www.infosecurityfactory.nl Open in urlscan Pro
104.21.80.219 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
Submission: On October 16 via api (October 16th 2021, 5:45:51 am UTC) from GB — Scanned from DE

Summary HTTP 86 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 8 domains to perform 86 HTTP transactions. The main IP is 104.21.80.219, located in and belongs to CLOUDFLARENET, US. The main domain is www.infosecurityfactory.nl.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 17th 2021. Valid for: a year.

This is the only time www.infosecurityfactory.nl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	104.21.80.219 104.21.80.219	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.18.225.52 104.18.225.52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	93.184.220.66 93.184.220.66	15133 (EDGECAST) (EDGECAST)
2	142.250.185.104 142.250.185.104	15169 (GOOGLE) (GOOGLE)
2	185.60.216.19 185.60.216.19	32934 (FACEBOOK) (FACEBOOK)
3	142.250.185.142 142.250.185.142	15169 (GOOGLE) (GOOGLE)
1	157.240.20.35 157.240.20.35	32934 (FACEBOOK) (FACEBOOK)
1 2	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
39	192.229.233.50 192.229.233.50	15133 (EDGECAST) (EDGECAST)
2	152.199.21.140 152.199.21.140	15133 (EDGECAST) (EDGECAST)
86	11

25 104.21.80.219 (None, )

ASN13335 (CLOUDFLARENET, US)

www.infosecurityfactory.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.225.52 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.60.216.19 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frx5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.20.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frt3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.136 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 192.229.233.50 (Los Angeles, United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.199.21.140 (United States)

ASN15133 (EDGECAST, US)

ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	twimg.com cdn.syndication.twimg.com pbs.twimg.com ton.twimg.com	1 MB
25	infosecurityfactory.nl www.infosecurityfactory.nl	374 KB
9	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	214 KB
4	onesignal.com cdn.onesignal.com onesignal.com	82 KB
3	google-analytics.com www.google-analytics.com	20 KB
2	facebook.net connect.facebook.net	78 KB
2	googletagmanager.com www.googletagmanager.com	79 KB
1	facebook.com www.facebook.com	2 KB
86	8

	Domain	Requested by
38	pbs.twimg.com	platform.twitter.com
25	www.infosecurityfactory.nl	www.infosecurityfactory.nl
7	platform.twitter.com	www.infosecurityfactory.nl platform.twitter.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	ton.twimg.com	platform.twitter.com
2	syndication.twitter.com	1 redirects platform.twitter.com
2	onesignal.com	cdn.onesignal.com
2	connect.facebook.net	www.infosecurityfactory.nl connect.facebook.net
2	www.googletagmanager.com	www.infosecurityfactory.nl www.googletagmanager.com
2	cdn.onesignal.com	www.infosecurityfactory.nl cdn.onesignal.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	www.facebook.com	connect.facebook.net
86	12

This site contains links to these domains. Also see Links.

Domain
www.trustwave.com
threatpost.com
attendee.gotowebinar.com
api.follow.it
www.facebook.com
twitter.com
www.linkedin.com
api.whatsapp.com
shop.ledger.com
www.ellipal.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-17` - `2022-09-16`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
Frame ID: F0D70CDEB82B52ECA443C6ECA9DF059C
Requests: 43 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.58065ae230495f5d9e4b6a916472b2c1.html?origin=https%3A%2F%2Fwww.infosecurityfactory.nl
Frame ID: 6783A331D2678F843233105A16237CC8
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2b0eb4839a6da4%26domain%3Dwww.infosecurityfactory.nl%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.infosecurityfactory.nl%252Ff13db5405ce3538%26relation%3Dparent.parent&container_width=64&href=https%3A%2F%2Fwww.infosecurityfactory.nl%2Fransomware%2Fwindows-update-installs-cyborg-ransomware-threatpost&layout=button&locale=en_US&sdk=joey&share=true&show_faces=false
Frame ID: ECF2A8366CF1D3DBD8096AA56481B6A9
Requests: 1 HTTP requests in this frame

Frame: https://pbs.twimg.com/card_img/1447709571989098503/5h3YxdIk?format=jpg&name=600x314
Frame ID: B4414050A1484C4BB92FD312530CB2B7
Requests: 44 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: CFB755FD9F8C6D4DBAE9F2BD6446BD36
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

'Windows Update' Installs Cyborg Ransomware | Threatpost -

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

86
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

12
Subdomains

11
IPs

4
Countries

2319 kB
Transfer

3986 kB
Size

10
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/fake-windows-update-spam-leads-to-cyborg-ransomware-and-its-builder/
Title: a blog post

Search URL Search Domain Scan URL

URL: https://threatpost.com/ransomware-attack-downs-hosting-service-smarterasp-net/150072/
Title: SmarterASP.NET

Search URL Search Domain Scan URL

URL: https://attendee.gotowebinar.com/register/3127445778613605890?source=post
Title: Threatpost webinar

Search URL Search Domain Scan URL

URL: https://threatpost.com/windows-update-cyborg-ransomware/150407/
Title: here

Search URL Search Domain Scan URL

URL: https://api.follow.it/widgets/icon/SkR6YTd2UWlpK0hONmRQOWtGQmE1UzJCSkpJQ2tKOHJrVlVadk8zZXQyalN4Ti9qWkpZNXhqWTRiOHVGV3ZWa1hidzZkeGphME5ucUNRSERSYWZQR2ZpNzhxY21GZ21UaGRoWUlQMUN1emVHS1o4OTlYd0ttK3pNY0diNHhvUEh8VjgrYVJRVkVyeXQrT2V2MGJFSlBYZlpzYkJ4bytqVGNUTzNaQlFOdnRjbz0=/OA==/
Title: <img data-pin-nopin='true' alt='Follow by Email' title='Follow by Email' src='https://www.infosecurityfactory.nl/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/shaded_dark/shaded_dark_email.png' width='40' height='40' style='' class='sfcm sfsi_wicon ' data-effect='' />

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.infosecurityfactory.nl%2Fransomware%2Fwindows-update-installs-cyborg-ransomware-threatpost
Title: <img class='sfsi_wicon' data-pin-nopin='true' width='auto' height='auto' alt='fb-share-icon' title='Facebook Share' src='https://www.infosecurityfactory.nl/wp-content/plugins/ultimate-social-media-icons/images/visit_icons/fbshare_bck.png' />

Search URL Search Domain Scan URL

URL: https://twitter.com/infosecfactory
Title: <img data-pin-nopin='true' alt='Twitter' title='Twitter' src='https://www.infosecurityfactory.nl/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/shaded_dark/shaded_dark_twitter.png' width='40' height='40' style='' class='sfcm sfsi_wicon ' data-effect='' />

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/user?screen_name=infosecfactory
Title: <img data-pin-nopin= true width="auto" src="https://www.infosecurityfactory.nl/wp-content/plugins/ultimate-social-media-icons/images/visit_icons/en_US_Follow.svg" class="sfsi_wicon" alt="Follow Me" title="Follow Me" style="opacity: 1;" />

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Hey%2C+check+out+this+cool+site+I+found%3A+www.infosecurityfactory.nl+%23cybersecurity+%23security+%23crypto+%23cryptocurrency+%23xrp+%23bitcoin+via%40infosecfactory+https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost
Title: <img data-pin-nopin= true width='auto' class='sfsi_wicon' src='https://www.infosecurityfactory.nl/wp-content/plugins/ultimate-social-media-icons/images/visit_icons/en_US_Tweet.svg' alt='Tweet' title='Tweet' >

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?url=https%3A%2F%2Fwww.infosecurityfactory.nl%2Fransomware%2Fwindows-update-installs-cyborg-ransomware-threatpost
Title: <img class="sfsi_wicon" data-pin-nopin= true alt="Share" title="Share" src="https://www.infosecurityfactory.nl/wp-content/plugins/ultimate-social-media-icons/images/visit_icons/lnkdin_share_bck.png">

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
Title: <img data-pin-nopin='true' alt='WhatsApp' title='WhatsApp' src='https://www.infosecurityfactory.nl/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/shaded_dark/shaded_dark_whatsapp.png' width='40' height='40' style='' class='sfcm sfsi_wicon ' data-effect='' />

Search URL Search Domain Scan URL

URL: https://shop.ledger.com/?r=9d801f91421e
Title: <img class="alignnone wp-image-583" src="https://www.infosecurityfactory.nl/wp-content/uploads/2021/10/ledger-logo-300x87.png" alt="" width="190" height="55" />

Search URL Search Domain Scan URL

URL: https://www.ellipal.com/?rfsn=6138452.879f90
Title: <img class="alignnone wp-image-590" src="https://www.infosecurityfactory.nl/wp-content/uploads/2021/10/15350035581-副本-300x137.png" alt="" width="189" height="86" />

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

86 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/ 135 KB
25 KB 840ms
804ms Document
text/html 104.21.80.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.80.219 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.22
Resource Hash: 76e69fdaf0888ad20f56a8918f819f6fc0dcd171b6342e10fb345e85549fb03f

Request headers

:method: GET
:authority: www.infosecurityfactory.nl
:scheme: https
:path: /ransomware/windows-update-installs-cyborg-ransomware-threatpost/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 16 Oct 2021 05:45:45 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.22
x-pingback: https://www.infosecurityfactory.nl/xmlrpc.php
link: <https://www.infosecurityfactory.nl/wp-json/>; rel="https://api.w.org/", <https://www.infosecurityfactory.nl/wp-json/wp/v2/posts/3085>; rel="alternate"; type="application/json", <https://www.infosecurityfactory.nl/?p=3085>; rel=shortlink
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UtrB04hwK9f7mL3dfoVG%2BuwHeM%2FtsuFEp9imFpkJaIQxTMsadrNn%2FGs9i9ovfUc5a9lBpgiVY3NRxzsuFw%2BqenDxJmfflKYEuBiwwuLA76wW0Grs2Xi%2B2FtsWUcKymjAG8ZoaR5hemyvE5Mq9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69eefb998ecaee2f-CDG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 main.min.css
www.infosecurityfactory.nl/wp-content/themes/astra/assets/css/minified/ 41 KB
9 KB 98ms
83ms Stylesheet
text/css 104.21.80.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.infosecurityfactory.nl/wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.7.3
Requested by: Host: www.infosecurityfactory.nl
URL: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.80.219 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a5458d292209b9d7a1efdbe049554423a45b51a07a3acc8deacc9f4c4803286

