lifars.com Open in urlscan Pro
208.97.144.40 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
Submission: On September 15 via api (September 15th 2021, 5:19:53 am UTC) from GB — Scanned from DE

Summary HTTP 118 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 37 IPs in 7 countries across 28 domains to perform 118 HTTP transactions. The main IP is 208.97.144.40, located in United States and belongs to DREAMHOST-AS, US. The main domain is lifars.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 18th 2021. Valid for: a year.

This is the only time lifars.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	208.97.144.40 208.97.144.40	26347 (DREAMHOST-AS) (DREAMHOST-AS)
4	142.250.180.8 142.250.180.8	15169 (GOOGLE) (GOOGLE)
3	104.75.88.209 104.75.88.209	16625 (AKAMAI-AS) (AKAMAI-AS)
6	192.0.77.40 192.0.77.40	2635 (AUTOMATTIC) (AUTOMATTIC)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
6	142.250.180.14 142.250.180.14	15169 (GOOGLE) (GOOGLE)
3	13.107.21.200 13.107.21.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	104.117.198.163 104.117.198.163	16625 (AKAMAI-AS) (AKAMAI-AS)
6	185.60.218.24 185.60.218.24	32934 (FACEBOOK) (FACEBOOK)
3	151.101.13.140 151.101.13.140	54113 (FASTLY) (FASTLY)
1	13.32.22.39 13.32.22.39	16509 (AMAZON-02) (AMAZON-02)
4	93.184.220.66 93.184.220.66	15133 (EDGECAST) (EDGECAST)
5	68.232.34.200 68.232.34.200	15133 (EDGECAST) (EDGECAST)
1	23.218.209.45 23.218.209.45	16625 (AKAMAI-AS) (AKAMAI-AS)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
2	142.250.200.34 142.250.200.34	15169 (GOOGLE) (GOOGLE)
7	65.9.71.62 65.9.71.62	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
2	173.194.76.157 173.194.76.157	15169 (GOOGLE) (GOOGLE)
1 2	142.250.187.194 142.250.187.194	15169 (GOOGLE) (GOOGLE)
2	199.232.80.84 199.232.80.84	54113 (FASTLY) (FASTLY)
1 2	108.174.11.69 108.174.11.69	14413 (LINKEDIN) (LINKEDIN)
1 1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	52.222.179.116 52.222.179.116	16509 (AMAZON-02) (AMAZON-02)
1	2.16.106.114 2.16.106.114	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	104.211.73.16 104.211.73.16	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
4	172.217.169.68 172.217.169.68	15169 (GOOGLE) (GOOGLE)
1	104.117.200.54 104.117.200.54	16625 (AKAMAI-AS) (AKAMAI-AS)
4	185.60.218.35 185.60.218.35	32934 (FACEBOOK) (FACEBOOK)
2	152.195.53.200 152.195.53.200	15133 (EDGECAST) (EDGECAST)
3	13.32.22.87 13.32.22.87	16509 (AMAZON-02) (AMAZON-02)
1 3	99.86.4.32 99.86.4.32	16509 (AMAZON-02) (AMAZON-02)
1	51.104.15.252 51.104.15.252	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	54.76.212.32 54.76.212.32	16509 (AMAZON-02) (AMAZON-02)
118	37

21 208.97.144.40 (United States)

ASN26347 (DREAMHOST-AS, US)
PTR: wp472643.dreamhostps.com

lifars.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.180.8 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s32-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.0.77.40 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: assets.tumblr.com

assets.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embed.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.srvcs.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.180.14 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s32-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.117.198.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-198-163.deploy.static.akamaitechnologies.com

chimpstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.60.218.24 (Bucharest, Romania)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-otp1.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.13.140 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buttons.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.22.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-39.fra56.r.cloudfront.net

serve.albacross.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 68.232.34.200 (United States)

ASN15133 (EDGECAST, US)

swx.cdn.skype.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.209.45 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-45.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.200.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s30-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 65.9.71.62 (United States)

ASN16509 (AMAZON-02, US)

downloads.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.76.157 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.187.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lhr25s33-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.80.84 (Marseille, France)

ASN54113 (FASTLY, US)

widgets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.174.11.69 (United States) 1 redirects

ASN14413 (LINKEDIN, US)
PTR: 108-174-11-69.fwd.linkedin.com

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.179.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-179-116.ham50.r.cloudfront.net

widgets.getpocket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.106.114 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-106-114.deploy.static.akamaitechnologies.com

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.211.73.16 (Pune, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

a.config.skype.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.169.68 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s09-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.117.200.54 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-200-54.deploy.static.akamaitechnologies.com

mc.us9.list-manage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.60.218.35 (Bucharest, Romania)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-otp1.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.195.53.200 (United States)

ASN15133 (EDGECAST, US)

consent.cmp.oath.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.22.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-87.fra56.r.cloudfront.net

assets.getpocket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.4.32 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-32.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.104.15.252 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.pipe.aria.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.76.212.32 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-212-32.eu-west-1.compute.amazonaws.com

new-collect.albacross.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	lifars.com lifars.com	470 KB
7	mailchimp.com downloads.mailchimp.com	87 KB
7	twitter.com platform.twitter.com analytics.twitter.com syndication.twitter.com	149 KB
7	wp.com stats.wp.com pixel.wp.com i1.wp.com i2.wp.com i0.wp.com	40 KB
6	getpocket.com widgets.getpocket.com assets.getpocket.com	14 KB
6	skype.com swx.cdn.skype.com a.config.skype.com	30 KB
6	google-analytics.com www.google-analytics.com	20 KB
6	tumblr.com assets.tumblr.com embed.tumblr.com px.srvcs.tumblr.com	74 KB
5	pinterest.com assets.pinterest.com widgets.pinterest.com log.pinterest.com	21 KB
4	facebook.com www.facebook.com	14 KB
4	google.com www.google.com	757 B
4	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com platform.linkedin.com	64 KB
4	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	3 KB
4	albacross.com serve.albacross.com new-collect.albacross.com	5 KB
4	facebook.net connect.facebook.net	182 KB
4	googletagmanager.com www.googletagmanager.com	161 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	reddit.com www.reddit.com buttons.reddit.com	5 KB
3	bing.com bat.bing.com	9 KB
2	fbcdn.net static.xx.fbcdn.net	136 KB
2	oath.com consent.cmp.oath.com	12 KB
2	googleadservices.com www.googleadservices.com	15 KB
2	chimpstatic.com chimpstatic.com	2 KB
1	microsoft.com browser.pipe.aria.microsoft.com	397 B
1	list-manage.com mc.us9.list-manage.com	2 KB
1	t.co t.co	455 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	licdn.com snap.licdn.com	2 KB
118	28

	Domain	Requested by
21	lifars.com	lifars.com
7	downloads.mailchimp.com	www.googletagmanager.com downloads.mailchimp.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com lifars.com
5	swx.cdn.skype.com	lifars.com swx.cdn.skype.com
4	www.facebook.com	lifars.com connect.facebook.net
4	www.google.com	lifars.com
4	platform.twitter.com	lifars.com platform.twitter.com
4	connect.facebook.net	lifars.com connect.facebook.net
4	assets.tumblr.com	lifars.com embed.tumblr.com assets.tumblr.com
4	www.googletagmanager.com	lifars.com www.googletagmanager.com
3	new-collect.albacross.com	lifars.com
3	sb.scorecardresearch.com	1 redirects embed.tumblr.com
3	assets.getpocket.com	widgets.getpocket.com assets.getpocket.com
3	widgets.getpocket.com	lifars.com widgets.getpocket.com assets.getpocket.com
3	bat.bing.com	lifars.com bat.bing.com
3	assets.pinterest.com	lifars.com assets.pinterest.com
2	static.xx.fbcdn.net	www.facebook.com
2	consent.cmp.oath.com	embed.tumblr.com
2	syndication.twitter.com	platform.twitter.com lifars.com
2	i2.wp.com	lifars.com
2	i1.wp.com	lifars.com
2	px.ads.linkedin.com	1 redirects lifars.com
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	www.reddit.com	lifars.com www.reddit.com
2	chimpstatic.com	lifars.com
1	log.pinterest.com	lifars.com
1	i0.wp.com	lifars.com
1	browser.pipe.aria.microsoft.com	swx.cdn.skype.com
1	px.srvcs.tumblr.com	embed.tumblr.com
1	mc.us9.list-manage.com	downloads.mailchimp.com
1	a.config.skype.com	swx.cdn.skype.com
1	embed.tumblr.com	assets.tumblr.com
1	platform.linkedin.com	lifars.com
1	www.linkedin.com	1 redirects
1	widgets.pinterest.com	assets.pinterest.com
1	t.co	lifars.com
1	analytics.twitter.com	static.ads-twitter.com
1	buttons.reddit.com	www.reddit.com
1	pixel.wp.com	lifars.com
1	static.ads-twitter.com	lifars.com
1	snap.licdn.com	lifars.com
1	serve.albacross.com	lifars.com
1	stats.wp.com	lifars.com
118	45

This site contains links to these domains. Also see Links.

Domain
www.ic3.gov
www.pinterest.com
qubitconference.com
www.linkedin.com
twitter.com
www.facebook.com
www.youtube.com
www.reddit.com

Subject Issuer	Validity	Valid
lifars.com Sectigo RSA Domain Validation Secure Server CA	`2021-08-18` - `2022-08-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
tumblr.com DigiCert SHA2 Extended Validation Server CA	`2020-07-09` - `2022-04-14`	2 years	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-07-06` - `2022-01-06`	6 months	crt.sh
wildcardsan.us15.list-manage.com DigiCert SHA2 Secure Server CA	`2021-01-11` - `2022-01-17`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-23` - `2021-11-18`	6 months	crt.sh
*.albacross.com Amazon	`2021-08-23` - `2022-09-21`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2020-11-16` - `2021-11-10`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
downloads.mailchimp.com Amazon	`2021-07-21` - `2022-08-19`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
widgets.getpocket.com Amazon	`2021-03-31` - `2022-04-29`	a year	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2020-07-03` - `2022-07-08`	2 years	crt.sh
*.config.skype.com Microsoft RSA TLS CA 01	`2021-08-08` - `2022-08-08`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
wildcardsan.list-manage.com DigiCert Secure Site ECC CA-1	`2020-08-26` - `2021-11-25`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
service.cmp.oath.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-18` - `2022-02-22`	a year	crt.sh
assets.getpocket.com Amazon	`2020-11-05` - `2021-12-06`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 05	`2021-08-12` - `2022-08-07`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
Frame ID: 48185940CCFB68F3997C8FCAA5D176ED
Requests: 92 HTTP requests in this frame

Frame: https://www.reddit.com/static/button/button1.html?newwindow=true&width=120&url=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&title=FBI%20Flash%20Alert%20Warns%20on%20OnePercent%20Group%20Ransomware%20Attacks
Frame ID: F98297BCC48F85B3385F8C78E6795A9A
Requests: 4 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Flifars.com
Frame ID: 115F6F25042C82636937E74D66D7998B
Requests: 2 HTTP requests in this frame

Frame: https://embed.tumblr.com/widgets/share/button?canonicalUrl=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&postcontent%5Btitle%5D=FBI%20Flash%20Alert%20Warns%20on%20OnePercent%20Group%20Ransomware%20Attacks&postcontent%5Bcontent%5D=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F
Frame ID: A95B0838DCA8B150997CC2F3F1CC650B
Requests: 9 HTTP requests in this frame

Frame: https://widgets.getpocket.com/v1/button?label=pocket&count=horizontal&v=1&url=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&title=FBI%20Flash%20Alert%20Warns%20on%20OnePercent%20Group%20Ransomware%20Attacks&src=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&r=0.8166078118144979
Frame ID: 3E62C38996FC5C933AA00906F0E1A232
Requests: 5 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.f88235f49a156f8b4cab34c7bc1a0acc.en.html
Frame ID: 33CC49131189D090083469D37E735096
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 832A5FD1ECC8C19198CC2E80C2742E48
Requests: 1 HTTP requests in this frame

Frame: https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/common.css
Frame ID: 1C6132F43F77C608ABB2756CF5996E12
Requests: 2 HTTP requests in this frame

Frame: https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/common.css
Frame ID: C6400DA200C9CA4117BD041DDF3BE7AF
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v2.3/plugins/share_button.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df32e4ee45d95104%26domain%3Dlifars.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flifars.com%252Fffc27efe3a97dc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&layout=button_count&locale=en_US&sdk=joey
Frame ID: AF7C87D905B0C15DF6412A00F17E4712
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FBI Flash Alert Warns on OnePercent Group Ransomware Attacks

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js
googletagmanager\.com/gtm\.js

Linkedin (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.linkedin\.com/in\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

MailChimp (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

chimpstatic\.com/mcjs-connected

Pinterest (Widgets) Expand

Overall confidence: 100%
Detected patterns

//assets\.pinterest\.com/js/pinit\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

118
Requests

99 %
HTTPS

0 %
IPv6

28
Domains

45
Subdomains

37
IPs

7
Countries

1526 kB
Transfer

4142 kB
Size

26
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ic3.gov/Media/News/2021/210823.pdf
Title: Flash Alert

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?guid=_Rv3i1GhjPvH-2&url=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&media=https%3A%2F%2Fi2.wp.com%2Flifars.com%2Fwp-content%2Fuploads%2F2021%2F09%2Fpurple-FBI-Flash-Alert-Warns-on-OnePercent-Group-Ransomware-Attacks-.jpg%3Ffit%3D1200%252C818%26ssl%3D1&description=FBI%20Flash%20Alert%20Warns%20on%20OnePercent%20Group%20Ransomware%20Attacks
Title: Save

Search URL Search Domain Scan URL

URL: https://qubitconference.com/
Title: QuBit Conference

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/lifars

Search URL Search Domain Scan URL

URL: https://twitter.com/lifarsllc

Search URL Search Domain Scan URL

URL: https://www.facebook.com/lifarsLLC

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCbZtLfSAeowd_9MSc7S1NHw

Search URL Search Domain Scan URL

URL: https://www.reddit.com/domain/lifars.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=696521&time=1631683177951&url=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D696521%26time%3D1631683177951%26url%3Dhttps%253A%252F%252Flifars.com%252F2021%252F09%252Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=696521&time=1631683177951&url=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&liSync=true

Request Chain 76

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/954568561/?random=1248892543&cv=9&fst=1631683177942&num=1&value=0&label=K09ICLatzXAQ8Z6WxwM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9d0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&tiba=FBI%20Flash%20Alert%20Warns%20on%20OnePercent%20Group%20Ransomware%20Attacks&auid=241330893.1631683178&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=aoJBYbXlA7O4-waykL-ABQ&sscte=1&crd=&eitems=ChEI8JCBigYQrK7W85Om8ofXARIdAFCfcvDK10nq4DQ2mHuF_ZfNSCtVErftqxTu36w HTTP 302
https://www.google.com/pagead/1p-conversion/954568561/?random=1248892543&cv=9&fst=1631683177942&num=1&value=0&label=K09ICLatzXAQ8Z6WxwM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9d0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&tiba=FBI%20Flash%20Alert%20Warns%20on%20OnePercent%20Group%20Ransomware%20Attacks&auid=241330893.1631683178&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=aoJBYbXlA7O4-waykL-ABQ&eitems=ChEI8JCBigYQrK7W85Om8ofXARIdAFCfcvCGBgtsdXTuLpv49VSiyIZUCdceP6yLfQo&random=3858324721&resp=GooglemKTybQhCsO

Request Chain 94

https://sb.scorecardresearch.com/b?c1=2&c2=15742520&ns__t=1631683178362&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Tumblr&c7=https%3A%2F%2Fembed.tumblr.com%2Fwidgets%2Fshare%2Fbutton%3FcanonicalUrl%3Dhttps%253A%252F%252Flifars.com%252F2021%252F09%252Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%252F%26postcontent%255Btitle%255D%3DFBI%2520Flash%2520Alert%2520Warns%2520on%2520OnePercent%2520Group%2520Ransomware%2520Attacks%26postcontent%255Bcontent%255D%3Dhttps%253A%252F%252Flifars.com%252F2021%252F09%252Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%252F&c9=https%3A%2F%2Flifars.com%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=15742520&ns__t=1631683178362&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Tumblr&c7=https%3A%2F%2Fembed.tumblr.com%2Fwidgets%2Fshare%2Fbutton%3FcanonicalUrl%3Dhttps%253A%252F%252Flifars.com%252F2021%252F09%252Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%252F%26postcontent%255Btitle%255D%3DFBI%2520Flash%2520Alert%2520Warns%2520on%2520OnePercent%2520Group%2520Ransomware%2520Attacks%26postcontent%255Bcontent%255D%3Dhttps%253A%252F%252Flifars.com%252F2021%252F09%252Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%252F&c9=https%3A%2F%2Flifars.com%2F

118 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/ 87 KB
16 KB 1333ms
1108ms Document
text/html 208.97.144.40
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.97.144.40 , United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

wp472643.dreamhostps.com

Software

Apache /

Resource Hash

f9234615aeb87efb6248b57ef68b317531da86a1fa373753325757c491158660

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: lifars.com
:scheme: https
:path: /2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 15 Sep 2021 05:19:25 GMT
content-type: text/html; charset=UTF-8
server: Apache
link: <https://lifars.com/wp-json/>; rel="https://api.w.org/", <https://lifars.com/wp-json/wp/v2/posts/29179>; rel="alternate"; type="application/json", <https://lifa.rs/2Xd3arS>; rel=shortlink
x-content-type-options: nosniff
permissions-policy: microphone=();camera=();
x-frame-options: SAMEORIGIN
cache-control: max-age=600
expires: Wed, 15 Sep 2021 05:29:24 GMT
vary: User-Agent
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-cacheable: YES
x-varnish: 1265898038
age: 0
content-encoding: br

