www.coveware.com Open in urlscan Pro
198.49.23.144 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying
Submission: On January 30 via api (January 30th 2024, 2:11:30 am UTC) from TR — Scanned from DE

Summary HTTP 46 Redirects Links 43 Behaviour Indicators

Summary

This website contacted 18 IPs in 2 countries across 16 domains to perform 46 HTTP transactions. The main IP is 198.49.23.144, located in United States and belongs to SQUARESPACE, US. The main domain is www.coveware.com.
TLS certificate: Issued by R3 on November 20th 2023. Valid for: 3 months.

This is the only time www.coveware.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	198.49.23.144 198.49.23.144	53831 (SQUARESPACE) (SQUARESPACE)
7	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
12	2a02:26f0:170... 2a02:26f0:1700:1ae::4205	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	151.101.0.238 151.101.0.238	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:3b7c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f08... 2a03:2880:f083:10e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
46	18

5 198.49.23.144 (United States)

ASN53831 (SQUARESPACE, US)

www.coveware.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:26f0:1700:1ae::4205 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.squarespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.0.238 (United States)

ASN54113 (FASTLY, US)

static1.squarespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.squarespace-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3b7c (United States)

ASN13335 (CLOUDFLARENET, US)

assets.squarewebsites.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f083:10e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	squarespace.com assets.squarespace.com — Cisco Umbrella Rank: 6411 static1.squarespace.com — Cisco Umbrella Rank: 6216	1 MB
7	typekit.net use.typekit.net — Cisco Umbrella Rank: 463 p.typekit.net — Cisco Umbrella Rank: 566	241 KB
5	coveware.com www.coveware.com	352 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	292 KB
2	facebook.com graph.facebook.com — Cisco Umbrella Rank: 151 www.facebook.com — Cisco Umbrella Rank: 107	811 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	68 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	155 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 ajax.googleapis.com — Cisco Umbrella Rank: 369	33 KB
1	linkedin.com www.linkedin.com — Cisco Umbrella Rank: 632
1	google.ru www.google.ru — Cisco Umbrella Rank: 10514	455 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	2 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	255 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	2 KB
1	squarewebsites.org assets.squarewebsites.org — Cisco Umbrella Rank: 56710	33 KB
1	squarespace-cdn.com images.squarespace-cdn.com — Cisco Umbrella Rank: 5181	60 KB
46	16

	Domain	Requested by
12	assets.squarespace.com	www.coveware.com assets.squarespace.com
6	use.typekit.net	www.coveware.com
5	www.coveware.com	www.coveware.com assets.squarespace.com ajax.googleapis.com
2	fonts.gstatic.com	fonts.googleapis.com
2	connect.facebook.net	www.coveware.com connect.facebook.net
2	www.google.com	www.coveware.com
2	www.googletagmanager.com	www.coveware.com
2	static1.squarespace.com	www.coveware.com
1	www.facebook.com	www.coveware.com
1	p.typekit.net	www.coveware.com
1	www.linkedin.com	assets.squarespace.com
1	graph.facebook.com	assets.squarespace.com
1	www.google.ru	www.coveware.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	cdn.jsdelivr.net	www.coveware.com
1	assets.squarewebsites.org	www.coveware.com
1	images.squarespace-cdn.com	www.coveware.com
1	ajax.googleapis.com	www.coveware.com
1	fonts.googleapis.com	www.coveware.com
46	21

This site contains links to these domains. Also see Links.

Domain
www.emsisoft.com
www.justice.gov
www.floridabar.org
therecord.media
features.propublica.org
www.brookings.edu
www.propublica.org
www.cnn.com
ofac.treasury.gov
hbr.org
www.dfs.ny.gov
attack.mitre.org
www.sec.gov
www.facebook.com
twitter.com
www.linkedin.com
www.reddit.com

Subject Issuer	Validity	Valid
www.coveware.com R3	`2023-11-20` - `2024-02-18`	3 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2024-10-21`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.squarespace.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-22` - `2024-06-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.squarespace-cdn.com R3	`2023-12-02` - `2024-03-01`	3 months	crt.sh
squarewebsites.org E1	`2024-01-05` - `2024-04-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-08` - `2024-02-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google.com.ru GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying
Frame ID: B7A01BEE21B47DF72C34F1BB44C9D7A2
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

New Ransomware Reporting Requirements Kick in as Victims Increasingly Avoid Paying

Detected technologies

Squarespace (CMS) Expand

Overall confidence: 100%
Detected patterns

Squarespace Commerce (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

assets\.squarespace\.\w+/universal/scripts-compressed/commerce-\w+-min\.[\w+\-]+\.js

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

46
Requests

100 %
HTTPS

89 %
IPv6

16
Domains

21
Subdomains

18
IPs

2
Countries

2703 kB
Transfer

9539 kB
Size

10
Cookies

43 Outgoing links

These are links going to different origins than the main page.

URL: https://www.emsisoft.com/en/blog/44987/the-state-of-ransomware-in-the-u-s-report-and-statistics-2023/
Title: Some advocates

Search URL Search Domain Scan URL

URL: https://www.justice.gov/opa/pr/us-department-justice-disrupts-hive-ransomware-variant
Title: Law enforcement agencies

Search URL Search Domain Scan URL

URL: https://www.floridabar.org/the-florida-bar-news/florida-prohibits-state-agencies-from-paying-cyber-ransoms/
Title: Florida

Search URL Search Domain Scan URL

URL: https://therecord.media/australian-government-cybersecurity-strategy-ransomware-payments
Title: after careful study opted to enact substantially more stringent reporting requirements

Search URL Search Domain Scan URL

URL: https://features.propublica.org/ransomware/ransomware-attack-data-recovery-firms-paying-hackers/
Title: shady service providers

Search URL Search Domain Scan URL

URL: https://www.brookings.edu/articles/should-ransomware-payments-be-banned/
Title: Brookings Institution

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/sting-catches-another-ransomware-firm-red-mosquito-negotiating-with-hackers
Title: data recovery companies