Request headers

:path: /wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.7.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.infosecurityfactory.nl
referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 25 Sep 2021 12:09:42 GMT
server: cloudflare
etag: W/"a51f-5ccd0bd277fff-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D8zgyu18tD3IgNZ6bHPenPZl3OSRmQuHVFQ3nUUbegBxAb07AXpbwqWj3wzPbFsHBl2IBonxngHJbN4YF5ttnIWBHS9DTCJRopbYmgcFiQX6DjnSGO0oMQj028DgE77yHuokX%2B1q5WwE7p2NsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69eefb9eb900ee2f-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 style.min.css
www.infosecurityfactory.nl/wp-includes/css/dist/block-library/ 79 KB
11 KB 108ms
88ms Stylesheet
text/css 104.21.80.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.infosecurityfactory.nl/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
Requested by: Host: www.infosecurityfactory.nl
URL: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.80.219 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.infosecurityfactory.nl
referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 01 Sep 2021 04:05:58 GMT
server: cloudflare
etag: W/"13abe-5cae72efad580-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49ek%2B4xu5uY2RKOCtHEp23WbVn3zt%2BwaIwcjyLP3AMHAP34ZuxYdse%2FszGIddSkyICkX1UYHL0HQ3WTpwEkjMeFZTZQSZ1I6nHbEYFrAdTvR0onTIRjXp0Ny7jV%2F8kV9LEA6mXdcGbLzei%2BZQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69eefb9ec904ee2f-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 main.css
www.infosecurityfactory.nl/wp-content/plugins/contentstudio/_inc/ 377 B
736 B 108ms
89ms Stylesheet
text/css 104.21.80.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.infosecurityfactory.nl/wp-content/plugins/contentstudio/_inc/main.css?ver=1.0.0
Requested by: Host: www.infosecurityfactory.nl
URL: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.80.219 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e049ce4c1d789ff7e67463735729523202a9628f622462aad8ec25c681c68cb4

Request headers

:path: /wp-content/plugins/contentstudio/_inc/main.css?ver=1.0.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.infosecurityfactory.nl
referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sun, 10 Oct 2021 03:09:24 GMT
server: cloudflare
etag: W/"179-5cdf6f07e7ac8-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6OUXFsX%2Bume9QJJZxBFEvFuTmOvFP54Vs9zTPukrbnRyQAmsS6W4stCNtoR1wJu2Aj1sO8449n9K4SSAZ639dsye4HYMffNvbF0vUXx0SNYlyWRM7anPN7pyLxB3I4H2hUHQ0wQSQdeFOBbgTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69eefb9ed908ee2f-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 cookie-law-info-public.css
www.infosecurityfactory.nl/wp-content/plugins/cookie-law-info/public/css/ 3 KB
1 KB 94ms
78ms Stylesheet
text/css 104.21.80.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.infosecurityfactory.nl/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.0.6
Requested by: Host: www.infosecurityfactory.nl
URL: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.80.219 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8fa20af264fcdd99621fc4e3a770927452b0fe382599e0d890a3bfa31152f80

Request headers

:path: /wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.0.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.infosecurityfactory.nl
referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 02 Oct 2021 05:44:46 GMT
server: cloudflare
etag: W/"c25-5cd582d741644-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSJK%2B%2FxQPASWB%2B2q3O%2FPf8qjfNZP3baAR7a3v1cxbYWlo%2FCLAET8snxcfPDxZlkUbFFpJx59KTfrwlbsT2c8zuhIH9Lwa0YfEb2Zf71UehGQwqvPjn3TT2ogERdICFwLvyraN4TnLAgjaWa05g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69eefb9ed90cee2f-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 cookie-law-info-gdpr.css
www.infosecurityfactory.nl/wp-content/plugins/cookie-law-info/public/css/ 28 KB
5 KB 105ms
90ms Stylesheet
text/css 104.21.80.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.infosecurityfactory.nl/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.0.6
Requested by: Host: www.infosecurityfactory.nl
URL: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.80.219 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1523ddaa632d195a1240668fb5c6870519e3cdfeabd5a346141bcbb03222e2e7

Request headers

:path: /wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.0.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.infosecurityfactory.nl
referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 02 Oct 2021 05:44:46 GMT
server: cloudflare
etag: W/"7045-5cd582d741644-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v4JUIfjcmy%2FER6AG7oZhIsvRVL%2BI%2FXBLuKkLIyAWFtJIWUuT4dSUwdDWJCPAjE%2BIm0njaWP9NSk0g9a4ObPSpQfVqRRA7JxKBmAVQBt36nao5FL1ck2LxI56Zb9anEDhu0qkjhJzKeUmIWlqmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69eefb9ed90eee2f-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 sfsi-style.css
www.infosecurityfactory.nl/wp-content/plugins/ultimate-social-media-icons/css/ 73 KB
13 KB 125ms
111ms Stylesheet
text/css 104.21.80.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.infosecurityfactory.nl/wp-content/plugins/ultimate-social-media-icons/css/sfsi-style.css?ver=5.8.1
Requested by: Host: www.infosecurityfactory.nl
URL: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.80.219 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 275785354056321f622bfbdc7907492605d4c9362e0117a8bf5c7de6480da71c

Request headers

:path: /wp-content/plugins/ultimate-social-media-icons/css/sfsi-style.css?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.infosecurityfactory.nl
referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 14 Sep 2021 06:17:08 GMT
server: cloudflare
etag: W/"1240a-5cbee8801f256-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T1kB7Ig2WkrZg0jzbh5Je8V7Hw8OmlERUsCCNQWZh2dUkYFl5zypMjklDnfM9pw8wH2hTqZ9YRdf6fhjpBtNBh8XdHvrheu7PSqAScdAzn02MRHa8oDmGpj%2FXEUybGzW%2BN8gzjsZjjh4N%2FV9ZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69eefb9ed911ee2f-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 style.min.css
www.infosecurityfactory.nl/wp-content/plugins/easy-table-of-contents/vendor/icomoon/ 438 B
499 B 114ms
99ms Stylesheet
text/css 104.21.80.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.infosecurityfactory.nl/wp-content/plugins/easy-table-of-contents/vendor/icomoon/style.min.css?ver=2.0.17
Requested by: Host: www.infosecurityfactory.nl
URL: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.80.219 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b88fca268e1352a0922f301c6b88f0499606c01faa8d0718de11a8153a5edc3a

Request headers

:path: /wp-content/plugins/easy-table-of-contents/vendor/icomoon/style.min.css?ver=2.0.17
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.infosecurityfactory.nl
referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sun, 26 Sep 2021 07:35:54 GMT
server: cloudflare
etag: W/"1b6-5cce107d0427f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJiiAuTAPj0LCLcxSF0%2FO06mjvVW%2FVffRjyeR8F5t3zNwpAJRwgFxfNMzA%2F2hmWrDLjPjyqH0rGMng27V4mtDsr8kWFWyZsTxYFHfSNvlHiiZg7P0Xi%2FiXzTctzxouJ9TAmYcQfAO16DGhBD4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69eefb9ed912ee2f-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 screen.min.css
www.infosecurityfactory.nl/wp-content/plugins/easy-table-of-contents/assets/css/ 5 KB
2 KB 104ms
89ms Stylesheet
text/css 104.21.80.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.infosecurityfactory.nl/wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=2.0.17
Requested by: Host: www.infosecurityfactory.nl
URL: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.80.219 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22af5d3bf749542c2d95975186991b7b8c1e0766449c3fdeab55d57eb0d1ffdc

Request headers

:path: /wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=2.0.17
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.infosecurityfactory.nl
referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sun, 26 Sep 2021 07:35:54 GMT
server: cloudflare
etag: W/"13ef-5cce107d02ef7-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=opw8x0N%2BHrcbpbsgkhW07hK%2FIllG1zNbewqnY4%2BM8ZJhRUCcyhrr35WACkOIcT2eNL0CI9guJF41Sa4EbbN5SS31nCkYVvhn2ERzzmLgAjzzrobCjDDLcfUSfjfJbJwt%2BxPOgaS4TJFJM2kTdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69eefb9ed913ee2f-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 cookie-law-info-table.css
www.infosecurityfactory.nl/wp-content/plugins/cookie-law-info/public/css/ 6 KB
2 KB 92ms
78ms Stylesheet
text/css 104.21.80.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.infosecurityfactory.nl/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-table.css?ver=2.0.6
Requested by: Host: www.infosecurityfactory.nl
URL: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.80.219 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c637118647db8d74b6e583059b4534d627125e1075ae3cae2ac66fb9953783f8

Request headers

:path: /wp-content/plugins/cookie-law-info/public/css/cookie-law-info-table.css?ver=2.0.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.infosecurityfactory.nl
referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 02 Oct 2021 05:44:46 GMT
server: cloudflare
etag: W/"1839-5cd582d741644-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FM64DuzG8vIg6p96p%2FgQymp3ETbX6lwL1vF4RWg0M8Ob2U7P16KwUi9AqViAGY8g73X3rcJuekTPJPR7SDL2zlaEACID2IenprpHrbN5rRFMgXypoCaMZDjJFTO2PsawQGRBL8J2Ap2Wlgbp2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69eefb9ed914ee2f-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 rocket-loader.min.js Show response
www.infosecurityfactory.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 30ms
16ms Script
application/javascript 104.21.80.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.infosecurityfactory.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.infosecurityfactory.nl
URL: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.80.219 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.infosecurityfactory.nl
referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 10:17:24 GMT
server: cloudflare
etag: W/"6166b234-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gnV9Rj1RkOJzj9vhHQ5lugzrcVvHeJ2j415ko%2FWCyaVN0SSxSnsfOTSsNmEyDmw5jaSd7EiCkh4DKdKsTAi8LvFlcHUg%2FGttHQ%2FizvN3hUzWYvwdnL84iQ921GDaCbz4ADMyjb0%2BrVC2uT3uyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69eefb9ed915ee2f-CDG
vary: Accept-Encoding
expires: Mon, 18 Oct 2021 05:45:46 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 40ms
13ms Script
application/javascript 104.18.225.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8.1
Requested by: Host: www.infosecurityfactory.nl
URL: https://www.infosecurityfactory.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.225.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 460
etag: W/"cf0cbe7aadaadd0a12673a93ac7780e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 69eefb9fc9ad21bd-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 19 Oct 2021 05:45:46 GMT