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
41 KB 90ms
41ms Script
application/javascript 142.250.180.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-60073856-1

Requested by

Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s32-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ff1ba4069a3a0f2327b2cd2659d811dc8c38286a8e3e47a7d68736d89d0a3779

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41193
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Sep 2021 05:19:37 GMT

GET
H2 200 autoptimize_5d22bb3c81ae43bbc735ebca4f0821a7.css
lifars.com/wp-content/cache/autoptimize/css/ 327 KB
48 KB 208ms
208ms Stylesheet
text/css 208.97.144.40
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lifars.com/wp-content/cache/autoptimize/css/autoptimize_5d22bb3c81ae43bbc735ebca4f0821a7.css

Requested by

Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.97.144.40 , United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

wp472643.dreamhostps.com

Software

Apache /

Resource Hash

f34a3b4eedd90e339b0f6fd7f84e0b4545e7d32272235472dfd21c4bae21c52e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/cache/autoptimize/css/autoptimize_5d22bb3c81ae43bbc735ebca4f0821a7.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: lifars.com
referer: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:25 GMT
content-encoding: br
x-content-type-options: nosniff
x-cacheable: YES
age: 0
vary: User-Agent,Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 07 Sep 2021 20:00:27 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: W/"51cf9-5cb6d3788be0f"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-varnish: 1265898040
cache-control: max-age=31536000, public, must-revalidate
permissions-policy: microphone=();camera=();
content-type: text/css
expires: Mon, 05 Sep 2022 05:19:25 GMT

GET
H2 200 jquery.min.js Show response
lifars.com/wp-content/themes/lifars/build/js/ 87 KB
30 KB 171ms
171ms Script
application/javascript 208.97.144.40
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lifars.com/wp-content/themes/lifars/build/js/jquery.min.js?ver=1602867320

Requested by

Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.97.144.40 , United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

wp472643.dreamhostps.com

Software

Apache /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/lifars/build/js/jquery.min.js?ver=1602867320
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: lifars.com
referer: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:25 GMT
content-encoding: br
x-content-type-options: nosniff
x-cacheable: NO:Not Cacheable
age: 0
vary: User-Agent,Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 16 Oct 2020 16:55:20 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: W/"15d84-5b1cca1481946"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-varnish: 1265898041
cache-control: max-age=31536000, private, must-revalidate
permissions-policy: microphone=();camera=();
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 15 Oct 2021 05:19:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 44ms
43ms Script
application/javascript 142.250.180.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-954568561

Requested by

Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s32-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

05a45d93f91801ac5e17ac7191af256ca8af55f086788c8b38a8af5e94eb3068

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39201
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Sep 2021 05:19:37 GMT

GET
H2 200 pinit_fg_en_rect_gray_20.png
assets.pinterest.com/images/pidgets/ 908 B
1 KB 39ms
13ms Image
image/png 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.pinterest.com/images/pidgets/pinit_fg_en_rect_gray_20.png
Requested by: Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-209.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3aec2b233c010f1f2213ecf8360d509f3eeca34f69d162335aefa01fe0035e2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-cdn: akamai
etag: "8a25277cfdf72f8f916b4cdc34052149"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=58678
accept-ranges: bytes
content-length: 908
access-control-expose-headers: X-CDN

GET
H2 200 Cyber-Email-Newsletter.jpg
lifars.com/wp-content/uploads/2020/07/ 25 KB
25 KB 105ms
101ms Image
image/jpeg 208.97.144.40
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lifars.com/wp-content/uploads/2020/07/Cyber-Email-Newsletter.jpg

Requested by

Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.97.144.40 , United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

wp472643.dreamhostps.com

Software

Apache /

Resource Hash

398bfc9f9c02f7a58f98c56f5a22adcb4d92147ff182579440f53f337d870a8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/07/Cyber-Email-Newsletter.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: lifars.com
referer: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:26 GMT
x-content-type-options: nosniff
x-cacheable: YES
age: 0
vary: User-Agent
content-length: 25355
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 26 Jul 2021 13:50:28 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "630b-5c80709362bc3"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-varnish: 1265898042
cache-control: max-age=31536000, public, must-revalidate
permissions-policy: microphone=();camera=();
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 15 Oct 2021 05:19:26 GMT

GET
H2 200 LIFARS-Cyber-Security-Video-Gallery.jpg
lifars.com/wp-content/uploads/2020/07/ 126 KB
127 KB 204ms
200ms Image
image/jpeg 208.97.144.40
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lifars.com/wp-content/uploads/2020/07/LIFARS-Cyber-Security-Video-Gallery.jpg

Requested by

Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.97.144.40 , United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

wp472643.dreamhostps.com

Software

Apache /

Resource Hash

54075f5b877a320dda87848acbd7adbbe8c5edf822956a897d38af3627bdb2c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/07/LIFARS-Cyber-Security-Video-Gallery.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: lifars.com
referer: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:26 GMT
x-content-type-options: nosniff
x-cacheable: YES
age: 0
vary: User-Agent
content-length: 129072
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 26 Jul 2021 13:50:28 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "1f830-5c80709365aa2"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-varnish: 1265898043
cache-control: max-age=31536000, public, must-revalidate
permissions-policy: microphone=();camera=();
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 15 Oct 2021 05:19:26 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 118 KB
44 KB 47ms
44ms Script
application/javascript 142.250.180.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-54MKD2

Requested by

Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s32-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

5458d5c2bd620635c13973f3f27492855e9e9650f14349ee319f0aa5bd059a3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44728
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Sep 2021 05:19:37 GMT

GET
H2 200 114.png
lifars.com/wp-content/plugins/wpfront-scroll-top/images/icons/ 958 B
1 KB 203ms
200ms Image
image/png 208.97.144.40
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lifars.com/wp-content/plugins/wpfront-scroll-top/images/icons/114.png

Requested by

Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.97.144.40 , United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

wp472643.dreamhostps.com

Software

Apache /

Resource Hash

7c2a248c901ae688a4f9b377b4db8b75201b754d5c069934003d967e926bf134

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/wpfront-scroll-top/images/icons/114.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: lifars.com
referer: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:26 GMT
x-content-type-options: nosniff
x-cacheable: YES
age: 0
vary: User-Agent,Accept-Encoding
content-length: 958
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 17 Aug 2021 13:13:53 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "3be-5c9c116e7fe20"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-varnish: 1265898045
cache-control: max-age=31536000, public, must-revalidate
permissions-policy: microphone=();camera=();
accept-ranges: bytes
content-type: image/png
expires: Fri, 15 Oct 2021 05:19:26 GMT

GET
H2 200 loading.gif
lifars.com/wp-content/plugins/jetpack/modules/sharedaddy/images/ 2 KB
3 KB 107ms
103ms Image
image/gif 208.97.144.40
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lifars.com/wp-content/plugins/jetpack/modules/sharedaddy/images/loading.gif

Requested by

Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.97.144.40 , United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

wp472643.dreamhostps.com

Software

Apache /

Resource Hash

3fa54e29f88aee644eaaac38e11681ea07858eb1ea76b1baae12597aae83fe82

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/jetpack/modules/sharedaddy/images/loading.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: lifars.com
referer: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:26 GMT
x-content-type-options: nosniff
x-cacheable: YES
age: 0
vary: User-Agent
content-length: 2530
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 07 Sep 2021 20:00:17 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "9e2-5cb6d36f4ae52"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-varnish: 1265898044
cache-control: max-age=31536000, public, must-revalidate
permissions-policy: microphone=();camera=();
accept-ranges: bytes
content-type: image/gif
expires: Fri, 15 Oct 2021 05:19:26 GMT

GET
H2 200 share-button.js Show response
assets.tumblr.com/ 11 KB
4 KB 78ms
6ms Script
application/javascript 192.0.77.40
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.tumblr.com/share-button.js

Requested by

Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

assets.tumblr.com

Software

nginx /

Resource Hash

c08c35c552b481fe913ad66c4f71e429ccd8ff9aadd726387f8fa2606c7d12c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload, max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 15 Sep 2021 05:19:37 GMT
content-encoding: br
last-modified: Wed, 21 Oct 2020 05:06:36 GMT
server: nginx
etag: W/"5f8fc1dc-2d2f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
strict-transport-security: max-age=31536000; preload, max-age=31536000; preload
timing-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 e-202137.js Show response
stats.wp.com/ 9 KB
3 KB 28ms
5ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202137.js
Requested by: Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn
date: Wed, 15 Sep 2021 05:19:37 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 04 Sep 2022 22:22:09 GMT

GET
H2 200 autoptimize_d678bc50c414bfa2dcb7b62138c28f6c.js Show response
lifars.com/wp-content/cache/autoptimize/js/ 119 KB
32 KB 206ms
202ms Script
application/javascript 208.97.144.40
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lifars.com/wp-content/cache/autoptimize/js/autoptimize_d678bc50c414bfa2dcb7b62138c28f6c.js

Requested by

Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.97.144.40 , United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

wp472643.dreamhostps.com

Software

Apache /

Resource Hash

595e2f7c6f1d7189f77b8825127b148536b6e6d8c186bd3feacdc3955cbe3b3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/cache/autoptimize/js/autoptimize_d678bc50c414bfa2dcb7b62138c28f6c.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: lifars.com
referer: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:26 GMT
content-encoding: br
x-content-type-options: nosniff
x-cacheable: NO:Cache-Control=private
age: 0
vary: User-Agent,Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 07 Sep 2021 20:00:27 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: W/"1dcf6-5cb6d37881232"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-varnish: 1265898048
cache-control: max-age=31536000, private, must-revalidate
permissions-policy: microphone=();camera=();
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 05 Sep 2022 05:19:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 67ms
17ms Script
text/javascript 142.250.180.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-60073856-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s32-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 5848
date: Wed, 15 Sep 2021 03:42:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 15 Sep 2021 05:42:09 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 134ms
44ms Script
application/javascript 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:37 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 18:27:37 GMT
x-msedge-ref: Ref A: 5665D017511241DA9B845E198F10A288 Ref B: PRG01EDGE0717 Ref C: 2021-09-15T05:19:37Z
etag: "80f2963dde83d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9024

GET
H/1.1 200
OK 1b1367cf3302d746e393df002.js Show response
chimpstatic.com/mcjs-connected/js/users/7ef36ba4621087543ba16eec9/ 2 KB
1 KB 182ms
111ms Script
application/javascript 104.117.198.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://chimpstatic.com/mcjs-connected/js/users/7ef36ba4621087543ba16eec9/1b1367cf3302d746e393df002.js
Requested by: Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.117.198.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-198-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f845e3aa4da8aff378789d49c35593ae96dd0a807470ada3dea84d14d4630be1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency: 102, 100, 100
Date: Wed, 15 Sep 2021 05:19:37 GMT
Content-Encoding: gzip
x-amz-request-id: A08A574F53ECA41B
X-EdgeConnect-MidMile-RTT: 0, 2, 0
Connection: keep-alive
Content-Length: 704
x-amz-id-2: 3IGAkl9Z0OCCzxqwiByDlVsX0yA2uJq6PWCxLqQe7k4ZlgBDvsLacJyHvCdSGbOkpe5HPJd4RPM=
Last-Modified: Fri, 14 Aug 2020 19:27:44 GMT
Server: AmazonS3
ETag: "5b8b2e7029630c2e0ce9919494215371"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1800
Accept-Ranges: bytes
Expires: Wed, 15 Sep 2021 05:49:37 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 113ms
35ms Script
application/x-javascript 185.60.218.24
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.218.24 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-otp1.fbcdn.net

Software

Resource Hash

335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25999
x-xss-protection: 0
pragma: public
x-fb-debug: PdA0kkUT+5EvwOHY8/HQitaSV7PqBiJLb/0+2/zH4aKm5JeMb5OrfOFKaP/OBONHo+t7LRFVoc/yt6vGgOhKeQ==
x-fb-trip-id: 1082456386
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 15 Sep 2021 05:19:37 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 55ms
53ms Script
application/javascript 142.250.180.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-954568561&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-60073856-1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s32-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3bbe9d873df06ac24c158445c3c98e4a0ab7836dc7cccccdc5df468cb223bf23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39214
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Sep 2021 05:19:37 GMT

GET
H/1.1 200
OK 3b0c19c698cedcb5231140be7.js Show response
chimpstatic.com/mcjs-connected/js/users/7ef36ba4621087543ba16eec9/ 50 B
716 B 444ms
374ms Script
application/javascript 104.117.198.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://chimpstatic.com/mcjs-connected/js/users/7ef36ba4621087543ba16eec9/3b0c19c698cedcb5231140be7.js
Requested by: Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.117.198.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-198-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency: 94, 108, 98
Date: Wed, 15 Sep 2021 05:19:38 GMT
Last-Modified: Fri, 14 Aug 2020 19:27:44 GMT
Server: AmazonS3
x-amz-request-id: FQ1FQW6J74S17JGH
X-EdgeConnect-MidMile-RTT: 0, 0, 0
ETag: "104d46a3208b40e8ded389332f5a78a3"
Content-Type: application/javascript
Cache-Control: max-age=1750
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 50
x-amz-id-2: eLVwUxkS49ESydig2zr6RPTEPjtSuvo+Hhf3osyYKnUzOA7rCnn7qNdNXCNfqu9dxOqyKCpI41s=
Expires: Wed, 15 Sep 2021 05:48:48 GMT

GET
H2 200 button1.html Show response
www.reddit.com/static/button/ Frame F982 5 KB
2 KB 32ms
10ms Document
text/html 151.101.13.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/static/button/button1.html?newwindow=true&width=120&url=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&title=FBI%20Flash%20Alert%20Warns%20on%20OnePercent%20Group%20Ransomware%20Attacks

Requested by

Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

599d1e06f6a9ce3441a595b193c542e5d92e675e93b0a062d3b293d0ea5dfbf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

:method: GET
:authority: www.reddit.com
:scheme: https
:path: /static/button/button1.html?newwindow=true&width=120&url=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&title=FBI%20Flash%20Alert%20Warns%20on%20OnePercent%20Group%20Ransomware%20Attacks
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://lifars.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/

Response headers

content-type: text/html
last-modified: Wed, 30 Jul 2014 19:09:19 GMT
etag: W/"ce91c4f683d32f8907f0e97f3fb93696"
content-encoding: gzip
x-moose: majestic
accept-ranges: bytes
date: Wed, 15 Sep 2021 05:19:37 GMT
via: 1.1 varnish
set-cookie: edgebucket=PHYFzvHi0rUdsG7LwE; Domain=reddit.com; Max-Age=63071999; Path=/; secure
cache-control: private, max-age=3600
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: snooserv
x-clacks-overhead: GNU Terry Pratchett
content-length: 1801

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 symbol-defs.svg
lifars.com/wp-content/themes/lifars/build/images/svg/ 16 KB
16 KB 103ms
102ms Other
image/svg+xml 208.97.144.40
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lifars.com/wp-content/themes/lifars/build/images/svg/symbol-defs.svg?ver1533657233

Requested by

Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.97.144.40 , United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

wp472643.dreamhostps.com

Software

Apache /

Resource Hash

5b089a492f1878aa62adf1350f58cc82bd4c09baa0b86f088520bab03af30c6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/lifars/build/images/svg/symbol-defs.svg?ver1533657233
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: same-origin
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: lifars.com
referer: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:26 GMT
x-content-type-options: nosniff
x-cacheable: YES
age: 643780
vary: User-Agent
content-length: 16002
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 07 Aug 2018 15:53:53 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "3e82-572da66948640"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-varnish: 1265898046 1265530704
cache-control: max-age=31536000, public, must-revalidate
permissions-policy: microphone=();camera=();
accept-ranges: bytes
content-type: image/svg+xml
expires: Thu, 07 Oct 2021 18:29:46 GMT

GET
H2 200 search-light-gray.svg
lifars.com/wp-content/themes/lifars/build/images/svg/ 478 B
955 B 101ms
101ms Image
image/svg+xml 208.97.144.40
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lifars.com/wp-content/themes/lifars/build/images/svg/search-light-gray.svg

Requested by

Host: lifars.com
URL: https://lifars.com/wp-content/cache/autoptimize/css/autoptimize_5d22bb3c81ae43bbc735ebca4f0821a7.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.97.144.40 , United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

wp472643.dreamhostps.com

Software

Apache /

Resource Hash

55a5396caf11b9897da61286ec53429a92e1ab6880967170ee86234f8247b956

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/lifars/build/images/svg/search-light-gray.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: lifars.com
referer: https://lifars.com/wp-content/cache/autoptimize/css/autoptimize_5d22bb3c81ae43bbc735ebca4f0821a7.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/wp-content/cache/autoptimize/css/autoptimize_5d22bb3c81ae43bbc735ebca4f0821a7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:26 GMT
x-content-type-options: nosniff
x-cacheable: YES
age: 643780
vary: User-Agent
content-length: 478
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 07 Aug 2018 15:53:53 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "1de-572da66948640"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-varnish: 1265898047 1265530705
cache-control: max-age=31536000, public, must-revalidate
permissions-policy: microphone=();camera=();
accept-ranges: bytes
content-type: image/svg+xml
expires: Thu, 07 Oct 2021 18:29:46 GMT

GET
H2 200 caret-right.svg
lifars.com/wp-content/themes/lifars/build/images/svg/ 8 KB
9 KB 197ms
196ms Image
image/svg+xml 208.97.144.40
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lifars.com/wp-content/themes/lifars/build/images/svg/caret-right.svg