Search URL Search Domain Scan URL

URL: https://www.cnn.com/2021/07/27/politics/senate-judiciary-ransomware-hearing/index.html
Title: FBI has stated publicly

Search URL Search Domain Scan URL

URL: https://ofac.treasury.gov/media/912981/download?inline#:~:text=The%20U.S.%20government%20strongly%20discourages,and%20protect%20against%20ransomware%20attacks.&text=1%20This%20advisory%20is%20explanatory,have%20the%20force%20of%20law.
Title: U.S. Treasury issued guidelines

Search URL Search Domain Scan URL

URL: https://hbr.org/2023/08/how-a-federal-ban-on-ransomware-payments-could-help-cisos
Title: NOT create an incentive for executives to increase security spending as some argue

Search URL Search Domain Scan URL

URL: https://www.justice.gov/opa/speech/deputy-attorney-general-lisa-o-monaco-announces-new-safe-harbor-policy-voluntary-self
Title: DOJ precedent for offering safe harbors

Search URL Search Domain Scan URL

URL: https://www.dfs.ny.gov/system/files/documents/2023/11/cyber_public_training_deck_20231108.pdf
Title: especially section Section 500.17

Search URL Search Domain Scan URL

URL: https://www.justice.gov/opa/pr/binance-and-ceo-plead-guilty-federal-charges-4b-resolution
Title: DOJ actions taken against Binance

Search URL Search Domain Scan URL

URL: https://www.justice.gov/opa/pr/justice-department-disrupts-prolific-alphvblackcat-ransomware-variant
Title: disruption and seizure of BlackCat

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/tactics/TA0040/
Title: TA0040

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1486/
Title: T1486

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1485/
Title: T1485

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1489/
Title: T1489

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1496/
Title: T1496

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/tactics/TA0008/
Title: TA0008

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1021/
Title: T1021

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1210//
Title: T1210

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1570/
Title: T1570

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1550/002/
Title: T1550.002

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/tactics/TA0010/
Title: TA0010

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1567
Title: T1567

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/tactics/TA0011/
Title: TA0011

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1219/
Title: T1219

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1105/
Title: T1105

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/tactics/TA0007/
Title: TA0007]

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1046/
Title: T1046

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1057/
Title: T1057

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1033/
Title: T1033

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1082/
Title: T1082

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1083/
Title: T1083

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1482/
Title: T1482

Search URL Search Domain Scan URL

URL: https://www.sec.gov/news/statement/gerding-cybersecurity-disclosure-20231214
Title: regulatory reporting requirements

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.coveware.com%2Fblog%2F2024%2F1%2F25%2Fnew-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying
Title: Facebook0

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.coveware.com%2Fblog%2F2024%2F1%2F25%2Fnew-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying&text=A+lower+percentage+of+ransomware+victims+are+paying%2C+as+new+regulations+begin+to+elicit+more+and+...
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&source=Coveware%3A+Ransomware+Recovery+First+Responders&summary=A+lower+percentage+of+ransomware+victims+are+paying%2C+as+new+regulations+begin+to+elicit+more+and+...&url=https%3A%2F%2Fwww.coveware.com%2Fblog%2F2024%2F1%2F25%2Fnew-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying
Title: LinkedIn0

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https%3A%2F%2Fwww.coveware.com%2Fblog%2F2024%2F1%2F25%2Fnew-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying
Title: Reddit

Search URL Search Domain Scan URL

URL: https://twitter.com/coveware

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/coveware/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying Show response
www.coveware.com/blog/2024/1/25/ 147 KB
35 KB 219ms
15ms Document
text/html 198.49.23.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

e61077c61e5a9b53f195193ffa4de66cec2eba393ac8805c2b361fe7ccedafa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 25804
content-encoding: gzip
content-length: 35081
content-type: text/html;charset=utf-8
date: Mon, 29 Jan 2024 18:40:43 GMT
etag: W/"8e9ed2cd303ba3ae35884c8085b88b35--gzip"
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: Squarespace
strict-transport-security: max-age=15552000
vary: Accept-Encoding
x-content-type-options: nosniff
x-contextid: o7mE12Am/L39KSOB5
x-frame-options: SAMEORIGIN

GET
H2 200 dgcC_FNqPkHqUeuajPVNExn9qjO5jscqCZBIxerGWCbfe0t2fFHN4UJLFRbh52jhWDmyjRIhFQStZQ4RjhbUw26o52qaFRIa5gnNMKG0jAFu-WsoShFGZAsude80ZkoRdhXCHKoyjamTiY8Djhy8ZYmC-Ao1Oco8if37OcBDOcu8OfG0jhNhZWiySc9lZemldkoDS... Show response
use.typekit.net/ik/ 17 KB
7 KB 46ms
14ms Script
text/javascript 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ik/dgcC_FNqPkHqUeuajPVNExn9qjO5jscqCZBIxerGWCbfe0t2fFHN4UJLFRbh52jhWDmyjRIhFQStZQ4RjhbUw26o52qaFRIa5gnNMKG0jAFu-WsoShFGZAsude80ZkoRdhXCHKoyjamTiY8Djhy8ZYmC-Ao1Oco8if37OcBDOcu8OfG0jhNhZWiySc9lZemldkoDSWmyScmDSeBRZPoRdhXCHKoDSWmyScmDSeBRZWFR-emqiAUTdcS0jhNlOeBRiA8XpWFR-emqiAUTdcS0jhNlOeBRiA8XpWFR-emqiAUTdcS0dcmXOeBDOcu8OeFzicmajW48OAs8dAv0SaBujW48Sagyjh90jhNlOeFzicmajW48OcFzdPUCdhFydeyzSabCSaBujW48SagyjhmDjhy8ZYmC-Ao1OcFzdPUaiaS0jAFu-WsoShFGZAsude80ZkoRdhXCiaiaOcBRiA8XpWFR-emqiAUTdcS0dcmXOYiaikoySkolZPUaiaS0jhNhZWiySc9lZemldkoDSWmyScmDSeBRZPoRdhXCiaiaOcFzicmajW48OcFzdPUaiaS0SaBujW48SagyjhmDjhy8ZYmC-Ao1OcFzdPJ4Z1mXiW4yOWgXH6qJy89bMg62JMJ7fbKImsMMeMb6MKG4fVN9IMMjgPMfH6qJ6m9bMg6YJMJ7fbKfmsMMegI6MTMgx5Lbrb9.js

