googletagmanager.com https://www.google-analytics.com; connect-src https://www.google-analytics.com; style-src 'self'; base-uri 'none'; form-action 'self'; require-trusted-types-for 'script'; trusted-types default goog#html
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lockbitvictims.ic3.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=2592000
content-encoding
br
x-content-type-options
nosniff
content-security-policy
default-src 'none'; upgrade-insecure-requests; frame-ancestors 'none'; font-src 'self'; img-src 'self' www.gstatic.com; frame-src www.google.com; script-src 'nonce-lsqrxwxm0sqarwiy' https://www.googletagmanager.com https://www.google-analytics.com; connect-src https://www.google-analytics.com; style-src 'self'; base-uri 'none'; form-action 'self'; require-trusted-types-for 'script'; trusted-types default goog#html
last-modified
Fri, 16 Feb 2024 11:16:50 GMT
server
Microsoft-IIS/10.0
date
Tue, 27 Feb 2024 14:50:55 GMT
etag
"1da60c9a2fc6b0f"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
text/css
x-azure-ref
0z/bdZQAAAAA3ZafX9LCvT6qO4uDNBtLoc24wMS1mZHYyLTZmNDhkOGM1NjktN2dxa2IANDM4ZDRhODItZTJjZC00MzQyLWIzNDAtMDZiOTA1MGMyMWUx
permissions-policy
camera=(), display-capture=(), fullscreen=(), geolocation=(), microphone=(), payment=(), publickey-credentials-get=(), web-share=()
accept-ranges
bytes
Universal-Federated-Analytics-Min.js
dap.digitalgov.gov/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=DOJ
Requested by
Host: lockbitvictims.ic3.gov
URL: https://lockbitvictims.ic3.gov/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:b800:5:83ea:ba80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
813fdb44477c880a70ecfc20c87dabea5872f684a9f18b673e5f12f0cacd4be2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lockbitvictims.ic3.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id
PwRyp4jXbzV1Qw19AOhjVJjrCb1El3Su
content-encoding
gzip
via
1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
date
Tue, 27 Feb 2024 02:03:45 GMT
x-amz-cf-pop
FRA56-C2
age
46032
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 15 Dec 2023 03:30:22 GMT
server
AmazonS3
etag
W/"84f9d79d3b50914f7163e03d83c141dc"
vary
Accept-Encoding
content-type
application/javascript
x-amz-cf-id
Y3oU_P4R4tWiuseI52gKW7kx_HXbxjzDHlCYhak-cFsb47u3z2IwAA==
us_flag_small.png
lockbitvictims.ic3.gov/assets/img/ 		244 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lockbitvictims.ic3.gov/assets/img/us_flag_small.png
Requested by
Host: lockbitvictims.ic3.gov
URL: https://lockbitvictims.ic3.gov/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:489a:3403::5e0 San Antonio, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5dcdf93abaf205e8a6cc8dea43c4f493fbc75cd7facb2e3e302a85ef6cf9274d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; upgrade-insecure-requests; frame-ancestors 'none'; font-src 'self'; img-src 'self' www.gstatic.com; frame-src www.google.com; script-src 'nonce-rdagiquj15k4unld' https://www.googletagmanager.com https://www.google-analytics.com; connect-src https://www.google-analytics.com; style-src 'self'; base-uri 'none'; form-action 'self'; require-trusted-types-for 'script'; trusted-types default goog#html
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lockbitvictims.ic3.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=2592000
content-security-policy
default-src 'none'; upgrade-insecure-requests; frame-ancestors 'none'; font-src 'self'; img-src 'self' www.gstatic.com; frame-src www.google.com; script-src 'nonce-rdagiquj15k4unld' https://www.googletagmanager.com https://www.google-analytics.com; connect-src https://www.google-analytics.com; style-src 'self'; base-uri 'none'; form-action 'self'; require-trusted-types-for 'script'; trusted-types default goog#html
x-content-type-options
nosniff
date
Tue, 27 Feb 2024 14:50:55 GMT
last-modified
Tue, 13 Feb 2024 12:21:16 GMT
server
Microsoft-IIS/10.0
etag
"1da5e77241006f4"
x-powered-by
ASP.NET
x-azure-ref
0z/bdZQAAAAD4BAAj/mDWR6qTir2ZM9F5c24wMS1mZHYyLTZmNDhkOGM1NjktN2dxa2IANDM4ZDRhODItZTJjZC00MzQyLWIzNDAtMDZiOTA1MGMyMWUx
x-cache
CONFIG_NOCACHE
content-type
image/png
permissions-policy
camera=(), display-capture=(), fullscreen=(), geolocation=(), microphone=(), payment=(), publickey-credentials-get=(), web-share=()
accept-ranges
bytes
content-length
244
icon-dot-gov.svg
lockbitvictims.ic3.gov/assets/img/ 		633 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lockbitvictims.ic3.gov/assets/img/icon-dot-gov.svg
Requested by
Host: lockbitvictims.ic3.gov
URL: https://lockbitvictims.ic3.gov/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:489a:3403::5e0 San Antonio, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d0228750c35aa8389308c85c3cd6a2175b5fdb950c4f048d731e05d3075cda15
Security Headers
Name Value