Requested by

Host: lifars.com
URL: https://lifars.com/wp-content/cache/autoptimize/css/autoptimize_5d22bb3c81ae43bbc735ebca4f0821a7.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.97.144.40 , United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

wp472643.dreamhostps.com

Software

Apache /

Resource Hash

57ceffbd01b7178beb5c5c2a063d71afb2b47a6f13c8a86fd6dcc093a6b59060

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/lifars/build/images/svg/caret-right.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: lifars.com
referer: https://lifars.com/wp-content/cache/autoptimize/css/autoptimize_5d22bb3c81ae43bbc735ebca4f0821a7.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/wp-content/cache/autoptimize/css/autoptimize_5d22bb3c81ae43bbc735ebca4f0821a7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:26 GMT
x-content-type-options: nosniff
x-cacheable: YES
age: 643287
vary: User-Agent
content-length: 8496
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Feb 2020 03:38:44 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "2130-59e6cd370d8b3"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-varnish: 1265898049 1265531083
cache-control: max-age=31536000, public, must-revalidate
permissions-policy: microphone=();camera=();
accept-ranges: bytes
content-type: image/svg+xml
expires: Thu, 07 Oct 2021 18:37:58 GMT

GET
DATA 200
OK truncated
/ 7 KB
7 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cdf3f88beb166e98d2656e957b247c886d1702027559a290e74a02d58d950c8c

Request headers

Referer
Origin: https://lifars.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 open-sans-v15-latin-regular.woff2
lifars.com/wp-content/themes/lifars/assets/resources/font/open-sans/ 14 KB
14 KB 196ms
196ms Font
text/plain 208.97.144.40
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lifars.com/wp-content/themes/lifars/assets/resources/font/open-sans/open-sans-v15-latin-regular.woff2

Requested by

Host: lifars.com
URL: https://lifars.com/wp-content/cache/autoptimize/css/autoptimize_5d22bb3c81ae43bbc735ebca4f0821a7.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.97.144.40 , United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

wp472643.dreamhostps.com

Software

Apache /

Resource Hash

4959e89463a9467fbd929f85e9d62b347dbb7c4fb1d42fda16561dda4acb84fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/lifars/assets/resources/font/open-sans/open-sans-v15-latin-regular.woff2
pragma: no-cache
origin: https://lifars.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: lifars.com
referer: https://lifars.com/wp-content/cache/autoptimize/css/autoptimize_5d22bb3c81ae43bbc735ebca4f0821a7.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://lifars.com/wp-content/cache/autoptimize/css/autoptimize_5d22bb3c81ae43bbc735ebca4f0821a7.css
Origin: https://lifars.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:26 GMT
content-encoding: br
x-content-type-options: nosniff
x-cacheable: YES
age: 643779
vary: User-Agent,Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 29 Apr 2018 08:52:35 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: W/"36e0-56af8dbcf3ac9"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-varnish: 1265898050 1265530712
cache-control: max-age=31536000, public, must-revalidate
permissions-policy: microphone=();camera=();
content-type: text/plain
expires: Thu, 09 Sep 2021 18:29:46 GMT

GET
H/1.1 200
OK track.js Show response
serve.albacross.com/ 10 KB
5 KB 63ms
9ms Script
application/javascript 13.32.22.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://serve.albacross.com/track.js
Requested by: Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.22.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-22-39.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 38fbe56978cc73ba5a5f8c85b360f71aca125c2cd850a3cd6c3683385e388702

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 05:17:48 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 08 Apr 2021 13:13:21 GMT
Server: AmazonS3
Age: 109
ETag: W/"b769e9b4f23be6c9bab7c715fdf2526a"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
Cache-Control: max-age=120
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-C2
X-Amz-Cf-Id: A0zLNSAbGLzccOqPmchdQG2TzzcAzcgvn0Kj7uCCqoFmCw7KMMjoBA==

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 63ms
6ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669E) /
Resource Hash: 8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 05:19:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Aug 2021 20:34:57 GMT
Server: ECS (frb/669E)
Age: 213
Etag: "d405b816322f9770c70cbd10cfa87be4+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28872

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 37ms
35ms Script
application/x-javascript 185.60.218.24
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.218.24 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-otp1.fbcdn.net

Software

Resource Hash

6c5c6dca5d0b97a4346fd93db95a854e546e207f9827d72375e0c3b3c490a5e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: kOQBQnxd7sj1vRUsdcXXFA==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: HBbx//iC+bztaE2q6GOkYBFMyiEsjXZSoT/JVpVlfp6WftsFYLSZSImLCuD/3Qn8PITooikiZAprYISr+EZL4w==
x-fb-trip-id: 1082456386
x-fb-content-md5: c9b7b6df985dee4e7eeeacfe843e8fc1
x-frame-options: DENY
date: Wed, 15 Sep 2021 05:19:37 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "9cd1aa6d0da13412686f6e43c9094496"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 15 Sep 2021 05:25:48 GMT

GET
H2 200 skypewebsdk.js Show response
swx.cdn.skype.com/shared/v/latest/ 415 B
556 B 89ms
10ms Script
application/x-javascript 68.232.34.200
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://swx.cdn.skype.com/shared/v/latest/skypewebsdk.js
Requested by: Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.34.200 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frb/6791) /
Resource Hash: ffa9005d5fc8c04baa86f5e1d759c0873c88e32a9164e1b8ce87802ea3aa2c46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Sep 2021 05:19:37 GMT
content-encoding: gzip
content-md5: mpocD6xlbe0bgJ8Pv08HTw==
age: 273616
x-cache: HIT
content-length: 260
x-ms-lease-status: unlocked
last-modified: Thu, 29 Oct 2015 16:47:16 GMT
server: ECAcc (frb/6791)
etag: 0x8D2E0809A8DD755
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 48c9f4bb-601e-002f-3974-a765de000000
x-ms-version: 2009-09-19

GET
H2 200 pinit.js Show response
assets.pinterest.com/js/ 361 B
431 B 11ms
9ms Script
application/javascript 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit.js
Requested by: Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-209.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-encoding: br
x-cdn: akamai
etag: "62d32c28f14783b94192cd8d35bc010d"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=250
accept-ranges: bytes
content-length: 203
access-control-expose-headers: X-CDN

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 133ms
7ms Script
application/x-javascript 23.218.209.45
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.45 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-45.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 05:19:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Aug 2021 21:34:05 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=27517
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 6 KB
2 KB 31ms
7ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7e8ee8f9d56ca7e35629a7c16b9f1c09fbb1e7d19fe922833a2f4edec48bfeea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:37 GMT
content-encoding: gzip
last-modified: Wed, 25 Aug 2021 16:20:44 GMT
etag: "934b8997f9fc81b2d0e16fca4cd0b8bb+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-geo-cc_and_ra: DE-BY
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 2119
x-served-by: cache-iad-kiad7000144-IAD, cache-hhn11575-HHN

GET
H2 200 g.gif
pixel.wp.com/ 50 B
92 B 12ms
6ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.1&blog=144359790&post=29179&tz=-4&srv=lifars.com&host=lifars.com&ref=&fcp=1785&rand=0.9996126149442486
Requested by: Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:37 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 79ms
29ms Script
text/javascript 142.250.200.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-954568561

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.200.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f2.1e100.net

Software

cafe /

Resource Hash

a5feea0a78c0027e0565b6f0cb360b65e67d24c4300defb266fa9ff1dc89e4a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14047
x-xss-protection: 0
server: cafe
etag: 13691176309111193505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 05:19:37 GMT

GET
H2 200 button-embed.js Show response
www.reddit.com/static/button/ Frame F982 2 KB
3 KB 7ms
6ms Script
application/javascript 151.101.13.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/static/button/button-embed.js

Requested by

Host: www.reddit.com
URL: https://www.reddit.com/static/button/button1.html?newwindow=true&width=120&url=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&title=FBI%20Flash%20Alert%20Warns%20on%20OnePercent%20Group%20Ransomware%20Attacks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

03ee9438bb4014edc93a5a2d3069f2371a5e2e35e24b79527ec019790bc270b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reddit.com/static/button/button1.html?newwindow=true&width=120&url=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&title=FBI%20Flash%20Alert%20Warns%20on%20OnePercent%20Group%20Ransomware%20Attacks
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-moose: majestic
via: 1.1 varnish
x-clacks-overhead: GNU Terry Pratchett
last-modified: Wed, 22 Oct 2014 17:47:37 GMT
server: snooserv
etag: "f6e79e0098bfda54ca2e0e02da223645"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: private, max-age=3600
date: Wed, 15 Sep 2021 05:19:37 GMT
accept-ranges: bytes
content-length: 2536

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 50ms
24ms XHR
text/plain 142.250.180.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=73249277&t=pageview&_s=1&dl=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&ul=en-us&de=UTF-8&dt=FBI%20Flash%20Alert%20Warns%20on%20OnePercent%20Group%20Ransomware%20Attacks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=788300841&gjid=1939605426&cid=1075421864.1631683178&tid=UA-60073856-1&_gid=975010022.1631683178&_r=1&gtm=2ou9d0&z=1590719469

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s32-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lifars.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 05:19:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lifars.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 42ms
25ms XHR
text/plain 142.250.180.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=73249277&t=pageview&_s=1&dl=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&ul=en-us&de=UTF-8&dt=FBI%20Flash%20Alert%20Warns%20on%20OnePercent%20Group%20Ransomware%20Attacks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=1545557004&gjid=852824445&cid=1075421864.1631683178&tid=UA-60073856-1&_gid=975010022.1631683178&_r=1&_slc=1&z=1740669208

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s32-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lifars.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 05:19:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lifars.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 35ms
19ms Image
image/gif 142.250.180.14
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=73249277&t=pageview&_s=2&dl=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&ul=en-us&de=UTF-8&dt=FBI%20Flash%20Alert%20Warns%20on%20OnePercent%20Group%20Ransomware%20Attacks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=&gjid=&cid=1075421864.1631683178&tid=UA-60073856-1&_gid=975010022.1631683178&gtm=2ou9d0&z=639882040

Requested by

Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s32-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:51:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 84477
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame F982 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2a78959284e4cb23c9e1b47f7b69d90e6a274a894652c58511e81192b5280b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK embed.js Show response
downloads.mailchimp.com/js/signup-forms/popup/ 126 KB
46 KB 161ms
8ms Script
application/javascript 65.9.71.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/js/signup-forms/popup/embed.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54MKD2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 07442f2bc9e417e7e700d142493b5564d926d3b28a365632e87f9e0a1c992b70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 05:18:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Jul 2020 14:05:44 GMT
Server: AmazonS3
Age: 97
ETag: W/"0685931cf1dde37f88e2e0520bb8fcdc"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Cf-Id: 2Hn1qQxCWZ8vFUA6BrwffVwV0TaXgJqYMPXzz26OxT-cMj1MM89pYA==

GET
H2 404 button_info.json
buttons.reddit.com/ Frame F982 0
0 17ms
7ms Script
text/plain 151.101.13.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons.reddit.com/button_info.json?jsonp=buttonEmbed.parseSubmission&url=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F
Requested by: Host: www.reddit.com
URL: https://www.reddit.com/static/button/button-embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reddit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:37 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1631683178.898707,VS0,VE0
x-served-by: cache-fra19149-FRA
x-cache: MISS
content-type: text/plain
accept-ranges: bytes
content-length: 13
retry-after: 0
x-cache-hits: 0

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 66 KB
19 KB 7ms
7ms Script
application/javascript 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.8275914053504116
Requested by: Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-209.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 75ad585dd9aeca2614593614f6fd317e98b267e6595ffc18e9675e1c744b7a03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-encoding: br
x-cdn: akamai
etag: "0c6c6fa4aaa25b5091d9f0d1fe79700b"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=212
accept-ranges: bytes
content-length: 18683
access-control-expose-headers: X-CDN

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 228 KB
67 KB 69ms
34ms Script
application/x-javascript 185.60.218.24
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=a77ebaef7082db733d22c460d9747c96

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.218.24 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-otp1.fbcdn.net

Software

Resource Hash

9d018524b4a7d18f3829cdfd2962fb2e7fdca215115fe30ef3d6365df408e06c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://lifars.com/
Origin: https://lifars.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 2U79FrB72V0UsHhIsOeLGw==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 68405
x-fb-rlafr: 0
x-fb-debug: KS8dgsp5vM3uovmPovlsaEXdyD8xevMKtxxKdUWYvDte0F3TBnpQbPoUEcSCznShddtT9G1VIpsZrQd1lnfvIA==
x-fb-content-md5: 64c9a5f1c94fa9b01eb9d4ec2976c7f6
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 15 Sep 2021 05:19:37 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "71f1c550e29dc2663a877abbb29eb08e"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 15 Sep 2022 05:03:56 GMT

GET
H3 200 252325295512279 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 203ms
167ms Script
application/x-javascript 185.60.218.24
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/252325295512279?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.218.24 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-otp1.fbcdn.net

Software

Resource Hash

eda1204e38d1e54a68729fd3b1abb25ef0a989b822ace2b7580b8b2ea898b06e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 7kmd50Hyk3gizfC32gDmNkZuQMSoOzQ4C1oU0m3q80rY7lG/AKRpUWWq4XtzctmK2L1FJEhlDZ8pgTVz5QLvBw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 15 Sep 2021 05:19:38 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 25045877.js Show response
bat.bing.com/p/action/ 0
111 B 265ms
265ms Script
text/plain 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/25045877.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 15 Sep 2021 05:19:37 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: C87CD744252A46B49E863C84E1C265B4 Ref B: PRG01EDGE0717 Ref C: 2021-09-15T05:19:37Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
150 B 46ms
46ms Image
text/plain 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=25045877&Ver=2&mid=c0c2a05d-2272-4412-a85e-834a717f0610&sid=858d060015e411ec9b10e5e296bc7240&vid=858d0b2015e411ecb1ed1998f112ea36&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=FBI%20Flash%20Alert%20Warns%20on%20OnePercent%20Group%20Ransomware%20Attacks&p=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&r=&evt=pageLoad&msclkid=N&sv=1&rn=503886
Requested by: Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 15 Sep 2021 05:19:37 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 821BB37B29C4436597E923CF065972CA Ref B: PRG01EDGE0717 Ref C: 2021-09-15T05:19:37Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html Show response
platform.twitter.com/widgets/ Frame 115F 319 KB
103 KB 7ms
6ms Document
text/html 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Flifars.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://lifars.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 88652
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 15 Sep 2021 05:19:38 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 02 Aug 2021 20:33:53 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67F3)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 SkypeBootstrap.min.js Show response
swx.cdn.skype.com/shared/v/1.2.5/ 4 KB
2 KB 10ms
10ms Script
text/javascript 68.232.34.200
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://swx.cdn.skype.com/shared/v/1.2.5/SkypeBootstrap.min.js
Requested by: Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.34.200 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frb/66A5) /
Resource Hash: b03baa47be12bb9ec2a6e8c34b70c77d93e4495479638e6d08af06760dea8f80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Sep 2021 05:19:37 GMT
content-encoding: gzip
content-md5: eFHv4baRuzbahX9hdJWxIw==
age: 101264
x-cache: HIT
content-length: 1930
x-ms-lease-status: unlocked
last-modified: Fri, 12 Jun 2015 13:54:54 GMT
server: ECAcc (frb/66A5)
etag: 0x8D2732E7EF2F781
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 3f2cf74b-301e-0096-5405-a986d0000000
x-ms-version: 2009-09-19

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
660 B 231ms
117ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.3&p_id=Twitter&p_user_id=0&txn_id=o1tx1&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 15 Sep 2021 05:19:38 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 8226b34a8952618c22d72988461cd3f34addbc746f368404b9f6516b0e5a6d45
x-transaction: 1916491a7fd44d98
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
455 B 239ms
126ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.3&p_id=Twitter&p_user_id=0&txn_id=o1tx1&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F

Requested by

Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 15 Sep 2021 05:19:38 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: df992cfcae3b0d99ab68e53a71264b3f5e4423ec6af140c5d97190bc6e8569b8
x-transaction: a627cbfab37a3157
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
457 B 125ms
14ms XHR
text/plain 173.194.76.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-60073856-1&cid=1075421864.1631683178&jid=788300841&gjid=1939605426&_gid=975010022.1631683178&_u=YEBAAUAAAAAAAC~&z=170182062

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lifars.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 15 Sep 2021 05:19:38 GMT
content-type: text/plain
access-control-allow-origin: https://lifars.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
68 B 125ms
15ms XHR
text/plain 173.194.76.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-60073856-1&cid=1075421864.1631683178&jid=1545557004&gjid=852824445&_gid=975010022.1631683178&_u=YEDAAUABAAAAAC~&z=505989602

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lifars.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 15 Sep 2021 05:19:38 GMT
content-type: text/plain
access-control-allow-origin: https://lifars.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/954568561/ 2 KB
2 KB 5085ms
30ms Script
text/javascript 142.250.187.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/954568561/?random=1631683177939&cv=9&fst=1631683177939&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&tiba=FBI%20Flash%20Alert%20Warns%20on%20OnePercent%20Group%20Ransomware%20Attacks&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s33-in-f2.1e100.net

Software

cafe /

Resource Hash

d8da3044fd406caa2fe3fde7bbb11ef02d63f557790487968a24813c9298c3d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 05:19:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1071
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/954568561/ 2 KB
1 KB 132ms
34ms Script
text/javascript 142.250.200.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/954568561/?random=1631683177942&cv=9&fst=1631683177942&num=1&value=0&label=K09ICLatzXAQ8Z6WxwM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9d0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&tiba=FBI%20Flash%20Alert%20Warns%20on%20OnePercent%20Group%20Ransomware%20Attacks&auid=241330893.1631683178&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f2.1e100.net

Software

cafe /

Resource Hash

79223f7f938bb3d29ff1ec0258ba5a446ab629c1248dca329f3e239b85fc318c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 05:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1257
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 count.json Show response
widgets.pinterest.com/v1/urls/ 141 B
366 B 201ms
112ms Script
application/javascript 199.232.80.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&callback=PIN_1631683177947.f.callback[0]