Requested by

Host: www.coveware.com
URL: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

70d853428a98b7c4c47f96428c791daf80a40b134d3ec6f5cea516e0597a33a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coveware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Tue, 30 Jan 2024 02:11:25 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6763

GET
H2 200 css2
fonts.googleapis.com/ 33 KB
2 KB 45ms
22ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,400;1,700

Requested by

Host: www.coveware.com
URL: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6039c988f738db8194c2c67d1ea9838103cd1ff7257a6d5eabde630cc03a99ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coveware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 30 Jan 2024 02:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 30 Jan 2024 02:11:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Jan 2024 02:11:25 GMT

GET
H/1.1 200
OK modern.js Show response
assets.squarespace.com/@sqs/polyfiller/1.6/ 115 KB
42 KB 38ms
7ms Script
text/javascript 2a02:26f0:1700:1ae::4205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/@sqs/polyfiller/1.6/modern.js
Requested by: Host: www.coveware.com
URL: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:1ae::4205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 54e832663426c696b1f603379026e5e15720e8c812bbbc60d63aa2ad8a479f75

Request headers

Referer: https://www.coveware.com/
Origin: https://www.coveware.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 30 Jan 2024 02:11:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Oct 2022 21:19:57 GMT
Server: UploadServer
ETag: "fe0d53a94823df972dbf107bf190771a"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42447
Expires: Tue, 30 Jan 2024 03:11:25 GMT

GET
H/1.1 200
OK extract-css-runtime-2fead3b330eaf22f4336-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 44 KB
19 KB 41ms
10ms Script
text/javascript 2a02:26f0:1700:1ae::4205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/extract-css-runtime-2fead3b330eaf22f4336-min.en-US.js
Requested by: Host: www.coveware.com
URL: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:1ae::4205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 399633f6bd65281c5fc751dbdef4397295b7d05e6d324026f81842828d744ad2

Request headers

Referer: https://www.coveware.com/
Origin: https://www.coveware.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 30 Jan 2024 02:11:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Jan 2024 15:55:56 GMT
Server: UploadServer
ETag: "e932832b160ed10ee19ac56201c68964"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19441
Expires: Tue, 30 Jan 2024 03:11:25 GMT

GET
H/1.1 200
OK extract-css-moment-js-vendor-675f9459672cf966ca51-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 1 MB
126 KB 42ms
12ms Script
text/javascript 2a02:26f0:1700:1ae::4205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/extract-css-moment-js-vendor-675f9459672cf966ca51-min.en-US.js
Requested by: Host: www.coveware.com
URL: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:1ae::4205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: c93034799cbdc326dfa0a15611fc53eb1a275da029699f572ef44c0eadf0e009

Request headers

Referer: https://www.coveware.com/
Origin: https://www.coveware.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 30 Jan 2024 02:11:25 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Jan 2024 13:43:11 GMT
Server: UploadServer
ETag: "8a73ca86c3ee1d3623aa08f264f43796"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128742
Expires: Tue, 30 Jan 2024 03:11:25 GMT

GET
H/1.1 200
OK cldr-resource-pack-a682f7ad337741eb05d6-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 122 KB
25 KB 40ms
9ms Script
text/javascript 2a02:26f0:1700:1ae::4205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/cldr-resource-pack-a682f7ad337741eb05d6-min.en-US.js
Requested by: Host: www.coveware.com
URL: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:1ae::4205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: b2dc64332543a27c53be61d049e7e74d40740b2aa60d4708793944afa54ecc54

Request headers

Referer: https://www.coveware.com/
Origin: https://www.coveware.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 30 Jan 2024 02:11:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 15 Dec 2023 01:42:13 GMT
Server: UploadServer
ETag: "85b875f9fdc87e56b8f63608c90f9fe8"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24926
Expires: Tue, 30 Jan 2024 03:11:25 GMT

GET
H/1.1 200
OK common-vendors-stable-f9df4447a2af25df5875-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 240 KB
80 KB 43ms
12ms Script
text/javascript 2a02:26f0:1700:1ae::4205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-f9df4447a2af25df5875-min.en-US.js
Requested by: Host: www.coveware.com
URL: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:1ae::4205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: a35bbf88a5d660ec5bac590a84a8d84fe57026fd1edbeeeb9469a7a42962f2a0

Request headers

Referer: https://www.coveware.com/
Origin: https://www.coveware.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 30 Jan 2024 02:11:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 15 Dec 2023 01:39:46 GMT
Server: UploadServer
ETag: "56ee1cd95f0ed758feed83782291ef62"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 81919
Expires: Tue, 30 Jan 2024 03:11:25 GMT

GET
H/1.1 200
OK common-vendors-71d2b5689e498c55b513-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 621 KB
188 KB 43ms
13ms Script
text/javascript 2a02:26f0:1700:1ae::4205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-71d2b5689e498c55b513-min.en-US.js
Requested by: Host: www.coveware.com
URL: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:1ae::4205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 067b6978dd03cbe56fe423d0c9c7829d9b35fc45f26e37ad494061cc9d710ca2

Request headers

Referer: https://www.coveware.com/
Origin: https://www.coveware.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 30 Jan 2024 02:11:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Jan 2024 15:03:46 GMT
Server: UploadServer
ETag: "e3b8535a089cd946f4cb7c449b049cc0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 191988
Expires: Tue, 30 Jan 2024 03:11:25 GMT

GET
H/1.1 200
OK common-60a83645d88b93fd39f8-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 2 MB
479 KB 60ms
9ms Script
text/javascript 2a02:26f0:1700:1ae::4205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-60a83645d88b93fd39f8-min.en-US.js
Requested by: Host: www.coveware.com
URL: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:1ae::4205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 7c845d53c8f520c4bbf6890eeedad6c8b40663478d231e7827cb4fcffe6e294e