Content-Security-Policy default-src 'none'; upgrade-insecure-requests; frame-ancestors 'none'; font-src 'self'; img-src 'self' www.gstatic.com; frame-src www.google.com; script-src 'nonce-1wtmks3juyiqn5cq' https://www.googletagmanager.com https://www.google-analytics.com; connect-src https://www.google-analytics.com; style-src 'self'; base-uri 'none'; form-action 'self'; require-trusted-types-for 'script'; trusted-types default goog#html
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lockbitvictims.ic3.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=2592000
content-security-policy
default-src 'none'; upgrade-insecure-requests; frame-ancestors 'none'; font-src 'self'; img-src 'self' www.gstatic.com; frame-src www.google.com; script-src 'nonce-1wtmks3juyiqn5cq' https://www.googletagmanager.com https://www.google-analytics.com; connect-src https://www.google-analytics.com; style-src 'self'; base-uri 'none'; form-action 'self'; require-trusted-types-for 'script'; trusted-types default goog#html
x-content-type-options
nosniff
date
Tue, 27 Feb 2024 14:50:55 GMT
last-modified
Tue, 13 Feb 2024 12:21:16 GMT
server
Microsoft-IIS/10.0
etag
"1da5e7724100479"
x-powered-by
ASP.NET
x-azure-ref
0z/bdZQAAAABEuk+E0raoQKE2pEh/U+oOc24wMS1mZHYyLTZmNDhkOGM1NjktN2dxa2IANDM4ZDRhODItZTJjZC00MzQyLWIzNDAtMDZiOTA1MGMyMWUx
x-cache
CONFIG_NOCACHE
content-type
image/svg+xml
permissions-policy
camera=(), display-capture=(), fullscreen=(), geolocation=(), microphone=(), payment=(), publickey-credentials-get=(), web-share=()
accept-ranges
bytes
content-length
633
icon-https.svg
lockbitvictims.ic3.gov/assets/img/ 		720 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lockbitvictims.ic3.gov/assets/img/icon-https.svg
Requested by
Host: lockbitvictims.ic3.gov
URL: https://lockbitvictims.ic3.gov/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:489a:3403::5e0 San Antonio, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
912daff95ce9cabae7d0195d39aa98d49c4bec3b975d404ac266534c069cee20
Security Headers
Name Value
Content-Security-Policy default-src 'none'; upgrade-insecure-requests; frame-ancestors 'none'; font-src 'self'; img-src 'self' www.gstatic.com; frame-src www.google.com; script-src 'nonce-dtplilnpyuo1ty2y' https://www.googletagmanager.com https://www.google-analytics.com; connect-src https://www.google-analytics.com; style-src 'self'; base-uri 'none'; form-action 'self'; require-trusted-types-for 'script'; trusted-types default goog#html
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lockbitvictims.ic3.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=2592000
content-security-policy
default-src 'none'; upgrade-insecure-requests; frame-ancestors 'none'; font-src 'self'; img-src 'self' www.gstatic.com; frame-src www.google.com; script-src 'nonce-dtplilnpyuo1ty2y' https://www.googletagmanager.com https://www.google-analytics.com; connect-src https://www.google-analytics.com; style-src 'self'; base-uri 'none'; form-action 'self'; require-trusted-types-for 'script'; trusted-types default goog#html
x-content-type-options
nosniff
date
Tue, 27 Feb 2024 14:50:55 GMT
last-modified
Tue, 13 Feb 2024 12:21:16 GMT
server
Microsoft-IIS/10.0
etag
"1da5e77241004d0"
x-powered-by
ASP.NET
x-azure-ref
00PbdZQAAAACVZvJiH/sVTKo48osQkFKwc24wMS1mZHYyLTZmNDhkOGM1NjktN2dxa2IANDM4ZDRhODItZTJjZC00MzQyLWIzNDAtMDZiOTA1MGMyMWUx
x-cache
CONFIG_NOCACHE
content-type
image/svg+xml
permissions-policy
camera=(), display-capture=(), fullscreen=(), geolocation=(), microphone=(), payment=(), publickey-credentials-get=(), web-share=()
accept-ranges
bytes
content-length
720
fbi_seal_new.webp
lockbitvictims.ic3.gov/img/ 		115 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lockbitvictims.ic3.gov/img/fbi_seal_new.webp
Requested by
Host: lockbitvictims.ic3.gov
URL: https://lockbitvictims.ic3.gov/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:489a:3403::5e0 San Antonio, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d512144b211827ab17b237418a13ebbbed24c3e7fad03ecb25bab2280e896257
Security Headers
Name Value
Content-Security-Policy default-src 'none'; upgrade-insecure-requests; frame-ancestors 'none'; font-src 'self'; img-src 'self' www.gstatic.com; frame-src www.google.com; script-src 'nonce-xokmavdaczfbmboh' https://www.googletagmanager.com https://www.google-analytics.com; connect-src https://www.google-analytics.com; style-src 'self'; base-uri 'none'; form-action 'self'; require-trusted-types-for 'script'; trusted-types default goog#html
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lockbitvictims.ic3.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=2592000
content-security-policy
default-src 'none'; upgrade-insecure-requests; frame-ancestors 'none'; font-src 'self'; img-src 'self' www.gstatic.com; frame-src www.google.com; script-src 'nonce-xokmavdaczfbmboh' https://www.googletagmanager.com https://www.google-analytics.com; connect-src https://www.google-analytics.com; style-src 'self'; base-uri 'none'; form-action 'self'; require-trusted-types-for 'script'; trusted-types default goog#html
x-content-type-options
nosniff
date
Tue, 27 Feb 2024 14:50:56 GMT