Requested by

Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit_main.js?0.8275914053504116

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.80.84 Marseille, France, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

744eb6359f81a35112764e7e38aece5e56ddbb0d31fe3cb2a9e308fe98a90d66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 1
accept-ranges: none
x-pinterest-rid: 1537365333488921
expires: Wed, 15 Sep 2021 05:34:38 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=696521&time=1631683177951&url=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D696521%26time%3D1631683177951%26url%3Dhttps%253A%252F%252Flifars.com%252F2021%252...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=696521&time=1631683177951&url=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&liSync=true

0
57 B

135ms
135ms

Image
application/javascript

108.174.11.69
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=696521&time=1631683177951&url=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&liSync=true
Requested by: Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.11.69 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-11-69.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:38 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-eda6
content-type: application/javascript
content-length: 0
x-li-uuid: osVcuDTnpBbwUI8luyoAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?f=l
x-content-type-options: nosniff
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAXMAdg9QlqSW66LkjCyyA==
pragma: no-cache
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: BC6A6986F4604B5B8478DF0570CFF692 Ref B: PRG01EDGE1013 Ref C: 2021-09-15T05:19:38Z
x-frame-options: sameorigin
date: Wed, 15 Sep 2021 05:19:37 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=31536000
x-li-fabric: prod-ltx1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=696521&time=1631683177951&url=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/ 3 KB
3 KB 747ms
747ms XHR
application/json 208.97.144.40
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/?relatedposts=1

Requested by

Host: lifars.com
URL: https://lifars.com/wp-content/cache/autoptimize/js/autoptimize_d678bc50c414bfa2dcb7b62138c28f6c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.97.144.40 , United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

wp472643.dreamhostps.com

Software

Apache /

Resource Hash

eb45ee553189cf4c83cb0c28f72ef41fac54359207c0a08475267ce2e6344fef

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _gcl_au=1.1.241330893.1631683178; _ga=GA1.2.1075421864.1631683178; _gid=GA1.2.975010022.1631683178; _gat_gtag_UA_60073856_1=1; _gat=1; _uetsid=858d060015e411ec9b10e5e296bc7240; _uetvid=858d0b2015e411ecb1ed1998f112ea36; nQ_cookieId=d3e1ab8a-d564-9c40-a454-e1230a3bb401; nQ_userVisitId=07fb4697-9291-b175-648d-bcf32f531184
:path: /2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/?relatedposts=1
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: lifars.com
referer: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
x-requested-with: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:27 GMT
x-content-type-options: nosniff
x-cacheable: NO:Not Cacheable
age: 0
vary: User-Agent
content-length: 3103
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: Apache
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-varnish: 1265898051
cache-control: max-age=172800
permissions-policy: microphone=();camera=();
accept-ranges: bytes
content-type: application/json; charset=utf-8
expires: Fri, 17 Sep 2021 05:19:26 GMT

GET
H2 200 btn.js Show response
widgets.getpocket.com/v1/j/ 2 KB
1 KB 92ms
13ms Script
application/javascript 52.222.179.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.getpocket.com/v1/j/btn.js?v=1
Requested by: Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-116.ham50.r.cloudfront.net
Software: Apache/2.4.25 (Debian) /
Resource Hash: 5aa869ba3a3f7a8883a0e6457ebaea6bb7c9069e296bdc166ce30431d318bb90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:25:12 GMT
content-encoding: gzip
last-modified: Tue, 14 Sep 2021 17:15:06 GMT
server: Apache/2.4.25 (Debian)
age: 3491
etag: "90b-5cbf7b913da80-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: https://pocket.com,https://getpocket.com,https://widgets.getpocket.com
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
content-length: 1037
via: 1.1 ce9a2abd25eed1f472711c23f8a0adaf.cloudfront.net (CloudFront)
x-amz-cf-id: Ys3UPeSksR4LU_rBaau2HTJJIIWGScGhDLw5svQ7S-l8E8KMXCSgDQ==

GET
H/1.1 200
OK in.js Show response
platform.linkedin.com/ 201 KB
61 KB 59ms
7ms Script
text/javascript 2.16.106.114
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.linkedin.com/in.js?async=true
Requested by: Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.106.114 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-106-114.deploy.static.akamaitechnologies.com
Software: Play /
Resource Hash: 149df2a43242f35804b8e953f3edfc266ca3631444559cdf5950473259b1c67f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-LI-UUID: tqDa0L3lpBZg+dg8mSsAAA==
Date: Wed, 15 Sep 2021 05:19:38 GMT
Content-Encoding: gzip
X-CDN-CLIENT-IP-VERSION: IPV4
Server: Play
X-Li-Pop: prod-edc2
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=3600
Connection: keep-alive
X-LI-Proto: http/1.1
Content-Length: 62393
X-CDN: AKAM
X-Li-Fabric: prod-lva1
Expires: Wed, 15 Sep 2021 05:52:48 GMT

GET
H2 200 button Show response
embed.tumblr.com/widgets/share/ Frame A95B 22 KB
7 KB 129ms
123ms Document
text/html 192.0.77.40
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tumblr.com/widgets/share/button?canonicalUrl=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&postcontent%5Btitle%5D=FBI%20Flash%20Alert%20Warns%20on%20OnePercent%20Group%20Ransomware%20Attacks&postcontent%5Bcontent%5D=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F

Requested by

Host: assets.tumblr.com
URL: https://assets.tumblr.com/share-button.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

assets.tumblr.com

Software

nginx /

Resource Hash

16aa0dbb1edd73528575d50438700a8a4b81af02a8361fddab651cb26f88b869

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: embed.tumblr.com
:scheme: https
:path: /widgets/share/button?canonicalUrl=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&postcontent%5Btitle%5D=FBI%20Flash%20Alert%20Warns%20on%20OnePercent%20Group%20Ransomware%20Attacks&postcontent%5Bcontent%5D=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://lifars.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/

Response headers

server: nginx
date: Wed, 15 Sep 2021 05:19:38 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-rid: 4b05865f6b9defd71fa9ceeccddc571e
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-robots-tag: noindex
cache-control: max-age=120
x-ua-compatible: IE=Edge,chrome=1
content-encoding: br
x-nc: MISS hhn 1
access-control-allow-origin: *
strict-transport-security: max-age=31536000; preload

GET
H2 200 montserrat-v12-latin-regular.woff2
lifars.com/wp-content/themes/lifars/assets/resources/font/montserrat/ 18 KB
19 KB 105ms
104ms Font
text/plain 208.97.144.40
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lifars.com/wp-content/themes/lifars/assets/resources/font/montserrat/montserrat-v12-latin-regular.woff2

Requested by

Host: lifars.com
URL: https://lifars.com/wp-content/cache/autoptimize/css/autoptimize_5d22bb3c81ae43bbc735ebca4f0821a7.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.97.144.40 , United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

wp472643.dreamhostps.com

Software

Apache /

Resource Hash

f4ea8fdaa8cf7d780d60fc5e2c5980f7de2093f80b1b9bea84b06f8bd990426e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://lifars.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: _gcl_au=1.1.241330893.1631683178; _ga=GA1.2.1075421864.1631683178; _gid=GA1.2.975010022.1631683178; _gat_gtag_UA_60073856_1=1; _gat=1; _uetsid=858d060015e411ec9b10e5e296bc7240; _uetvid=858d0b2015e411ecb1ed1998f112ea36; nQ_cookieId=d3e1ab8a-d564-9c40-a454-e1230a3bb401; nQ_userVisitId=07fb4697-9291-b175-648d-bcf32f531184
:path: /wp-content/themes/lifars/assets/resources/font/montserrat/montserrat-v12-latin-regular.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: lifars.com
referer: https://lifars.com/wp-content/cache/autoptimize/css/autoptimize_5d22bb3c81ae43bbc735ebca4f0821a7.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://lifars.com/wp-content/cache/autoptimize/css/autoptimize_5d22bb3c81ae43bbc735ebca4f0821a7.css
Origin: https://lifars.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:26 GMT
content-encoding: br
x-content-type-options: nosniff
x-cacheable: YES
age: 643780
vary: User-Agent,Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 29 Apr 2018 08:52:35 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: W/"48fc-56af8dbcf3ac9"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-varnish: 1265898053 1265530706
cache-control: max-age=31536000, public, must-revalidate
permissions-policy: microphone=();camera=();
content-type: text/plain
expires: Thu, 09 Sep 2021 18:29:46 GMT

GET
H2 200 montserrat-v12-latin-500.woff2
lifars.com/wp-content/themes/lifars/assets/resources/font/montserrat/ 18 KB
19 KB 103ms
103ms Font
text/plain 208.97.144.40
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lifars.com/wp-content/themes/lifars/assets/resources/font/montserrat/montserrat-v12-latin-500.woff2

Requested by

Host: lifars.com
URL: https://lifars.com/wp-content/cache/autoptimize/css/autoptimize_5d22bb3c81ae43bbc735ebca4f0821a7.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.97.144.40 , United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

wp472643.dreamhostps.com

Software

Apache /

Resource Hash

0acfb99792103338e34645b65a7fb22e96e2440288250bb4b3828dcecc32ccea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://lifars.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: _gcl_au=1.1.241330893.1631683178; _ga=GA1.2.1075421864.1631683178; _gid=GA1.2.975010022.1631683178; _gat_gtag_UA_60073856_1=1; _gat=1; _uetsid=858d060015e411ec9b10e5e296bc7240; _uetvid=858d0b2015e411ecb1ed1998f112ea36; nQ_cookieId=d3e1ab8a-d564-9c40-a454-e1230a3bb401; nQ_userVisitId=07fb4697-9291-b175-648d-bcf32f531184
:path: /wp-content/themes/lifars/assets/resources/font/montserrat/montserrat-v12-latin-500.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: lifars.com
referer: https://lifars.com/wp-content/cache/autoptimize/css/autoptimize_5d22bb3c81ae43bbc735ebca4f0821a7.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://lifars.com/wp-content/cache/autoptimize/css/autoptimize_5d22bb3c81ae43bbc735ebca4f0821a7.css
Origin: https://lifars.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:26 GMT
content-encoding: br
x-content-type-options: nosniff
x-cacheable: YES
age: 643780
vary: User-Agent,Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 29 Apr 2018 08:52:35 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: W/"4928-56af8dbcf2b29"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-varnish: 1265898052 1265530707
cache-control: max-age=31536000, public, must-revalidate
permissions-policy: microphone=();camera=();
content-type: text/plain
expires: Thu, 09 Sep 2021 18:29:46 GMT

GET
H2 200 montserrat-v12-latin-500italic.woff2
lifars.com/wp-content/themes/lifars/assets/resources/font/montserrat/ 19 KB
19 KB 105ms
105ms Font
text/plain 208.97.144.40
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lifars.com/wp-content/themes/lifars/assets/resources/font/montserrat/montserrat-v12-latin-500italic.woff2

Requested by

Host: lifars.com
URL: https://lifars.com/wp-content/cache/autoptimize/css/autoptimize_5d22bb3c81ae43bbc735ebca4f0821a7.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.97.144.40 , United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

wp472643.dreamhostps.com

Software

Apache /

Resource Hash

b732e23d085be49cda727e08676df1902200e23383ef7b32c84bd04d45e0f33c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://lifars.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: _gcl_au=1.1.241330893.1631683178; _ga=GA1.2.1075421864.1631683178; _gid=GA1.2.975010022.1631683178; _gat_gtag_UA_60073856_1=1; _gat=1; _uetsid=858d060015e411ec9b10e5e296bc7240; _uetvid=858d0b2015e411ecb1ed1998f112ea36; nQ_cookieId=d3e1ab8a-d564-9c40-a454-e1230a3bb401; nQ_userVisitId=07fb4697-9291-b175-648d-bcf32f531184
:path: /wp-content/themes/lifars/assets/resources/font/montserrat/montserrat-v12-latin-500italic.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: lifars.com
referer: https://lifars.com/wp-content/cache/autoptimize/css/autoptimize_5d22bb3c81ae43bbc735ebca4f0821a7.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://lifars.com/wp-content/cache/autoptimize/css/autoptimize_5d22bb3c81ae43bbc735ebca4f0821a7.css
Origin: https://lifars.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:26 GMT
content-encoding: br
x-content-type-options: nosniff
x-cacheable: YES
age: 643780
vary: User-Agent,Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 29 Apr 2018 08:52:35 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: W/"4af8-56af8dbcf2b29"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-varnish: 1265898054 1265530708
cache-control: max-age=31536000, public, must-revalidate
permissions-policy: microphone=();camera=();
content-type: text/plain
expires: Thu, 09 Sep 2021 18:29:46 GMT

GET
H2 200 montserrat-v12-latin-600.woff2
lifars.com/wp-content/themes/lifars/assets/resources/font/montserrat/ 18 KB
19 KB 106ms
106ms Font
text/plain 208.97.144.40
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lifars.com/wp-content/themes/lifars/assets/resources/font/montserrat/montserrat-v12-latin-600.woff2

Requested by

Host: lifars.com
URL: https://lifars.com/wp-content/cache/autoptimize/css/autoptimize_5d22bb3c81ae43bbc735ebca4f0821a7.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.97.144.40 , United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

wp472643.dreamhostps.com

Software

Apache /

Resource Hash

dfdb72efc57dccdb7a16cf417adb4d97fa3238860265b354e6e8a3799789a217

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://lifars.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: _gcl_au=1.1.241330893.1631683178; _ga=GA1.2.1075421864.1631683178; _gid=GA1.2.975010022.1631683178; _gat_gtag_UA_60073856_1=1; _gat=1; _uetsid=858d060015e411ec9b10e5e296bc7240; _uetvid=858d0b2015e411ecb1ed1998f112ea36; nQ_cookieId=d3e1ab8a-d564-9c40-a454-e1230a3bb401; nQ_userVisitId=07fb4697-9291-b175-648d-bcf32f531184
:path: /wp-content/themes/lifars/assets/resources/font/montserrat/montserrat-v12-latin-600.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: lifars.com
referer: https://lifars.com/wp-content/cache/autoptimize/css/autoptimize_5d22bb3c81ae43bbc735ebca4f0821a7.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://lifars.com/wp-content/cache/autoptimize/css/autoptimize_5d22bb3c81ae43bbc735ebca4f0821a7.css
Origin: https://lifars.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:26 GMT
content-encoding: br
x-content-type-options: nosniff
x-cacheable: YES
age: 643780
vary: User-Agent,Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 29 Apr 2018 08:52:35 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: W/"4940-56af8dbcf2b29"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-varnish: 1265898055 1265530709
cache-control: max-age=31536000, public, must-revalidate
permissions-policy: microphone=();camera=();
content-type: text/plain
expires: Thu, 09 Sep 2021 18:29:46 GMT

GET
H2 200 montserrat-v12-latin-600italic.woff2
lifars.com/wp-content/themes/lifars/assets/resources/font/montserrat/ 19 KB
19 KB 108ms
107ms Font
text/plain 208.97.144.40
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lifars.com/wp-content/themes/lifars/assets/resources/font/montserrat/montserrat-v12-latin-600italic.woff2

Requested by

Host: lifars.com
URL: https://lifars.com/wp-content/cache/autoptimize/css/autoptimize_5d22bb3c81ae43bbc735ebca4f0821a7.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.97.144.40 , United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

wp472643.dreamhostps.com

Software

Apache /

Resource Hash

195a3d0f256509759fc4d0657facda1b2d0bc5feceaa955b49e73d9805f3fa4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://lifars.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: _gcl_au=1.1.241330893.1631683178; _ga=GA1.2.1075421864.1631683178; _gid=GA1.2.975010022.1631683178; _gat_gtag_UA_60073856_1=1; _gat=1; _uetsid=858d060015e411ec9b10e5e296bc7240; _uetvid=858d0b2015e411ecb1ed1998f112ea36; nQ_cookieId=d3e1ab8a-d564-9c40-a454-e1230a3bb401; nQ_userVisitId=07fb4697-9291-b175-648d-bcf32f531184
:path: /wp-content/themes/lifars/assets/resources/font/montserrat/montserrat-v12-latin-600italic.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: lifars.com
referer: https://lifars.com/wp-content/cache/autoptimize/css/autoptimize_5d22bb3c81ae43bbc735ebca4f0821a7.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://lifars.com/wp-content/cache/autoptimize/css/autoptimize_5d22bb3c81ae43bbc735ebca4f0821a7.css
Origin: https://lifars.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:26 GMT
content-encoding: br
x-content-type-options: nosniff
x-cacheable: YES
age: 643780
vary: User-Agent,Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 29 Apr 2018 08:52:35 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: W/"4b60-56af8dbcf2b29"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-varnish: 1265898056 1265530710
cache-control: max-age=31536000, public, must-revalidate
permissions-policy: microphone=();camera=();
content-type: text/plain
expires: Thu, 09 Sep 2021 18:29:46 GMT

GET
H2 200 montserrat-v12-latin-700.woff2
lifars.com/wp-content/themes/lifars/assets/resources/font/montserrat/ 19 KB
19 KB 108ms
108ms Font
text/plain 208.97.144.40
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lifars.com/wp-content/themes/lifars/assets/resources/font/montserrat/montserrat-v12-latin-700.woff2