GET
H3 200 wp-embed.min.js Show response
www.infosecurityfactory.nl/wp-includes/js/ 1 KB
1 KB 84ms
83ms Script
application/javascript 104.21.80.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.infosecurityfactory.nl/wp-includes/js/wp-embed.min.js?ver=5.8.1
Requested by: Host: www.infosecurityfactory.nl
URL: https://www.infosecurityfactory.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.80.219 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.infosecurityfactory.nl
referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: cloudflare
etag: W/"592-5b83cfce57d00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RhsgOQYhoEr8Wk2OGH1vOlRJUu00eMcl8A1lNMtGynUepDzdg%2FlyR%2B8fhzDGjv9G%2FV4RZ1vo7C8wi2E0Qn1P%2BfZNM9vWYeXcKu0j%2FpU8coO45OAeRAXtKIE5AeFgPjGYov86hKVlTpqPJv5pDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69eefb9f9ee1a8d9-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 smush-lazy-load.min.js Show response
www.infosecurityfactory.nl/wp-content/plugins/wp-smushit/app/assets/js/ 8 KB
4 KB 85ms
84ms Script
application/javascript 104.21.80.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.infosecurityfactory.nl/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.9.0
Requested by: Host: www.infosecurityfactory.nl
URL: https://www.infosecurityfactory.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.80.219 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce

Request headers

:path: /wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.9.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.infosecurityfactory.nl
referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 14 Sep 2021 06:16:50 GMT
server: cloudflare
etag: W/"1ef2-5cbee86f83a8a-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wwePf3rW2F3IpJ2KwQWqWx2NLVi%2FcQFn%2FDXyU153VCUDdQuyiKTYZMDxnFCMkBh%2FSJwHFCUg3f2KK2HNrFeSP3p7ShdwvydLcr0o3kmW%2BF5rzhvmZEIA1exOULkLvpqyOANQwPyMECg2QHyQ9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69eefb9f9ee2a8d9-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 custom.js Show response
www.infosecurityfactory.nl/wp-content/plugins/ultimate-social-media-icons/js/ 28 KB
6 KB 86ms
85ms Script
application/javascript 104.21.80.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.infosecurityfactory.nl/wp-content/plugins/ultimate-social-media-icons/js/custom.js?ver=5.8.1
Requested by: Host: www.infosecurityfactory.nl
URL: https://www.infosecurityfactory.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.80.219 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c68af0dbc56215457de6d384773a246b02ea2bb7036c452248bf536149933eef

Request headers

:path: /wp-content/plugins/ultimate-social-media-icons/js/custom.js?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.infosecurityfactory.nl
referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 14 Sep 2021 06:17:08 GMT
server: cloudflare
etag: W/"71fc-5cbee88023c8e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5jmyv69oG8to8Nj6MUq5B%2BeWRXn6nZgdjrV5hUVJhyN9VKGTdjbyPt6CDfg2ZuUO8DwUm8S8cCezDAqYb1I%2FmTRYIk2ZevIiHBq9WkLmClmyH4oSQ%2BnWgZEshvOWGcwL%2BPX23Gl7ibZdQ%2BX2Jw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69eefb9f9ee3a8d9-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 random-shuffle-min.js Show response
www.infosecurityfactory.nl/wp-content/plugins/ultimate-social-media-icons/js/shuffle/ 1 KB
1 KB 101ms
101ms Script
application/javascript 104.21.80.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.infosecurityfactory.nl/wp-content/plugins/ultimate-social-media-icons/js/shuffle/random-shuffle-min.js?ver=5.8.1
Requested by: Host: www.infosecurityfactory.nl
URL: https://www.infosecurityfactory.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.80.219 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8577be08e13d868781746fd18e27a2d95ee4658c33221ec7659ece82d4d31463

Request headers

:path: /wp-content/plugins/ultimate-social-media-icons/js/shuffle/random-shuffle-min.js?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.infosecurityfactory.nl
referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 14 Sep 2021 06:17:08 GMT
server: cloudflare
etag: W/"5c0-5cbee88024076-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ey2pNjxNBDue8rrHLrtHKbcKQwc1TIavEglwhR2ZWgWOikcFGpqcGChMtjE3zR8gkPnyijNOqqmCFcFB0aNHICTI4x%2Bi5%2BeJ6TU4RRphr0d%2BFH31KPZ%2FUeAVk2KdlT3LE59nPkfn2P29uaIqQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69eefb9f9ee4a8d9-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 jquery.shuffle.min.js Show response
www.infosecurityfactory.nl/wp-content/plugins/ultimate-social-media-icons/js/shuffle/ 11 KB
5 KB 101ms
101ms Script
application/javascript 104.21.80.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.infosecurityfactory.nl/wp-content/plugins/ultimate-social-media-icons/js/shuffle/jquery.shuffle.min.js?ver=5.8.1
Requested by: Host: www.infosecurityfactory.nl
URL: https://www.infosecurityfactory.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.80.219 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c5e10b3496ff844faf3e2d032e243d4a366a5cbc95ad7bef5dd924322e31b3a

Request headers

:path: /wp-content/plugins/ultimate-social-media-icons/js/shuffle/jquery.shuffle.min.js?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.infosecurityfactory.nl
referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 14 Sep 2021 06:17:08 GMT
server: cloudflare
etag: W/"2cdc-5cbee88024076-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H8YxpeYKvkPwpKyfHdcNM3IYQxkGNZ7zvas3bYUvydYE8GuHoHpj7f8FvrnntvccF2QcKivKuShHjQnWKEii0Q1nQgzRGtaB3TG6kXuol%2FNtp7EzrswEPQFA2Vszn4YtNmDwJWDNHLoN9zD6AQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69eefb9f9ee5a8d9-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 modernizr.custom.min.js Show response
www.infosecurityfactory.nl/wp-content/plugins/ultimate-social-media-icons/js/shuffle/ 3 KB
2 KB 102ms
101ms Script
application/javascript 104.21.80.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.infosecurityfactory.nl/wp-content/plugins/ultimate-social-media-icons/js/shuffle/modernizr.custom.min.js?ver=5.8.1
Requested by: Host: www.infosecurityfactory.nl
URL: https://www.infosecurityfactory.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.80.219 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29c7ceffe2b367039ee6eb32a7334e2a9131654cdbdaf57a5431d909f69d1cab

Request headers

:path: /wp-content/plugins/ultimate-social-media-icons/js/shuffle/modernizr.custom.min.js?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.infosecurityfactory.nl
referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 14 Sep 2021 06:17:08 GMT
server: cloudflare
etag: W/"c11-5cbee88024076-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dIBUsyqQ9LMPPQ%2FGTwg4gHw7zVI904lzTsXjvMV5muTMjwkVZqqotLxSnW%2BJS3%2F5%2BZwa12%2BgFKwXEpDcPtFxdgFyvekQXzefYSeDAaRC%2FJr7gVEaGAxgfzUBXhHpzMZ2W7BrpLHHU8CgCOL4VA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69eefb9f9ee6a8d9-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 core.min.js Show response
www.infosecurityfactory.nl/wp-includes/js/jquery/ui/ 20 KB
7 KB 97ms
96ms Script
application/javascript 104.21.80.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.infosecurityfactory.nl/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
Requested by: Host: www.infosecurityfactory.nl
URL: https://www.infosecurityfactory.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.80.219 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e

Request headers

:path: /wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.infosecurityfactory.nl
referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 18 Mar 2021 17:48:23 GMT
server: cloudflare
etag: W/"5133-5bdd334ac27c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZOZHg8bVBTOqMRTQ5ih2TPOs34z1UYB3HUY1FXUz5XKu56BuE1W52sVRY5yUqdL8sMwaMoALs67zszSB8oMq3ddTrJVUSd6lfJ2nOq%2FILRp9DCLGAP0CqQQDbcIEriyCSEJADQGxaNoyQpeRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69eefb9f9ee7a8d9-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 frontend.min.js Show response
www.infosecurityfactory.nl/wp-content/themes/astra/assets/js/minified/ 15 KB
4 KB 112ms
111ms Script
application/javascript 104.21.80.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.infosecurityfactory.nl/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.7.3
Requested by: Host: www.infosecurityfactory.nl
URL: https://www.infosecurityfactory.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.80.219 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e825dcae80c4327d3b66ef0adcd95740da571db0addf77798b1f1ac8fb9f58dd

Request headers

:path: /wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.7.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.infosecurityfactory.nl
referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 25 Sep 2021 12:09:42 GMT
server: cloudflare
etag: W/"3c5b-5ccd0bd27a327-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lehiGPRsfs6ZHfHjMaHNuzDcE2OteUJhg5tuXGTN3b2NMq7Ws56WdIbEp00DoffdJhNocOLMGGAvFXTPbsQo0%2BjB9Y%2Fb50DH6hGbgIUya9tDxfpsF6C9SHfYW4GxZ67qnz40izRVToh7tpyS7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69eefb9f9ee8a8d9-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 comment-reply.min.js Show response
www.infosecurityfactory.nl/wp-includes/js/ 3 KB
2 KB 127ms
126ms Script
application/javascript 104.21.80.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.infosecurityfactory.nl/wp-includes/js/comment-reply.min.js?ver=5.8.1
Requested by: Host: www.infosecurityfactory.nl
URL: https://www.infosecurityfactory.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.80.219 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

:path: /wp-includes/js/comment-reply.min.js?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.infosecurityfactory.nl
referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 18 Mar 2021 17:48:23 GMT
server: cloudflare
etag: W/"ba8-5bdd334ac27c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NVYUtsW9pD%2B%2Fht%2BcR%2B9CDBpeZTY7CKiC%2BEL3Pr9Bytvyx%2BwCKbyQjAa3RbFbCcxVorhrg4oBkLzLVWka7LK8eTGRcUP6t2IwXv%2FxcphQen0At1IuRZwJuxcNL60y%2FBFNkkqKo49nkiwppci4dw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69eefb9f9ee9a8d9-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 44ms
8ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.infosecurityfactory.nl
URL: https://www.infosecurityfactory.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6724) /
Resource Hash: cfd3099998b0c37ace8024cbd802160585ba9be1c0047fefc172035184f074df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 16 Oct 2021 05:45:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Sep 2021 19:09:26 GMT
Server: ECS (frb/6724)
Age: 904
Etag: "f9ab884058c9d8de47075baa622f0e7e+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28869