last-modified
Thu, 04 Jan 2024 09:53:08 GMT
server
Microsoft-IIS/10.0
etag
"1da3ef3d1e117ac"
x-powered-by
ASP.NET
x-azure-ref
00PbdZQAAAACPQbDOfE/DT6qIKWIr4eI1c24wMS1mZHYyLTZmNDhkOGM1NjktN2dxa2IANDM4ZDRhODItZTJjZC00MzQyLWIzNDAtMDZiOTA1MGMyMWUx
x-cache
CONFIG_NOCACHE
content-type
image/webp
permissions-policy
camera=(), display-capture=(), fullscreen=(), geolocation=(), microphone=(), payment=(), publickey-credentials-get=(), web-share=()
accept-ranges
bytes
content-length
118188
site.js
lockbitvictims.ic3.gov/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lockbitvictims.ic3.gov/js/site.js
Requested by
Host: lockbitvictims.ic3.gov
URL: https://lockbitvictims.ic3.gov/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:489a:3403::5e0 San Antonio, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0128ce4b3923f56814d162fedffd97a6972dd39684434b5bd6228374dffd5918
Security Headers
Name Value
Content-Security-Policy default-src 'none'; upgrade-insecure-requests; frame-ancestors 'none'; font-src 'self'; img-src 'self' www.gstatic.com; frame-src www.google.com; script-src 'nonce-5wu4e3yl0tjhzs2t' https://www.googletagmanager.com https://www.google-analytics.com; connect-src https://www.google-analytics.com; style-src 'self'; base-uri 'none'; form-action 'self'; require-trusted-types-for 'script'; trusted-types default goog#html
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

Referer
https://lockbitvictims.ic3.gov/
Origin
https://lockbitvictims.ic3.gov
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=2592000
content-encoding
br
x-content-type-options
nosniff
content-security-policy
default-src 'none'; upgrade-insecure-requests; frame-ancestors 'none'; font-src 'self'; img-src 'self' www.gstatic.com; frame-src www.google.com; script-src 'nonce-5wu4e3yl0tjhzs2t' https://www.googletagmanager.com https://www.google-analytics.com; connect-src https://www.google-analytics.com; style-src 'self'; base-uri 'none'; form-action 'self'; require-trusted-types-for 'script'; trusted-types default goog#html
last-modified
Thu, 15 Feb 2024 10:36:24 GMT
server
Microsoft-IIS/10.0
date
Tue, 27 Feb 2024 14:50:55 GMT
etag
"1da5ffad2909613"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
text/javascript
x-azure-ref
0z/bdZQAAAACITflmo1PWTrys9pGLLTQwc24wMS1mZHYyLTZmNDhkOGM1NjktN2dxa2IANDM4ZDRhODItZTJjZC00MzQyLWIzNDAtMDZiOTA1MGMyMWUx
permissions-policy
camera=(), display-capture=(), fullscreen=(), geolocation=(), microphone=(), payment=(), publickey-credentials-get=(), web-share=()
accept-ranges
bytes
recaptcha__de.js
www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/ 		494 KB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d858a3e24fc094b6683f21b0c4c57db4d91a65618c8ebdf8054c7d6142b89bfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lockbitvictims.ic3.gov/
Origin
https://lockbitvictims.ic3.gov
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 13:42:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
90504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
201516
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 05:01:55 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 25 Feb 2025 13:42:32 GMT
js
www.googletagmanager.com/gtag/ 		242 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CSLL4ZEK4L
Requested by
Host: dap.digitalgov.gov
URL: https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=DOJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d9e1a4b8799d89d6ee1450b7526d78097f4fd2d8e16c416c9e5edc59212aad2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lockbitvictims.ic3.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 14:50:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86584
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 27 Feb 2024 14:50:56 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dap.digitalgov.gov
URL: https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=DOJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lockbitvictims.ic3.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 27 Feb 2024 13:48:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3767
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 27 Feb 2024 15:48:09 GMT
collect
www.google-analytics.com/j/ 		3 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=2010078043&t=pageview&_s=1&dl=https%3A%2F%2Flockbitvictims.ic3.gov%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Form%20-%20LockBit%20Victim%20Reporting%20Form&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAQABAAAAACAAoC~&jid=562236694&gjid=715675385&cid=30693691.1709045456&tid=UA-33523145-1&_gid=1480243225.1709045456&_r=1&_slc=1&cd1=DOJ&cd2=lockbitvictims.ic3.gov&cd3=20231212%20v6.9%20-%20Dual%20Tracking&cd4=unspecified%3Alockbitvictims.ic3.gov&cd5=unspecified%3Alockbitvictims.ic3.gov&cd6=https%3A%2F%2Fdap.digitalgov.gov%2FUniversal-Federated-Analytics-Min.js&cd7=https%3A&z=819827439