Request headers

Referer: https://www.coveware.com/
Origin: https://www.coveware.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 30 Jan 2024 02:11:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Jan 2024 16:13:10 GMT
Server: UploadServer
ETag: "460355c1fe687b7d3523da1cde46e137"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 490213
Expires: Tue, 30 Jan 2024 03:11:25 GMT

GET
H/1.1 200
OK commerce-19cb4042b6426175aa20-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 954 KB
291 KB 60ms
10ms Script
text/javascript 2a02:26f0:1700:1ae::4205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/commerce-19cb4042b6426175aa20-min.en-US.js
Requested by: Host: www.coveware.com
URL: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:1ae::4205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: a216c833f34e9e82e42043847112c92fd38b4db0de99d26bfbfd430a80c86c18

Request headers

Referer: https://www.coveware.com/
Origin: https://www.coveware.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 30 Jan 2024 02:11:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Jan 2024 16:13:08 GMT
Server: UploadServer
ETag: "0bc8ba2e9540b202e0795935104d2194"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 297598
Expires: Tue, 30 Jan 2024 03:11:25 GMT

GET
H/1.1 200
OK commerce-af8809f2481c48376f6a-min.en-US.css
assets.squarespace.com/universal/styles-compressed/ 18 KB
7 KB 38ms
8ms Stylesheet
text/css 2a02:26f0:1700:1ae::4205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/styles-compressed/commerce-af8809f2481c48376f6a-min.en-US.css
Requested by: Host: www.coveware.com
URL: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:1ae::4205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: dd7b8e86df27357f08da5cf09121100d190795df7cb402f35cb3ab14c8c40a84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coveware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 30 Jan 2024 02:11:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Dec 2023 16:10:15 GMT
Server: UploadServer
ETag: "af12b5659e4ea6c04ff8efe6c0e8f279"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6964
Expires: Tue, 30 Jan 2024 03:11:25 GMT

GET
H/1.1 200
OK performance-1d6818061500e69b783e-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 35 KB
12 KB 9ms
8ms Script
text/javascript 2a02:26f0:1700:1ae::4205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/performance-1d6818061500e69b783e-min.en-US.js
Requested by: Host: www.coveware.com
URL: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:1ae::4205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 96c6ec4f21e5bae48019f923ee5086bd584f415fe153881372f0e00b62a0bb35

Request headers

Referer: https://www.coveware.com/
Origin: https://www.coveware.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 30 Jan 2024 02:11:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Jan 2024 23:20:11 GMT
Server: UploadServer
ETag: "4346af205dae2bd01dda915d285c7442"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12266
Expires: Tue, 30 Jan 2024 03:11:25 GMT

GET
H2 200 site.css
static1.squarespace.com/static/sitecss/5ab16578e2ccd10898976178/1166/55f0aac0e4b0f0a5b7e0b22e/5b609cf48a922d3f43d100d1/353/ 1011 KB
98 KB 50ms
12ms Stylesheet
text/css 151.101.0.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/sitecss/5ab16578e2ccd10898976178/1166/55f0aac0e4b0f0a5b7e0b22e/5b609cf48a922d3f43d100d1/353/site.css

Requested by

Host: www.coveware.com
URL: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

7a45abb7aa94951c8c55689be5cd8743f531baa47c10af6f69672dea5400d7ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coveware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 119, 1
date: Tue, 30 Jan 2024 02:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
age: 555689
x-cache: HIT, HIT
x-contextid: bqUXLWJ3/CRsScUtj
content-length: 100212
x-served-by: cache-dfw-kdfw8210097-DFW, cache-fra-etou8220060-FRA
pragma: cache
server: Squarespace
x-timer: S1706580686.715751,VS0,VE1
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
71 KB 52ms
30ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-799277872

Requested by

Host: www.coveware.com
URL: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

930f99d8e89dc42aa769cab0c3724e5079b10e1dab8a106417a78e6763f3e7fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coveware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 02:11:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72908
x-xss-protection: 0
last-modified: Tue, 30 Jan 2024 01:37:32 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Jan 2024 02:11:25 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 34ms
12ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: www.coveware.com
URL: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coveware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 14:16:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jan 2025 14:16:19 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 39ms
17ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.coveware.com
URL: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1de7f36ad7f44f5a484982ade6d03cee45fe311454a8799f25060c27bc88cd22

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coveware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 02:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 30 Jan 2024 02:11:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 243 KB
83 KB 43ms
21ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K05GPCW9CK

Requested by

Host: www.coveware.com
URL: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e0ef67d36bf84de6d0a28b1f1e5a505c4119b1271fc3e49d3b24baa7488ba005

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coveware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 02:11:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85021
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 30 Jan 2024 02:11:25 GMT

GET
H2 200 coveware_banner.png
images.squarespace-cdn.com/content/v1/5ab16578e2ccd10898976178/1524678956216-R496TJD9OIGMY0CH4K94/ 59 KB
60 KB 44ms
7ms Image
image/png 151.101.0.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/5ab16578e2ccd10898976178/1524678956216-R496TJD9OIGMY0CH4K94/coveware_banner.png?format=1500w
Requested by: Host: www.coveware.com
URL: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7b944c6fd5b53c7ab1b83a3ee5bff758cadd2081365eb4b8b127f4c61253674d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coveware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 159, 1
date: Tue, 30 Jan 2024 02:11:25 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 2267679
x-cache: HIT, HIT
content-length: 60927
x-served-by: cache-iad-kjyo7100076-IAD, cache-fra-etou8220029-FRA
x-timer: S1706580686.715966,VS0,VE1
etag: CJunz4zdxOsCEAE=
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 site-bundle.js Show response
static1.squarespace.com/static/ta/55f0a9b0e4b0f3eb70352f6d/353/scripts/ 143 KB
46 KB 35ms
6ms Script
application/javascript 151.101.0.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/ta/55f0a9b0e4b0f3eb70352f6d/353/scripts/site-bundle.js