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 95 KB
38 KB 94ms
45ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-207888518-1

Requested by

Host: www.infosecurityfactory.nl
URL: https://www.infosecurityfactory.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

fa1fbf0c3094582f68127fc9e86b8f937442f435984e13935acf856b38e6b057

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38545
x-xss-protection: 0
last-modified: Sat, 16 Oct 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 16 Oct 2021 05:45:46 GMT

GET
H3 200 cookie-law-info-public.js Show response
www.infosecurityfactory.nl/wp-content/plugins/cookie-law-info/public/js/ 34 KB
9 KB 98ms
97ms Script
application/javascript 104.21.80.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.infosecurityfactory.nl/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.0.6
Requested by: Host: www.infosecurityfactory.nl
URL: https://www.infosecurityfactory.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.80.219 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7739eefcdee8afcb00fbe9a35cc795fff0cff7092b10d56c4190484d42892433

Request headers

:path: /wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.0.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.infosecurityfactory.nl
referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 02 Oct 2021 05:44:46 GMT
server: cloudflare
etag: W/"8960-5cd582d741644-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tQc7PyPZj6MWxXyRpz0MyOxh3QdKVto7KnNHUcTMigwCSf%2Fkv2EBYCgR8fFXjUh%2FPT5CL9XlzwLySoaAa1eFQioLo7rbe4YnnNwRW3PAwSYBznA0Fg62%2FjwqxDHn1Lcs68wdjXrxy5kxg8I5Hg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69eefb9f9eeaa8d9-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 jquery-migrate.min.js Show response
www.infosecurityfactory.nl/wp-includes/js/jquery/ 11 KB
5 KB 127ms
126ms Script
application/javascript 104.21.80.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.infosecurityfactory.nl/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.infosecurityfactory.nl
URL: https://www.infosecurityfactory.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.80.219 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.infosecurityfactory.nl
referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: cloudflare
etag: W/"2bd8-5b45debe27b80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RMy3WX1FZSEOoma%2FYnL1E7jRU4HWshwz7WyHjdhITVjfo%2B%2FLE3Gy5VSGrhe9S%2Bs3oYMupNu8vHW4D8nKR0FvPeuOG9UdfG5BGOPecUBYycEGhpSKH2jsmBsubxFUejCMka%2FC54JMNQeFW9puSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69eefb9f9eeba8d9-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 jquery.min.js Show response
www.infosecurityfactory.nl/wp-includes/js/jquery/ 87 KB
32 KB 127ms
127ms Script
application/javascript 104.21.80.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.infosecurityfactory.nl/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.infosecurityfactory.nl
URL: https://www.infosecurityfactory.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.80.219 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.6.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.infosecurityfactory.nl
referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: cloudflare
etag: W/"15db1-5bd3006388300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fe%2F6UugNjlNylCZCW3pb0rZ26YlqahN4AR7DIyhRIYpaHKy3W%2FEnGnnGIXotv5dOj0WFjFyV99VxnD7SKNHIGT2rADaUe%2BpI0ZS13FahM%2BH7Jv5DGO7giyjNiBQitHyF0Y%2Fs28olf26OFfOM6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69eefb9f9eeca8d9-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 wp-emoji-release.min.js Show response
www.infosecurityfactory.nl/wp-includes/js/ 18 KB
5 KB 96ms
96ms Script
application/javascript 104.21.80.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.infosecurityfactory.nl/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by: Host: www.infosecurityfactory.nl
URL: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.80.219 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.infosecurityfactory.nl
referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 08 Jun 2021 22:15:12 GMT
server: cloudflare
etag: W/"4705-5c4487ddedc00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lHvmKq1IL0f67T%2BxxuiUJC9HYcHSiNI1k1cnDguY72opXEb1BHBiZKT1DDwu6RaOC6XMVYKYr5UgoER44xAoNpwm3X%2BlqqGJhsFelCJxBWILVn%2FUrzXEu1MD%2FaeBuDolfaHu2efBSUXh%2B9MtGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69eefba02f01a8d9-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 22ms
7ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.infosecurityfactory.nl
URL: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

729e852eab63cdf24ce3cfd0b64c555b6f78a0a3c3eab3ad11f12c198c6873fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: nmem1COaJD4uo99SWLhm5A==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: kSOeUCGYNDGVxUbhq1NthVvgpemUpmkKzJxyYsYuzFQQcbzqaQFDH0LAZBRVA5wCXPM5y/hBigVPxEg6mBPiOg==
x-fb-trip-id: 917726464
x-fb-content-md5: a0394c5049703faa223b5b4ac1601918
x-frame-options: DENY
date: Sat, 16 Oct 2021 05:45:46 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "db4c2717cd023c46bea78e47a0164167"
timing-allow-origin: *
expires: Sat, 16 Oct 2021 05:51:27 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 77ms
22ms Script
text/javascript 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-207888518-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 16:38:54 GMT
server: Golfe2
age: 3529
date: Sat, 16 Oct 2021 04:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 16 Oct 2021 06:46:57 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 102 KB
41 KB 72ms
45ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S42G8H6X5N&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-207888518-1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

29d7d6a3ce3eda5f9bfaa9d2c1e56695003bd05d2f798d83ee9d96029ae93ff2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41944
x-xss-protection: 0
expires: Sat, 16 Oct 2021 05:45:46 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 271 KB
76 KB 16ms
7ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=f842453123e2e0082c560a8b788900e8

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

90866b66e1337c79bff47f06fc30a6390d1680bd21f748c26bd38d5ecff663eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.infosecurityfactory.nl/
Origin: https://www.infosecurityfactory.nl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: haIagFReG8+hK0OJBE7Y8A==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 77988
x-fb-rlafr: 0
x-fb-debug: Gea0J7jViWxqcAv0ZHcXWwxHsVVr1a27gITusK85ZaK+3M9kD6QZviCjfgkCDbRFbmtrGjCACpiWKQX2Fl/kfQ==
x-fb-content-md5: 0e5f753cb32270702e0d9ac9ef056503
x-frame-options: DENY
date: Sat, 16 Oct 2021 05:45:46 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "126adb0632f647a08defb52fcc77889d"
timing-allow-origin: *
priority: u=3,i
expires: Sun, 16 Oct 2022 04:30:02 GMT

GET
H3 200 windows-update-installs-cyborg-ransomware-threatpost.jpg
www.infosecurityfactory.nl/wp-content/uploads/2021/10/ 216 KB
216 KB 86ms
86ms Image
image/jpeg 104.21.80.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.infosecurityfactory.nl/wp-content/uploads/2021/10/windows-update-installs-cyborg-ransomware-threatpost.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.80.219 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e81a216dc98a46415c02f559dfb06fc5544758c060605adf0c626b34ab1c021c

Request headers

:path: /wp-content/uploads/2021/10/windows-update-installs-cyborg-ransomware-threatpost.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.infosecurityfactory.nl
referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/ransomware/windows-update-installs-cyborg-ransomware-threatpost/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 15 Oct 2021 20:42:18 GMT
server: cloudflare
etag: "35e6e-5ce6a3b386dbd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZNwwKg%2BlY4FDETN78eBppezQQuRG8eKS1iUDOy37e9drU%2F0piTqcWSDxdE8lOeLGrgjj0nIOyK8V8KPvcMi1eXlL2dWEx%2Bj4bYgQQezKbauDu6ZK%2BEVsgZ%2F2iTKlTjYr2UJaF5Tdc%2FX35iccA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 69eefba0bf10a8d9-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 220782

GET
H/1.1 200
OK widget_iframe.58065ae230495f5d9e4b6a916472b2c1.html Show response
platform.twitter.com/widgets/ Frame 6783 319 KB
103 KB 8ms
6ms Document
text/html 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.58065ae230495f5d9e4b6a916472b2c1.html?origin=https%3A%2F%2Fwww.infosecurityfactory.nl
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C1) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.infosecurityfactory.nl/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 221503
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sat, 16 Oct 2021 05:45:46 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Thu, 30 Sep 2021 18:56:47 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67C1)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 37ms
23ms Script
application/javascript 104.18.225.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.225.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 464
etag: W/"fff10df2ca37ad0e879283b24dd072d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 69eefba0dbb4fad8-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 19 Oct 2021 05:45:46 GMT

GET
H2 200 like.php Show response
www.facebook.com/v2.5/plugins/ Frame ECF2 0
2 KB 49ms
33ms Document
text/html 157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2b0eb4839a6da4%26domain%3Dwww.infosecurityfactory.nl%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.infosecurityfactory.nl%252Ff13db5405ce3538%26relation%3Dparent.parent&container_width=64&href=https%3A%2F%2Fwww.infosecurityfactory.nl%2Fransomware%2Fwindows-update-installs-cyborg-ransomware-threatpost&layout=button&locale=en_US&sdk=joey&share=true&show_faces=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=f842453123e2e0082c560a8b788900e8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frt3.facebook.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self';img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.5/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2b0eb4839a6da4%26domain%3Dwww.infosecurityfactory.nl%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.infosecurityfactory.nl%252Ff13db5405ce3538%26relation%3Dparent.parent&container_width=64&href=https%3A%2F%2Fwww.infosecurityfactory.nl%2Fransomware%2Fwindows-update-installs-cyborg-ransomware-threatpost&layout=button&locale=en_US&sdk=joey&share=true&show_faces=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.infosecurityfactory.nl/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: 9DpwH52o/iPK6TtxN9HwYMbimbgLHQMqWJh/korZvTYPS+DU5xS8+56MsF7DN2bT2+PIss+nudrSlb7yxSsn6A==
content-length: 0
date: Sat, 16 Oct 2021 05:45:46 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 web Show response
onesignal.com/api/v1/sync/0143dc28-586e-4c7f-8140-dd9e2adb5bf9/ 3 KB
2 KB 315ms
307ms Script
text/javascript 104.18.225.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/0143dc28-586e-4c7f-8140-dd9e2adb5bf9/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.225.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1df30433d395228071612aebb36062f32b6ecd6eb0756402dc13253f11daeb1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: a7f48671-f882-4bea-af0e-68d83a8c8be6
x-runtime: 0.025334
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1df30433d395228071612aebb36062f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 69eefba18b4b21bd-DUS
access-control-allow-headers: SDK-Version
expires: Sat, 16 Oct 2021 06:45:46 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 59ms
28ms XHR
text/plain 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=1572272539&t=pageview&_s=1&dl=https%3A%2F%2Fwww.infosecurityfactory.nl%2Fransomware%2Fwindows-update-installs-cyborg-ransomware-threatpost%2F&ul=en-us&de=UTF-8&dt=%27Windows%20Update%27%20Installs%20Cyborg%20Ransomware%20%7C%20Threatpost%20-&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAAC~&jid=1491504023&gjid=1660554447&cid=1512649375.1634363146&tid=UA-207888518-1&_gid=1247622062.1634363146&_r=1&gtm=2ouad0&did=dZTNiMT&z=292511663