Requested by

Host: lifars.com
URL: https://lifars.com/wp-content/cache/autoptimize/css/autoptimize_5d22bb3c81ae43bbc735ebca4f0821a7.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.97.144.40 , United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

wp472643.dreamhostps.com

Software

Apache /

Resource Hash

95143c7b094444bce13ebec37e70b530bf36fc88491acaa0490c3fb5d3b1b4b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://lifars.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: _gcl_au=1.1.241330893.1631683178; _ga=GA1.2.1075421864.1631683178; _gid=GA1.2.975010022.1631683178; _gat_gtag_UA_60073856_1=1; _gat=1; _uetsid=858d060015e411ec9b10e5e296bc7240; _uetvid=858d0b2015e411ecb1ed1998f112ea36; nQ_cookieId=d3e1ab8a-d564-9c40-a454-e1230a3bb401; nQ_userVisitId=07fb4697-9291-b175-648d-bcf32f531184
:path: /wp-content/themes/lifars/assets/resources/font/montserrat/montserrat-v12-latin-700.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: lifars.com
referer: https://lifars.com/wp-content/cache/autoptimize/css/autoptimize_5d22bb3c81ae43bbc735ebca4f0821a7.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://lifars.com/wp-content/cache/autoptimize/css/autoptimize_5d22bb3c81ae43bbc735ebca4f0821a7.css
Origin: https://lifars.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:26 GMT
content-encoding: br
x-content-type-options: nosniff
x-cacheable: YES
age: 643780
vary: User-Agent,Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 29 Apr 2018 08:52:35 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: W/"4a0c-56af8dbcf3ac9"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-varnish: 1265898057 1265530711
cache-control: max-age=31536000, public, must-revalidate
permissions-policy: microphone=();camera=();
content-type: text/plain
expires: Thu, 09 Sep 2021 18:29:46 GMT

GET
H2 200 open-sans-v15-latin-600.woff2
lifars.com/wp-content/themes/lifars/assets/resources/font/open-sans/ 14 KB
15 KB 198ms
198ms Font
text/plain 208.97.144.40
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lifars.com/wp-content/themes/lifars/assets/resources/font/open-sans/open-sans-v15-latin-600.woff2

Requested by

Host: lifars.com
URL: https://lifars.com/wp-content/cache/autoptimize/css/autoptimize_5d22bb3c81ae43bbc735ebca4f0821a7.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.97.144.40 , United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

wp472643.dreamhostps.com

Software

Apache /

Resource Hash

6db8f13cec3a790404fd5bca6adae8ae790eab9c8e6c89d5d6fb9fa2671564e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://lifars.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: _gcl_au=1.1.241330893.1631683178; _ga=GA1.2.1075421864.1631683178; _gid=GA1.2.975010022.1631683178; _gat_gtag_UA_60073856_1=1; _gat=1; _uetsid=858d060015e411ec9b10e5e296bc7240; _uetvid=858d0b2015e411ecb1ed1998f112ea36; nQ_cookieId=d3e1ab8a-d564-9c40-a454-e1230a3bb401; nQ_userVisitId=07fb4697-9291-b175-648d-bcf32f531184
:path: /wp-content/themes/lifars/assets/resources/font/open-sans/open-sans-v15-latin-600.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: lifars.com
referer: https://lifars.com/wp-content/cache/autoptimize/css/autoptimize_5d22bb3c81ae43bbc735ebca4f0821a7.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://lifars.com/wp-content/cache/autoptimize/css/autoptimize_5d22bb3c81ae43bbc735ebca4f0821a7.css
Origin: https://lifars.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:26 GMT
content-encoding: br
x-content-type-options: nosniff
x-cacheable: YES
age: 643780
vary: User-Agent,Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 29 Apr 2018 08:52:35 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: W/"38d0-56af8dbcf3ac9"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-varnish: 1265898058 1265530713
cache-control: max-age=31536000, public, must-revalidate
permissions-policy: microphone=();camera=();
content-type: text/plain
expires: Thu, 09 Sep 2021 18:29:46 GMT

GET
H2 200 open-sans-v15-latin-700.woff2
lifars.com/wp-content/themes/lifars/assets/resources/font/open-sans/ 14 KB
15 KB 199ms
198ms Font
text/plain 208.97.144.40
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lifars.com/wp-content/themes/lifars/assets/resources/font/open-sans/open-sans-v15-latin-700.woff2

Requested by

Host: lifars.com
URL: https://lifars.com/wp-content/cache/autoptimize/css/autoptimize_5d22bb3c81ae43bbc735ebca4f0821a7.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.97.144.40 , United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

wp472643.dreamhostps.com

Software

Apache /

Resource Hash

541605d613d8a5f18a310407038dc132487fe623ccfeb6d5a956faf5b191ff22

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://lifars.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: _gcl_au=1.1.241330893.1631683178; _ga=GA1.2.1075421864.1631683178; _gid=GA1.2.975010022.1631683178; _gat_gtag_UA_60073856_1=1; _gat=1; _uetsid=858d060015e411ec9b10e5e296bc7240; _uetvid=858d0b2015e411ecb1ed1998f112ea36; nQ_cookieId=d3e1ab8a-d564-9c40-a454-e1230a3bb401; nQ_userVisitId=07fb4697-9291-b175-648d-bcf32f531184
:path: /wp-content/themes/lifars/assets/resources/font/open-sans/open-sans-v15-latin-700.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: lifars.com
referer: https://lifars.com/wp-content/cache/autoptimize/css/autoptimize_5d22bb3c81ae43bbc735ebca4f0821a7.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://lifars.com/wp-content/cache/autoptimize/css/autoptimize_5d22bb3c81ae43bbc735ebca4f0821a7.css
Origin: https://lifars.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:26 GMT
content-encoding: br
x-content-type-options: nosniff
x-cacheable: YES
age: 643780
vary: User-Agent,Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 29 Apr 2018 08:52:35 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: W/"3980-56af8dbcf3ac9"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-varnish: 1265898059 1265530714
cache-control: max-age=31536000, public, must-revalidate
permissions-policy: microphone=();camera=();
content-type: text/plain
expires: Thu, 09 Sep 2021 18:29:46 GMT

GET
H2 200 LIFARS-cybersecurity-company-in-New-York.png
i1.wp.com/lifars.com/wp-content/uploads/2018/11/ 2 KB
3 KB 32ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/lifars.com/wp-content/uploads/2018/11/LIFARS-cybersecurity-company-in-New-York.png?fit=170%2C52&ssl=1

Requested by

Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

3f1e9903258d266c9112d9c5158e90acf89b87f01b5919b45be7c9f797cb8afe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 15 Sep 2021 05:19:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 08:17:44 GMT
server: nginx
etag: "87457257e9d24092"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://lifars.com/wp-content/uploads/2018/11/LIFARS-cybersecurity-company-in-New-York.png>; rel="canonical"
content-length: 2436
expires: Sat, 05 Nov 2022 20:17:44 GMT

GET
H2 200 purple-FBI-Flash-Alert-Warns-on-OnePercent-Group-Ransomware-Attacks-.jpg
i2.wp.com/lifars.com/wp-content/uploads/2021/09/ 20 KB
20 KB 13ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/lifars.com/wp-content/uploads/2021/09/purple-FBI-Flash-Alert-Warns-on-OnePercent-Group-Ransomware-Attacks-.jpg?resize=720%2C491&ssl=1

Requested by

Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

73c5ac289371a4f5081c873006a85d3f9cfef10fb62c052836fe8c88ea422e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Wed, 15 Sep 2021 05:19:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 15 Sep 2021 04:26:41 GMT
server: nginx
etag: "45174ddbc0a409c1"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://lifars.com/wp-content/uploads/2021/09/purple-FBI-Flash-Alert-Warns-on-OnePercent-Group-Ransomware-Attacks-.jpg>; rel="canonical"
content-length: 20616
expires: Fri, 15 Sep 2023 16:26:41 GMT

GET
H2 200 905_1.2.5.0 Show response
a.config.skype.com/config/v1/SkypeLyncWebExperience/ 2 KB
1 KB 586ms
143ms Script
application/javascript 104.211.73.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://a.config.skype.com/config/v1/SkypeLyncWebExperience/905_1.2.5.0?apikey=shareButton&fingerprint=e7e56e35-da6f-457f-aa67-425338a9f006&callback=Skype.onConfigurationLoaded

Requested by

Host: swx.cdn.skype.com
URL: https://swx.cdn.skype.com/shared/v/1.2.5/SkypeBootstrap.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.211.73.16 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0be7fdad9a5a06ae907e33aeb3254ab5786410045d1fbe878737e008e69dde32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
etag: "GGLFZbaLGlbWn2spnBITcQ+a3NBYK3y74vu30KIhQds="
x-frame-options: DENY
content-type: application/javascript
cache-control: no-cache,max-age=3600
date: Wed, 15 Sep 2021 05:19:38 GMT
content-length: 869
expires: Wed, 15 Sep 2021 06:19:38 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 115F 232 B
431 B 132ms
111ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=e80830ba58c974bfd4dbf3fb2ca79b3c3f6e5579

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Flifars.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:37 GMT
content-encoding: gzip
last-modified: Wed, 15 Sep 2021 05:19:38 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 8f8094e6dd695c3a1396e243b2d18c23863ef6abdecf66ebad1a2ce70f079189
content-length: 166

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 180ms
29ms Image
image/gif 172.217.169.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-60073856-1&cid=1075421864.1631683178&jid=788300841&_u=YEBAAUAAAAAAAC~&z=1343863123

Requested by

Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.169.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s09-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 05:19:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 186ms
36ms Image
image/gif 172.217.169.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-60073856-1&cid=1075421864.1631683178&jid=1545557004&_u=YEDAAUABAAAAAC~&z=102952790

Requested by

Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.169.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s09-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 05:19:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 form-settings Show response
mc.us9.list-manage.com/subscribe/ 1 KB
2 KB 612ms
475ms Script
application/json 104.117.200.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mc.us9.list-manage.com/subscribe/form-settings?u=7ef36ba4621087543ba16eec9&id=20a0f45127&u=7ef36ba4621087543ba16eec9&id=20a0f45127&c=dojo_request_script_callbacks.dojo_request_script0
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.117.200.54 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-54.deploy.static.akamaitechnologies.com
Software: openresty /
Resource Hash: 5bbeaa1c21f78fada497f6af46de4437362ac0dac831776eb92230fdaae27499

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 457
date: Wed, 15 Sep 2021 05:19:38 GMT
content-encoding: gzip
referrer-policy: same-origin
server: openresty
x-edgeconnect-midmile-rtt: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: max-age=294
x-ua-compatible: IE=edge,chrome=1
content-length: 767
expires: Wed, 15 Sep 2021 05:24:32 GMT

GET
H3

200

/
www.google.com/pagead/1p-conversion/954568561/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/954568561/?random=1248892543&cv=9&fst=1631683177942&num=1&value=0&label=K09ICLatzXAQ8Z6WxwM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u...
https://www.google.com/pagead/1p-conversion/954568561/?random=1248892543&cv=9&fst=1631683177942&num=1&value=0&label=K09ICLatzXAQ8Z6WxwM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_a...

42 B
64 B

80ms
42ms

Image
image/gif

172.217.169.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/954568561/?random=1248892543&cv=9&fst=1631683177942&num=1&value=0&label=K09ICLatzXAQ8Z6WxwM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9d0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&tiba=FBI%20Flash%20Alert%20Warns%20on%20OnePercent%20Group%20Ransomware%20Attacks&auid=241330893.1631683178&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=aoJBYbXlA7O4-waykL-ABQ&eitems=ChEI8JCBigYQrK7W85Om8ofXARIdAFCfcvCGBgtsdXTuLpv49VSiyIZUCdceP6yLfQo&random=3858324721&resp=GooglemKTybQhCsO

Requested by

Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.169.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s09-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 05:19:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Sep 2021 05:19:43 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
location: https://www.google.com/pagead/1p-conversion/954568561/?random=1248892543&cv=9&fst=1631683177942&num=1&value=0&label=K09ICLatzXAQ8Z6WxwM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9d0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&tiba=FBI%20Flash%20Alert%20Warns%20on%20OnePercent%20Group%20Ransomware%20Attacks&auid=241330893.1631683178&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=aoJBYbXlA7O4-waykL-ABQ&eitems=ChEI8JCBigYQrK7W85Om8ofXARIdAFCfcvCGBgtsdXTuLpv49VSiyIZUCdceP6yLfQo&random=3858324721&resp=GooglemKTybQhCsO
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 button Show response
widgets.getpocket.com/v1/ Frame 3E62 840 B
963 B 13ms
12ms Document
text/html 52.222.179.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.getpocket.com/v1/button?label=pocket&count=horizontal&v=1&url=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&title=FBI%20Flash%20Alert%20Warns%20on%20OnePercent%20Group%20Ransomware%20Attacks&src=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&r=0.8166078118144979
Requested by: Host: widgets.getpocket.com
URL: https://widgets.getpocket.com/v1/j/btn.js?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-116.ham50.r.cloudfront.net
Software: Apache/2.4.25 (Debian) / PHP/5.6.40
Resource Hash: f8d51b013f41e8f5712f8b78988ae8d897d355c0aaa906dd5785949f26c572c6

Request headers

:method: GET
:authority: widgets.getpocket.com
:scheme: https
:path: /v1/button?label=pocket&count=horizontal&v=1&url=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&title=FBI%20Flash%20Alert%20Warns%20on%20OnePercent%20Group%20Ransomware%20Attacks&src=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&r=0.8166078118144979
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://lifars.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/

Response headers

content-type: text/html; charset=UTF-8
content-length: 550
date: Wed, 15 Sep 2021 04:21:23 GMT
server: Apache/2.4.25 (Debian)
content-location: button.php
tcn: choice
x-powered-by: PHP/5.6.40
content-encoding: gzip
access-control-allow-origin: https://pocket.com,https://getpocket.com,https://widgets.getpocket.com
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ce9a2abd25eed1f472711c23f8a0adaf.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C1
x-amz-cf-id: mse2fhBsQ4cPfL_Y3FmF8XKl3obwwD9UFIGIdJkDq_uIU6vswAi49w==
age: 3495

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 859adbfc48bb0b06c58fe109db4909585fbca5df398d49185fc0f486bad1ac96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 112ms
36ms Image
image/gif 185.60.218.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=252325295512279&ev=PageView&dl=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&rl=&if=false&ts=1631683178189&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1631683178188.1017696572&it=1631683177894&coo=false&exp=p1&rqm=GET

Requested by

Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-otp1.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:38 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 15 Sep 2021 05:19:38 GMT

GET
H/1.1 200
OK button.5d16ecc02fbaf599a24dfb57ab239320.js Show response
platform.twitter.com/js/ 7 KB
3 KB 7ms
7ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.5d16ecc02fbaf599a24dfb57ab239320.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669E) /
Resource Hash: 3ee8351e156e2e80d99018a585c18c0dbd9098e3bea84a131d8cbad1ec72c81e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 05:19:38 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Aug 2021 20:33:39 GMT
Server: ECS (frb/669E)
Age: 112804
Etag: "6b95f5a9a2ff4b885e2eafdf446d70d0+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2296

GET
H2 200 index.build.css
assets.tumblr.com/client/prod/standalone/share-button-internal/ Frame A95B 2 KB
551 B 6ms
5ms Stylesheet
text/css 192.0.77.40
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.tumblr.com/client/prod/standalone/share-button-internal/index.build.css?_v=09f72c9f7e3de0d8c0cf38d5a207324f

Requested by

Host: embed.tumblr.com
URL: https://embed.tumblr.com/widgets/share/button?canonicalUrl=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&postcontent%5Btitle%5D=FBI%20Flash%20Alert%20Warns%20on%20OnePercent%20Group%20Ransomware%20Attacks&postcontent%5Bcontent%5D=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

assets.tumblr.com

Software

nginx /

Resource Hash

2e6c1bf7dc5b45def8f7b17f91accb549c53c1199a38296801c6393741a9c395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload, max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://embed.tumblr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 15 Sep 2021 05:19:38 GMT
content-encoding: br
last-modified: Sun, 01 Nov 2020 05:00:47 GMT
server: nginx
etag: W/"5f9e40ff-6cf"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
strict-transport-security: max-age=31536000; preload, max-age=31536000; preload
timing-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cmpStub.min.js Show response
consent.cmp.oath.com/ Frame A95B 3 KB
1 KB 58ms
7ms Script
application/javascript 152.195.53.200
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cmp.oath.com/cmpStub.min.js
Requested by: Host: embed.tumblr.com
URL: https://embed.tumblr.com/widgets/share/button?canonicalUrl=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&postcontent%5Btitle%5D=FBI%20Flash%20Alert%20Warns%20on%20OnePercent%20Group%20Ransomware%20Attacks&postcontent%5Bcontent%5D=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.53.200 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECD (frb/67F0) /
Resource Hash: 610de300dd804d4192b8cde346227d34b64d5194ae1626ec7c4d5330c4030321

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://embed.tumblr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:38 GMT
content-encoding: gzip
last-modified: Sat, 27 Feb 2021 14:09:04 GMT
server: ECD (frb/67F0)
age: 2254
etag: "4c317d668ebfc203d41276532b18c419+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=3600
x-amz-request-id: R6VYNNACSCTH3Q79
accept-ranges: bytes
content-length: 1216
x-amz-id-2: GnWOdH6QZ0fOZfaKcLGseShe+b4MPEIrc6Yrm2F2AveZWKTw9hfRM8hu8AiHXAnfpbLl4xA72/Q=
expires: Wed, 15 Sep 2021 06:19:38 GMT