Requested by

Host: www.coveware.com
URL: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

113e7a149659b287d4d36fb05dc5f5c8c63f5eb31875987bdf3466ce58659a88

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coveware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 24, 8943
date: Tue, 30 Jan 2024 02:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
age: 555924
x-cache: HIT, HIT
x-contextid: xyTjHbXF/hbGO9Q1L
content-length: 46908
x-served-by: cache-dfw-kdal2120064-DFW, cache-fra-etou8220060-FRA
pragma: cache
server: Squarespace
x-timer: S1706580686.715873,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 lazy-summaries.min.js Show response
assets.squarewebsites.org/lazy-summaries/ 119 KB
33 KB 168ms
133ms Script
application/x-javascript 2606:4700:10::6816:3b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.squarewebsites.org/lazy-summaries/lazy-summaries.min.js

Requested by

Host: www.coveware.com
URL: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3b7c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec34157cbc62128555e4bf4a8c7621cfa5a2cdac8bdcfda72b5dc1eeba5abf1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coveware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 02:11:25 GMT
strict-transport-security: max-age=10886400; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
service-worker-allowed: /
pragma: no-cache
last-modified: Mon, 27 Nov 2023 19:53:17 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, no-cache, must-revalidate, max-age=7200, s-maxage=7200, stale-if-error=600
x-turbo-charged-by: LiteSpeed
cf-ray: 84d62f261c54997b-FRA
platform: hostinger
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-robots-tag: noindex, noarchive, nosnippet
expires: Sun, 11 Jan 1981 05:00:00 GMT

GET
H2 200 UI_CSS_SEARCH.js Show response
cdn.jsdelivr.net/gh/joecorylabs/plugins/ 3 KB
2 KB 404ms
388ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/joecorylabs/plugins/UI_CSS_SEARCH.js

Requested by

Host: www.coveware.com
URL: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4e51648b4dee156e40cbdf04e3e130b912ff231270c0b5fcc7f5c3e2c994534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coveware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 02:11:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-jsd-version: master
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230064-FRA, cache-lga21966-LGA
x-jsd-version-type: branch
server: cloudflare
etag: W/"bf7-fE0usFxZZxKVsSugaroSbAZGQXw"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SPTcfWC7H2OcGNFSqUa4r4icengXmAVMK5OmZqTKFxVlknS6h%2BgOk2%2BnQ7kjSxdwzhT4FuUxNX5GYC5uQgBKNWrXORgLna9TAsQ5ymG3ldU%2FUw6DnJ3914EscSRQBDZVYk1f88jjfZscP%2F1Flnw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 84d62f260e5b30ca-FRA

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ 485 KB
195 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

904a9fb41a8def7934e36f12709f58182802250aaeec2d39b80e285941d47093

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.coveware.com/
Origin: https://www.coveware.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 13:23:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198685
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:28:49 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Jan 2025 13:23:58 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 213 KB
58 KB 29ms
14ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.coveware.com
URL: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

05e0d95e16595bcc9b3c0e4f2a0f1a455630f8ab577f682676162e3c87aefe20

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coveware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 30 Jan 2024 02:11:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57161
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: wQsC0WHoYkT7x53xe9pkY5XEPPSMuDEsFKLMABJxnt6WH2bVwcD4WCnc31jFitjSvGk+fBCNhUBHUIvIesEAVg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ui-icons.svg
www.coveware.com/assets/ 8 KB
8 KB 15ms
15ms Other
image/svg+xml 198.49.23.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.coveware.com/assets/ui-icons.svg

Requested by

Host: www.coveware.com
URL: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

ded1e2af9a5d3937cc8d26fbb6d0212702f611ca62607c4eb3e7b4dc3b196d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: cache
date: Fri, 26 Jan 2024 18:38:36 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
server: Squarespace
age: 31002
etag: W/"8d50e89fb0a1c5637ea2cbfba8d562ec"
content-type: image/svg+xml
access-control-allow-origin: *
x-contextid: Rb4kR824/IiwtZ87c
accept-ranges: bytes
content-length: 8459
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 social-accounts.svg
www.coveware.com/universal/svg/ 109 KB
110 KB 14ms
14ms Other
image/svg+xml 198.49.23.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.coveware.com/universal/svg/social-accounts.svg
Requested by: Host: www.coveware.com
URL: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.49.23.144 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software: Squarespace /
Resource Hash: 535dc65c718c94146330d7b03dfc0c42437b6bf8eb60e4a7832d2855118f02fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: cache
date: Mon, 29 Jan 2024 17:36:25 GMT
surrogate-key: universal
last-modified: Mon, 29 Jan 2024 16:22:17 GMT
server: Squarespace
age: 30827
etag: "d58aa359d9e3928678765bc5f9f442ae"
content-type: image/svg+xml
access-control-allow-origin: *
x-contextid: xelAjAiG/1h6y3T6F
accept-ranges: bytes
timing-allow-origin: *
content-length: 112084
expires: Wed, 29 Jan 2025 16:56:03 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 30ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,400;1,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.coveware.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:31:50 GMT
x-content-type-options: nosniff
age: 527975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:31:50 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/ 49 KB
49 KB 40ms
16ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,400;1,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.coveware.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 16:03:55 GMT
x-content-type-options: nosniff
age: 554850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50296
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:10:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 16:03:55 GMT

GET
H2 200 l
use.typekit.net/af/309dfe/000000000000000000010091/27/ 39 KB
40 KB 21ms
7ms Font
application/font-woff2 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/309dfe/000000000000000000010091/27/l?subset_id=2&fvd=n7&v=3
Requested by: Host: www.coveware.com
URL: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: d76f8e42213513ab33c721c98a652b012ee11ff86efc7661ca19a344c4c117a8

Request headers

Referer: https://www.coveware.com/
Origin: https://www.coveware.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 02:11:25 GMT
server: nginx
etag: "78f589bb61056c7dc2c42601e2fd59aa96941141"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 40404

GET
H2 200 2406371312769603 Show response
connect.facebook.net/signals/config/ 52 KB
11 KB 237ms
237ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2406371312769603?v=2.9.143&r=stable&domain=www.coveware.com&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