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.infosecurityfactory.nl/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 16 Oct 2021 05:45:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.infosecurityfactory.nl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 50ms
28ms Ping
text/plain 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-S42G8H6X5N&gtm=2oead0&_p=1572272539&sr=1600x1200&ul=en-us&cid=1512649375.1634363146&_s=1&dl=https%3A%2F%2Fwww.infosecurityfactory.nl%2Fransomware%2Fwindows-update-installs-cyborg-ransomware-threatpost%2F&dt=%27Windows%20Update%27%20Installs%20Cyborg%20Ransomware%20%7C%20Threatpost%20-&sid=1634363146&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S42G8H6X5N&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.infosecurityfactory.nl/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 16 Oct 2021 05:45:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.infosecurityfactory.nl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 6783 232 B
432 B 133ms
116ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=e477b07fae7068131dd8f2bec31339124f27e7dc

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.58065ae230495f5d9e4b6a916472b2c1.html?origin=https%3A%2F%2Fwww.infosecurityfactory.nl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
content-encoding: gzip
last-modified: Sat, 16 Oct 2021 05:45:46 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: cdbf1994e4ffe834548aa38eefde13a81bf3fbef8104c1d34b3d4738560ed8de
content-length: 166

GET
H/1.1 200
OK moment~timeline.126ccbec3f6038135ffb4feab4485043.js Show response
platform.twitter.com/js/ 25 KB
8 KB 7ms
6ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline.126ccbec3f6038135ffb4feab4485043.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6776) /
Resource Hash: 9534892f50bf74875886445aa51107aa750225cac94d45b7948f17ef09db7439

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 16 Oct 2021 05:45:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Sep 2021 18:56:34 GMT
Server: ECS (frb/6776)
Age: 221504
Etag: "ea81bb9835807729700595ed5b38fcb8+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 8015

GET
H/1.1 200
OK timeline.f0018d9150722c67abdd0e6bbab13587.js Show response
platform.twitter.com/js/ 20 KB
7 KB 14ms
6ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.f0018d9150722c67abdd0e6bbab13587.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6724) /
Resource Hash: 964794272aa168ce3feac3a84460c1beb01606da0e303689b8aee75fb354117d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 16 Oct 2021 05:45:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Sep 2021 18:56:34 GMT
Server: ECS (frb/6724)
Age: 221504
Etag: "b6a9074027bd2a446a397ba65736afc5+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 6444

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 193 KB
12 KB 243ms
211ms Script
application/javascript 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_infosecfactory_old&dnt=true&domain=www.infosecurityfactory.nl&lang=en&screen_name=infosecfactory&suppress_response_codes=true&t=1815959&tz=GMT%2B0000&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

3bf52cb8fe5c5ccac506eba7719afbd58c7ee8fbf354f1b927c742c9fa175776

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
access-control-allow-methods: GET
content-length: 12094
x-xss-protection: 0
access-contol-allow-origin: platform.twitter.com
x-response-time: 191
last-modified: Sat, 16 Oct 2021 05:45:46 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: e5ed649c34728bc7d35be5564a28d36726a1a33d4c1f153341f628920b571241
timing-allow-origin: *
x-transaction: 90c1a50143d14e9b
expires: Sat, 16 Oct 2021 05:50:46 GMT

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 16ms
16ms Stylesheet
text/css 104.18.225.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.225.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 456
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=259200
cf-ray: 69eefba38dc3fad8-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 19 Oct 2021 05:45:46 GMT

GET
H2 200 5h3YxdIk
pbs.twimg.com/card_img/1447709571989098503/ Frame B441 31 KB
31 KB 271ms
269ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1447709571989098503/5h3YxdIk?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6752) /

Resource Hash

77dfe322507aa7cf53c8fc6f7f10f4e28d713733b36b899fb8d2822690b498a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:47 GMT
x-content-type-options: nosniff
age: 2
x-cache: MISS
content-length: 31240
surrogate-key: card_img card_img/bucket/6 card_img/1447709571989098503
last-modified: Mon, 11 Oct 2021 23:41:53 GMT
server: ECS (frb/6752)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9a31c626675c4a96988f74ae5357dce29e775c026d45f2fddb07e0e79b1513ee
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 lryL882l
pbs.twimg.com/card_img/1449235762034135043/ Frame B441 21 KB
21 KB 10ms
8ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1449235762034135043/lryL882l?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6762) /

Resource Hash

85c533170badfcb72e8aff017da34ce6c2b5fd1d40ec9d84deccb3fc9f0890f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
x-content-type-options: nosniff
age: 3270
x-cache: HIT
content-length: 21272
surrogate-key: card_img card_img/bucket/6 card_img/1449235762034135043
last-modified: Sat, 16 Oct 2021 04:46:25 GMT
server: ECS (frb/6762)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: cc899d11f57572cc613f3798004f391cce71faae42f917f256edc07cfe2f9729
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 clHzFg1G
pbs.twimg.com/card_img/1447903780381548552/ Frame B441 52 KB
52 KB 16ms
14ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1447903780381548552/clHzFg1G?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/669F) /

Resource Hash

2739fafa5b80fb5d6d3ce29f65a25cbf15f469eac266c29325356d8bf77a374c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
x-content-type-options: nosniff
age: 3270
x-cache: HIT
content-length: 53170
surrogate-key: card_img card_img/bucket/8 card_img/1447903780381548552
last-modified: Tue, 12 Oct 2021 12:33:36 GMT
server: ECS (frb/669F)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2ff83407ebd92a0a4bba7911b69ad618bcddbd75fcb2398975efc956a947f0ec
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 5fjq8nsU
pbs.twimg.com/card_img/1449220640611962881/ Frame B441 14 KB
14 KB 15ms
14ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1449220640611962881/5fjq8nsU?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6760) /

Resource Hash

82bd919c9fe2eaa45c061ca6c98d22f2f1916205b5d142110e7934b316230404

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
x-content-type-options: nosniff
age: 6962
x-cache: HIT
content-length: 14654
surrogate-key: card_img card_img/bucket/6 card_img/1449220640611962881
last-modified: Sat, 16 Oct 2021 03:46:20 GMT
server: ECS (frb/6760)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9e5f670f0cfbe4e51e8234f7c876ba33b8ecc098a8c337bf6d1cf911573cbcaf
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 0gGGIn-s
pbs.twimg.com/card_img/1447710701372551172/ Frame B441 34 KB
35 KB 9ms
7ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1447710701372551172/0gGGIn-s?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C0) /

Resource Hash

f1124c82bca363e2eb4bfa47e4eb07a2c4ed752f592bbaf099bf4f8b5777c3b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
x-content-type-options: nosniff
age: 6962
x-cache: HIT
content-length: 35208
surrogate-key: card_img card_img/bucket/3 card_img/1447710701372551172
last-modified: Mon, 11 Oct 2021 23:46:23 GMT
server: ECS (frb/67C0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 525beac6f488c7949dd2920b1cc8a17e96e7c3c140ab41ea3fa045c6e0a9ada9
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 o57PV4oX
pbs.twimg.com/card_img/1446576050398433283/ Frame B441 17 KB
17 KB 15ms
13ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1446576050398433283/o57PV4oX?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BC) /

Resource Hash

205a4d30d72cbc3e7ff5dd42b7092491840552b0908c49716cb03377a3c6fa6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
x-content-type-options: nosniff
age: 7353
x-cache: HIT
content-length: 17423
surrogate-key: card_img card_img/bucket/7 card_img/1446576050398433283
last-modified: Fri, 08 Oct 2021 20:37:41 GMT
server: ECS (frb/67BC)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c0b2174c0b5583dd3a768044255c7283c05a8c029767468f91cb813ff9d40176
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 IQz9Ru2M
pbs.twimg.com/card_img/1449205560302243842/ Frame B441 34 KB
34 KB 12ms
11ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1449205560302243842/IQz9Ru2M?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67E2) /

Resource Hash

46e0396277ec744403f006e99077e4fa265f24ed01be933d781413c9330bdbcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
x-content-type-options: nosniff
age: 10616
x-cache: HIT
content-length: 34860
surrogate-key: card_img card_img/bucket/4 card_img/1449205560302243842
last-modified: Sat, 16 Oct 2021 02:46:25 GMT
server: ECS (frb/67E2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4db27ff6c6364bb70cc1d5074cc9cc7fd1e6052568b7f7f2d3c9243ec7bc88a8
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 8sxhzOoo
pbs.twimg.com/card_img/1449205559966699526/ Frame B441 41 KB
41 KB 7ms
7ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1449205559966699526/8sxhzOoo?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6762) /

Resource Hash

92563e22b0fb51e9c546f261060dbdaa818cd296aca4634e1a430703634f1cd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
x-content-type-options: nosniff
age: 10616
x-cache: HIT
content-length: 41607
surrogate-key: card_img card_img/bucket/0 card_img/1449205559966699526
last-modified: Sat, 16 Oct 2021 02:46:25 GMT
server: ECS (frb/6762)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2fe0bd33c9103bba64c7edae5a618e6e09a678a15bd7e4440b087f96b7e77859
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 QyxYJBfF
pbs.twimg.com/card_img/1448695964332486660/ Frame B441 42 KB
43 KB 8ms
7ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1448695964332486660/QyxYJBfF?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6738) /