GET
H2 200 cmp3p.js Show response
consent.cmp.oath.com/ Frame A95B 30 KB
10 KB 58ms
8ms Script
application/javascript 152.195.53.200
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cmp.oath.com/cmp3p.js
Requested by: Host: embed.tumblr.com
URL: https://embed.tumblr.com/widgets/share/button?canonicalUrl=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&postcontent%5Btitle%5D=FBI%20Flash%20Alert%20Warns%20on%20OnePercent%20Group%20Ransomware%20Attacks&postcontent%5Bcontent%5D=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.53.200 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECD (frb/6775) /
Resource Hash: adf388e42c114b0aa19feeb9510a2a0cdf549c4774dfe770c2e2f4e122387a01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://embed.tumblr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:38 GMT
content-encoding: gzip
last-modified: Wed, 03 Jun 2020 15:53:49 GMT
server: ECD (frb/6775)
age: 3471
etag: "e82e848ea6dfc052ab3b477b75d85aa1+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=3600
x-amz-request-id: T53Y2DGEZ4B6B9CV
accept-ranges: bytes
content-length: 10237
x-amz-id-2: ki/LeXr7WNmAQFS4WRGTtzQvA+yoLI2/NG2SadGoJaPASAQwsGzuHKcYLH3cUGgQ0MDNxXsLuHE=
expires: Wed, 15 Sep 2021 06:19:38 GMT

GET
H2 200 index.build.js Show response
assets.tumblr.com/client/prod/standalone/share-button-internal/ Frame A95B 210 KB
62 KB 6ms
5ms Script
application/javascript 192.0.77.40
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.tumblr.com/client/prod/standalone/share-button-internal/index.build.js?_v=13b74d941227d7bb225b3790be80ee16

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

assets.tumblr.com

Software

nginx /

Resource Hash

a72ad54e640af3278a14244692e4e237c0ed5abe81e289c67f4552cdd6471698

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload, max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://embed.tumblr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 15 Sep 2021 05:19:38 GMT
content-encoding: br
last-modified: Wed, 17 Mar 2021 14:25:08 GMT
server: nginx
etag: W/"60521144-34864"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
strict-transport-security: max-age=31536000; preload, max-age=31536000; preload
timing-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK widgetButton.91d9e0cb42c020d8c4b1.css
assets.getpocket.com/web/ Frame 3E62 3 KB
2 KB 37ms
8ms Stylesheet
text/css 13.32.22.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.getpocket.com/web/widgetButton.91d9e0cb42c020d8c4b1.css
Requested by: Host: widgets.getpocket.com
URL: https://widgets.getpocket.com/v1/button?label=pocket&count=horizontal&v=1&url=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&title=FBI%20Flash%20Alert%20Warns%20on%20OnePercent%20Group%20Ransomware%20Attacks&src=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&r=0.8166078118144979
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.22.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-22-87.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e2d84e6a462105e079059bda163a5e23e9b326ad0cb42e2fef52ecf08e20a92e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.getpocket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 09 Jun 2021 18:20:09 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 09 Jun 2021 17:30:54 GMT
Server: AmazonS3
Age: 8420370
ETag: W/"5ae752a86d7f88b510c944c8fdbd4398"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000,s-maxage=31536000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-C2
X-Amz-Cf-Id: ZHBQWIgUuUmU0jliDIGzWzLHO6b7lbBKNau8FMPjDwdKs-LVqNuvCg==

GET
H/1.1 200
OK widgetButton.4c13af153e5ac26aa647.js Show response
assets.getpocket.com/web/ Frame 3E62 20 KB
8 KB 37ms
8ms Script
application/javascript 13.32.22.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.getpocket.com/web/widgetButton.4c13af153e5ac26aa647.js
Requested by: Host: widgets.getpocket.com
URL: https://widgets.getpocket.com/v1/button?label=pocket&count=horizontal&v=1&url=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&title=FBI%20Flash%20Alert%20Warns%20on%20OnePercent%20Group%20Ransomware%20Attacks&src=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&r=0.8166078118144979
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.22.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-22-87.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7c8bee77a95fda9d0f22bab9ecf35eefe4b0eeba57ff8333a28b06481c8c0364

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.getpocket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 17 Mar 2021 03:08:46 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 16 Mar 2021 22:14:03 GMT
Server: AmazonS3
Age: 15732653
ETag: W/"6a9aeabba59f129842c7b694a5448d4e"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 8e83c42d247a31c5b365c08a0352d8f9.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000,s-maxage=31536000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-C2
X-Amz-Cf-Id: aJd60X22qxh11QJ8OyY-uNd3jwTABgQLsLZ7YK5z66XAXLx0_8_RLw==

GET
H/1.1 200
OK tweet_button.f88235f49a156f8b4cab34c7bc1a0acc.en.html Show response
platform.twitter.com/widgets/ Frame 33CC 32 KB
12 KB 6ms
6ms Document
text/html 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.f88235f49a156f8b4cab34c7bc1a0acc.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669E) /
Resource Hash: 06b34901b9ee1d57c9e0a37a7665c7aa77f6ab8b884cda5e8caad1c3f8b8c639

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://lifars.com/
Accept-Encoding: gzip, deflate, br
Cookie: personalization_id="v1_8uHvWKLQHCGL/7cOUl/yqQ=="
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 112803
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 15 Sep 2021 05:19:38 GMT
Etag: "909c8b457796b3e08dbae7ea22074354+gzip"
Last-Modified: Mon, 02 Aug 2021 20:33:46 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/669E)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 12257

GET
H2 200 saves Show response
widgets.getpocket.com/api/ Frame 3E62 11 B
382 B 168ms
168ms XHR
application/json 52.222.179.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.getpocket.com/api/saves?url=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F
Requested by: Host: assets.getpocket.com
URL: https://assets.getpocket.com/web/widgetButton.4c13af153e5ac26aa647.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-116.ham50.r.cloudfront.net
Software: Apache/2.4.25 (Debian) / PHP/5.6.40
Resource Hash: 70a18337b987c7639db9de27723cdb120997777f506cc3b419b055575ca9ff61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.getpocket.com/v1/button?label=pocket&count=horizontal&v=1&url=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&title=FBI%20Flash%20Alert%20Warns%20on%20OnePercent%20Group%20Ransomware%20Attacks&src=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&r=0.8166078118144979
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:38 GMT
via: 1.1 ce9a2abd25eed1f472711c23f8a0adaf.cloudfront.net (CloudFront)
server: Apache/2.4.25 (Debian)
x-amz-cf-pop: HAM50-C1
x-powered-by: PHP/5.6.40
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://pocket.com,https://getpocket.com,https://widgets.getpocket.com
tcn: choice
content-location: saves.php
content-length: 11
x-amz-cf-id: DvvePbFwDR97jG5Kd13AgKtkbqhfiu1VkmTWdmK6_KEhOSZfCCGueg==

GET
H/1.1 200
OK pocket_button.d3a57cce2ccd22d7db8e29ff66dc09df.png
assets.getpocket.com/web/widgetButton/images/ Frame 3E62 1 KB
2 KB 12ms
12ms Image
image/png 13.32.22.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.getpocket.com/web/widgetButton/images/pocket_button.d3a57cce2ccd22d7db8e29ff66dc09df.png
Requested by: Host: assets.getpocket.com
URL: https://assets.getpocket.com/web/widgetButton.91d9e0cb42c020d8c4b1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.22.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-22-87.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4022b5ef36894f1e2bcedab9a1574665218e7c0f05408ebe8e8ff689601088db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.getpocket.com/web/widgetButton.91d9e0cb42c020d8c4b1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 05:35:48 GMT
Via: 1.1 8e83c42d247a31c5b365c08a0352d8f9.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 21 Jul 2021 19:25:34 GMT
Server: AmazonS3
Age: 4491831
ETag: "d3a57cce2ccd22d7db8e29ff66dc09df"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=31536000,s-maxage=31536000
X-Amz-Cf-Pop: FRA56-C2
Accept-Ranges: bytes
Content-Length: 1062
X-Amz-Cf-Id: _9MyEJP5Vi73wO9B3pOWD-hH8s5YbhLIlGCwrZnxaEkm2cPAqR0Fng==

GET
DATA 200
OK truncated
/ Frame 33CC 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame A95B 1 KB
1 KB 33ms
8ms Script
application/javascript 99.86.4.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: embed.tumblr.com
URL: https://embed.tumblr.com/widgets/share/button?canonicalUrl=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&postcontent%5Btitle%5D=FBI%20Flash%20Alert%20Warns%20on%20OnePercent%20Group%20Ransomware%20Attacks&postcontent%5Bcontent%5D=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-32.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://embed.tumblr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 14 Sep 2021 13:51:56 GMT
content-encoding: gzip
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 55662
etag: W/"1827f116c73f319409b97f10b8a58ade"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: pb3Tz6pfXJEImY1u6ixfXZnXwZW9dAv8SRwfpQITs5VpbxBnNJ4EFg==

GET
H2 200 impixu
px.srvcs.tumblr.com/ Frame A95B 95 B
334 B 106ms
100ms Image
image/png 192.0.77.40
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://px.srvcs.tumblr.com/impixu?T=1631683178&J=eyJ0eXBlIjoidXJsIiwidXJsIjoiaHR0cDovL2VtYmVkLnR1bWJsci5jb20vd2lkZ2V0cy9zaGFyZS9idXR0b24/Y2Fub25pY2FsVXJsPWh0dHBzJTNBJTJGJTJGbGlmYXJzLmNvbSUyRjIwMjElMkYwOSUyRmZiaS1mbGFzaC1hbGVydC13YXJucy1vbi1vbmVwZXJjZW50LWdyb3VwLXJhbnNvbXdhcmUtYXR0YWNrcyUyRiZwb3N0Y29udGVudCU1QnRpdGxlJTVEPUZCSSUyMEZsYXNoJTIwQWxlcnQlMjBXYXJucyUyMG9uJTIwT25lUGVyY2VudCUyMEdyb3VwJTIwUmFuc29td2FyZSUyMEF0dGFja3MmcG9zdGNvbnRlbnQlNUJjb250ZW50JTVEPWh0dHBzJTNBJTJGJTJGbGlmYXJzLmNvbSUyRjIwMjElMkYwOSUyRmZiaS1mbGFzaC1hbGVydC13YXJucy1vbi1vbmVwZXJjZW50LWdyb3VwLXJhbnNvbXdhcmUtYXR0YWNrcyUyRiIsInJlcXR5cGUiOjAsInJvdXRlIjoiL3dpZGdldHMvc2hhcmUvYnV0dG9uIn0=&U=FCOFHMGCAH&K=f9e6d50c951a956b545ca12ff080f41cca7122565faf43c94b9713ca04a2cf3e&R=https%3A//lifars.com/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

assets.tumblr.com

Software

nginx /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://embed.tumblr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 05:19:38 GMT
server: nginx
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: image/png
content-length: 95

GET
H2 200 flat-t-button-white.svg
assets.tumblr.com/images/ Frame A95B 308 B
275 B 6ms
6ms Image
image/svg+xml 192.0.77.40
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.tumblr.com/images/flat-t-button-white.svg?v=b14d6d201b7992bea0f0f2b3aa1ffa28

Requested by

Host: assets.tumblr.com
URL: https://assets.tumblr.com/client/prod/standalone/share-button-internal/index.build.css?_v=09f72c9f7e3de0d8c0cf38d5a207324f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

assets.tumblr.com

Software

nginx /

Resource Hash

ff4d0997c2e50c36a602155ee870eb629e5847f610923d45889f4bea0147d16c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload, max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.tumblr.com/client/prod/standalone/share-button-internal/index.build.css?_v=09f72c9f7e3de0d8c0cf38d5a207324f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 15 Sep 2021 05:19:38 GMT
content-encoding: br
last-modified: Wed, 21 Oct 2020 05:06:36 GMT
server: nginx
etag: W/"5f8fc1dc-134"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
strict-transport-security: max-age=31536000; preload, max-age=31536000; preload
timing-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

b2
sb.scorecardresearch.com/ Frame A95B
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=15742520&ns__t=1631683178362&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Tumblr&c7=https%3A%2F%2Fembed.tumblr.com%2Fwidgets%2Fshare%2Fbutton%3FcanonicalUrl%3Dhttps%253A%...
https://sb.scorecardresearch.com/b2?c1=2&c2=15742520&ns__t=1631683178362&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Tumblr&c7=https%3A%2F%2Fembed.tumblr.com%2Fwidgets%2Fshare%2Fbutton%3FcanonicalUrl%3Dhttps%253A...

64 B
329 B

9ms
8ms

Image
image/gif

99.86.4.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=15742520&ns__t=1631683178362&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Tumblr&c7=https%3A%2F%2Fembed.tumblr.com%2Fwidgets%2Fshare%2Fbutton%3FcanonicalUrl%3Dhttps%253A%252F%252Flifars.com%252F2021%252F09%252Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%252F%26postcontent%255Btitle%255D%3DFBI%2520Flash%2520Alert%2520Warns%2520on%2520OnePercent%2520Group%2520Ransomware%2520Attacks%26postcontent%255Bcontent%255D%3Dhttps%253A%252F%252Flifars.com%252F2021%252F09%252Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%252F&c9=https%3A%2F%2Flifars.com%2F
Requested by: Host: embed.tumblr.com
URL: https://embed.tumblr.com/widgets/share/button?canonicalUrl=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&postcontent%5Btitle%5D=FBI%20Flash%20Alert%20Warns%20on%20OnePercent%20Group%20Ransomware%20Attacks&postcontent%5Bcontent%5D=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-32.fra6.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://embed.tumblr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:38 GMT
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: T23MaiAQgy4K1sBHJeKyK3bSMSjqmT0mkTZUHVl66u4Q44pIItmcVw==

Redirect headers

date: Wed, 15 Sep 2021 05:19:38 GMT
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=15742520&ns__t=1631683178362&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Tumblr&c7=https%3A%2F%2Fembed.tumblr.com%2Fwidgets%2Fshare%2Fbutton%3FcanonicalUrl%3Dhttps%253A%252F%252Flifars.com%252F2021%252F09%252Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%252F%26postcontent%255Btitle%255D%3DFBI%2520Flash%2520Alert%2520Warns%2520on%2520OnePercent%2520Group%2520Ransomware%2520Attacks%26postcontent%255Bcontent%255D%3Dhttps%253A%252F%252Flifars.com%252F2021%252F09%252Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%252F&c9=https%3A%2F%2Flifars.com%2F
content-length: 630
x-amz-cf-id: 4lsWEJY7l_DxxPukKzwdJHdoPFDMVo1PaweTW44bX4Dbr1RQmInBrw==

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
352 B 120ms
120ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22lifarsllc%22%2C%22widget_creator_screen_name%22%3A%22lifarsllc%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1631683178444%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221890d59c%3A1627936082797%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 15 Sep 2021 05:19:38 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 8f8094e6dd695c3a1396e243b2d18c23863ef6abdecf66ebad1a2ce70f079189
x-transaction: 536ce09a18fe2586
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 shareButton.min.js Show response
swx.cdn.skype.com/skypewebsdk/shareButton/v/1.4.0.0/js/ 89 KB
24 KB 9ms
9ms Script
text/javascript 68.232.34.200
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://swx.cdn.skype.com/skypewebsdk/shareButton/v/1.4.0.0/js/shareButton.min.js
Requested by: Host: swx.cdn.skype.com
URL: https://swx.cdn.skype.com/shared/v/1.2.5/SkypeBootstrap.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.34.200 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frb/67E6) /
Resource Hash: 1e95bbe885ae3ff7043ba06629dc5d2700abc904dd4a991fc56b11a74cdf549a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Sep 2021 05:19:38 GMT
content-encoding: gzip
content-md5: nEbx0XDuTOfKIghlU3AgpA==
age: 101608
x-cache: HIT
content-length: 24840
x-ms-lease-status: unlocked
last-modified: Fri, 09 Sep 2016 10:05:02 GMT
server: ECAcc (frb/67E6)
etag: 0x8D3D898C4539BF4
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 63a694f1-601e-012b-4104-a9d609000000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 shareButton.css
swx.cdn.skype.com/skypewebsdk/shareButton/v/1.4.0.0/assets/css/ 1 KB
691 B 8ms
8ms Stylesheet
text/css 68.232.34.200
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://swx.cdn.skype.com/skypewebsdk/shareButton/v/1.4.0.0/assets/css/shareButton.css
Requested by: Host: swx.cdn.skype.com
URL: https://swx.cdn.skype.com/skypewebsdk/shareButton/v/1.4.0.0/js/shareButton.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.34.200 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frb/675E) /
Resource Hash: 3742b70cc47b32ad33ec82c11c352ad552f994392b08c48e542cde5b151b4df0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Sep 2021 05:19:38 GMT
content-encoding: gzip
content-md5: ShlKH1VH3VJxpWckWeUpyg==
age: 101585
x-cache: HIT
content-length: 533
x-ms-lease-status: unlocked
last-modified: Fri, 09 Sep 2016 10:05:03 GMT
server: ECAcc (frb/675E)
etag: 0x8D3D898C49F74B2
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 0a9cff38-901e-00f6-2b04-a9c3f2000000
x-ms-version: 2009-09-19
accept-ranges: bytes

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ 0
397 B 268ms
33ms XHR
application/json 51.104.15.252
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=ACT-Web-JS-2.4.0&x-apikey=bc1a88c3ef7240a99d650eacd67609ae-b21a92f6-51f2-46d6-be26-e7f9b8722dfa-7553
Requested by: Host: swx.cdn.skype.com
URL: https://swx.cdn.skype.com/skypewebsdk/shareButton/v/1.4.0.0/js/shareButton.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.15.252 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 05:19:38 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 245
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