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://lockbitvictims.ic3.gov/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Feb 2024 14:50:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lockbitvictims.ic3.gov
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
expand_more.svg
lockbitvictims.ic3.gov/assets/img/usa-icons/ 		145 B
866 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lockbitvictims.ic3.gov/assets/img/usa-icons/expand_more.svg
Requested by
Host: lockbitvictims.ic3.gov
URL: https://lockbitvictims.ic3.gov/assets/css/uswds.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:489a:3403::5e0 San Antonio, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bc1d8378c2d4dabf3610d8a07fddfe50991d9662c991188b6ed0f7e13aaeea0b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; upgrade-insecure-requests; frame-ancestors 'none'; font-src 'self'; img-src 'self' www.gstatic.com; frame-src www.google.com; script-src 'nonce-oakm45wl2vurnedq' https://www.googletagmanager.com https://www.google-analytics.com; connect-src https://www.google-analytics.com; style-src 'self'; base-uri 'none'; form-action 'self'; require-trusted-types-for 'script'; trusted-types default goog#html
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

Referer
https://lockbitvictims.ic3.gov/assets/css/uswds.min.css
Origin
https://lockbitvictims.ic3.gov
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=2592000
content-security-policy
default-src 'none'; upgrade-insecure-requests; frame-ancestors 'none'; font-src 'self'; img-src 'self' www.gstatic.com; frame-src www.google.com; script-src 'nonce-oakm45wl2vurnedq' https://www.googletagmanager.com https://www.google-analytics.com; connect-src https://www.google-analytics.com; style-src 'self'; base-uri 'none'; form-action 'self'; require-trusted-types-for 'script'; trusted-types default goog#html
x-content-type-options
nosniff
date
Tue, 27 Feb 2024 14:50:56 GMT
last-modified
Tue, 13 Feb 2024 12:21:34 GMT
server
Microsoft-IIS/10.0
etag
"1da5e772eca9b91"
x-powered-by
ASP.NET
x-azure-ref
00PbdZQAAAAAQyge4NkkdQbaWSkIBOXm5c24wMS1mZHYyLTZmNDhkOGM1NjktN2dxa2IANDM4ZDRhODItZTJjZC00MzQyLWIzNDAtMDZiOTA1MGMyMWUx
x-cache
CONFIG_NOCACHE
content-type
image/svg+xml
permissions-policy
camera=(), display-capture=(), fullscreen=(), geolocation=(), microphone=(), payment=(), publickey-credentials-get=(), web-share=()
accept-ranges
bytes
content-length
145
sourcesanspro-regular-webfont.woff2
lockbitvictims.ic3.gov/assets/fonts/source-sans-pro/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lockbitvictims.ic3.gov/assets/fonts/source-sans-pro/sourcesanspro-regular-webfont.woff2
Requested by
Host: lockbitvictims.ic3.gov
URL: https://lockbitvictims.ic3.gov/assets/css/uswds.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:489a:3403::5e0 San Antonio, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8792619becd8b285e78f14bfcf1ad66e2adbae0f5ec8ad131246621f806ac535
Security Headers
Name Value
Content-Security-Policy default-src 'none'; upgrade-insecure-requests; frame-ancestors 'none'; font-src 'self'; img-src 'self' www.gstatic.com; frame-src www.google.com; script-src 'nonce-blkvicppuim2q0n5' https://www.googletagmanager.com https://www.google-analytics.com; connect-src https://www.google-analytics.com; style-src 'self'; base-uri 'none'; form-action 'self'; require-trusted-types-for 'script'; trusted-types default goog#html
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

Referer
https://lockbitvictims.ic3.gov/assets/css/uswds.min.css
Origin
https://lockbitvictims.ic3.gov
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=2592000
content-security-policy
default-src 'none'; upgrade-insecure-requests; frame-ancestors 'none'; font-src 'self'; img-src 'self' www.gstatic.com; frame-src www.google.com; script-src 'nonce-blkvicppuim2q0n5' https://www.googletagmanager.com https://www.google-analytics.com; connect-src https://www.google-analytics.com; style-src 'self'; base-uri 'none'; form-action 'self'; require-trusted-types-for 'script'; trusted-types default goog#html
x-content-type-options
nosniff
date
Tue, 27 Feb 2024 14:50:56 GMT
last-modified
Tue, 13 Feb 2024 12:21:16 GMT
server
Microsoft-IIS/10.0
etag
"1da5e772410563c"
x-powered-by
ASP.NET
x-azure-ref
00PbdZQAAAADlpwT6+n/7Sb/ySJP7Ss/hc24wMS1mZHYyLTZmNDhkOGM1NjktN2dxa2IANDM4ZDRhODItZTJjZC00MzQyLWIzNDAtMDZiOTA1MGMyMWUx
x-cache
CONFIG_NOCACHE
content-type
font/woff2
permissions-policy
camera=(), display-capture=(), fullscreen=(), geolocation=(), microphone=(), payment=(), publickey-credentials-get=(), web-share=()
accept-ranges
bytes
content-length
20540
Latin-Merriweather-Bold.woff2
lockbitvictims.ic3.gov/assets/fonts/merriweather/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lockbitvictims.ic3.gov/assets/fonts/merriweather/Latin-Merriweather-Bold.woff2
Requested by
Host: lockbitvictims.ic3.gov
URL: https://lockbitvictims.ic3.gov/assets/css/uswds.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:489a:3403::5e0 San Antonio, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