11e95e80990923bded411929cefe9c487e1a657ef5839a55c5f1fe51aad5f7f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coveware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 30 Jan 2024 02:11:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: iIsdsCkQe2AzpqpMACOzYN9SwcYs3wv0zx4LGP3DK9uBiVLbe10B28Pk3/eDZWiIDdzpMHumYlpqtl6RtvGNLQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
255 B 34ms
14ms Ping
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-K05GPCW9CK&gtm=45je41o0v9126999237&_p=1706580685924&gcd=11l1l1l1l1&dma=0&gdid=dZjQwMz&cid=1008813549.1706580686&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1706580686&sct=1&seg=0&dl=https%3A%2F%2Fwww.coveware.com%2Fblog%2F2024%2F1%2F25%2Fnew-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying&dt=New%20Ransomware%20Reporting%20Requirements%20Kick%20in%20as%20Victims%20Increasingly%20Avoid%20Paying&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=601
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K05GPCW9CK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coveware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 02:11:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.coveware.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/799277872/ 3 KB
2 KB 47ms
19ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/799277872/?random=1706580686046&cv=11&fst=1706580686046&bg=ffffff&guid=ON&async=1&gtm=45be41o0h1&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.coveware.com%2Fblog%2F2024%2F1%2F25%2Fnew-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying&hn=www.googleadservices.com&frm=0&tiba=New%20Ransomware%20Reporting%20Requirements%20Kick%20in%20as%20Victims%20Increasingly%20Avoid%20Paying&npa=0&pscdl=noapi&auid=1118610618.1706580686&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-799277872

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

186de210a93f80f8f3ac5e31521ea4d13cfc4fd8913b965a7c69d15d705cc41d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coveware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 02:11:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/799277872/ 42 B
327 B 16ms
16ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/799277872/?random=1706580686046&cv=11&fst=1706580000000&bg=ffffff&guid=ON&async=1&gtm=45be41o0h1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.coveware.com%2Fblog%2F2024%2F1%2F25%2Fnew-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying&frm=0&tiba=New%20Ransomware%20Reporting%20Requirements%20Kick%20in%20as%20Victims%20Increasingly%20Avoid%20Paying&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_CjHexnQghaoCwREejmKBS4-xvdieBw&random=3664195976&rmt_tld=0&ipr=y

Requested by

Host: www.coveware.com
URL: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coveware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 02:11:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ru/pagead/1p-user-list/799277872/ 42 B
455 B 40ms
19ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ru/pagead/1p-user-list/799277872/?random=1706580686046&cv=11&fst=1706580000000&bg=ffffff&guid=ON&async=1&gtm=45be41o0h1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.coveware.com%2Fblog%2F2024%2F1%2F25%2Fnew-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying&frm=0&tiba=New%20Ransomware%20Reporting%20Requirements%20Kick%20in%20as%20Victims%20Increasingly%20Avoid%20Paying&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_CjHexnQghaoCwREejmKBS4-xvdieBw&random=3664195976&rmt_tld=1&ipr=y

Requested by

Host: www.coveware.com
URL: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coveware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 02:11:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK announcement-bar-80a2feba60f387e8686b-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 127 KB
45 KB 8ms
8ms Script
text/javascript 2a02:26f0:1700:1ae::4205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/announcement-bar-80a2feba60f387e8686b-min.en-US.js
Requested by: Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-f9df4447a2af25df5875-min.en-US.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:1ae::4205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: be54a213d16977b25c13f06b3300d942a81a05344c19e7af9f0319777c72aeab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coveware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 30 Jan 2024 02:11:26 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Jan 2024 17:52:36 GMT
Server: UploadServer
ETag: "7fa66c5c6e34a694dd7e1e5772f9b9af"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 45940
Expires: Tue, 30 Jan 2024 03:11:26 GMT

GET
H/1.1 200
OK share-buttons-ca31b95f7913279bee5b-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 6 KB
3 KB 20ms
7ms Script
text/javascript 2a02:26f0:1700:1ae::4205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/share-buttons-ca31b95f7913279bee5b-min.en-US.js
Requested by: Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/extract-css-runtime-2fead3b330eaf22f4336-min.en-US.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:1ae::4205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 8dbcd57d8dfa0226f502d7503608c69aa36890f33149bdeff7b6fbbff8129581

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coveware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 30 Jan 2024 02:11:26 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Jan 2024 20:37:43 GMT
Server: UploadServer
ETag: "0011f3a4a38cf420dff0c62f1832c2d0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2433
Expires: Tue, 30 Jan 2024 03:11:26 GMT

POST
H2 200 RecordHit Show response
www.coveware.com/api/census/ 17 B
111 B 105ms
105ms XHR
application/json 198.49.23.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.coveware.com/api/census/RecordHit

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-71d2b5689e498c55b513-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying
X-CSRF-Token: BT/tMptnD8nFMzcwNGViODM2NTdlMmQ3M2JlZDdiZGYwYjcyNmVh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 30 Jan 2024 02:11:26 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
server: Squarespace
age: 0
content-type: application/json;charset=utf-8
x-contextid: LX0eCG32/S2oGR5Ul
accept-ranges: bytes
content-length: 17

GET
H2 200 l
use.typekit.net/af/ae4f6c/000000000000000000010096/27/ 67 KB
67 KB 7ms
7ms Font
application/font-woff2 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/ae4f6c/000000000000000000010096/27/l?subset_id=2&fvd=n3&v=3
Requested by: Host: www.coveware.com
URL: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 634a4f9f8a22e44867bf4f68b9671e1471fe6e7339bbf2777ad5264be64d4049

Request headers

Referer: https://www.coveware.com/
Origin: https://www.coveware.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 02:11:26 GMT
server: nginx
etag: "dcb4afde1e053f9caf987fd66290b8eca72ab6f0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 68532