GET
H2 200 s_logo.svg
swx.cdn.skype.com/skypewebsdk/shareButton/v/1.4.0.0/assets/images/ 2 KB
1 KB 8ms
8ms Image
image/svg+xml 68.232.34.200
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://swx.cdn.skype.com/skypewebsdk/shareButton/v/1.4.0.0/assets/images/s_logo.svg
Requested by: Host: swx.cdn.skype.com
URL: https://swx.cdn.skype.com/skypewebsdk/shareButton/v/1.4.0.0/assets/css/shareButton.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.34.200 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frb/67D8) /
Resource Hash: 18da17a7e007f25707e9d21e7ee3ae92969fc28e037757b3fbb15d61345cfa96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://swx.cdn.skype.com/skypewebsdk/shareButton/v/1.4.0.0/assets/css/shareButton.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Sep 2021 05:19:38 GMT
content-encoding: gzip
content-md5: TDfFmJGUdE2r6GuIA8u0hg==
age: 434677
x-cache: HIT
content-length: 1107
x-ms-lease-status: unlocked
last-modified: Fri, 09 Sep 2016 10:05:04 GMT
server: ECAcc (frb/67D8)
etag: 0x8D3D898C55201E8
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: ca8d8766-301e-0015-32fd-a5267d000000
x-ms-version: 2009-09-19

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 832A 0
18 B 74ms
34ms Document
text/plain 185.60.218.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-otp1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 19756
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://lifars.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://lifars.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://lifars.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://lifars.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
date: Wed, 15 Sep 2021 05:19:38 GMT

GET
H/1.1 200
OK popup.js Show response
downloads.mailchimp.com/js/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/ 100 KB
31 KB 7ms
7ms Script
application/javascript 65.9.71.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/js/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/popup.js
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 650e65709312c691110957b8a8cc1609ac7b5685f265e1e06f389d271da4fedf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 05:18:58 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 15:07:49 GMT
Server: AmazonS3
Age: 58
ETag: W/"9e882a863f24e02737da75af35a34ee6"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Cf-Id: BtH2MKDuFqgATCKQUy5hAaUEbONAw-hXAqn-HFDVZzNl884Qsjy86w==

GET
H/1.1 200
OK common.css
downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/ Frame 1C61 9 KB
3 KB 7ms
7ms Stylesheet
text/css 65.9.71.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/common.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/popup.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4c69c701fd3700fca10f8e6180c9f60f9af13c943ee7f1513f4b7709d8b75d72

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 05:19:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 15:07:51 GMT
Server: AmazonS3
Age: 55
ETag: W/"82e72d627b04e1654282023cca1d1e69"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Cf-Id: _jPEPkh-tdS2FgzSFOFV4Nulkg_XHjewweszCJqrm8PUohYeIH86bg==

GET
H/1.1 200
OK banner.css
downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/ Frame 1C61 1005 B
938 B 16ms
8ms Stylesheet
text/css 65.9.71.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/banner.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/popup.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bece213397fe5f546674ee29dd3f69ec2f2cc0e480e67f09dcc4c25c0d12a3d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 05:19:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 15:07:52 GMT
Server: AmazonS3
Age: 34
ETag: W/"78d1bdd981816cfbeb6954a85f9efa58"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Cf-Id: h4SAwRcrz_6_hdkl_M2yj7auZQ_3qHQOVJNOfYoxkcuy7swM6QEiXQ==

GET
H/1.1 200
OK common.css
downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/ Frame C640 9 KB
3 KB 21ms
8ms Stylesheet
text/css 65.9.71.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/common.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/popup.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4c69c701fd3700fca10f8e6180c9f60f9af13c943ee7f1513f4b7709d8b75d72

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 05:19:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 15:07:51 GMT
Server: AmazonS3
Age: 55
ETag: W/"82e72d627b04e1654282023cca1d1e69"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 7e513424eee237ee26467e8fd5656ec1.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Cf-Id: 1gklIPj6XwDCB7hftUlXBEb8T5bJS8bAlBdAkSqIpZ0e7drE3p_T6Q==

GET
H/1.1 200
OK layout-4.css
downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/ Frame C640 1 KB
946 B 20ms
7ms Stylesheet
text/css 65.9.71.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/layout-4.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/popup.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ff8cc81ca4d0241c3de19701bb4b253af27d4d8282ca079428043ad01edda1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 05:18:57 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 15:07:52 GMT
Server: AmazonS3
Age: 97
ETag: W/"07d96a6ae20a51d3caa30ab83d143c60"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Cf-Id: Jm6vDMRvnlggatzPg_N1I1IGFE5Qbvb3oNQWk2Bg19YG1rIhlblpog==

GET
H/1.1 200
OK modal-slidein.css
downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/ 3 KB
2 KB 21ms
7ms Stylesheet
text/css 65.9.71.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/modal-slidein.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/popup.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 717a079466da86282255203ddb9f6faafb2bf0ca0bb23ecb539463b3f963bde4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 05:19:34 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 15:07:52 GMT
Server: AmazonS3
Age: 13
ETag: W/"d23d4c0fac6d9f158d23552bbd4592f0"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Cf-Id: Mk5Le7KBsPkfs29J89qaN4Nk-Y0S1vnsMoqMWf1o1OtU90WYuGgHRg==

GET
H2 200 FBI-Warns-of-Conti-Ransomware-Attacks-on-US-Healthcare-Networks.jpg
i0.wp.com/lifars.com/wp-content/uploads/2021/06/ 6 KB
6 KB 13ms
6ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/lifars.com/wp-content/uploads/2021/06/FBI-Warns-of-Conti-Ransomware-Attacks-on-US-Healthcare-Networks.jpg?fit=1200%2C818&ssl=1&resize=350%2C200

Requested by

Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

0fff0db327e0cb13141f67da5c2cb9cb950e135c18bbcf3c9b3d48181e12b99e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Wed, 15 Sep 2021 05:19:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 30 Jun 2021 06:47:40 GMT
server: nginx
etag: "288b4bfdb052a483"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://lifars.com/wp-content/uploads/2021/06/FBI-Warns-of-Conti-Ransomware-Attacks-on-US-Healthcare-Networks.jpg>; rel="canonical"
content-length: 5700
expires: Fri, 30 Jun 2023 18:47:40 GMT

GET
H2 200 The-Year-2020-Witnessed-A-Growth-Of-150-In-Ransomware-Attacks-Against-the-Backdrop-of-Pandemic.jpg
i2.wp.com/lifars.com/wp-content/uploads/2021/03/ 4 KB
4 KB 7ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/lifars.com/wp-content/uploads/2021/03/The-Year-2020-Witnessed-A-Growth-Of-150-In-Ransomware-Attacks-Against-the-Backdrop-of-Pandemic.jpg?fit=1200%2C796&ssl=1&resize=350%2C200

Requested by

Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

c2add862cd1ab69c3bef19cfe78427d13fd2f34991bd5272cc9b26a7a48c56b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Wed, 15 Sep 2021 05:19:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Sep 2021 16:45:34 GMT
server: nginx
etag: "7f49ead5fc2722c6"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://lifars.com/wp-content/uploads/2021/03/The-Year-2020-Witnessed-A-Growth-Of-150-In-Ransomware-Attacks-Against-the-Backdrop-of-Pandemic.jpg>; rel="canonical"
content-length: 4072
expires: Sun, 03 Sep 2023 04:45:34 GMT

GET
H2 200 Mitigating-Credential-Dumping-on-Windows_purple.jpg
i1.wp.com/lifars.com/wp-content/uploads/2021/07/ 4 KB
4 KB 8ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/lifars.com/wp-content/uploads/2021/07/Mitigating-Credential-Dumping-on-Windows_purple.jpg?fit=1200%2C818&ssl=1&resize=350%2C200

Requested by

Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

7357876b292d434a5e5bbc1677f5c5250ad7b77d19c6c4dfe316144977293aea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Wed, 15 Sep 2021 05:19:38 GMT
x-content-type-options: nosniff
last-modified: Fri, 10 Sep 2021 19:32:59 GMT
server: nginx
etag: "a6e3a91444c8e9b0"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://lifars.com/wp-content/uploads/2021/07/Mitigating-Credential-Dumping-on-Windows_purple.jpg>; rel="canonical"
content-length: 4154
expires: Mon, 11 Sep 2023 07:32:59 GMT

GET
H2 200 /
log.pinterest.com/ 0
299 B 120ms
114ms Image
text/plain 199.232.80.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=_Rv3i1GhjPvH&tv=2021082501&event=init&sub=www&button_count=2&follow_count=0&pin_count=0&button_hover=1&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&viaSrc=canonical
Requested by: Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.80.84 Marseille, France, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:39 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 0
x-cache-hits: 0
content-length: 0
x-served-by: cache-mrs10525-MRS
pragma: no-cache
server: envoy
x-timer: S1631683179.963157,VS0,VE93
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-pinterest-rid: 3545799045518089
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 e.gif
new-collect.albacross.com/ 37 B
103 B 110ms
33ms Image
image/gif 54.76.212.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://new-collect.albacross.com/e.gif?s=WordPress-Plugin%2C1.3.1&s=JSCollector%2C3.1.1&e0=pageview&ci0=d3e1ab8a-d564-9c40-a454-e1230a3bb401&v0=07fb4697-9291-b175-648d-bcf32f531184&p0=9e818c52-46d0-8a87-2340-aaf635ddb80f&u0=9e818c52-46d0-8a87-2340-aaf635ddb80f&c0=89235105&t0=1631683177904&ur0=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&ti0=FBI%20Flash%20Alert%20Warns%20on%20OnePercent%20Group%20Ransomware%20Attacks&re0=1600&re0=1200&o0=landscape-primary&e1=pageview_ping&ci1=d3e1ab8a-d564-9c40-a454-e1230a3bb401&v1=07fb4697-9291-b175-648d-bcf32f531184&p1=9e818c52-46d0-8a87-2340-aaf635ddb80f&u1=0e28baae-b983-286d-a7bd-4b0e82a4db72&c1=89235105&t1=1631683177905&li1=1631683177901&e2=pageview_ping&ci2=d3e1ab8a-d564-9c40-a454-e1230a3bb401&v2=07fb4697-9291-b175-648d-bcf32f531184&p2=9e818c52-46d0-8a87-2340-aaf635ddb80f&u2=1546941d-2c07-189d-23c4-6ccc6ce97c7f&c2=89235105&t2=1631683177907&li2=1631683177901
Requested by: Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.212.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-212-32.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 49059d42ad3423fb9f04b2330cdce035e4d555aa9ea7a7ceae097de0c69be05d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:41 GMT
content-length: 37
content-type: image/gif

GET
H3 200 /
www.google.com/pagead/1p-user-list/954568561/ 42 B
64 B 91ms
37ms Image
image/gif 172.217.169.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/954568561/?random=1631683177939&cv=9&fst=1631682000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9d0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&tiba=FBI%20Flash%20Alert%20Warns%20on%20OnePercent%20Group%20Ransomware%20Attacks&async=1&fmt=3&is_vtc=1&random=3615455388&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: lifars.com
URL: https://lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.169.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s09-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 05:19:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 share_button.php Show response
www.facebook.com/v2.3/plugins/ Frame AF7C 43 KB
13 KB 198ms
198ms Document
text/html 185.60.218.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.3/plugins/share_button.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df32e4ee45d95104%26domain%3Dlifars.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flifars.com%252Fffc27efe3a97dc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&layout=button_count&locale=en_US&sdk=joey

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=a77ebaef7082db733d22c460d9747c96

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-otp1.facebook.com

Software

Resource Hash

4b20deb526b6f2f314c41572b34d823cb1051e2de5943b3f8ab42efb87011417

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.3/plugins/share_button.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df32e4ee45d95104%26domain%3Dlifars.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flifars.com%252Fffc27efe3a97dc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&layout=button_count&locale=en_US&sdk=joey
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://lifars.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/

Response headers

vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v4.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: N5RPa9+4QnNYnMOgk07xMmqdnYAr43niIEl/c5N6PDJRFdFN6YPe+cghtFuka4Cd9oL3zT0+PVmdIsT6I4OWJw==
date: Wed, 15 Sep 2021 05:19:43 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
18ms Image
image/gif 142.250.180.14
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=73249277&t=timing&_s=3&dl=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&ul=en-us&de=UTF-8&dt=FBI%20Flash%20Alert%20Warns%20on%20OnePercent%20Group%20Ransomware%20Attacks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=7129&pdt=99&dns=22&rrt=1&srt=1107&tcp=203&dit=1772&clt=2000&_gst=1683&_gbt=1842&_cst=1361&_cbt=1481&_u=YEDAAUABAAAAAC~&jid=&gjid=&cid=1075421864.1631683178&tid=UA-60073856-1&_gid=975010022.1631683178&gtm=2ou9d0&z=1994779900

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s32-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:51:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 84483
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 18ms
18ms Image
image/gif 142.250.180.14
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=73249277&t=timing&_s=2&dl=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&ul=en-us&de=UTF-8&dt=FBI%20Flash%20Alert%20Warns%20on%20OnePercent%20Group%20Ransomware%20Attacks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=7129&pdt=99&dns=22&rrt=1&srt=1107&tcp=203&dit=1772&clt=2000&_gst=1683&_gbt=1842&_cst=1361&_cbt=1481&_u=YEDAAUABAAAAAC~&jid=&gjid=&cid=1075421864.1631683178&tid=UA-60073856-1&_gid=975010022.1631683178&z=567648598

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s32-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:51:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 84483
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 zSKZHMh8mXU.png
static.xx.fbcdn.net/rsrc.php/v3/yr/r/ Frame AF7C 388 B
1 KB 41ms
35ms Image
image/png 185.60.218.24
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yr/r/zSKZHMh8mXU.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.3/plugins/share_button.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df32e4ee45d95104%26domain%3Dlifars.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flifars.com%252Fffc27efe3a97dc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&layout=button_count&locale=en_US&sdk=joey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.218.24 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-otp1.fbcdn.net

Software

Resource Hash

f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:43 GMT
x-content-type-options: nosniff
content-md5: mLIKfuTnwd0c8uA9BXg4cQ==
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 388
x-fb-rlafr: 0
x-fb-debug: evP3EqVBgfNWJRBOhDtHg7ADSeiyuvHpU4ituKogPnwZTZVVYNnN8m1h0XxOsUnahQgr9vb2d9mnhhHdImnrnA==
x-fb-trip-id: 1082456386
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 10 Sep 2022 01:45:57 GMT

GET
H2 200 h33nawoSrPX.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yl/l/en_US/ Frame AF7C 513 KB
134 KB 40ms
35ms Script
application/x-javascript 185.60.218.24
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yl/l/en_US/h33nawoSrPX.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.218.24 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-otp1.fbcdn.net

Software

Resource Hash

45665e8a9e7c2d78b599ebc4bee081a6fd5757ec5ad2e004c17f02be1075522e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: zFqxt91fPr0rRgQo1T/GFg==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 137437
x-fb-rlafr: 0
x-fb-debug: qAn5gUcD0O9FKlwRqOeHBrSH1d8C5WIEwLSM5MyFh8H+EJYR1tLv/ZSdOUgJBnb/XBuIrgsrj7PjAJG4OkSgeg==
x-fb-trip-id: 1082456386
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 15 Sep 2022 02:33:41 GMT

GET
H3 200 cavalry_endpoint.php
www.facebook.com/common/ Frame AF7C 67 B
98 B 95ms
94ms Image
image/png 185.60.218.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1631683183441&t_start=1631683183441&t_domcontent=1631683183448&t_layout=1631683183566&t_onload=1631683183566&t_paint=1631683183566&t_creport=1631683183566&t_tti=1631683183448&lid=7008025910075695680-0

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-otp1.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/v2.3/plugins/share_button.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df32e4ee45d95104%26domain%3Dlifars.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flifars.com%252Fffc27efe3a97dc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F&layout=button_count&locale=en_US&sdk=joey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: br
x-content-type-options: nosniff
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com;frame-src *.facebook.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: no-cache
x-fb-debug: wBSVLGVercsxq7xmW8Wiox6sfX51/7wFXd5aKCyytl8RJEiQ41oYbQ6fbiTne1FUHSNuMfQFiAoJ9sCNQRwSXw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 15 Sep 2021 05:19:43 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 e.gif
new-collect.albacross.com/ 37 B
102 B 30ms
30ms Image
image/gif 54.76.212.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://new-collect.albacross.com/e.gif?s=WordPress-Plugin%2C1.3.1&s=JSCollector%2C3.1.1&e0=pageview_ping&ci0=d3e1ab8a-d564-9c40-a454-e1230a3bb401&v0=07fb4697-9291-b175-648d-bcf32f531184&p0=9e818c52-46d0-8a87-2340-aaf635ddb80f&u0=97beb0dc-11fd-04a3-210a-152a65747261&c0=89235105&t0=1631683182406&li0=1631683177901
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.212.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-212-32.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 49059d42ad3423fb9f04b2330cdce035e4d555aa9ea7a7ceae097de0c69be05d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:43 GMT
content-length: 37
content-type: image/gif

GET
H2 200 e.gif
new-collect.albacross.com/ 37 B
102 B 30ms
30ms Image
image/gif 54.76.212.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://new-collect.albacross.com/e.gif?s=WordPress-Plugin%2C1.3.1&s=JSCollector%2C3.1.1&e0=pageview_ping&ci0=d3e1ab8a-d564-9c40-a454-e1230a3bb401&v0=07fb4697-9291-b175-648d-bcf32f531184&p0=9e818c52-46d0-8a87-2340-aaf635ddb80f&u0=71c87a19-e013-f284-0fa4-c8655d9de9ab&c0=89235105&t0=1631683184658&li0=1631683177901
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.212.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-212-32.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 49059d42ad3423fb9f04b2330cdce035e4d555aa9ea7a7ceae097de0c69be05d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lifars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 05:19:46 GMT
content-length: 37
content-type: image/gif