398a409837c168a3682ce84a232d851bcb0b0163adfbead86f465e81f397169c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; upgrade-insecure-requests; frame-ancestors 'none'; font-src 'self'; img-src 'self' www.gstatic.com; frame-src www.google.com; script-src 'nonce-mnmtml4jfszk40cn' https://www.googletagmanager.com https://www.google-analytics.com; connect-src https://www.google-analytics.com; style-src 'self'; base-uri 'none'; form-action 'self'; require-trusted-types-for 'script'; trusted-types default goog#html
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

Referer
https://lockbitvictims.ic3.gov/assets/css/uswds.min.css
Origin
https://lockbitvictims.ic3.gov
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=2592000
content-security-policy
default-src 'none'; upgrade-insecure-requests; frame-ancestors 'none'; font-src 'self'; img-src 'self' www.gstatic.com; frame-src www.google.com; script-src 'nonce-mnmtml4jfszk40cn' https://www.googletagmanager.com https://www.google-analytics.com; connect-src https://www.google-analytics.com; style-src 'self'; base-uri 'none'; form-action 'self'; require-trusted-types-for 'script'; trusted-types default goog#html
x-content-type-options
nosniff
date
Tue, 27 Feb 2024 14:50:56 GMT
last-modified
Tue, 13 Feb 2024 12:21:16 GMT
server
Microsoft-IIS/10.0
etag
"1da5e772410553c"
x-powered-by
ASP.NET
x-azure-ref
00PbdZQAAAACN47w5MP16SoM7qM/o4fmZc24wMS1mZHYyLTZmNDhkOGM1NjktN2dxa2IANDM4ZDRhODItZTJjZC00MzQyLWIzNDAtMDZiOTA1MGMyMWUx
x-cache
CONFIG_NOCACHE
content-type
font/woff2
permissions-policy
camera=(), display-capture=(), fullscreen=(), geolocation=(), microphone=(), payment=(), publickey-credentials-get=(), web-share=()
accept-ranges
bytes
content-length
21308
sourcesanspro-bold-webfont.woff2
lockbitvictims.ic3.gov/assets/fonts/source-sans-pro/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lockbitvictims.ic3.gov/assets/fonts/source-sans-pro/sourcesanspro-bold-webfont.woff2
Requested by
Host: lockbitvictims.ic3.gov
URL: https://lockbitvictims.ic3.gov/assets/css/uswds.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:489a:3403::5e0 San Antonio, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
83f67df68dac5c435d964be278d39f70ad8605265b6b99918a46451b77552e92
Security Headers
Name Value
Content-Security-Policy default-src 'none'; upgrade-insecure-requests; frame-ancestors 'none'; font-src 'self'; img-src 'self' www.gstatic.com; frame-src www.google.com; script-src 'nonce-gia2ff0irzvbbb0j' https://www.googletagmanager.com https://www.google-analytics.com; connect-src https://www.google-analytics.com; style-src 'self'; base-uri 'none'; form-action 'self'; require-trusted-types-for 'script'; trusted-types default goog#html
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

Referer
https://lockbitvictims.ic3.gov/assets/css/uswds.min.css
Origin
https://lockbitvictims.ic3.gov
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=2592000
content-security-policy
default-src 'none'; upgrade-insecure-requests; frame-ancestors 'none'; font-src 'self'; img-src 'self' www.gstatic.com; frame-src www.google.com; script-src 'nonce-gia2ff0irzvbbb0j' https://www.googletagmanager.com https://www.google-analytics.com; connect-src https://www.google-analytics.com; style-src 'self'; base-uri 'none'; form-action 'self'; require-trusted-types-for 'script'; trusted-types default goog#html
x-content-type-options
nosniff
date
Tue, 27 Feb 2024 14:50:56 GMT
last-modified
Tue, 13 Feb 2024 12:21:16 GMT
server
Microsoft-IIS/10.0
etag
"1da5e7724104990"
x-powered-by
ASP.NET
x-azure-ref
00PbdZQAAAABp+LP9wOFLRJIy7ifOWTQVc24wMS1mZHYyLTZmNDhkOGM1NjktN2dxa2IANDM4ZDRhODItZTJjZC00MzQyLWIzNDAtMDZiOTA1MGMyMWUx
x-cache
CONFIG_NOCACHE
content-type
font/woff2
permissions-policy
camera=(), display-capture=(), fullscreen=(), geolocation=(), microphone=(), payment=(), publickey-credentials-get=(), web-share=()
accept-ranges
bytes
content-length
20368
info.svg
lockbitvictims.ic3.gov/assets/img/usa-icons/ 		197 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lockbitvictims.ic3.gov/assets/img/usa-icons/info.svg
Requested by
Host: lockbitvictims.ic3.gov
URL: https://lockbitvictims.ic3.gov/assets/css/uswds.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:489a:3403::5e0 San Antonio, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2e1a5c0fc47b41204eccc4b45a4cb73e147d8e6f1c4dbbdebbe675b09a4eb82d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; upgrade-insecure-requests; frame-ancestors 'none'; font-src 'self'; img-src 'self' www.gstatic.com; frame-src www.google.com; script-src 'nonce-ojdhl1jhymq2awpd' https://www.googletagmanager.com https://www.google-analytics.com; connect-src https://www.google-analytics.com; style-src 'self'; base-uri 'none'; form-action 'self'; require-trusted-types-for 'script'; trusted-types default goog#html
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

Referer