Resource Hash

60883015d01eaf75e00700936bc17d42a94b075bd2ecd65197e6ee1b336503ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
x-content-type-options: nosniff
age: 10598
x-cache: HIT
content-length: 43341
surrogate-key: card_img card_img/bucket/6 card_img/1448695964332486660
last-modified: Thu, 14 Oct 2021 17:01:28 GMT
server: ECS (frb/6738)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5cc9ab4ab2805e4e5fa9984a670340d49323b9fd5c9b63b8995483fa63f938c7
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 AiyFGCON
pbs.twimg.com/card_img/1449190491870879746/ Frame B441 60 KB
60 KB 12ms
11ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1449190491870879746/AiyFGCON?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6739) /

Resource Hash

3b21b2f11a8af23fcf4af0eced356acea2d60540f06dda3b90cbdcd2f3812591

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
x-content-type-options: nosniff
age: 14199
x-cache: HIT
content-length: 61137
surrogate-key: card_img card_img/bucket/6 card_img/1449190491870879746
last-modified: Sat, 16 Oct 2021 01:46:32 GMT
server: ECS (frb/6739)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 80805b9d0cbcc440ba7e099dc6bb5313418cb3681f8545bb5bb343a9f67c7949
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 J3NMCeFA
pbs.twimg.com/card_img/1449190429660954634/ Frame B441 44 KB
44 KB 8ms
8ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1449190429660954634/J3NMCeFA?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6723) /

Resource Hash

dddb21c233c886dcebb3cdce2f79de240969a8277447c7c8a9ca180a77f87249

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
x-content-type-options: nosniff
age: 14199
x-cache: HIT
content-length: 44587
x-response-time: 247
surrogate-key: card_img card_img/bucket/0 card_img/1449190429660954634
last-modified: Sat, 16 Oct 2021 01:46:17 GMT
server: ECS (frb/6723)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 33a671d4c9cc7f3292ce09697ca1042628f6cef34f068c3e4559e07a6f7934b2
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 XeOFBYBa
pbs.twimg.com/card_img/1447954878257635334/ Frame B441 40 KB
40 KB 7ms
7ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1447954878257635334/XeOFBYBa?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6725) /

Resource Hash

1a422a4df2896157d47a4504e493aabf8c1f3ecaa7df94264a8992626a9f4d26

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
x-content-type-options: nosniff
age: 14199
x-cache: HIT
content-length: 41116
surrogate-key: card_img card_img/bucket/3 card_img/1447954878257635334
last-modified: Tue, 12 Oct 2021 15:56:39 GMT
server: ECS (frb/6725)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 70c75d1d9033c2e3787ac5f4233210bb1e7b72685d83088bc690b79543b97157
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 yd6YfB-V
pbs.twimg.com/card_img/1449176103462051846/ Frame B441 35 KB
35 KB 7ms
7ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1449176103462051846/yd6YfB-V?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668B) /

Resource Hash

ed207d5ee8ca59617d97a7cc3fa0ccd79976ea9f008f603a8d6673831f310759

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
x-content-type-options: nosniff
age: 14199
x-cache: HIT
content-length: 35868
surrogate-key: card_img card_img/bucket/2 card_img/1449176103462051846
last-modified: Sat, 16 Oct 2021 00:49:22 GMT
server: ECS (frb/668B)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b47a29a3f972156a537b85c05c092cf70d1205f2586269947e4a80e679a6bee0
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 0l0e56-t
pbs.twimg.com/card_img/1449175372378120193/ Frame B441 61 KB
61 KB 9ms
6ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1449175372378120193/0l0e56-t?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/673A) /

Resource Hash

cb695d08d8cfeba1bb60bc1ad3d54127816e21dd812aeff104c196aac58e8149

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
x-content-type-options: nosniff
age: 17829
x-cache: HIT
content-length: 62694
x-response-time: 258
surrogate-key: card_img card_img/bucket/7 card_img/1449175372378120193
last-modified: Sat, 16 Oct 2021 00:46:27 GMT
server: ECS (frb/673A)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 26f127ebc1baec36432dc18022768f34c66bfe2c91e4468a3def5142c68bcccd
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 5l4CDb0H
pbs.twimg.com/card_img/1449175369286930435/ Frame B441 60 KB
61 KB 10ms
6ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1449175369286930435/5l4CDb0H?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668B) /

Resource Hash

8c06a87f7ecb437563a96aacfbfdb0bcb9a1064c8b79c89576ab0f04fc93ea86

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
x-content-type-options: nosniff
age: 17829
x-cache: HIT
content-length: 61870
surrogate-key: card_img card_img/bucket/1 card_img/1449175369286930435
last-modified: Sat, 16 Oct 2021 00:46:27 GMT
server: ECS (frb/668B)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 792631466155b3bc0737f7149aa6406c085a237d9fa897828d76e8e963711662
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 paKiJIUs
pbs.twimg.com/card_img/1447980368037044225/ Frame B441 60 KB
60 KB 9ms
7ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1447980368037044225/paKiJIUs?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/674D) /

Resource Hash

c0c8b2946286de5fe991dd50f48e4369189cbcbeebf9156f21ec33ad333a7ec3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
x-content-type-options: nosniff
age: 17829
x-cache: HIT
content-length: 61315
surrogate-key: card_img card_img/bucket/7 card_img/1447980368037044225
last-modified: Tue, 12 Oct 2021 17:37:56 GMT
server: ECS (frb/674D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1081414ceb1bbf62b251955dae8d521482c4981b4154c91f39ab7d13a700f12d
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 WTDhSV6f
pbs.twimg.com/card_img/1449160232878366722/ Frame B441 6 KB
6 KB 8ms
8ms Image
image/png 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1449160232878366722/WTDhSV6f?format=png&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6725) /

Resource Hash

d8908dc8472223a59d77c60ba3cc6702ecb6798690a103af2fad21335889761f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
x-content-type-options: nosniff
age: 17828
x-cache: HIT
content-length: 5981
surrogate-key: card_img card_img/bucket/9 card_img/1449160232878366722
last-modified: Fri, 15 Oct 2021 23:46:18 GMT
server: ECS (frb/6725)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 91e62df190d780f5a22dca8be2663f6896226153f977fa6687e6cecb51a86bfa
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 9SNLs1m6
pbs.twimg.com/card_img/1449145887561768961/ Frame B441 36 KB
37 KB 8ms
8ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1449145887561768961/9SNLs1m6?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/674D) /

Resource Hash

6a35cce609cd5ab884c17d1fd3cf9eddb8d10249aafdd81d4e62cc7a6bb5850a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
x-content-type-options: nosniff
age: 24859
x-cache: HIT
content-length: 37328
surrogate-key: card_img card_img/bucket/4 card_img/1449145887561768961
last-modified: Fri, 15 Oct 2021 22:49:18 GMT
server: ECS (frb/674D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d83ef5333d4f9acf3ac768299bdfdd734c028b6e2be93091870018148305b76f
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ Frame B441 53 KB
12 KB 7ms
7ms Stylesheet
text/css 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 16 Oct 2021 05:45:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Sep 2021 18:56:30 GMT
Server: ECS (frb/6796)
Age: 221505
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 7ms
7ms Image
text/css 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 16 Oct 2021 05:45:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Sep 2021 18:56:30 GMT
Server: ECS (frb/6796)
Age: 221505
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H2 200 0gGGIn-s
pbs.twimg.com/card_img/1447710701372551172/ Frame B441 34 KB
35 KB 7ms
6ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1447710701372551172/0gGGIn-s?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.126ccbec3f6038135ffb4feab4485043.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C0) /

Resource Hash

f1124c82bca363e2eb4bfa47e4eb07a2c4ed752f592bbaf099bf4f8b5777c3b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
x-content-type-options: nosniff
age: 6962
x-cache: HIT
content-length: 35208
surrogate-key: card_img card_img/bucket/3 card_img/1447710701372551172
last-modified: Mon, 11 Oct 2021 23:46:23 GMT
server: ECS (frb/67C0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 525beac6f488c7949dd2920b1cc8a17e96e7c3c140ab41ea3fa045c6e0a9ada9
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 BbJCn87s_normal.jpg
pbs.twimg.com/profile_images/1444573039002275842/ Frame B441 2 KB
2 KB 8ms
7ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1444573039002275842/BbJCn87s_normal.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6763) /

Resource Hash

b9ea2828497c4085f0fb3e7c4f7b2ce7f9c4623d6bc22dd801eaebccb97b6cac

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:46 GMT
x-content-type-options: nosniff
age: 266224
x-cache: HIT
content-length: 2263
surrogate-key: profile_images profile_images/bucket/0 profile_images/1444573039002275842
last-modified: Sun, 03 Oct 2021 07:58:26 GMT
server: ECS (frb/6763)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6c1886e881b5c58eca5affbb5efd2f30bb89fbcdc8612300c6e11f068be76baa
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FBzDOvcXIAAnCmH
pbs.twimg.com/media/ Frame B441 17 KB
18 KB 262ms
262ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FBzDOvcXIAAnCmH?format=jpg&name=360x360

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6762) /

Resource Hash

7006185e2db5b0ee2b7eda071612a653274b5e0f7ed6788c1b5154ceb9bbe482

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:47 GMT
x-content-type-options: nosniff
age: 2
x-cache: MISS
content-length: 17895
surrogate-key: media media/bucket/4 media/1449247838127464448
last-modified: Sat, 16 Oct 2021 05:34:24 GMT
server: ECS (frb/6762)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6e103989e4c1009c0423bb935dfa12304260a70aea84d0530b6570903bb21406
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame B441 44 KB
7 KB 33ms
11ms Stylesheet
text/css 152.199.21.140
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.21.140 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 149084
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 8
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: b08c7ccbfb32473a9efc04cb348514ac87ac4e056db272be06e559dcfeb7cd05
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Sat, 23 Oct 2021 05:45:47 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 32ms
12ms Image
text/css 152.199.21.140
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.21.140 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.infosecurityfactory.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 149084
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 8
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: b08c7ccbfb32473a9efc04cb348514ac87ac4e056db272be06e559dcfeb7cd05
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Sat, 23 Oct 2021 05:45:47 GMT