GET
H2 200 l
use.typekit.net/af/9b05f3/000000000000000000013365/27/ 46 KB
46 KB 14ms
14ms Font
application/font-woff2 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/9b05f3/000000000000000000013365/27/l?subset_id=2&fvd=n4&v=3
Requested by: Host: www.coveware.com
URL: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2d36e12bfbde85feb98c8b66f8a4a40f9a5db6918f49234a2ddece526d933237

Request headers

Referer: https://www.coveware.com/
Origin: https://www.coveware.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 02:11:26 GMT
server: nginx
etag: "0ffa5e8c8eb076cc21ede9987250dfa4f2af4438"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 46668

GET
H2 200 l
use.typekit.net/af/2cd6bf/00000000000000000001008f/27/ 41 KB
42 KB 15ms
15ms Font
application/font-woff2 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2cd6bf/00000000000000000001008f/27/l?subset_id=2&fvd=n5&v=3
Requested by: Host: www.coveware.com
URL: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: bf2d68276696fd7c8903c75e24b32536f8a4d9f39a952b389c13ee8c793a530c

Request headers

Referer: https://www.coveware.com/
Origin: https://www.coveware.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 02:11:26 GMT
server: nginx
etag: "87868ea7533b245fa343d5fd2e370ee0daee1db8"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 42384

GET
H2 200 l
use.typekit.net/af/eb729a/000000000000000000010092/27/ 39 KB
39 KB 17ms
17ms Font
application/font-woff2 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/eb729a/000000000000000000010092/27/l?subset_id=2&fvd=i7&v=3
Requested by: Host: www.coveware.com
URL: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 7fcb4ef179e88dd6fd4181433f9b97f869c03930f5c698113ef4a18785a2f6df

Request headers

Referer: https://www.coveware.com/
Origin: https://www.coveware.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 02:11:26 GMT
server: nginx
etag: "599bfc6908295758da16f495738fa5c76ccf9542"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 40216

GET
H2 200 / Show response
graph.facebook.com/ 260 B
626 B 75ms
45ms Script
text/javascript 2a03:2880:f083:10e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying&callback=SquarespaceShareButtonCounts1706580686199.facebook

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/share-buttons-ca31b95f7913279bee5b-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:10e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9b9cf027fea4ec30241993e40f156e6389590ab6bb9a343d95ef192fe0ee1395

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coveware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
date: Tue, 30 Jan 2024 02:11:26 GMT
x-fb-rev: 1011093990
alt-svc: h3=":443"; ma=86400
content-length: 194
pragma: no-cache
x-fb-debug: yEtdJLb/0j/LLYpblLiXiAr/AFzB1krlTjbdgCWHn81z1R5mo9cZHn3z+hnQnfl1QZApxPcXtdiElAJRL8fYtA==
x-fb-trace-id: CR0l6mccS3v
vary: Origin, Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: A8fUDtGeV99pfBbeZnKq4ma
cache-control: no-store
facebook-api-version: v12.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 404 share
www.linkedin.com/countserv/count/ 0
0 186ms
156ms Script
text/html 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.linkedin.com/countserv/count/share?url=https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying&callback=SquarespaceShareButtonCounts1706580686199.linkedin
Requested by: Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/share-buttons-ca31b95f7913279bee5b-min.en-US.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coveware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 blog Show response
www.coveware.com/ 1 MB
199 KB 224ms
224ms XHR
application/json 198.49.23.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.coveware.com/blog?&format=json&_=1706580685973

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

3e2f4d5e0399a3f1d293cb9ca04201047b7af391480f2bd78eebb3546fb218f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: cache
date: Tue, 30 Jan 2024 02:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
server: Squarespace
age: 0
etag: W/"abf19880ebd31f152cefd75f4d506720"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/json;charset=utf-8
x-contextid: LX0eCG32/WOdonoQj
accept-ranges: bytes
content-length: 203233
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 p.gif
p.typekit.net/ 35 B
205 B 7ms
7ms Image
image/gif 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=2&k=646866_5ab16578e2ccd10898976178&ht=tk&h=www.coveware.com&f=10886.10884.10879.10881.10882&a=646866&js=1.21.0&app=typekit&e=js&_=1706580686212
Requested by: Host: www.coveware.com
URL: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coveware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 02:11:26 GMT
last-modified: Fri, 28 Jul 2023 12:40:18 GMT
server: nginx
etag: "64c3b732-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 21ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2406371312769603&ev=PageView&dl=https%3A%2F%2Fwww.coveware.com%2Fblog%2F2024%2F1%2F25%2Fnew-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying&rl=&if=false&ts=1706580686253&sw=1600&sh=1200&v=2.9.143&r=stable&a=plsquarespace&ec=0&o=4126&fbp=fb.1.1706580686252.908499438&ler=empty&cdl=API_unavailable&it=1706580685999&coo=false&exp=e0&rqm=GET

Requested by

Host: www.coveware.com
URL: https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coveware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 30 Jan 2024 02:11:26 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.coveware.com/	1969-12-31 23:59:59	Name: crumb Value: BT/tMptnD8nFMzcwNGViODM2NTdlMmQ3M2JlZDdiZGYwYjcyNmVh
.coveware.com/	1970-01-21 03:39:00	Name: _ga_K05GPCW9CK Value: GS1.1.1706580686.1.0.1706580686.0.0.0
.coveware.com/	1970-01-21 03:39:00	Name: _ga Value: GA1.1.1008813549.1706580686
.coveware.com/	1970-01-20 20:12:36	Name: _gcl_au Value: 1.1.1118610618.1706580686
.doubleclick.net/	1970-01-20 18:03:01	Name: test_cookie Value: CheckForPermission
.coveware.com/	1970-01-20 20:12:36	Name: _fbp Value: fb.1.1706580686252.908499438
.linkedin.com/	1970-01-21 02:48:36	Name: bcookie Value: "v=2&6f663819-bab9-496f-8fb3-1cfb8a960860"
.www.linkedin.com/	1970-01-21 02:48:36	Name: bscookie Value: "v=1&20240130021126838f7dcd-722c-4e9a-8601-d124c7b986e7AQE4WKBHODHS9qaNU_PQnzGTJ497zGUe"
.linkedin.com/	1970-01-20 22:22:12	Name: li_gc Value: MTswOzE3MDY1ODA2ODY7MjswMjG3t1rwPmgtjxxQGxkg0TJxB1lZVImZdRUrbES89hsOXQ==
.linkedin.com/	1970-01-20 18:04:27	Name: lidc Value: "b=TGST00:s=T:r=T:a=T:p=T:g=3309:u=1:x=1:i=1706580686:t=1706667086:v=2:sig=AQF0P7XokX1j_kUX2VyrmwjrvUajSkKt"

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/2406371312769603?v=2.9.143&r=stable&domain=www.coveware.com&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98(Line 95) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://www.linkedin.com/countserv/count/share?url=https://www.coveware.com/blog/2024/1/25/new-ransomware-reporting-requirements-kick-in-as-victims-increasingly-avoid-paying&callback=SquarespaceShareButtonCounts1706580686199.linkedin Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets.squarespace.com
assets.squarewebsites.org
cdn.jsdelivr.net
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
graph.facebook.com
images.squarespace-cdn.com
p.typekit.net
static1.squarespace.com
use.typekit.net
www.coveware.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.ru
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
151.101.0.238
198.49.23.144
2606:4700:10::6816:3b7c
2606:4700::6810:5714
2620:1ec:21::14
2a00:1450:4001:808::2003
2a00:1450:4001:811::2008
2a00:1450:4001:811::200a
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2002
2a02:26f0:1700:1ae::4205
2a02:26f0:3500:16::215:1495
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f083:10e:face:b00c:0:2
2a03:2880:f176:181:face:b00c:0:25de
05e0d95e16595bcc9b3c0e4f2a0f1a455630f8ab577f682676162e3c87aefe20
067b6978dd03cbe56fe423d0c9c7829d9b35fc45f26e37ad494061cc9d710ca2
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
113e7a149659b287d4d36fb05dc5f5c8c63f5eb31875987bdf3466ce58659a88
11e95e80990923bded411929cefe9c487e1a657ef5839a55c5f1fe51aad5f7f8
186de210a93f80f8f3ac5e31521ea4d13cfc4fd8913b965a7c69d15d705cc41d
1de7f36ad7f44f5a484982ade6d03cee45fe311454a8799f25060c27bc88cd22
2d36e12bfbde85feb98c8b66f8a4a40f9a5db6918f49234a2ddece526d933237
399633f6bd65281c5fc751dbdef4397295b7d05e6d324026f81842828d744ad2
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e2f4d5e0399a3f1d293cb9ca04201047b7af391480f2bd78eebb3546fb218f9
535dc65c718c94146330d7b03dfc0c42437b6bf8eb60e4a7832d2855118f02fb
54e832663426c696b1f603379026e5e15720e8c812bbbc60d63aa2ad8a479f75
6039c988f738db8194c2c67d1ea9838103cd1ff7257a6d5eabde630cc03a99ee
634a4f9f8a22e44867bf4f68b9671e1471fe6e7339bbf2777ad5264be64d4049
70d853428a98b7c4c47f96428c791daf80a40b134d3ec6f5cea516e0597a33a7
7a45abb7aa94951c8c55689be5cd8743f531baa47c10af6f69672dea5400d7ed
7b944c6fd5b53c7ab1b83a3ee5bff758cadd2081365eb4b8b127f4c61253674d
7c845d53c8f520c4bbf6890eeedad6c8b40663478d231e7827cb4fcffe6e294e
7fcb4ef179e88dd6fd4181433f9b97f869c03930f5c698113ef4a18785a2f6df
8dbcd57d8dfa0226f502d7503608c69aa36890f33149bdeff7b6fbbff8129581
904a9fb41a8def7934e36f12709f58182802250aaeec2d39b80e285941d47093
930f99d8e89dc42aa769cab0c3724e5079b10e1dab8a106417a78e6763f3e7fe
96c6ec4f21e5bae48019f923ee5086bd584f415fe153881372f0e00b62a0bb35
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9b9cf027fea4ec30241993e40f156e6389590ab6bb9a343d95ef192fe0ee1395
a216c833f34e9e82e42043847112c92fd38b4db0de99d26bfbfd430a80c86c18
a35bbf88a5d660ec5bac590a84a8d84fe57026fd1edbeeeb9469a7a42962f2a0
b2dc64332543a27c53be61d049e7e74d40740b2aa60d4708793944afa54ecc54
be54a213d16977b25c13f06b3300d942a81a05344c19e7af9f0319777c72aeab
bf2d68276696fd7c8903c75e24b32536f8a4d9f39a952b389c13ee8c793a530c
c4e51648b4dee156e40cbdf04e3e130b912ff231270c0b5fcc7f5c3e2c994534
c93034799cbdc326dfa0a15611fc53eb1a275da029699f572ef44c0eadf0e009
d76f8e42213513ab33c721c98a652b012ee11ff86efc7661ca19a344c4c117a8
dd7b8e86df27357f08da5cf09121100d190795df7cb402f35cb3ab14c8c40a84
ded1e2af9a5d3937cc8d26fbb6d0212702f611ca62607c4eb3e7b4dc3b196d9f
e0ef67d36bf84de6d0a28b1f1e5a505c4119b1271fc3e49d3b24baa7488ba005
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61077c61e5a9b53f195193ffa4de66cec2eba393ac8805c2b361fe7ccedafa1
ec34157cbc62128555e4bf4a8c7621cfa5a2cdac8bdcfda72b5dc1eeba5abf1d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.coveware.com Open in urlscan Pro 198.49.23.144 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

46 Requests

100 %HTTPS

89 %IPv6

16 Domains

21 Subdomains

18 IPs

2 Countries

2703 kBTransfer

9539 kBSize

10 Cookies

43 Outgoing links

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.coveware.com Open in urlscan Pro
198.49.23.144 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

100 %
HTTPS

89 %
IPv6

16
Domains

21
Subdomains

18
IPs

2
Countries

2703 kB
Transfer

9539 kB
Size

10
Cookies

46 HTTP transactions
0 data transactions