https://lockbitvictims.ic3.gov/assets/css/uswds.min.css
Origin
https://lockbitvictims.ic3.gov
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=2592000
content-security-policy
default-src 'none'; upgrade-insecure-requests; frame-ancestors 'none'; font-src 'self'; img-src 'self' www.gstatic.com; frame-src www.google.com; script-src 'nonce-ojdhl1jhymq2awpd' https://www.googletagmanager.com https://www.google-analytics.com; connect-src https://www.google-analytics.com; style-src 'self'; base-uri 'none'; form-action 'self'; require-trusted-types-for 'script'; trusted-types default goog#html
x-content-type-options
nosniff
date
Tue, 27 Feb 2024 14:50:56 GMT
last-modified
Tue, 13 Feb 2024 12:21:36 GMT
server
Microsoft-IIS/10.0
etag
"1da5e772ffbc8c5"
x-powered-by
ASP.NET
x-azure-ref
00PbdZQAAAADLIMHmdtYARJijnH1gcOCqc24wMS1mZHYyLTZmNDhkOGM1NjktN2dxa2IANDM4ZDRhODItZTJjZC00MzQyLWIzNDAtMDZiOTA1MGMyMWUx
x-cache
CONFIG_NOCACHE
content-type
image/svg+xml
permissions-policy
camera=(), display-capture=(), fullscreen=(), geolocation=(), microphone=(), payment=(), publickey-credentials-get=(), web-share=()
accept-ranges
bytes
content-length
197
truncated
/ 		266 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type
image/svg+xml
sourcesanspro-light-webfont.woff2
lockbitvictims.ic3.gov/assets/fonts/source-sans-pro/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lockbitvictims.ic3.gov/assets/fonts/source-sans-pro/sourcesanspro-light-webfont.woff2
Requested by
Host: lockbitvictims.ic3.gov
URL: https://lockbitvictims.ic3.gov/assets/css/uswds.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:489a:3403::5e0 San Antonio, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
45a3eaa23260c83e04f31e20ae6fc3573375097b9af2080c0356d9554ecf5e4a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; upgrade-insecure-requests; frame-ancestors 'none'; font-src 'self'; img-src 'self' www.gstatic.com; frame-src www.google.com; script-src 'nonce-hvryd02jdck0x5sg' https://www.googletagmanager.com https://www.google-analytics.com; connect-src https://www.google-analytics.com; style-src 'self'; base-uri 'none'; form-action 'self'; require-trusted-types-for 'script'; trusted-types default goog#html
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

Referer
https://lockbitvictims.ic3.gov/assets/css/uswds.min.css
Origin
https://lockbitvictims.ic3.gov
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=2592000
content-security-policy
default-src 'none'; upgrade-insecure-requests; frame-ancestors 'none'; font-src 'self'; img-src 'self' www.gstatic.com; frame-src www.google.com; script-src 'nonce-hvryd02jdck0x5sg' https://www.googletagmanager.com https://www.google-analytics.com; connect-src https://www.google-analytics.com; style-src 'self'; base-uri 'none'; form-action 'self'; require-trusted-types-for 'script'; trusted-types default goog#html
x-content-type-options
nosniff
date
Tue, 27 Feb 2024 14:50:56 GMT
last-modified
Tue, 13 Feb 2024 12:21:16 GMT
server
Microsoft-IIS/10.0
etag
"1da5e77241049bc"
x-powered-by
ASP.NET
x-azure-ref
00PbdZQAAAAAfz1n2N6PBT5xMbfOu944Pc24wMS1mZHYyLTZmNDhkOGM1NjktN2dxa2IANDM4ZDRhODItZTJjZC00MzQyLWIzNDAtMDZiOTA1MGMyMWUx
x-cache
CONFIG_NOCACHE
content-type
font/woff2
permissions-policy
camera=(), display-capture=(), fullscreen=(), geolocation=(), microphone=(), payment=(), publickey-credentials-get=(), web-share=()
accept-ranges
bytes
content-length
20412
anchor
www.google.com/recaptcha/api2/ Frame CA28 		46 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfaXhUTAAAAAAvKw_sNVIyc7f7wmqPdxd6p1hO9&co=aHR0cHM6Ly9sb2NrYml0dmljdGltcy5pYzMuZ292OjQ0Mw..&hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&size=normal&cb=jkubnduou93r
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ddd97db060aa01c86e2a61b33ea2755f0bfa36ff2f7ea9d4e49eccacde54c34e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_GYaAimF8FdEHpUtK6VGBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lockbitvictims.ic3.gov/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-_GYaAimF8FdEHpUtK6VGBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 27 Feb 2024 14:50:56 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/ Frame CA28 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfaXhUTAAAAAAvKw_sNVIyc7f7wmqPdxd6p1hO9&co=aHR0cHM6Ly9sb2NrYml0dmljdGltcy5pYzMuZ292OjQ0Mw..&hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&size=normal&cb=jkubnduou93r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 11:55:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10529
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 05:01:55 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Feb 2025 11:55:27 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/ Frame CA28 		494 KB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfaXhUTAAAAAAvKw_sNVIyc7f7wmqPdxd6p1hO9&co=aHR0cHM6Ly9sb2NrYml0dmljdGltcy5pYzMuZ292OjQ0Mw..&hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&size=normal&cb=jkubnduou93r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d858a3e24fc094b6683f21b0c4c57db4d91a65618c8ebdf8054c7d6142b89bfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 13:42:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