GET
DATA 200
OK truncated
/ Frame B441 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame B441 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame B441 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame B441 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 lryL882l
pbs.twimg.com/card_img/1449235762034135043/ Frame B441 21 KB
21 KB 8ms
7ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1449235762034135043/lryL882l?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6762) /

Resource Hash

85c533170badfcb72e8aff017da34ce6c2b5fd1d40ec9d84deccb3fc9f0890f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:47 GMT
x-content-type-options: nosniff
age: 3271
x-cache: HIT
content-length: 21272
surrogate-key: card_img card_img/bucket/6 card_img/1449235762034135043
last-modified: Sat, 16 Oct 2021 04:46:25 GMT
server: ECS (frb/6762)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: cc899d11f57572cc613f3798004f391cce71faae42f917f256edc07cfe2f9729
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 clHzFg1G
pbs.twimg.com/card_img/1447903780381548552/ Frame B441 52 KB
52 KB 7ms
7ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1447903780381548552/clHzFg1G?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/669F) /

Resource Hash

2739fafa5b80fb5d6d3ce29f65a25cbf15f469eac266c29325356d8bf77a374c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:47 GMT
x-content-type-options: nosniff
age: 3271
x-cache: HIT
content-length: 53170
surrogate-key: card_img card_img/bucket/8 card_img/1447903780381548552
last-modified: Tue, 12 Oct 2021 12:33:36 GMT
server: ECS (frb/669F)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2ff83407ebd92a0a4bba7911b69ad618bcddbd75fcb2398975efc956a947f0ec
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 5fjq8nsU
pbs.twimg.com/card_img/1449220640611962881/ Frame B441 14 KB
14 KB 7ms
7ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1449220640611962881/5fjq8nsU?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6760) /

Resource Hash

82bd919c9fe2eaa45c061ca6c98d22f2f1916205b5d142110e7934b316230404

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:47 GMT
x-content-type-options: nosniff
age: 6963
x-cache: HIT
content-length: 14654
surrogate-key: card_img card_img/bucket/6 card_img/1449220640611962881
last-modified: Sat, 16 Oct 2021 03:46:20 GMT
server: ECS (frb/6760)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9e5f670f0cfbe4e51e8234f7c876ba33b8ecc098a8c337bf6d1cf911573cbcaf
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 0gGGIn-s
pbs.twimg.com/card_img/1447710701372551172/ Frame B441 34 KB
35 KB 7ms
6ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1447710701372551172/0gGGIn-s?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C0) /

Resource Hash

f1124c82bca363e2eb4bfa47e4eb07a2c4ed752f592bbaf099bf4f8b5777c3b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:47 GMT
x-content-type-options: nosniff
age: 6963
x-cache: HIT
content-length: 35208
surrogate-key: card_img card_img/bucket/3 card_img/1447710701372551172
last-modified: Mon, 11 Oct 2021 23:46:23 GMT
server: ECS (frb/67C0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 525beac6f488c7949dd2920b1cc8a17e96e7c3c140ab41ea3fa045c6e0a9ada9
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 o57PV4oX
pbs.twimg.com/card_img/1446576050398433283/ Frame B441 17 KB
17 KB 9ms
9ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1446576050398433283/o57PV4oX?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BC) /

Resource Hash

205a4d30d72cbc3e7ff5dd42b7092491840552b0908c49716cb03377a3c6fa6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:47 GMT
x-content-type-options: nosniff
age: 7354
x-cache: HIT
content-length: 17423
surrogate-key: card_img card_img/bucket/7 card_img/1446576050398433283
last-modified: Fri, 08 Oct 2021 20:37:41 GMT
server: ECS (frb/67BC)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c0b2174c0b5583dd3a768044255c7283c05a8c029767468f91cb813ff9d40176
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 IQz9Ru2M
pbs.twimg.com/card_img/1449205560302243842/ Frame B441 34 KB
34 KB 7ms
6ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1449205560302243842/IQz9Ru2M?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67E2) /

Resource Hash

46e0396277ec744403f006e99077e4fa265f24ed01be933d781413c9330bdbcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:47 GMT
x-content-type-options: nosniff
age: 10617
x-cache: HIT
content-length: 34860
surrogate-key: card_img card_img/bucket/4 card_img/1449205560302243842
last-modified: Sat, 16 Oct 2021 02:46:25 GMT
server: ECS (frb/67E2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4db27ff6c6364bb70cc1d5074cc9cc7fd1e6052568b7f7f2d3c9243ec7bc88a8
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 8sxhzOoo
pbs.twimg.com/card_img/1449205559966699526/ Frame B441 41 KB
41 KB 7ms
7ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1449205559966699526/8sxhzOoo?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6762) /

Resource Hash

92563e22b0fb51e9c546f261060dbdaa818cd296aca4634e1a430703634f1cd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:47 GMT
x-content-type-options: nosniff
age: 10617
x-cache: HIT
content-length: 41607
surrogate-key: card_img card_img/bucket/0 card_img/1449205559966699526
last-modified: Sat, 16 Oct 2021 02:46:25 GMT
server: ECS (frb/6762)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2fe0bd33c9103bba64c7edae5a618e6e09a678a15bd7e4440b087f96b7e77859
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 QyxYJBfF
pbs.twimg.com/card_img/1448695964332486660/ Frame B441 42 KB
43 KB 8ms
8ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1448695964332486660/QyxYJBfF?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6738) /

Resource Hash

60883015d01eaf75e00700936bc17d42a94b075bd2ecd65197e6ee1b336503ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:47 GMT
x-content-type-options: nosniff
age: 10599
x-cache: HIT
content-length: 43341
surrogate-key: card_img card_img/bucket/6 card_img/1448695964332486660
last-modified: Thu, 14 Oct 2021 17:01:28 GMT
server: ECS (frb/6738)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5cc9ab4ab2805e4e5fa9984a670340d49323b9fd5c9b63b8995483fa63f938c7
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 AiyFGCON
pbs.twimg.com/card_img/1449190491870879746/ Frame B441 60 KB
60 KB 7ms
7ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1449190491870879746/AiyFGCON?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6739) /

Resource Hash

3b21b2f11a8af23fcf4af0eced356acea2d60540f06dda3b90cbdcd2f3812591

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:47 GMT
x-content-type-options: nosniff
age: 14200
x-cache: HIT
content-length: 61137
surrogate-key: card_img card_img/bucket/6 card_img/1449190491870879746
last-modified: Sat, 16 Oct 2021 01:46:32 GMT
server: ECS (frb/6739)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 80805b9d0cbcc440ba7e099dc6bb5313418cb3681f8545bb5bb343a9f67c7949
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 J3NMCeFA
pbs.twimg.com/card_img/1449190429660954634/ Frame B441 44 KB
44 KB 7ms
7ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1449190429660954634/J3NMCeFA?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6723) /

Resource Hash

dddb21c233c886dcebb3cdce2f79de240969a8277447c7c8a9ca180a77f87249

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:47 GMT
x-content-type-options: nosniff
age: 14200
x-cache: HIT
content-length: 44587
x-response-time: 247
surrogate-key: card_img card_img/bucket/0 card_img/1449190429660954634
last-modified: Sat, 16 Oct 2021 01:46:17 GMT
server: ECS (frb/6723)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 33a671d4c9cc7f3292ce09697ca1042628f6cef34f068c3e4559e07a6f7934b2
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 XeOFBYBa
pbs.twimg.com/card_img/1447954878257635334/ Frame B441 40 KB
40 KB 8ms
7ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1447954878257635334/XeOFBYBa?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6725) /

Resource Hash

1a422a4df2896157d47a4504e493aabf8c1f3ecaa7df94264a8992626a9f4d26

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:47 GMT
x-content-type-options: nosniff
age: 14200
x-cache: HIT
content-length: 41116
surrogate-key: card_img card_img/bucket/3 card_img/1447954878257635334
last-modified: Tue, 12 Oct 2021 15:56:39 GMT
server: ECS (frb/6725)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 70c75d1d9033c2e3787ac5f4233210bb1e7b72685d83088bc690b79543b97157
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 yd6YfB-V
pbs.twimg.com/card_img/1449176103462051846/ Frame B441 35 KB
35 KB 7ms
7ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1449176103462051846/yd6YfB-V?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668B) /

Resource Hash

ed207d5ee8ca59617d97a7cc3fa0ccd79976ea9f008f603a8d6673831f310759

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:47 GMT
x-content-type-options: nosniff
age: 14200
x-cache: HIT
content-length: 35868
surrogate-key: card_img card_img/bucket/2 card_img/1449176103462051846
last-modified: Sat, 16 Oct 2021 00:49:22 GMT
server: ECS (frb/668B)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b47a29a3f972156a537b85c05c092cf70d1205f2586269947e4a80e679a6bee0
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 0l0e56-t
pbs.twimg.com/card_img/1449175372378120193/ Frame B441 61 KB
61 KB 7ms
7ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1449175372378120193/0l0e56-t?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/673A) /

Resource Hash

cb695d08d8cfeba1bb60bc1ad3d54127816e21dd812aeff104c196aac58e8149

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:47 GMT
x-content-type-options: nosniff
age: 17830
x-cache: HIT
content-length: 62694
x-response-time: 258
surrogate-key: card_img card_img/bucket/7 card_img/1449175372378120193
last-modified: Sat, 16 Oct 2021 00:46:27 GMT
server: ECS (frb/673A)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 26f127ebc1baec36432dc18022768f34c66bfe2c91e4468a3def5142c68bcccd
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 5l4CDb0H
pbs.twimg.com/card_img/1449175369286930435/ Frame B441 60 KB
61 KB 7ms
6ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1449175369286930435/5l4CDb0H?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668B) /

Resource Hash

8c06a87f7ecb437563a96aacfbfdb0bcb9a1064c8b79c89576ab0f04fc93ea86

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:47 GMT
x-content-type-options: nosniff
age: 17830
x-cache: HIT
content-length: 61870
surrogate-key: card_img card_img/bucket/1 card_img/1449175369286930435
last-modified: Sat, 16 Oct 2021 00:46:27 GMT
server: ECS (frb/668B)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 792631466155b3bc0737f7149aa6406c085a237d9fa897828d76e8e963711662
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 paKiJIUs
pbs.twimg.com/card_img/1447980368037044225/ Frame B441 60 KB
60 KB 7ms
7ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1447980368037044225/paKiJIUs?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/674D) /