GET e.gif
new-collect.albacross.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: new-collect.albacross.com
URL: https://new-collect.albacross.com/e.gif?s=WordPress-Plugin%2C1.3.1&s=JSCollector%2C3.1.1&e0=pageview_ping&ci0=d3e1ab8a-d564-9c40-a454-e1230a3bb401&v0=07fb4697-9291-b175-648d-bcf32f531184&p0=9e818c52-46d0-8a87-2340-aaf635ddb80f&u0=675a6a3b-f7bd-4e1a-8fde-9299b151089e&c0=89235105&t0=1631683192532&li0=1631683177901

Verdicts & Comments Add Verdict or Comment

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks	1970-01-22 21:57:35	Name: MicrosoftApplicationsTelemetryDeviceId Value: 670da9d8-8a99-2d34-f2b9-035c4d1a5261
lifars.com/2021/09/fbi-flash-alert-warns-on-onepercent-group-ransomware-attacks	1970-01-22 21:57:35	Name: MicrosoftApplicationsTelemetryFirstLaunchTime Value: 1631683178665
.lifars.com/	1970-01-19 23:24:19	Name: _gcl_au Value: 1.1.241330893.1631683178
.bing.com/	1970-01-20 06:36:19	Name: MUID Value: 025EBC8917CB66FB16B9AC3A168E6716
.lifars.com/	1970-01-20 14:45:55	Name: _ga Value: GA1.2.1075421864.1631683178
.lifars.com/	1970-01-19 21:16:09	Name: _gid Value: GA1.2.975010022.1631683178
.lifars.com/	1970-01-19 21:14:43	Name: _gat_gtag_UA_60073856_1 Value: 1
.lifars.com/	1970-01-19 21:14:43	Name: _gat Value: 1
.lifars.com/	1970-01-19 21:16:09	Name: _uetsid Value: 858d060015e411ec9b10e5e296bc7240
.lifars.com/	1970-01-20 06:36:19	Name: _uetvid Value: 858d0b2015e411ecb1ed1998f112ea36
lifars.com/	1970-01-20 06:00:19	Name: nQ_cookieId Value: d3e1ab8a-d564-9c40-a454-e1230a3bb401
lifars.com/	1970-01-19 21:14:44	Name: nQ_userVisitId Value: 07fb4697-9291-b175-648d-bcf32f531184
.twitter.com/	1970-01-20 14:45:55	Name: personalization_id Value: "v1_8uHvWKLQHCGL/7cOUl/yqQ=="
.lifars.com/	1970-01-19 23:24:19	Name: _fbp Value: fb.1.1631683178188.1017696572
.linkedin.com/	1970-01-19 21:57:55	Name: UserMatchHistory Value: AQJfbC0_TC9EIQAAAXvn5W83yFrwJ9cwkZv7_EKbDzFyJI_IYizcb64zmA7yK0AZekk3T9TtBi3dSg
.linkedin.com/	1970-01-19 21:57:55	Name: AnalyticsSyncHistory Value: AQJbia6emuvBXwAAAXvn5W83OlQbtr8oQ4dUYLJ5C8ck5jO3sqxwW6tC3MMyvOrGYj53uuamAEUeLpBG5lreyA
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 14:46:37	Name: bcookie Value: "v=2&1edcab1b-c9f4-4dac-80da-2a9020b252f1"
.linkedin.com/	1970-01-19 21:16:09	Name: lidc Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2098:u=1:x=1:i=1631683178:t=1631769578:v=2:sig=AQEx0u3NRr_yOwVpUw9KsCADj_ufUp5a"
.scorecardresearch.com/	1970-01-20 14:31:31	Name: UID Value: 14LSWEJY7LDXXPUKKZWDJHg1631683178
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 14:46:37	Name: bscookie Value: "v=1&20210915051938972dbf81-8bc4-4b03-8f42-9009867e567aAQHKcPfvS8Zdy55Dq75WUTYeuCQAQPYH"
.list-manage.com/	1970-01-20 06:00:19	Name: _abck Value: 9866E49F828C4A34D21ACC7F48489FDC~-1~YAAQtHp7XPX1EYV7AQAAynDl5wbt8QD5tzwKtQ9qIOfH+K735+5deg2kTRobDIOZmEcf8fVasJbwCiCeTT/uLppftFptowHJuYcrwz7g0nMrz51lf1SvXvu96oKOf5Rz1dWW3YkRZ/3TSNjRlAfyNlZ+tXxM/cfD4y7bkKfIVa9GZ4/i5s5s7PhpcRbugiFiJWDi/ROig+7i/UvxGWdPPw6aUwtwBb0tVkfAR60yEqi5hnwtE9DjOH3SXlGMXIhAL82kc73N/9buLoU7A7V6CqCc5d6tM0dfmZlv8FUcpmphCX0MVm8lC+ZEk0SuVki+8JWz84qIC4rErb99Pkwf/+yxW2pYgmYIj4k5e/unQAcKAhBVqq7Q6cT4su7mItANuw==~-1~-1~-1
.us9.list-manage.com/	1970-01-19 21:14:50	Name: ak_bmsc Value: 4E2F380C283087EBBE20C7F896C56199~000000000000000000000000000000~YAAQtHp7XPb1EYV7AQAAynDl5w0jdx7u5NAciuLoUvSHxRlcbJbO/vyGxTK7CJeFlbCyfmUWkHgyDtIz7G45Y8gHu/kYm+LZBqsfuDID+ARNMJgN+9Ir4mZjjfee5zyBDxORQURFgJorJk8DD/TO3JqcfXrNvAaO/FDUqvPEmdrITO31RJ5y6YQcACw/jSfB3pGF6EqBKcxQhN1cV4b4r+WRdhClaMLObgXmKiPlF1EOoDYtN8SYFS8XjTu0kshRN9iK0UmaVbzkM5uubaH2diWWWTBqzGYt44K1YowjktiuvkU7QORAQ/VKxrSxdv5doISDsXPhEqWJMAwSeYs5XLS4UrL8CcLXNwhopxgInnvAXdIGYy/0NOA5NAuQubTVsGlX1+s8Nm9e2Z4VEov31pcZEgY=
.list-manage.com/	1970-01-19 21:14:57	Name: bm_sz Value: 056441C3484EDDACB14CEF526DACEFE1~YAAQtHp7XPf1EYV7AQAAynDl5w2xtpVA7UbYeHwlYosxrlEbDo35hnmBZAmMQ16oeIuMU1QGlzsJ0NaSggQrEWRWBZn6JRsafd/d4rRrbDcKM3qroyq/LLawK8s3exwgU8+0Svo2sTj+JxahTEJeUIpKGaM8Yz24Sz/Q9xUqsadXJnuJBuajcKV7SAlKCs4w67U5XO9glX1QZsU0k5M5bIA9Fs16LfLs9pC40bExiaBiewCrARKPE6gr4WZbPzFUy5/nIeSDaSiUv+pH3sIt4QYBNEdDi6QOKfU4phwW5W8VKegxBtpe6A==~4407604~3687732
.doubleclick.net/	1970-01-19 21:14:44	Name: test_cookie Value: CheckForPermission

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	Message: Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.
network	error	URL: https://buttons.reddit.com/button_info.json?jsonp=buttonEmbed.parseSubmission&url=https%3A%2F%2Flifars.com%2F2021%2F09%2Ffbi-flash-alert-warns-on-onepercent-group-ransomware-attacks%2F Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.config.skype.com
analytics.twitter.com
assets.getpocket.com
assets.pinterest.com
assets.tumblr.com
bat.bing.com
browser.pipe.aria.microsoft.com
buttons.reddit.com
chimpstatic.com
connect.facebook.net
consent.cmp.oath.com
downloads.mailchimp.com
embed.tumblr.com
googleads.g.doubleclick.net
i0.wp.com
i1.wp.com
i2.wp.com
lifars.com
log.pinterest.com
mc.us9.list-manage.com
new-collect.albacross.com
pixel.wp.com
platform.linkedin.com
platform.twitter.com
px.ads.linkedin.com
px.srvcs.tumblr.com
sb.scorecardresearch.com
serve.albacross.com
snap.licdn.com
static.ads-twitter.com
static.xx.fbcdn.net
stats.g.doubleclick.net
stats.wp.com
swx.cdn.skype.com
syndication.twitter.com
t.co
widgets.getpocket.com
widgets.pinterest.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.reddit.com
new-collect.albacross.com
104.117.198.163
104.117.200.54
104.211.73.16
104.244.42.136
104.244.42.5
104.244.42.67
104.75.88.209
108.174.11.69
13.107.21.200
13.107.42.14
13.32.22.39
13.32.22.87
142.250.180.14
142.250.180.8
142.250.187.194
142.250.200.34
151.101.13.140
152.195.53.200
172.217.169.68
173.194.76.157
185.60.218.24
185.60.218.35
192.0.76.3
192.0.77.2
192.0.77.40
199.232.136.157
199.232.80.84
2.16.106.114
208.97.144.40
23.218.209.45
51.104.15.252
52.222.179.116
54.76.212.32
65.9.71.62
68.232.34.200
93.184.220.66
99.86.4.32
03ee9438bb4014edc93a5a2d3069f2371a5e2e35e24b79527ec019790bc270b5
05a45d93f91801ac5e17ac7191af256ca8af55f086788c8b38a8af5e94eb3068
06b34901b9ee1d57c9e0a37a7665c7aa77f6ab8b884cda5e8caad1c3f8b8c639
07442f2bc9e417e7e700d142493b5564d926d3b28a365632e87f9e0a1c992b70
0acfb99792103338e34645b65a7fb22e96e2440288250bb4b3828dcecc32ccea
0be7fdad9a5a06ae907e33aeb3254ab5786410045d1fbe878737e008e69dde32
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0fff0db327e0cb13141f67da5c2cb9cb950e135c18bbcf3c9b3d48181e12b99e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
149df2a43242f35804b8e953f3edfc266ca3631444559cdf5950473259b1c67f
16aa0dbb1edd73528575d50438700a8a4b81af02a8361fddab651cb26f88b869
18da17a7e007f25707e9d21e7ee3ae92969fc28e037757b3fbb15d61345cfa96
195a3d0f256509759fc4d0657facda1b2d0bc5feceaa955b49e73d9805f3fa4a
1e95bbe885ae3ff7043ba06629dc5d2700abc904dd4a991fc56b11a74cdf549a
2e6c1bf7dc5b45def8f7b17f91accb549c53c1199a38296801c6393741a9c395
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
3742b70cc47b32ad33ec82c11c352ad552f994392b08c48e542cde5b151b4df0
38fbe56978cc73ba5a5f8c85b360f71aca125c2cd850a3cd6c3683385e388702
398bfc9f9c02f7a58f98c56f5a22adcb4d92147ff182579440f53f337d870a8f
3aec2b233c010f1f2213ecf8360d509f3eeca34f69d162335aefa01fe0035e2f
3bbe9d873df06ac24c158445c3c98e4a0ab7836dc7cccccdc5df468cb223bf23
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ee8351e156e2e80d99018a585c18c0dbd9098e3bea84a131d8cbad1ec72c81e
3f1e9903258d266c9112d9c5158e90acf89b87f01b5919b45be7c9f797cb8afe
3fa54e29f88aee644eaaac38e11681ea07858eb1ea76b1baae12597aae83fe82
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
4022b5ef36894f1e2bcedab9a1574665218e7c0f05408ebe8e8ff689601088db
45665e8a9e7c2d78b599ebc4bee081a6fd5757ec5ad2e004c17f02be1075522e
49059d42ad3423fb9f04b2330cdce035e4d555aa9ea7a7ceae097de0c69be05d
4959e89463a9467fbd929f85e9d62b347dbb7c4fb1d42fda16561dda4acb84fe
4b20deb526b6f2f314c41572b34d823cb1051e2de5943b3f8ab42efb87011417
4c69c701fd3700fca10f8e6180c9f60f9af13c943ee7f1513f4b7709d8b75d72
54075f5b877a320dda87848acbd7adbbe8c5edf822956a897d38af3627bdb2c7
541605d613d8a5f18a310407038dc132487fe623ccfeb6d5a956faf5b191ff22
5458d5c2bd620635c13973f3f27492855e9e9650f14349ee319f0aa5bd059a3f
55a5396caf11b9897da61286ec53429a92e1ab6880967170ee86234f8247b956
57ceffbd01b7178beb5c5c2a063d71afb2b47a6f13c8a86fd6dcc093a6b59060
595e2f7c6f1d7189f77b8825127b148536b6e6d8c186bd3feacdc3955cbe3b3a
599d1e06f6a9ce3441a595b193c542e5d92e675e93b0a062d3b293d0ea5dfbf8
5aa869ba3a3f7a8883a0e6457ebaea6bb7c9069e296bdc166ce30431d318bb90
5b089a492f1878aa62adf1350f58cc82bd4c09baa0b86f088520bab03af30c6a
5bbeaa1c21f78fada497f6af46de4437362ac0dac831776eb92230fdaae27499
5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
610de300dd804d4192b8cde346227d34b64d5194ae1626ec7c4d5330c4030321
650e65709312c691110957b8a8cc1609ac7b5685f265e1e06f389d271da4fedf
6c5c6dca5d0b97a4346fd93db95a854e546e207f9827d72375e0c3b3c490a5e8
6db8f13cec3a790404fd5bca6adae8ae790eab9c8e6c89d5d6fb9fa2671564e2
70a18337b987c7639db9de27723cdb120997777f506cc3b419b055575ca9ff61
717a079466da86282255203ddb9f6faafb2bf0ca0bb23ecb539463b3f963bde4
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
7357876b292d434a5e5bbc1677f5c5250ad7b77d19c6c4dfe316144977293aea
73c5ac289371a4f5081c873006a85d3f9cfef10fb62c052836fe8c88ea422e9e
744eb6359f81a35112764e7e38aece5e56ddbb0d31fe3cb2a9e308fe98a90d66
75ad585dd9aeca2614593614f6fd317e98b267e6595ffc18e9675e1c744b7a03
79223f7f938bb3d29ff1ec0258ba5a446ab629c1248dca329f3e239b85fc318c
7c2a248c901ae688a4f9b377b4db8b75201b754d5c069934003d967e926bf134
7c8bee77a95fda9d0f22bab9ecf35eefe4b0eeba57ff8333a28b06481c8c0364
7e8ee8f9d56ca7e35629a7c16b9f1c09fbb1e7d19fe922833a2f4edec48bfeea
7ff8cc81ca4d0241c3de19701bb4b253af27d4d8282ca079428043ad01edda1a
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
859adbfc48bb0b06c58fe109db4909585fbca5df398d49185fc0f486bad1ac96
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
95143c7b094444bce13ebec37e70b530bf36fc88491acaa0490c3fb5d3b1b4b2
9d018524b4a7d18f3829cdfd2962fb2e7fdca215115fe30ef3d6365df408e06c
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a5feea0a78c0027e0565b6f0cb360b65e67d24c4300defb266fa9ff1dc89e4a1
a72ad54e640af3278a14244692e4e237c0ed5abe81e289c67f4552cdd6471698
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adf388e42c114b0aa19feeb9510a2a0cdf549c4774dfe770c2e2f4e122387a01
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b03baa47be12bb9ec2a6e8c34b70c77d93e4495479638e6d08af06760dea8f80
b2a78959284e4cb23c9e1b47f7b69d90e6a274a894652c58511e81192b5280b7
b732e23d085be49cda727e08676df1902200e23383ef7b32c84bd04d45e0f33c
bece213397fe5f546674ee29dd3f69ec2f2cc0e480e67f09dcc4c25c0d12a3d7
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c08c35c552b481fe913ad66c4f71e429ccd8ff9aadd726387f8fa2606c7d12c5
c2add862cd1ab69c3bef19cfe78427d13fd2f34991bd5272cc9b26a7a48c56b6
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
cdf3f88beb166e98d2656e957b247c886d1702027559a290e74a02d58d950c8c
d8da3044fd406caa2fe3fde7bbb11ef02d63f557790487968a24813c9298c3d5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfdb72efc57dccdb7a16cf417adb4d97fa3238860265b354e6e8a3799789a217
e2d84e6a462105e079059bda163a5e23e9b326ad0cb42e2fef52ecf08e20a92e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb45ee553189cf4c83cb0c28f72ef41fac54359207c0a08475267ce2e6344fef
eda1204e38d1e54a68729fd3b1abb25ef0a989b822ace2b7580b8b2ea898b06e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f34a3b4eedd90e339b0f6fd7f84e0b4545e7d32272235472dfd21c4bae21c52e
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4ea8fdaa8cf7d780d60fc5e2c5980f7de2093f80b1b9bea84b06f8bd990426e
f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f845e3aa4da8aff378789d49c35593ae96dd0a807470ada3dea84d14d4630be1
f8d51b013f41e8f5712f8b78988ae8d897d355c0aaa906dd5785949f26c572c6
f9234615aeb87efb6248b57ef68b317531da86a1fa373753325757c491158660
f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3
ff1ba4069a3a0f2327b2cd2659d811dc8c38286a8e3e47a7d68736d89d0a3779
ff4d0997c2e50c36a602155ee870eb629e5847f610923d45889f4bea0147d16c
ffa9005d5fc8c04baa86f5e1d759c0873c88e32a9164e1b8ce87802ea3aa2c46

lifars.com Open in urlscan Pro 208.97.144.40 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

118 Requests

99 %HTTPS

0 %IPv6

28 Domains

45 Subdomains

37 IPs

7 Countries

1526 kBTransfer

4142 kBSize

26 Cookies

8 Outgoing links

Redirected requests

118 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

lifars.com Open in urlscan Pro
208.97.144.40 Public Scan

Screenshot
Live screenshot

Full Image

118
Requests

99 %
HTTPS

0 %
IPv6

28
Domains

45
Subdomains

37
IPs

7
Countries

1526 kB
Transfer

4142 kB
Size

26
Cookies

118 HTTP transactions
5 data transactions