90504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
201516
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 05:01:55 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 25 Feb 2025 13:42:32 GMT
truncated
/ Frame CA28 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame CA28 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame CA28 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 08:55:59 GMT
x-content-type-options
nosniff
age
21297
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 05 Mar 2024 08:55:59 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CA28 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfaXhUTAAAAAAvKw_sNVIyc7f7wmqPdxd6p1hO9&co=aHR0cHM6Ly9sb2NrYml0dmljdGltcy5pYzMuZ292OjQ0Mw..&hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&size=normal&cb=jkubnduou93r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 08:49:09 GMT
x-content-type-options
nosniff
age
21707
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Feb 2025 08:49:09 GMT
IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js
www.google.com/js/bg/ Frame CA28 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2032d9e5b742ac419d191e4528a65f8885af57bacc4a56c01d4133c5420e0508
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfaXhUTAAAAAAvKw_sNVIyc7f7wmqPdxd6p1hO9&co=aHR0cHM6Ly9sb2NrYml0dmljdGltcy5pYzMuZ292OjQ0Mw..&hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&size=normal&cb=jkubnduou93r
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 08:48:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
21734
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6933
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 17:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Feb 2025 08:48:42 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame CA28 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfaXhUTAAAAAAvKw_sNVIyc7f7wmqPdxd6p1hO9&co=aHR0cHM6Ly9sb2NrYml0dmljdGltcy5pYzMuZ292OjQ0Mw..&hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&size=normal&cb=jkubnduou93r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9a78a8a63fbc8fb312b448c65256801eada8ae34f9d2032d1314705cab3299bb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfaXhUTAAAAAAvKw_sNVIyc7f7wmqPdxd6p1hO9&co=aHR0cHM6Ly9sb2NrYml0dmljdGltcy5pYzMuZ292OjQ0Mw..&hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&size=normal&cb=jkubnduou93r
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 14:50:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Tue, 27 Feb 2024 14:50:56 GMT
bframe
www.google.com/recaptcha/api2/ Frame 0936 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&k=6LfaXhUTAAAAAAvKw_sNVIyc7f7wmqPdxd6p1hO9
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4b2c38d4594e888ed1211c14aca5b808562e530a5dae147090eb7c6abf894708
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sUVYW-lj9tNREfjzK7Np4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lockbitvictims.ic3.gov/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-sUVYW-lj9tNREfjzK7Np4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 27 Feb 2024 14:50:56 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/ Frame 0936 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&k=6LfaXhUTAAAAAAvKw_sNVIyc7f7wmqPdxd6p1hO9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 11:55:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10529
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 05:01:55 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Feb 2025 11:55:27 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/ Frame 0936 		494 KB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&k=6LfaXhUTAAAAAAvKw_sNVIyc7f7wmqPdxd6p1hO9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d858a3e24fc094b6683f21b0c4c57db4d91a65618c8ebdf8054c7d6142b89bfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 13:42:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
90504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
201516
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 05:01:55 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 25 Feb 2025 13:42:32 GMT