Resource Hash

c0c8b2946286de5fe991dd50f48e4369189cbcbeebf9156f21ec33ad333a7ec3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:47 GMT
x-content-type-options: nosniff
age: 17830
x-cache: HIT
content-length: 61315
surrogate-key: card_img card_img/bucket/7 card_img/1447980368037044225
last-modified: Tue, 12 Oct 2021 17:37:56 GMT
server: ECS (frb/674D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1081414ceb1bbf62b251955dae8d521482c4981b4154c91f39ab7d13a700f12d
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 WTDhSV6f
pbs.twimg.com/card_img/1449160232878366722/ Frame B441 6 KB
6 KB 7ms
6ms Image
image/png 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1449160232878366722/WTDhSV6f?format=png&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6725) /

Resource Hash

d8908dc8472223a59d77c60ba3cc6702ecb6798690a103af2fad21335889761f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:47 GMT
x-content-type-options: nosniff
age: 17829
x-cache: HIT
content-length: 5981
surrogate-key: card_img card_img/bucket/9 card_img/1449160232878366722
last-modified: Fri, 15 Oct 2021 23:46:18 GMT
server: ECS (frb/6725)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 91e62df190d780f5a22dca8be2663f6896226153f977fa6687e6cecb51a86bfa
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 9SNLs1m6
pbs.twimg.com/card_img/1449145887561768961/ Frame B441 36 KB
37 KB 7ms
6ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1449145887561768961/9SNLs1m6?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/674D) /

Resource Hash

6a35cce609cd5ab884c17d1fd3cf9eddb8d10249aafdd81d4e62cc7a6bb5850a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 05:45:47 GMT
x-content-type-options: nosniff
age: 24860
x-cache: HIT
content-length: 37328
surrogate-key: card_img card_img/bucket/4 card_img/1449145887561768961
last-modified: Fri, 15 Oct 2021 22:49:18 GMT
server: ECS (frb/674D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d83ef5333d4f9acf3ac768299bdfdd734c028b6e2be93091870018148305b76f
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H/1.1

200
OK

jot.html Show response
platform.twitter.com/ Frame CFB7
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

80 B
571 B

6ms
6ms

Document
text/html

93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: 90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://www.infosecurityfactory.nl
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 221506
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sat, 16 Oct 2021 05:45:47 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Thu, 30 Sep 2021 19:09:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6796)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 80

Redirect headers

date: Sat, 16 Oct 2021 05:45:47 GMT
pragma: no-cache
server: tsa_o
status: 302 Found
expires: Tue, 31 Mar 1981 05:00:00 GMT
location: https://platform.twitter.com/jot.html
content-type: text/html;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified: Sat, 16 Oct 2021 05:45:47 GMT
x-transaction: 2e58707e3d957fd6
content-length: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
x-connection-hash: cdbf1994e4ffe834548aa38eefde13a81bf3fbef8104c1d34b3d4738560ed8de

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.infosecurityfactory.nl/	1970-01-20 06:44:59	Name: cookielawinfo-checkbox-necessary Value: yes
www.infosecurityfactory.nl/	1970-01-20 06:44:59	Name: cookielawinfo-checkbox-functional Value: no
www.infosecurityfactory.nl/	1970-01-20 06:44:59	Name: cookielawinfo-checkbox-performance Value: no
www.infosecurityfactory.nl/	1970-01-20 06:44:59	Name: cookielawinfo-checkbox-analytics Value: no
www.infosecurityfactory.nl/	1970-01-20 06:44:59	Name: cookielawinfo-checkbox-advertisement Value: no
www.infosecurityfactory.nl/	1970-01-20 06:44:59	Name: cookielawinfo-checkbox-others Value: no
.infosecurityfactory.nl/	1970-01-19 22:00:49	Name: _gid Value: GA1.2.1247622062.1634363146
.infosecurityfactory.nl/	1970-01-19 21:59:23	Name: _gat_gtag_UA_207888518_1 Value: 1
.infosecurityfactory.nl/	1970-01-20 15:30:35	Name: _ga_S42G8H6X5N Value: GS1.1.1634363146.1.0.1634363146.0
.infosecurityfactory.nl/	1970-01-20 15:30:35	Name: _ga Value: GA1.1.1512649375.1634363146

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.onesignal.com
cdn.syndication.twimg.com
connect.facebook.net
onesignal.com
pbs.twimg.com
platform.twitter.com
syndication.twitter.com
ton.twimg.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.infosecurityfactory.nl
104.18.225.52
104.21.80.219
104.244.42.136
142.250.185.104
142.250.185.142
152.199.21.140
157.240.20.35
185.60.216.19
192.229.233.50
93.184.220.66
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0a5458d292209b9d7a1efdbe049554423a45b51a07a3acc8deacc9f4c4803286
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
1523ddaa632d195a1240668fb5c6870519e3cdfeabd5a346141bcbb03222e2e7
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
1a422a4df2896157d47a4504e493aabf8c1f3ecaa7df94264a8992626a9f4d26
1df30433d395228071612aebb36062f32b6ecd6eb0756402dc13253f11daeb1d
205a4d30d72cbc3e7ff5dd42b7092491840552b0908c49716cb03377a3c6fa6e
22af5d3bf749542c2d95975186991b7b8c1e0766449c3fdeab55d57eb0d1ffdc
2739fafa5b80fb5d6d3ce29f65a25cbf15f469eac266c29325356d8bf77a374c
275785354056321f622bfbdc7907492605d4c9362e0117a8bf5c7de6480da71c
29c7ceffe2b367039ee6eb32a7334e2a9131654cdbdaf57a5431d909f69d1cab
29d7d6a3ce3eda5f9bfaa9d2c1e56695003bd05d2f798d83ee9d96029ae93ff2
3b21b2f11a8af23fcf4af0eced356acea2d60540f06dda3b90cbdcd2f3812591
3bf52cb8fe5c5ccac506eba7719afbd58c7ee8fbf354f1b927c742c9fa175776
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
46e0396277ec744403f006e99077e4fa265f24ed01be933d781413c9330bdbcc
4c5e10b3496ff844faf3e2d032e243d4a366a5cbc95ad7bef5dd924322e31b3a
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
60883015d01eaf75e00700936bc17d42a94b075bd2ecd65197e6ee1b336503ca
6a35cce609cd5ab884c17d1fd3cf9eddb8d10249aafdd81d4e62cc7a6bb5850a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7006185e2db5b0ee2b7eda071612a653274b5e0f7ed6788c1b5154ceb9bbe482
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
729e852eab63cdf24ce3cfd0b64c555b6f78a0a3c3eab3ad11f12c198c6873fc
76e69fdaf0888ad20f56a8918f819f6fc0dcd171b6342e10fb345e85549fb03f
7739eefcdee8afcb00fbe9a35cc795fff0cff7092b10d56c4190484d42892433
77dfe322507aa7cf53c8fc6f7f10f4e28d713733b36b899fb8d2822690b498a1
82bd919c9fe2eaa45c061ca6c98d22f2f1916205b5d142110e7934b316230404
8577be08e13d868781746fd18e27a2d95ee4658c33221ec7659ece82d4d31463
85c533170badfcb72e8aff017da34ce6c2b5fd1d40ec9d84deccb3fc9f0890f3
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8c06a87f7ecb437563a96aacfbfdb0bcb9a1064c8b79c89576ab0f04fc93ea86
8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
90866b66e1337c79bff47f06fc30a6390d1680bd21f748c26bd38d5ecff663eb
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
92563e22b0fb51e9c546f261060dbdaa818cd296aca4634e1a430703634f1cd4
9534892f50bf74875886445aa51107aa750225cac94d45b7948f17ef09db7439
964794272aa168ce3feac3a84460c1beb01606da0e303689b8aee75fb354117d
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961
b88fca268e1352a0922f301c6b88f0499606c01faa8d0718de11a8153a5edc3a
b8fa20af264fcdd99621fc4e3a770927452b0fe382599e0d890a3bfa31152f80
b9ea2828497c4085f0fb3e7c4f7b2ce7f9c4623d6bc22dd801eaebccb97b6cac
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c0c8b2946286de5fe991dd50f48e4369189cbcbeebf9156f21ec33ad333a7ec3
c637118647db8d74b6e583059b4534d627125e1075ae3cae2ac66fb9953783f8
c68af0dbc56215457de6d384773a246b02ea2bb7036c452248bf536149933eef
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
cb695d08d8cfeba1bb60bc1ad3d54127816e21dd812aeff104c196aac58e8149
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cfd3099998b0c37ace8024cbd802160585ba9be1c0047fefc172035184f074df
d8908dc8472223a59d77c60ba3cc6702ecb6798690a103af2fad21335889761f
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dddb21c233c886dcebb3cdce2f79de240969a8277447c7c8a9ca180a77f87249
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e049ce4c1d789ff7e67463735729523202a9628f622462aad8ec25c681c68cb4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e81a216dc98a46415c02f559dfb06fc5544758c060605adf0c626b34ab1c021c
e825dcae80c4327d3b66ef0adcd95740da571db0addf77798b1f1ac8fb9f58dd
ed207d5ee8ca59617d97a7cc3fa0ccd79976ea9f008f603a8d6673831f310759
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
f1124c82bca363e2eb4bfa47e4eb07a2c4ed752f592bbaf099bf4f8b5777c3b5
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce
fa1fbf0c3094582f68127fc9e86b8f937442f435984e13935acf856b38e6b057
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

www.infosecurityfactory.nl Open in urlscan Pro 104.21.80.219 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

86 Requests

100 %HTTPS

0 %IPv6

8 Domains

12 Subdomains

11 IPs

4 Countries

2319 kBTransfer

3986 kBSize

10 Cookies

13 Outgoing links

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.infosecurityfactory.nl Open in urlscan Pro
104.21.80.219 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

12
Subdomains

11
IPs

4
Countries

2319 kB
Transfer

3986 kB
Size

10
Cookies

86 HTTP transactions
5 data transactions