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client string| tObjectCheck object| _allowedQuerystrings boolean| isSearch object| oCONFIG object| head object| GA4Object function| gtag boolean| trackerFlag function| _onEveryPage function| _defineCookieDomain function| _defineAgencyCDsValues function| _cleanBooleanParam function| _isValidUANum function| _isValidGA4Num function| _cleanDimensionValue function| _updateConfig function| _sendCustomDimensions function| _sendCustomMetrics function| _sendEvent function| _mapGA4toUA function| _sendPageview function| gas function| _URIHandler function| _sendViewSearchResult function| _isExcludedReferrer function| createTracker function| _initAutoTracker undefined| videoArray_fed undefined| playerArray_fed undefined| _f33 undefined| _f66 undefined| _f90 undefined| tag undefined| firstScriptTag undefined| youtube_parser_fed undefined| IsYouTube_fed undefined| YTUrlHandler_fed undefined| _initYouTubeTracker undefined| onYouTubePlayerAPIReady undefined| onFedPlayerReady undefined| onFedPlayerStateChange function| _initIdAssigner function| _scrubbedURL function| _setAllowedQS function| _setUpTrackers function| _setUpTrackersIfReady object| dataLayer string| GoogleAnalyticsObject function| ga string| _fullParams string| _keyValuePair string| _key string| _value object| recaptcha object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager boolean| uswdsPresent object| closure_lm_607596

6 Cookies

Domain/Path Name / Value
lockbitvictims.ic3.gov/ Name: .AspNetCore.Antiforgery.cdV5uW_Ejgc
Value: CfDJ8CBFbl9nsKRIuQOO-lT8FSSdzLw33_Cck8OxF2EWWr92aSDCPMBzE-QnplSs0uKn5rKJY4nzTOULObH7t46ImPBMisJcEEzRRQfaBg6jHAI3wAlEUc2RAGSH_OMhzw8pdytJKx0cDG24chdYhRiOevc
.lockbitvictims.ic3.gov/ Name: _ga
Value: GA1.3.30693691.1709045456
.lockbitvictims.ic3.gov/ Name: _gid
Value: GA1.3.1480243225.1709045456
.lockbitvictims.ic3.gov/ Name: _gat_GSA_ENOR0
Value: 1
.ic3.gov/ Name: _ga
Value: GA1.1.30693691.1709045456
.ic3.gov/ Name: _ga_CSLL4ZEK4L
Value: GS1.1.1709045456.1.0.1709045456.0.0.0

2 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security error URL: https://www.googletagmanager.com/gtag/js?id=G-CSLL4ZEK4L(Line 146)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-CSLL4ZEK4L&gtm=45je42q0v9131934939za220&_p=1709045456148&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&ir=0&cid=30693691.1709045456&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Flockbitvictims.ic3.gov%2F&sid=1709045456&sct=1&seg=0&dt=Form%20-%20LockBit%20Victim%20Reporting%20Form&en=page_view&_fv=1&_ss=1&_ee=1&ep.agency=DOJ&ep.subagency=LOCKBITVICTIMS.IC3.GOV&ep.site_topic=unspecified%3Alockbitvictims.ic3.gov&ep.site_platform=unspecified%3Alockbitvictims.ic3.gov&ep.script_source=https%3A%2F%2Fdap.digitalgov.gov%2Funiversal-federated-analytics-min.js&ep.version=20231212%20v6.9%20-%20dual%20tracking&ep.protocol=https%3A&tfd=1168' because it violates the following Content Security Policy directive: "connect-src https://www.google-analytics.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; upgrade-insecure-requests; frame-ancestors 'none'; font-src 'self'; img-src 'self' www.gstatic.com; frame-src www.google.com; script-src 'nonce-nca0p10avdfhkmqf' https://www.googletagmanager.com https://www.google-analytics.com; connect-src https://www.google-analytics.com; style-src 'self'; base-uri 'none'; form-action 'self'; require-trusted-types-for 'script'; trusted-types default goog#html
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dap.digitalgov.gov
fonts.gstatic.com
lockbitvictims.ic3.gov
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
2001:489a:3403::5e0
2600:9000:211e:b800:5:83ea:ba80:93a1
2a00:1450:4001:802::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:810::2004
2a00:1450:4001:812::2008
2a00:1450:4001:830::2003
0128ce4b3923f56814d162fedffd97a6972dd39684434b5bd6228374dffd5918
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2032d9e5b742ac419d191e4528a65f8885af57bacc4a56c01d4133c5420e0508
2e1a5c0fc47b41204eccc4b45a4cb73e147d8e6f1c4dbbdebbe675b09a4eb82d
398a409837c168a3682ce84a232d851bcb0b0163adfbead86f465e81f397169c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
45a3eaa23260c83e04f31e20ae6fc3573375097b9af2080c0356d9554ecf5e4a
4b2c38d4594e888ed1211c14aca5b808562e530a5dae147090eb7c6abf894708
510c92405ce7edbe9ee2be774b3cd37d4da696b91e5670da4f1cdcf2dd92285d
5bd0625b351d49038c47f92b9a71f359dec362c88eebaa4c0005d181d142c5bb
5dcdf93abaf205e8a6cc8dea43c4f493fbc75cd7facb2e3e302a85ef6cf9274d
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
813fdb44477c880a70ecfc20c87dabea5872f684a9f18b673e5f12f0cacd4be2
83f67df68dac5c435d964be278d39f70ad8605265b6b99918a46451b77552e92
8792619becd8b285e78f14bfcf1ad66e2adbae0f5ec8ad131246621f806ac535
8acce06fb501041c664122ee901501f439f38ee3c2916ea37bb839ff92700459
912daff95ce9cabae7d0195d39aa98d49c4bec3b975d404ac266534c069cee20
9a78a8a63fbc8fb312b448c65256801eada8ae34f9d2032d1314705cab3299bb
a602434d1edf45f9766b56be9ccb4c62be3e98ee07aa958f6784b56ce1b648cc
aebaa0a323f25d8862333a532a8370f786c901ee1c45459f60d4c640b139b34c
b7f9e206b845cd3c3943c06d4aa2266f95f7584e39d6485fa36ccf77d0d85e95
bc1d8378c2d4dabf3610d8a07fddfe50991d9662c991188b6ed0f7e13aaeea0b
d0228750c35aa8389308c85c3cd6a2175b5fdb950c4f048d731e05d3075cda15
d512144b211827ab17b237418a13ebbbed24c3e7fad03ecb25bab2280e896257
d858a3e24fc094b6683f21b0c4c57db4d91a65618c8ebdf8054c7d6142b89bfd
d9e1a4b8799d89d6ee1450b7526d78097f4fd2d8e16c416c9e5edc59212aad2f
ddd97db060aa01c86e2a61b33ea2755f0bfa36ff2f7ea9d4e49eccacde54c34e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd