www.welivesecurity.com Open in urlscan Pro
2606:2800:233:1cb7:261b:1f9c:2074:3c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-ele=
Effective URL:
https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
Submission: On March 05 via api (March 5th 2020, 5:06:09 pm UTC) from US

Summary HTTP 68 Redirects Links 39 Behaviour Indicators

Summary

This website contacted 14 IPs in 6 countries across 11 domains to perform 68 HTTP transactions. The main IP is 2606:2800:233:1cb7:261b:1f9c:2074:3c, located in United States and belongs to EDGECAST, US. The main domain is www.welivesecurity.com.
TLS certificate: Issued by Thawte RSA CA 2018 on January 7th 2019. Valid for: 2 years.

This is the only time www.welivesecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 39	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
2	2620:1ec:bdf::10 2620:1ec:bdf::10	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.166.8.11 52.166.8.11	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
1 5	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
2	13.224.194.67 13.224.194.67	16509 (AMAZON-02) (AMAZON-02)
2	151.101.12.134 151.101.12.134	54113 (FASTLY) (FASTLY)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6810:4fa6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.128.134 151.101.128.134	54113 (FASTLY) (FASTLY)
2	51.140.6.23 51.140.6.23	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
68	14

39 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States) 1 redirects

ASN15133 (EDGECAST, US)

www.welivesecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::10 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

assets.esetstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.166.8.11 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

backend.welivesecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:821::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.194.67 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-67.fra2.r.cloudfront.net

cdn1.esetstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.12.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

welivesecurity.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:4fa6 (United States)

ASN13335 (CLOUDFLARENET, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.128.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.140.6.23 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	welivesecurity.com 1 redirects www.welivesecurity.com backend.welivesecurity.com	2 MB
5	disquscdn.com c.disquscdn.com	219 KB
5	google-analytics.com 1 redirects www.google-analytics.com	18 KB
4	disqus.com welivesecurity.disqus.com disqus.com	29 KB
4	googletagmanager.com www.googletagmanager.com	32 KB
4	esetstatic.com assets.esetstatic.com cdn1.esetstatic.com	8 KB
3	facebook.net connect.facebook.net	118 KB
2	visualstudio.com dc.services.visualstudio.com	830 B
1	doubleclick.net stats.g.doubleclick.net	102 B
1	facebook.com www.facebook.com	260 B
1	msecnd.net az416426.vo.msecnd.net	22 KB
68	11

	Domain	Requested by
39	www.welivesecurity.com	1 redirects www.welivesecurity.com
5	c.disquscdn.com	welivesecurity.disqus.com
5	www.google-analytics.com	1 redirects www.welivesecurity.com www.googletagmanager.com
4	www.googletagmanager.com	www.welivesecurity.com
3	connect.facebook.net	www.welivesecurity.com connect.facebook.net
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	disqus.com	welivesecurity.disqus.com
2	welivesecurity.disqus.com	www.welivesecurity.com
2	cdn1.esetstatic.com	www.welivesecurity.com
2	assets.esetstatic.com	www.welivesecurity.com
1	stats.g.doubleclick.net	www.welivesecurity.com
1	www.facebook.com	www.welivesecurity.com
1	az416426.vo.msecnd.net	www.welivesecurity.com
1	backend.welivesecurity.com	www.welivesecurity.com
68	14

This site contains links to these domains. Also see Links.

Domain
www.eset.com
www.facebook.com
twitter.com
www.linkedin.com
backend.welivesecurity.com
thebrazilbusiness.com
attack.mitre.org
github.com
decoded.avast.io
eset.com

Subject Issuer	Validity	Valid
www.welivesecurity.com Thawte RSA CA 2018	`2019-01-07` - `2021-02-05`	2 years	crt.sh
assets.esetstatic.com Thawte RSA CA 2018	`2018-11-15` - `2020-11-14`	2 years	crt.sh
backend.welivesecurity.com Thawte RSA CA 2018	`2020-02-06` - `2022-02-06`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
*.vo.msecnd.net Microsoft IT TLS CA 2	`2018-03-30` - `2020-03-30`	2 years	crt.sh
*.esetstatic.com Thawte RSA CA 2018	`2019-09-05` - `2021-10-04`	2 years	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2018-03-28` - `2020-04-27`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
ssl565697.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-02-02` - `2020-08-10`	6 months	crt.sh
dc.services.visualstudio.com Microsoft IT TLS CA 4	`2020-02-27` - `2022-02-27`	2 years	crt.sh

This page contains 4 frames:

Primary Page: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
Frame ID: A7FC2A2289E4EF6305DC4B0BD04F2732
Requests: 65 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=welivesecurity&t_i=135157%20https%3A%2F%2Fbackend.welivesecurity.com%2F%3Fp%3D135157&t_u=https%3A%2F%2Fwww.welivesecurity.com%2F2020%2F03%2F05%2Fguildma-devil-drives-electric%2F&t_e=Guildma%3A%20The%20Devil%20drives%20electric&t_d=Guildma%3A%20The%20Devil%20drives%20electric&t_t=Guildma%3A%20The%20Devil%20drives%20electric&s_o=default&l=en
Frame ID: 4587370B6C79AA3E7680B94C6CD80531
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 4FE4E1A420667531715483BD0DD3272F
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 53BFD69C436F490F4F07FF23B7374E66
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-ele= HTTP 301
https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Azure CDN (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:ECAcc|ECS|ECD)/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

68
Requests

100 %
HTTPS

57 %
IPv6

11
Domains

14
Subdomains

14
IPs

6
Countries

2968 kB
Transfer

3927 kB
Size

7
Cookies

39 Outgoing links

These are links going to different origins than the main page.

URL: https://www.eset.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.welivesecurity.com%2F2020%2F03%2F05%2Fguildma-devil-drives-electric%2F
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?&url=https%3A%2F%2Fwww.welivesecurity.com%2F2020%2F03%2F05%2Fguildma-devil-drives-electric%2F&text=What%20do%20you%20want%20to%20say%20about%20this?%20Guildma:%20The%20Devil%20drives%20electric%0A&via=welivesecurity
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.welivesecurity.com%2F2020%2F03%2F05%2Fguildma-devil-drives-electric%2F
Title:

Search URL Search Domain Scan URL

URL: https://backend.welivesecurity.com/wp-content/uploads/2020/02/Figure_01_Spam_1.png

Search URL Search Domain Scan URL

URL: https://backend.welivesecurity.com/wp-content/uploads/2020/02/Figure_02_Spam_2.png

Search URL Search Domain Scan URL

URL: https://thebrazilbusiness.com/article/consorcio-in-brazil
Title: consórcio

Search URL Search Domain Scan URL

URL: https://backend.welivesecurity.com/wp-content/uploads/2020/02/Figure_03_Spam_3.png

Search URL Search Domain Scan URL

URL: https://backend.welivesecurity.com/wp-content/uploads/2020/02/Figure_04_Spam_4.png

Search URL Search Domain Scan URL

URL: https://backend.welivesecurity.com/wp-content/uploads/2020/02/Figure_05_Infection_chain.png

Search URL Search Domain Scan URL

URL: https://backend.welivesecurity.com/wp-content/uploads/2020/02/Figure_06_Infection_statistics.png

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1220/
Title: eXtensible Stylesheet Language (.xsl)

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1096/
Title: ADS (Alternate Data Streams)

Search URL Search Domain Scan URL

URL: https://backend.welivesecurity.com/wp-content/uploads/2020/02/Figure_08_Seed_obfuscation.png

Search URL Search Domain Scan URL

URL: https://github.com/DSPlayer/memorymodule/blob/master/BTMemoryModule/BTMemoryModule.pas
Title: BTMemoryModule

Search URL Search Domain Scan URL

URL: https://decoded.avast.io/threatintel/deep-dive-into-guildma-malware/
Title: Avast

Search URL Search Domain Scan URL

URL: https://backend.welivesecurity.com/wp-content/uploads/2020/02/Figure_09_YouTube.png

Search URL Search Domain Scan URL

URL: https://github.com/eset/malware-ioc/tree/master/guildma
Title: our GitHub repository

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1193/
Title: T1193

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1073/
Title: T1073

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1047/
Title: T1047

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1060/
Title: T1060

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1197/
Title: T1197

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1089/
Title: T1089

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1140/
Title: T1140

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1055/
Title: T1055

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1064/
Title: T1064

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1081/
Title: T1081

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1214/
Title: T1214

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1083/
Title: T1083

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1010/
Title: T1010

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1063/
Title: T1063

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1082/
Title: T1082

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1497/
Title: T1497

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1113/
Title: T1113

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1024/
Title: T1024

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1041/
Title: T1041

Search URL Search Domain Scan URL

URL: https://eset.com/
Title: ESET

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?https%3A%2F%2Fwww.welivesecurity.com%2F2020%2F03%2F05%2Fguildma-devil-drives-electric%2F
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-ele= HTTP 301
https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=210295631&t=pageview&_s=1&dl=https%3A%2F%2Fwww.welivesecurity.com%2F2020%2F03%2F05%2Fguildma-devil-drives-electric%2F&ul=en-us&de=UTF-8&dt=Guildma%3A%20The%20Devil%20drives%20electric%20%7C%20WeLiveSecurity&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=810959967&gjid=1071191558&cid=848553351.1583427949&tid=UA-37839312-1&_gid=433533799.1583427949&_r=1&gtm=2wg2q2PMDGSM&cd1=Malware&cd2=ESET%20Research&cd3=3k%2B&cd4=&cd5=2020-03-05T18%3A05%3A49.190%2B01%3A00&cd6=Non-Office%20Hours&cd7=www.welivesecurity.com%2F2020%2F03%2F05%2Fguildma-devil-drives-electric%2F&cd8=https%3A%2F%2Fwww.welivesecurity.com%2F2020%2F03%2F05%2Fguildma-devil-drives-electric%2F&cd10=Research&cd11=en&cd20=false&cd25=GTM-PMDGSM&cd33=consent%20not%20set&cd34=consent%20not%20set&z=1757042430 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-37839312-1&cid=848553351.1583427949&jid=810959967&_gid=433533799.1583427949&gjid=1071191558&_v=j81&z=1757042430

68 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
Redirect Chain

https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-ele=
https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

106 KB
22 KB

8ms
7ms

Document
text/html

2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F24) /

Resource Hash

4e2f24e9343993cea32c6e1be61b1421f99161d991a1ebf3876389cc9eb6bf81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.welivesecurity.com
:scheme: https
:path: /2020/03/05/guildma-devil-drives-electric/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TS01239cf7=016c9a7a13259b246d7f2337ba1b8f05b9ac33fddc8cc94dad677ccfeca1f6c7eda13442f05643997f381342ad4260b74dc2c321ce
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 670
cache-control: max-age=900
content-type: text/html; charset=UTF-8
date: Thu, 05 Mar 2020 17:05:48 GMT
expires: Thu, 05 Mar 2020 17:20:48 GMT
last-modified: Thu, 05 Mar 2020 16:54:40 GMT
link: <https://www.welivesecurity.com/?p=135157>; rel=shortlink
referrer-policy: no-referrer-when-downgrade
server: ECAcc (frc/8F24)
strict-transport-security: max-age=15724800
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 22804

Redirect headers

status: 301
access-control-allow-origin: *
cache-control: max-age=900
content-type: text/html; charset=UTF-8
date: Thu, 05 Mar 2020 17:05:48 GMT
expires: Thu, 05 Mar 2020 17:20:48 GMT
location: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
referrer-policy: no-referrer-when-downgrade
server: ECAcc (frc/8FC2)
set-cookie: TS01239cf7=016c9a7a13259b246d7f2337ba1b8f05b9ac33fddc8cc94dad677ccfeca1f6c7eda13442f05643997f381342ad4260b74dc2c321ce; Path=/; Domain=.www.welivesecurity.com
strict-transport-security: max-age=15724800
vary: Origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 0

GET
H2 200 main-a639148c65.css
www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/build/css/ 275 KB
44 KB 13ms
8ms Stylesheet
text/css 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/build/css/main-a639148c65.css

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FBE) /

Resource Hash

1081ab3b553e6cb85a3d5cabe9adab3887634a110dba679fb05dde8c18b15409

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 429
x-cache: HIT
status: 200
x-cnection: close
strict-transport-security: max-age=15724800
content-length: 44923
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 25 Feb 2020 10:13:43 GMT
server: ECAcc (frc/8FBE)
etag: "44a18-59f63be1243c0-gzip"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 05 Mar 2020 17:20:48 GMT

GET
H2 200 classic.css
www.welivesecurity.com/wp-content/plugins/crayon-syntax-highlighter/themes/classic/ 4 KB
832 B 19ms
14ms Stylesheet
text/css 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.welivesecurity.com/wp-content/plugins/crayon-syntax-highlighter/themes/classic/classic.css?ver=_2.7.2_beta

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FA2) /

Resource Hash

01e43870a4218fe731a3516dd76725698c3aadfb285465086849c6b52ef71719

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68
x-cache: HIT
status: 200
x-cnection: close
strict-transport-security: max-age=15724800
content-length: 727
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 25 Feb 2020 10:12:54 GMT
server: ECAcc (frc/8FA2)
etag: "1110-59f63bb269580-gzip"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 05 Mar 2020 17:20:48 GMT

GET
H2 200 monaco.css
www.welivesecurity.com/wp-content/plugins/crayon-syntax-highlighter/fonts/ 516 B
316 B 19ms
15ms Stylesheet
text/css 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.welivesecurity.com/wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css?ver=_2.7.2_beta

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F7F) /

Resource Hash

a47d6b7ed20c17858b6771922b06fe5f3019bfb468b4a556738c0f0aa16f5bdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68
x-cache: HIT
status: 200
strict-transport-security: max-age=15724800
content-length: 234
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 25 Feb 2020 10:12:54 GMT
server: ECAcc (frc/8F7F)
etag: "204-59f63bb269580-gzip"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 05 Mar 2020 17:20:48 GMT

GET
H2 200 cookiebar.min.css
assets.esetstatic.com/3PS/ 5 KB
2 KB 42ms
8ms Stylesheet
text/css 2620:1ec:bdf::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.esetstatic.com/3PS/cookiebar.min.css

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

ad9809d6cb8a5286ca1f32aee040ce3e7e525ed6dc340cc8f2f90b7f1c445165

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=2592000;
content-encoding: gzip
x-content-type-options: nosniff
x-azure-ref-originshield: 0pSNhXgAAAAARYUA/7Q1IS47FRr2Ve/OkQU1TRURHRTA1MDcAZTQxNzJiYzEtNGZlZS00M2U2LWE3ZTgtMzVkZjVjYWQ3MDNl
x-cache: TCP_HIT
status: 200
x-azure-ref: 0bDFhXgAAAAALwv3xVeJvR7rY8ybi4aV1RlJBRURHRTEwMTIAZTQxNzJiYzEtNGZlZS00M2U2LWE3ZTgtMzVkZjVjYWQ3MDNl
content-length: 1468
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
server: Apache
x-frame-options: sameorigin
date: Thu, 05 Mar 2020 17:05:48 GMT
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: max-age=3600, s-maxage=3600

GET
H2 200 eset-wls-dark-header-1.svg
www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/img/new-logo/ 3 KB
1 KB 19ms
16ms Image
image/svg+xml 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/img/new-logo/eset-wls-dark-header-1.svg

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F63) /

Resource Hash

f0edf4ed283d119399dcb7025914b6a68a187667085bcbc49fe91db20f952cc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 609
x-cache: HIT
status: 200
x-cnection: close
strict-transport-security: max-age=15724800
content-length: 1205
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 25 Feb 2020 10:13:41 GMT
server: ECAcc (frc/8F63)
etag: "bb2-59f63bdf3bf40"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 05 Mar 2020 17:20:48 GMT

GET
H2 200 eset-wls-dark-header-2.svg
www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/img/new-logo/ 3 KB
1 KB 19ms
16ms Image
image/svg+xml 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/img/new-logo/eset-wls-dark-header-2.svg

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FDD) /

Resource Hash

35ccbb14f6d8b7ed5eb03728f94221f27ed194ae83b32c40315d531f49b10bc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 429
x-cache: HIT
status: 200
x-cnection: close
strict-transport-security: max-age=15724800
content-length: 1305
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 25 Feb 2020 10:13:41 GMT
server: ECAcc (frc/8FDD)
etag: "a8a-59f63bdf3bf40"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 05 Mar 2020 17:20:48 GMT

GET
H2 200 eset-wls-light-header-1.svg
www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/img/new-logo/ 3 KB
1 KB 18ms
14ms Image
image/svg+xml 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/img/new-logo/eset-wls-light-header-1.svg

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FFC) /

Resource Hash

5813b04bb0c879b76179735995127ddc2af1867f42d4a4b5a8d7c3103f348b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68
x-cache: HIT
status: 200
x-cnection: close
strict-transport-security: max-age=15724800
content-length: 1222
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 25 Feb 2020 10:13:41 GMT
server: ECAcc (frc/8FFC)
etag: "bc1-59f63bdf3bf40"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 05 Mar 2020 17:20:48 GMT

GET
H2 200 eset-wls-light-header-2.svg
www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/img/new-logo/ 2 KB
1 KB 18ms
14ms Image
image/svg+xml 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/img/new-logo/eset-wls-light-header-2.svg

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FDD) /

Resource Hash

12c42fa79dc321e56bb3c23008cacf7a79771bab4fa61f765556e24ba13a89ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68
x-cache: HIT
status: 200
x-cnection: close
strict-transport-security: max-age=15724800
content-length: 1122
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 25 Feb 2020 10:13:41 GMT
server: ECAcc (frc/8FDD)
etag: "967-59f63bdf3bf40"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 05 Mar 2020 17:20:48 GMT

GET
H2 200 android-ess51-222x179.png
www.welivesecurity.com/wp-content/uploads/2013/01/ 40 KB
40 KB 18ms
15ms Image
image/png 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/uploads/2013/01/android-ess51-222x179.png

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FAF) /

Resource Hash

d5102042d25188026b7c1a27a92d22b3f3eef2586b5a9870c60c63460fc9b8fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
x-content-type-options: nosniff
age: 383
x-cache: HIT
status: 200
x-cnection: close
content-length: 40766
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 13 Feb 2020 10:39:43 GMT
server: ECAcc (frc/8FAF)
etag: "9f3e-59e72b5003249"
strict-transport-security: max-age=15724800
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 05 Mar 2020 17:20:48 GMT

GET
H2 200 Figure_01_Spam_1.png
www.welivesecurity.com/wp-content/uploads/2020/02/ 21 KB
21 KB 19ms
16ms Image
image/png 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/uploads/2020/02/Figure_01_Spam_1.png

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F7E) /

Resource Hash

b511acce7b47d276127a14537d0e37036aec37f3dfcbbfb1934b72f76d866178

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
x-content-type-options: nosniff
age: 383
x-cache: HIT
status: 200
content-length: 21533
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 25 Feb 2020 09:51:35 GMT
server: ECAcc (frc/8F7E)
etag: "541d-59f636ef1460a"
strict-transport-security: max-age=15724800
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 05 Mar 2020 17:20:48 GMT

GET
H2 200 Figure_02_Spam_2.png
www.welivesecurity.com/wp-content/uploads/2020/02/ 23 KB
23 KB 20ms
16ms Image
image/png 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/uploads/2020/02/Figure_02_Spam_2.png

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F2F) /

Resource Hash

c6d37ba327890434e537dc33fe8ce40d0095eccf008a8eb98ac8fc13b467b55b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
x-content-type-options: nosniff
age: 383
x-cache: HIT
status: 200
content-length: 23749
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 25 Feb 2020 09:51:39 GMT
server: ECAcc (frc/8F2F)
etag: "5cc5-59f636f2b6b71"
strict-transport-security: max-age=15724800
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 05 Mar 2020 17:20:48 GMT

GET
H2 200 Figure_03_Spam_3.png
www.welivesecurity.com/wp-content/uploads/2020/02/ 23 KB
24 KB 20ms
16ms Image
image/png 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/uploads/2020/02/Figure_03_Spam_3.png

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8EA8) /

Resource Hash

f748f1cb344daf015fdac7a2aa10fcf0a3c400e2a7fcc8b367679ffdea90c124

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
x-content-type-options: nosniff
age: 383
x-cache: HIT
status: 200
content-length: 24061
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 25 Feb 2020 09:51:42 GMT
server: ECAcc (frc/8EA8)
etag: "5dfd-59f636f62a251"
strict-transport-security: max-age=15724800
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 05 Mar 2020 17:20:48 GMT

GET
H2 200 Figure_04_Spam_4.png
www.welivesecurity.com/wp-content/uploads/2020/02/ 49 KB
49 KB 21ms
18ms Image
image/png 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/uploads/2020/02/Figure_04_Spam_4.png

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FD2) /

Resource Hash

6e02d3a483a2a1d5605f794f34efe025379b079eee7b8504908571219ee1ecd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
x-content-type-options: nosniff
age: 383
x-cache: HIT
status: 200
x-cnection: close
content-length: 49754
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 25 Feb 2020 09:51:47 GMT
server: ECAcc (frc/8FD2)
etag: "c25a-59f636fa96c5d"
strict-transport-security: max-age=15724800
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 05 Mar 2020 17:20:48 GMT

GET
H2 200 Figure_05_Infection_chain-1024x345.png
www.welivesecurity.com/wp-content/uploads/2020/02/ 119 KB
119 KB 23ms
20ms Image
image/png 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/uploads/2020/02/Figure_05_Infection_chain-1024x345.png

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8EA7) /

Resource Hash

afe0adf55c30a402e3078f757d2b99d687fff9d2f4d5bfb82fe0a2a25c2fbe33

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
x-content-type-options: nosniff
age: 383
x-cache: HIT
status: 200
content-length: 121775
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 25 Feb 2020 09:51:53 GMT
server: ECAcc (frc/8EA7)
etag: "1dbaf-59f6370033d01"
strict-transport-security: max-age=15724800
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 05 Mar 2020 17:20:48 GMT

GET
H2 200 Figure_06_Infection_statistics-1024x321.png
www.welivesecurity.com/wp-content/uploads/2020/02/ 58 KB
58 KB 23ms
20ms Image
image/png 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/uploads/2020/02/Figure_06_Infection_statistics-1024x321.png

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FFB) /

Resource Hash

7ba2f78b4cea5e9f8fe0e1773a13034f993e3daedb4f53596ef21372c9e85af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
x-content-type-options: nosniff
age: 383
x-cache: HIT
status: 200
content-length: 59676
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 25 Feb 2020 09:51:59 GMT
server: ECAcc (frc/8FFB)
etag: "e91c-59f63705f4c44"
strict-transport-security: max-age=15724800
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 05 Mar 2020 17:20:48 GMT

GET
H/1.1 403
Forbidden Figure_08_Seed_obfuscation.png
backend.welivesecurity.com/wp-content/uploads/2020/02/ 0
0 1210ms
74ms Image
text/html 52.166.8.11
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://backend.welivesecurity.com/wp-content/uploads/2020/02/Figure_08_Seed_obfuscation.png
Requested by: Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.166.8.11 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

GET
H2 200 Figure_09_YouTube-768x425.png
www.welivesecurity.com/wp-content/uploads/2020/02/ 172 KB
172 KB 23ms
20ms Image
image/png 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/uploads/2020/02/Figure_09_YouTube-768x425.png

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F53) /

Resource Hash

aee1846683e18e77ea55f677249025265905a5f3101fa63449773277dd153b66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
x-content-type-options: nosniff
age: 383
x-cache: HIT
status: 200
content-length: 175925
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 25 Feb 2020 09:52:12 GMT
server: ECAcc (frc/8F53)
etag: "2af35-59f637129cd30"
strict-transport-security: max-age=15724800
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 05 Mar 2020 17:20:48 GMT

GET
H2 200 Marc_Etienne.jpg
www.welivesecurity.com/wp-content/uploads/2014/10/ 42 KB
42 KB 23ms
20ms Image
image/jpeg 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/uploads/2014/10/Marc_Etienne.jpg

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8E9C) /

Resource Hash

727a7ae79e34d3f9bf2a3223b353dfb377f28ca5ac1900489b29141b09c0b839

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
x-content-type-options: nosniff
age: 248
x-cache: HIT
status: 200
x-cnection: close
content-length: 42782
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 14 Feb 2020 20:51:33 GMT
server: ECAcc (frc/8E9C)
etag: "a71e-59e8f5ef1640b"
strict-transport-security: max-age=15724800
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 05 Mar 2020 17:20:48 GMT

GET
H2 200 linux-malware-should-you-worry-1-623x432.jpg
www.welivesecurity.com/wp-content/uploads/2020/02/ 26 KB
26 KB 23ms
20ms Image
image/jpeg 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/uploads/2020/02/linux-malware-should-you-worry-1-623x432.jpg

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F0A) /

Resource Hash

d380f386998db895f640f31e93e3c962aa264f96e096c849b789e9f63bc87df4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
x-content-type-options: nosniff
age: 609
x-cache: HIT
status: 200
x-cnection: close
content-length: 26998
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 19 Feb 2020 14:41:18 GMT
server: ECAcc (frc/8F0A)
etag: "6976-59eeec80546ea"
strict-transport-security: max-age=15724800
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 05 Mar 2020 17:20:48 GMT

GET
H2 200 Winnti-Group-targeting-Hong-Kong-universities-623x432.jpg
www.welivesecurity.com/wp-content/uploads/2020/01/ 39 KB
39 KB 23ms
20ms Image
image/jpeg 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/uploads/2020/01/Winnti-Group-targeting-Hong-Kong-universities-623x432.jpg

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F48) /

Resource Hash

f22794a58cde7aff4240853e4bba73575ef360fad49a314d0b6cebf195ab3ea1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
x-content-type-options: nosniff
age: 789
x-cache: HIT
status: 200
x-cnection: close
content-length: 39790
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 12 Feb 2020 19:46:33 GMT
server: ECAcc (frc/8F48)
etag: "9b6e-59e663ac78cdc"
strict-transport-security: max-age=15724800
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 05 Mar 2020 17:20:48 GMT

GET
H2 200 stantinko-M-623x432.jpg
www.welivesecurity.com/wp-content/uploads/2019/11/ 58 KB
58 KB 24ms
21ms Image
image/jpeg 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/uploads/2019/11/stantinko-M-623x432.jpg

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FF5) /

Resource Hash

05b56062f5a07c394e7e78088371c13731f068ef8658779bc2955ee218ac8597

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
x-content-type-options: nosniff
age: 383
x-cache: HIT
status: 200
x-cnection: close
content-length: 59553
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 12 Feb 2020 23:08:45 GMT
server: ECAcc (frc/8FF5)
etag: "e8a1-59e690de64c63"
strict-transport-security: max-age=15724800
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 05 Mar 2020 17:20:48 GMT

GET
H2 200 eset-wls-footer-1.svg
www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/img/new-logo/ 3 KB
1 KB 24ms
21ms Image
image/svg+xml 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/img/new-logo/eset-wls-footer-1.svg

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F2E) /

Resource Hash

7df5345a52f22643ef051bf74f41d9a5a5644d5e699480a81ae8825b8ab5e533

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68
x-cache: HIT
status: 200
x-cnection: close
strict-transport-security: max-age=15724800
content-length: 1244
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 25 Feb 2020 10:13:41 GMT
server: ECAcc (frc/8F2E)
etag: "be5-59f63bdf3bf40"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 05 Mar 2020 17:20:48 GMT

GET
H2 200 eset-wls-footer-2.svg
www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/img/new-logo/ 3 KB
1 KB 24ms
21ms Image
image/svg+xml 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/img/new-logo/eset-wls-footer-2.svg

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8E88) /

Resource Hash

e22e3416c5b454c2fc3c8e8185b478647446789abbee258ec18a5791880eaf1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 429
x-cache: HIT
status: 200
x-cnection: close
strict-transport-security: max-age=15724800
content-length: 1230
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 25 Feb 2020 10:13:41 GMT
server: ECAcc (frc/8E88)
etag: "a0b-59f63bdf3bf40"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 05 Mar 2020 17:20:48 GMT

GET
H2 200 main-0ba0c3843d.js Show response
www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/build/js/ 324 KB
101 KB 7ms
7ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/build/js/main-0ba0c3843d.js

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8E89) /

Resource Hash

a493d727aee756ab02e03abcc0432cf03c057d3b84549fa78a963f1e5a511ace

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 609
x-cache: HIT
status: 200
x-cnection: close
strict-transport-security: max-age=15724800
content-length: 103528
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 25 Feb 2020 10:13:41 GMT
server: ECAcc (frc/8E89)
etag: "51012-59f63bdf3bf40-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 05 Mar 2020 17:20:48 GMT

GET
H2 200 crayon.min.js Show response
www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/static/js/ 22 KB
7 KB 10ms
10ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/static/js/crayon.min.js

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FDE) /

Resource Hash

193fbb968733b8a7049da19274546e6b80b76e9a8f1b837fee9a5fdeb8f97c7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197
x-cache: HIT
status: 200
strict-transport-security: max-age=15724800
content-length: 6790
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 25 Feb 2020 10:13:41 GMT
server: ECAcc (frc/8FDE)
etag: "5741-59f63bdf3bf40-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 05 Mar 2020 17:20:48 GMT

GET
H2 200 comment_count.js Show response
www.welivesecurity.com/wp-content/plugins/disqus-comment-system/public/js/ 889 B
523 B 16ms
13ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.welivesecurity.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.16

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FA1) /

Resource Hash

cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 429
x-cache: HIT
status: 200
x-cnection: close
strict-transport-security: max-age=15724800
content-length: 440
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 25 Feb 2020 10:12:54 GMT
server: ECAcc (frc/8FA1)
etag: "379-59f63bb269580-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 05 Mar 2020 17:20:48 GMT

GET
H2 200 comment_embed.js Show response
www.welivesecurity.com/wp-content/plugins/disqus-comment-system/public/js/ 1 KB
573 B 16ms
13ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.welivesecurity.com/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.16

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FBE) /

Resource Hash

f055e217bde76d711bd8b42af773f9f99b8a29d81ad9ed10b6379cc7e6c60452

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 195
x-cache: HIT
status: 200
strict-transport-security: max-age=15724800
content-length: 505
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 25 Feb 2020 10:12:54 GMT
server: ECAcc (frc/8FBE)
etag: "47e-59f63bb269580-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 05 Mar 2020 17:20:48 GMT

GET
H2 200 jquery.js Show response
www.welivesecurity.com/wp-includes/js/jquery/ 95 KB
33 KB 17ms
13ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.welivesecurity.com/wp-includes/js/jquery/jquery.js?ver=1.12.4

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F98) /

Resource Hash

fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 383
x-cache: HIT
status: 200
x-cnection: close
strict-transport-security: max-age=15724800
content-length: 33766
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 25 Feb 2020 10:12:55 GMT
server: ECAcc (frc/8F98)
etag: "17ba0-59f63bb35d7c0-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 05 Mar 2020 17:20:48 GMT

GET
H2 200 jquery.datatables.min.js Show response
www.welivesecurity.com/wp-content/plugins/tablepress/js/ 80 KB
27 KB 17ms
14ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.welivesecurity.com/wp-content/plugins/tablepress/js/jquery.datatables.min.js?ver=1.9.1

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FA9) /

Resource Hash

b796504d9b1b422f0dc6ccc2d740ac78a8c9e5078cc3934836d39742b1121925

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 383
x-cache: HIT
status: 200
x-cnection: close
strict-transport-security: max-age=15724800
content-length: 28049
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 25 Feb 2020 10:12:54 GMT
server: ECAcc (frc/8FA9)
etag: "141eb-59f63bb269580-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 05 Mar 2020 17:20:48 GMT

GET
H2 200 app.min.js Show response
assets.esetstatic.com/3PR/ 19 KB
5 KB 10ms
7ms Script
application/javascript 2620:1ec:bdf::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.esetstatic.com/3PR/app.min.js

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

d04a2e1990c92cfd43a2ea141d54525ae79e3796608f521a5584f0ff0bdee59d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=2592000;
content-encoding: gzip
x-content-type-options: nosniff
x-azure-ref-originshield: 07yxhXgAAAABBiyZEOTiBS7jUcJb0hxYOQU1TRURHRTA0MDcAZTQxNzJiYzEtNGZlZS00M2U2LWE3ZTgtMzVkZjVjYWQ3MDNl
x-cache: TCP_HIT
status: 200
x-azure-ref: 0bDFhXgAAAAAGVNwjSMt4R4taZ5M1SxjrRlJBRURHRTEwMTIAZTQxNzJiYzEtNGZlZS00M2U2LWE3ZTgtMzVkZjVjYWQ3MDNl
content-length: 4659
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
server: Apache
x-frame-options: sameorigin
date: Thu, 05 Mar 2020 17:05:48 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, s-maxage=3600

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 100 KB
32 KB 18ms
15ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PMDGSM

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

45003856b17add7f76243c00187a96c8a2622333fee4385671587b8e8901521e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 32147
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 05 Mar 2020 17:05:48 GMT

GET
H2 200 fbds.js Show response
connect.facebook.net/en_US/ 4 KB
2 KB 9ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbds.js

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

22419cb4478af8eca342d117c1b632aff716b8ee00554fcdbf1e46b1f8e37073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: /Rd5aCJaffF/PEmbOuEmoQ==
status: 200
date: Thu, 05 Mar 2020 17:05:48 GMT, Thu, 05 Mar 2020 17:05:48 GMT
expires: Thu, 05 Mar 2020 17:23:08 GMT
alt-svc: h3-27=":443"; ma=3600
content-length: 2118
x-fb-debug: PWcMm+kAYoW6lL5QlyghT+9SDWFS+23Sk49ysVI0eEgVOjOQDQHZy7IGQOQOE4cDKWQ2gJBhKgQu0q3K3J9LcQ==
x-fb-trip-id: 2000377899
x-fb-content-md5: e6801f6728415f9ea21f5920d4df9373
etag: "d74be0842040328d9e3cd8b23aa59f2d"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 926ms
922ms Script
application/x-javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8AAA) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 05 Mar 2020 17:05:49 GMT
content-encoding: gzip
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 1256
x-cache: HIT
status: 200
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Tue, 04 Feb 2020 19:23:51 GMT
server: ECAcc (ama/8AAA)
etag: 0x8D7A9A7C460F06C
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 9682907c-a01e-00f5-800d-f3c0f5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0b001d13de3a3dfc445d7d632e9a3a2144ddf72ccd1e4377d914650bec3ced22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: VfE/vWoaGKpnyLqmHKKWVw==
status: 200
date: Thu, 05 Mar 2020 17:05:48 GMT, Thu, 05 Mar 2020 17:05:48 GMT
expires: Thu, 05 Mar 2020 17:23:02 GMT
alt-svc: h3-27=":443"; ma=3600
content-length: 1779
x-fb-debug: 0+7/W04jAw2SVaR1SBvCnMppHkRlS88fCu/OZUFmI9NmyaNAaiW57q3P0E6rB4BWMTUhy8v4N38e0sJ9JZDYkw==
x-fb-trip-id: 2000377899
x-fb-content-md5: 7c709a690afe100b0fb06ac780304bb8
etag: "f55d20650b34b3710988a523afe73a58"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 single-wide-header-fade.png
www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/img/ 92 KB
92 KB 11ms
11ms Image
image/png 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/img/single-wide-header-fade.png

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC3) /

Resource Hash

e2a1c2c0322c2737e986c860da67fbb2b9e93b70527a943b8c35b9d6e81ebb42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/build/css/main-a639148c65.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
x-content-type-options: nosniff
age: 43
x-cache: HIT
status: 200
x-cnection: close
content-length: 94055
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 25 Feb 2020 10:13:41 GMT
server: ECAcc (frc/8FC3)
etag: "16f67-59f63bdf3bf40"
strict-transport-security: max-age=15724800
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 05 Mar 2020 17:20:48 GMT

GET
H2 200 Guildma-e1581631162730.png
www.welivesecurity.com/wp-content/uploads/2020/02/ 1 MB
1 MB 16ms
16ms Image
image/png 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/uploads/2020/02/Guildma-e1581631162730.png

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FD3) /

Resource Hash

d068aa4071e6221b31b1422536ce664428686505397f09ee7b6e0d7373174eb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
x-content-type-options: nosniff
age: 383
x-cache: HIT
status: 200
content-length: 1357368
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 13 Feb 2020 21:59:24 GMT
server: ECAcc (frc/8FD3)
etag: "14b638-59e7c33b5cf57"
strict-transport-security: max-age=15724800
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 05 Mar 2020 17:20:48 GMT

GET
H2 200 li-shield-icon.svg
www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/img/ 961 B
705 B 16ms
15ms Image
image/svg+xml 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/img/li-shield-icon.svg

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FBF) /

Resource Hash

e0c2fd69b7d441b42045d474afe52d2bdbb81a44c8d73e2c8271e4114003d991

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/build/css/main-a639148c65.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 911
x-cache: HIT
status: 200
strict-transport-security: max-age=15724800
content-length: 597
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 25 Feb 2020 10:13:41 GMT
server: ECAcc (frc/8FBF)
etag: "3c1-59f63bdf3bf40"
vary: Accept-Encoding
warning: 110 - "Response is stale"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 05 Mar 2020 17:20:48 GMT

GET
H2 200 crayon-buttons.png
www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/img/ 979 B
1 KB 19ms
15ms Image
image/png 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/img/crayon-buttons.png

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F21) /

Resource Hash

57baaa5bc91a8c9ca43ae98855f0f8d4e6b80ff177513c8e901d49755193c1c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/build/css/main-a639148c65.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
x-content-type-options: nosniff
age: 383
x-cache: HIT
status: 200
x-cnection: close
content-length: 979
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 25 Feb 2020 10:13:35 GMT
server: ECAcc (frc/8F21)
etag: "3d3-59f63bd9831c0"
strict-transport-security: max-age=15724800
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 05 Mar 2020 17:20:48 GMT

GET
H2 200 Fedra-Sans-Alt-Book.woff
www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/fonts/ 40 KB
40 KB 23ms
22ms Font
font/woff 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/fonts/Fedra-Sans-Alt-Book.woff

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F21) /

Resource Hash

1ba0ff3994900740a94dc37300b7415b25d642f6ef495afc5ae4e16ae1128e66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/build/css/main-a639148c65.css
Origin: https://www.welivesecurity.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
x-content-type-options: nosniff
age: 406
x-cache: HIT
status: 200
x-cnection: close
content-length: 40945
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 25 Feb 2020 10:13:41 GMT
server: ECAcc (frc/8F21)
etag: "9ff1-59f63bdf3bf40"
strict-transport-security: max-age=15724800
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 05 Mar 2020 17:20:48 GMT

GET
H2 200 Fedra-Sans-Alt-Bold.woff
www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/fonts/ 40 KB
40 KB 14ms
13ms Font
font/woff 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/fonts/Fedra-Sans-Alt-Bold.woff

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F8B) /

Resource Hash

12f37c0a70377ac636345742e2eb0d2acb70d411612020ae1608193330a5b15d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/build/css/main-a639148c65.css
Origin: https://www.welivesecurity.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
x-content-type-options: nosniff
age: 406
x-cache: HIT
status: 200
x-cnection: close
content-length: 40563
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 25 Feb 2020 10:13:41 GMT
server: ECAcc (frc/8F8B)
etag: "9e73-59f63bdf3bf40"
strict-transport-security: max-age=15724800
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 05 Mar 2020 17:20:48 GMT

GET
H2 200 icomoon.ttf
www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/fonts/ 4 KB
4 KB 14ms
14ms Font
font/ttf 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/fonts/icomoon.ttf?460of5

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F69) /

Resource Hash

8d8ba4c94f3b33965aa63ce307972277b1263dc40705b292af8f835f4eebd042

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/build/css/main-a639148c65.css
Origin: https://www.welivesecurity.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
x-content-type-options: nosniff
age: 406
x-cache: HIT
status: 200
x-cnection: close
content-length: 3988
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 25 Feb 2020 10:13:41 GMT
server: ECAcc (frc/8F69)
etag: "f94-59f63bdf3bf40"
strict-transport-security: max-age=15724800
content-type: font/ttf
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 05 Mar 2020 17:20:48 GMT

GET
H2 200 Fedra-Sans-Alt-Book-Italic.woff
www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/fonts/ 40 KB
40 KB 14ms
14ms Font
font/woff 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/fonts/Fedra-Sans-Alt-Book-Italic.woff

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F0D) /

Resource Hash

63a41173db39c92635a87b39eedb581e8a1c3142372ebced441ce927fef343a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/build/css/main-a639148c65.css
Origin: https://www.welivesecurity.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
x-content-type-options: nosniff
age: 383
x-cache: HIT
status: 200
x-cnection: close
content-length: 40640
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 25 Feb 2020 10:13:41 GMT
server: ECAcc (frc/8F0D)
etag: "9ec0-59f63bdf3bf40"
strict-transport-security: max-age=15724800
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 05 Mar 2020 17:20:48 GMT

GET
H2 200 Fedra-Sans-Alt-Bold-Italic.woff
www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/fonts/ 39 KB
39 KB 16ms
15ms Font
font/woff 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/fonts/Fedra-Sans-Alt-Bold-Italic.woff

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FBC) /

Resource Hash

3a2e61b404aed1eb74550f0bd60b8ba648d17ca990163f387fae4c3441bcf767

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/build/css/main-a639148c65.css
Origin: https://www.welivesecurity.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
x-content-type-options: nosniff
age: 383
x-cache: HIT
status: 200
x-cnection: close
content-length: 40105
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 25 Feb 2020 10:13:35 GMT
server: ECAcc (frc/8FBC)
etag: "9ca9-59f63bd9831c0"
strict-transport-security: max-age=15724800
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 05 Mar 2020 17:20:48 GMT

GET
H2 200 monaco-webfont.woff
www.welivesecurity.com/wp-content/plugins/crayon-syntax-highlighter/fonts/monaco/ 21 KB
21 KB 7ms
6ms Font
font/woff 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.welivesecurity.com/wp-content/plugins/crayon-syntax-highlighter/fonts/monaco/monaco-webfont.woff

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FF5) /

Resource Hash

9c2e1d2864f53c224d6542bed9a1ab1de620dae21a2146eb4ff982dd8fcd4567

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css?ver=_2.7.2_beta
Origin: https://www.welivesecurity.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Mar 2020 17:05:48 GMT
x-content-type-options: nosniff
age: 383
x-cache: HIT
status: 200
x-cnection: close
content-length: 21372
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 25 Feb 2020 10:12:54 GMT
server: ECAcc (frc/8FF5)
etag: "537c-59f63bb269580"
strict-transport-security: max-age=15724800
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 05 Mar 2020 17:20:48 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
109 B 7ms
6ms Image
image/gif 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&cid=86098.02809532318&tid=UA-76266002-27&dl=https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/&t=event&ec=Tracking%20check%20-%20recurring&ea=Script%20loaded&ni=1&cd1=wls&aip=1&z=523994

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 24 Feb 2020 23:41:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 840266
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 check.png
cdn1.esetstatic.com/ESET/INT/assets/img/ 68 B
868 B 1106ms
20ms Image
image/png 13.224.194.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn1.esetstatic.com/ESET/INT/assets/img/check.png?country=wls&gcode=scriptLoaded&z=504973

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.224.194.67 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-67.fra2.r.cloudfront.net

Software

Apache /

Resource Hash

260865134b6e69ca7bafa9e8ddcd59fb6ffbf727f50a3d2dd186d217c8c79694

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://eset.report-uri.com/r/d/xss/enforce

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=63072000;
via: 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 50043
x-cache: Hit from cloudfront
status: 200
content-length: 68
x-xss-protection: 1; mode=block; report=https://eset.report-uri.com/r/d/xss/enforce
referrer-policy: strict-origin
last-modified: Tue, 26 Feb 2019 12:47:15 GMT
server: Apache
date: Thu, 05 Mar 2020 09:22:29 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: https://www.eset.com
cache-control: max-age=2592000, s-maxage=86400, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
etag: "44-582cb74ebc90e"
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: C5VqJxW4v_3-UlYXMoYiSPbD_mibzQBrc-Uu31eUfRqyxOWsjPgC4Q==

GET
H/1.1 200
OK count.js Show response
welivesecurity.disqus.com/ 1 KB
1 KB 1100ms
22ms Script
application/javascript 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://welivesecurity.disqus.com/count.js

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.16

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 05 Mar 2020 17:05:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 1538941
Connection: keep-alive
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 12 Feb 2020 18:34:00 GMT
Server: nginx
ETag: "5e444518-367"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect

GET
H/1.1 200
OK embed.js Show response
welivesecurity.disqus.com/ 66 KB
22 KB 1446ms
369ms Script
application/javascript 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://welivesecurity.disqus.com/embed.js

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.16

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

09c422eebe3faa139808f59e2721f3843982b4a201333d79c0478ed6f9841f23

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 05 Mar 2020 17:05:50 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 22236

GET
H2 200 /
www.facebook.com/tr/ 44 B
260 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1518099328403839&ev=PixelInitialized&dl=https%3A%2F%2Fwww.welivesecurity.com%2F2020%2F03%2F05%2Fguildma-devil-drives-electric%2F&rl=&if=false&ts=1583427949162

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 17:05:49 GMT, Thu, 05 Mar 2020 17:05:49 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 05 Mar 2020 17:05:49 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 390 KB
113 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=17553780eab7cd04356a92ed1e330b35&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

23a27228aa4d8bdb377ae4ab7eb31750e932696ecb24587a82a12a4c5d391bc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
Origin: https://www.welivesecurity.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: jgL3zV0YR9fJg9s+8NHf5Q==
status: 200
date: Thu, 05 Mar 2020 17:05:49 GMT, Thu, 05 Mar 2020 17:05:49 GMT
expires: Fri, 05 Mar 2021 17:03:03 GMT
alt-svc: h3-27=":443"; ma=3600
content-length: 115473
x-fb-debug: OGuis05/S/HLD+3x/uq2JkvUVkkXo5R/RlDm0BzD9Q2Iu1qraNqBaT6rENwlZzJ30dNJYM4r7LAMi1L68llsNw==
x-fb-trip-id: 1850256238
x-fb-content-md5: bcc1799ed64c60983adb97c182a5aa0f
etag: "5aa6fe1b5f86ac6fca0eee8e5806f2d9"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMDGSM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 4419
date: Thu, 05 Mar 2020 15:52:10 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Thu, 05 Mar 2020 17:52:10 GMT

GET
H2 204 a
www.googletagmanager.com/ 0
56 B 16ms
15ms Image
image/gif 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-PMDGSM&cv=55&v=3&t=t&pid=1667560091&rv=2q2&es=1&e=gtm.js&eid=0&tc=29&tr=1gclidw.1ua.1tl.1paused.1paused.1lcl.1fsl.1lcl.1tg&ti=1gclidw.1ua.1tl.1paused.1paused.1lcl.1fsl.1lcl.1tg&z=0

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 05 Mar 2020 17:05:49 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
status: 204
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 a
www.googletagmanager.com/ 0
56 B 15ms
14ms Image
image/gif 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-PMDGSM&cv=55&v=3&t=t&pid=1667560091&rv=2q2&es=1&e=*&eid=5&tc=29&z=0

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 05 Mar 2020 17:05:49 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
status: 204
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=210295631&t=pageview&_s=1&dl=https%3A%2F%2Fwww.welivesecurity.com%2F2020%2F03%2F05%2Fguildma-devil-drives-electric%2F&ul=en-us&de=UTF-8...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-37839312-1&cid=848553351.1583427949&jid=810959967&_gid=433533799.1583427949&gjid=1071191558&_v=j81&z=1757042430

35 B
102 B

15ms
14ms

Image
image/gif

2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-37839312-1&cid=848553351.1583427949&jid=810959967&_gid=433533799.1583427949&gjid=1071191558&_v=j81&z=1757042430

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Thu, 05 Mar 2020 17:05:49 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 Mar 2020 17:05:49 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-37839312-1&cid=848553351.1583427949&jid=810959967&_gid=433533799.1583427949&gjid=1071191558&_v=j81&z=1757042430
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 417
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
103 B 6ms
6ms Image
image/gif 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&aip=1&a=210295631&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.welivesecurity.com%2F2020%2F03%2F05%2Fguildma-devil-drives-electric%2F&ul=en-us&de=UTF-8&dt=Guildma%3A%20The%20Devil%20drives%20electric%20%7C%20WeLiveSecurity&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=cookie%20consent&ea=cookie-consent-visible&_u=YEDAAEAB~&jid=&gjid=&cid=848553351.1583427949&tid=UA-37839312-1&_gid=433533799.1583427949&gtm=2wg2q2PMDGSM&cd1=Malware&cd2=ESET%20Research&cd3=3k%2B&cd4=&cd5=2020-03-05T18%3A05%3A49.199%2B01%3A00&cd6=Non-Office%20Hours&cd7=www.welivesecurity.com%2F2020%2F03%2F05%2Fguildma-devil-drives-electric%2F&cd8=https%3A%2F%2Fwww.welivesecurity.com%2F2020%2F03%2F05%2Fguildma-devil-drives-electric%2F&cd10=Research&cd11=en&cd20=false&cd25=GTM-PMDGSM&cd33=consent%20not%20set&cd34=consent%20not%20set&z=820415816

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 24 Feb 2020 23:41:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 840266
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lounge.91790a929b2fba6bf8967d2204d948d5.css
c.disquscdn.com/next/embed/styles/ 0
21 KB 57ms
36ms Other
text/css 2606:4700::6810:4fa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.91790a929b2fba6bf8967d2204d948d5.css

Requested by

Host: welivesecurity.disqus.com
URL: https://welivesecurity.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4fa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

date: Thu, 05 Mar 2020 17:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59000
cf-ray: 56f56c935df396d4-FRA
status: 200
vary: Accept-Encoding
content-length: 21803
x-xss-protection: 1; mode=block
last-modified: Wed, 04 Mar 2020 23:13:11 GMT
server: cloudflare
etag: "5e603607-552b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubdomains
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Mar 2021 00:42:22 GMT

GET
H2 200 common.bundle.b9167d06dc7bd01b59d6d6332d6aafa1.js
c.disquscdn.com/next/embed/ 0
89 KB 58ms
36ms Other
application/javascript 2606:4700::6810:4fa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.b9167d06dc7bd01b59d6d6332d6aafa1.js

Requested by

Host: welivesecurity.disqus.com
URL: https://welivesecurity.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4fa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

date: Thu, 05 Mar 2020 17:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 198467
cf-ray: 56f56c935df596d4-FRA
status: 200
vary: Accept-Encoding
content-length: 90471
x-xss-protection: 1; mode=block
last-modified: Thu, 06 Feb 2020 00:29:34 GMT
server: cloudflare
etag: "5e3b5dee-16167"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubdomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Feb 2021 14:06:37 GMT

GET
H2 200 lounge.bundle.8eb4cbb7a7b48fac6585a4aa26cf9a2c.js
c.disquscdn.com/next/embed/ 0
109 KB 44ms
23ms Other
application/javascript 2606:4700::6810:4fa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.8eb4cbb7a7b48fac6585a4aa26cf9a2c.js

Requested by

Host: welivesecurity.disqus.com
URL: https://welivesecurity.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4fa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

date: Thu, 05 Mar 2020 17:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 58999
cf-ray: 56f56c935df696d4-FRA
status: 200
vary: Accept-Encoding
content-length: 110626
x-xss-protection: 1; mode=block
last-modified: Wed, 04 Mar 2020 23:13:10 GMT
server: cloudflare
etag: "5e603606-1b022"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubdomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Mar 2021 00:42:22 GMT

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
6 KB 56ms
18ms Other
application/javascript 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: welivesecurity.disqus.com
URL: https://welivesecurity.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

Timing-Allow-Origin: *
Date: Thu, 05 Mar 2020 17:05:50 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 47
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=UTF-8
Content-Length: 5454
X-XSS-Protection: 1; mode=block

OPTIONS
H/1.1 200
OK track Show response
dc.services.visualstudio.com/v2/ 0
311 B 111ms
26ms XHR
text/plain 51.140.6.23
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

51.140.6.23 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Access-Control-Request-Method: POST
Origin: https://www.welivesecurity.com
Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type,sdk-context

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 05 Mar 2020 17:05:50 GMT
X-Content-Type-Options: nosniff
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
Content-Length: 0
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST

GET
H/1.1 200
OK /
disqus.com/embed/comments/ Frame 4587 0
0 140ms
139ms Document
text/html 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=welivesecurity&t_i=135157%20https%3A%2F%2Fbackend.welivesecurity.com%2F%3Fp%3D135157&t_u=https%3A%2F%2Fwww.welivesecurity.com%2F2020%2F03%2F05%2Fguildma-devil-drives-electric%2F&t_e=Guildma%3A%20The%20Devil%20drives%20electric&t_d=Guildma%3A%20The%20Devil%20drives%20electric&t_t=Guildma%3A%20The%20Devil%20drives%20electric&s_o=default&l=en

Requested by

Host: welivesecurity.disqus.com
URL: https://welivesecurity.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ 'unsafe-inline' https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ https://apis.google.com https://www.google.com/recaptcha/ https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/

Response headers

Server: nginx
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ 'unsafe-inline' https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ https://apis.google.com https://www.google.com/recaptcha/ https://disqus.com
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Type: text/html; charset=utf-8
Last-Modified: Thu, 05 Mar 2020 10:33:02 GMT
ETag: W/"lounge:view:7901048959.36e88eae0b155cea1a77a0df0e2aea19.2"
Content-Encoding: gzip
Content-Length: 3131
Date: Thu, 05 Mar 2020 17:05:50 GMT
Age: 2
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

POST
H/1.1 200
OK track Show response
dc.services.visualstudio.com/v2/ 96 B
519 B 369ms
368ms XHR
application/json 51.140.6.23
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

51.140.6.23 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c937fd8c76455c6ba498d3605727f260af63feb66a6c9562686afee204b1d91e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
Origin: https://www.welivesecurity.com
Sec-Fetch-Dest: empty
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 2CDBFBCB-4D9D-466B-9927-A266EBE6CAAD
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 05 Mar 2020 17:05:50 GMT
Access-Control-Max-Age: 3600
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
Content-Length: 96

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 4FE4 337 B
371 B 16ms
16ms Stylesheet
text/css 2606:4700::6810:4fa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: welivesecurity.disqus.com
URL: https://welivesecurity.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4fa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 05 Mar 2020 17:05:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2364475
cf-ray: 56f56c96494e96d4-FRA
status: 200
vary: Accept-Encoding
content-length: 244
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Feb 2020 01:14:10 GMT
server: cloudflare
etag: "5e38c562-f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubdomains
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Feb 2021 13:19:18 GMT

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 53BF 337 B
309 B 27ms
26ms Stylesheet
text/css 2606:4700::6810:4fa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: welivesecurity.disqus.com
URL: https://welivesecurity.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4fa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 05 Mar 2020 17:05:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2364475
cf-ray: 56f56c96596296d4-FRA
status: 200
vary: Accept-Encoding
content-length: 244
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Feb 2020 01:14:10 GMT
server: cloudflare
etag: "5e38c562-f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubdomains
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Feb 2021 13:19:18 GMT

GET
H2 204 a
www.googletagmanager.com/ 0
56 B 15ms
15ms Image
image/gif 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-PMDGSM&cv=55&v=3&t=t&pid=1667560091&rv=2q2&es=1&e=gtm.load&eid=16&u=C&tc=29&tr=1sdl.5sdl&ti=1sdl.1sdl&z=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 05 Mar 2020 17:05:51 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
status: 204
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
109 B 6ms
5ms Image
image/gif 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&cid=848553351.1583427949&tid=UA-76266002-27&dl=https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/&t=event&ec=Tracking%20check%20-%20recurring&ea=GA%20loaded,%20GTM%20loaded&ni=1&cd1=wls&aip=1&z=650539

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 24 Feb 2020 23:41:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 840276
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 check.png
cdn1.esetstatic.com/ESET/INT/assets/img/ 68 B
869 B 21ms
20ms Image
image/png 13.224.194.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn1.esetstatic.com/ESET/INT/assets/img/check.png?country=wls&gcode=11

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.224.194.67 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-67.fra2.r.cloudfront.net

Software

Apache /

Resource Hash

260865134b6e69ca7bafa9e8ddcd59fb6ffbf727f50a3d2dd186d217c8c79694

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://eset.report-uri.com/r/d/xss/enforce

Request headers

Referer: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=63072000;
via: 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 50052
x-cache: Hit from cloudfront
status: 200
content-length: 68
x-xss-protection: 1; mode=block; report=https://eset.report-uri.com/r/d/xss/enforce
referrer-policy: strict-origin
last-modified: Tue, 26 Feb 2019 12:47:15 GMT
server: Apache
date: Thu, 05 Mar 2020 09:22:29 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: https://www.eset.com
cache-control: max-age=2592000, s-maxage=86400, public
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
etag: "44-582cb74ebc90e"
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: PJGKQo4JTQ3YRmvTpEKGMXw-gAuQ_VkiUkIVdrSJZ4b2coM0xW2LwA==

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.welivesecurity.com/	1970-01-19 07:50:29	Name: ai_session Value: 3gCDl\|1583427949846.315\|1583427949846.315
www.welivesecurity.com/	1970-01-19 16:36:03	Name: ai_user Value: ytnEz\|2020-03-05T17:05:49.844Z
.welivesecurity.com/	1970-01-19 07:50:28	Name: _gat_UA-37839312-1 Value: 1
.welivesecurity.com/	1970-01-20 01:21:39	Name: _ga Value: GA1.2.848553351.1583427949
.welivesecurity.com/	1970-01-19 07:51:54	Name: _gid Value: GA1.2.433533799.1583427949
.welivesecurity.com/	1970-01-19 10:00:03	Name: _gcl_au Value: 1.1.1595830515.1583427949
.www.welivesecurity.com/	1969-12-31 23:59:59	Name: TS01239cf7 Value: 016c9a7a13259b246d7f2337ba1b8f05b9ac33fddc8cc94dad677ccfeca1f6c7eda13442f05643997f381342ad4260b74dc2c321ce

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/(Line 1029) Message: Timer: 1
console-api	log	URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/(Line 1029) Message: Timer: 2
console-api	log	URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/(Line 1029) Message: Timer: 3
console-api	log	URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/(Line 1029) Message: Timer: 4
console-api	log	URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/(Line 1029) Message: Timer: 5
console-api	log	URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/(Line 1029) Message: Timer: 6
console-api	log	URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/(Line 1029) Message: Timer: 7
console-api	log	URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/(Line 1029) Message: Timer: 8
console-api	log	URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/(Line 1029) Message: Timer: 9
console-api	log	URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/(Line 1029) Message: Timer: 10
console-api	log	URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/(Line 1029) Message: Timer: 11
console-api	log	URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/(Line 1029) Message: Timer: 12
console-api	log	URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/(Line 1029) Message: Timer: 13
console-api	log	URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/(Line 1029) Message: Timer: 14
console-api	log	URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/(Line 1029) Message: Timer: 15
console-api	log	URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/(Line 1029) Message: Timer: 16
console-api	log	URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/(Line 1029) Message: Timer: 17
console-api	log	URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/(Line 1029) Message: Timer: 18
console-api	log	URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/(Line 1029) Message: Timer: 19
console-api	log	URL: https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/(Line 1029) Message: GA and GTM are loaded.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.esetstatic.com
az416426.vo.msecnd.net
backend.welivesecurity.com
c.disquscdn.com
cdn1.esetstatic.com
connect.facebook.net
dc.services.visualstudio.com
disqus.com
stats.g.doubleclick.net
welivesecurity.disqus.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.welivesecurity.com
13.224.194.67
151.101.12.134
151.101.128.134
152.199.19.160
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700::6810:4fa6
2620:1ec:bdf::10
2a00:1450:4001:81c::2008
2a00:1450:4001:821::200e
2a00:1450:400c:c00::9a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
51.140.6.23
52.166.8.11
01e43870a4218fe731a3516dd76725698c3aadfb285465086849c6b52ef71719
05b56062f5a07c394e7e78088371c13731f068ef8658779bc2955ee218ac8597
09c422eebe3faa139808f59e2721f3843982b4a201333d79c0478ed6f9841f23
0b001d13de3a3dfc445d7d632e9a3a2144ddf72ccd1e4377d914650bec3ced22
1081ab3b553e6cb85a3d5cabe9adab3887634a110dba679fb05dde8c18b15409
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12c42fa79dc321e56bb3c23008cacf7a79771bab4fa61f765556e24ba13a89ff
12f37c0a70377ac636345742e2eb0d2acb70d411612020ae1608193330a5b15d
193fbb968733b8a7049da19274546e6b80b76e9a8f1b837fee9a5fdeb8f97c7b
1ba0ff3994900740a94dc37300b7415b25d642f6ef495afc5ae4e16ae1128e66
22419cb4478af8eca342d117c1b632aff716b8ee00554fcdbf1e46b1f8e37073
23a27228aa4d8bdb377ae4ab7eb31750e932696ecb24587a82a12a4c5d391bc2
260865134b6e69ca7bafa9e8ddcd59fb6ffbf727f50a3d2dd186d217c8c79694
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
35ccbb14f6d8b7ed5eb03728f94221f27ed194ae83b32c40315d531f49b10bc1
3a2e61b404aed1eb74550f0bd60b8ba648d17ca990163f387fae4c3441bcf767
45003856b17add7f76243c00187a96c8a2622333fee4385671587b8e8901521e
4e2f24e9343993cea32c6e1be61b1421f99161d991a1ebf3876389cc9eb6bf81
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
57baaa5bc91a8c9ca43ae98855f0f8d4e6b80ff177513c8e901d49755193c1c9
5813b04bb0c879b76179735995127ddc2af1867f42d4a4b5a8d7c3103f348b05
63a41173db39c92635a87b39eedb581e8a1c3142372ebced441ce927fef343a1
6e02d3a483a2a1d5605f794f34efe025379b079eee7b8504908571219ee1ecd7
727a7ae79e34d3f9bf2a3223b353dfb377f28ca5ac1900489b29141b09c0b839
7ba2f78b4cea5e9f8fe0e1773a13034f993e3daedb4f53596ef21372c9e85af0
7df5345a52f22643ef051bf74f41d9a5a5644d5e699480a81ae8825b8ab5e533
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d8ba4c94f3b33965aa63ce307972277b1263dc40705b292af8f835f4eebd042
9c2e1d2864f53c224d6542bed9a1ab1de620dae21a2146eb4ff982dd8fcd4567
a47d6b7ed20c17858b6771922b06fe5f3019bfb468b4a556738c0f0aa16f5bdc
a493d727aee756ab02e03abcc0432cf03c057d3b84549fa78a963f1e5a511ace
ad9809d6cb8a5286ca1f32aee040ce3e7e525ed6dc340cc8f2f90b7f1c445165
aee1846683e18e77ea55f677249025265905a5f3101fa63449773277dd153b66
afe0adf55c30a402e3078f757d2b99d687fff9d2f4d5bfb82fe0a2a25c2fbe33
b511acce7b47d276127a14537d0e37036aec37f3dfcbbfb1934b72f76d866178
b796504d9b1b422f0dc6ccc2d740ac78a8c9e5078cc3934836d39742b1121925
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c6d37ba327890434e537dc33fe8ce40d0095eccf008a8eb98ac8fc13b467b55b
c937fd8c76455c6ba498d3605727f260af63feb66a6c9562686afee204b1d91e
cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e
d04a2e1990c92cfd43a2ea141d54525ae79e3796608f521a5584f0ff0bdee59d
d068aa4071e6221b31b1422536ce664428686505397f09ee7b6e0d7373174eb0
d380f386998db895f640f31e93e3c962aa264f96e096c849b789e9f63bc87df4
d5102042d25188026b7c1a27a92d22b3f3eef2586b5a9870c60c63460fc9b8fa
e0c2fd69b7d441b42045d474afe52d2bdbb81a44c8d73e2c8271e4114003d991
e22e3416c5b454c2fc3c8e8185b478647446789abbee258ec18a5791880eaf1b
e2a1c2c0322c2737e986c860da67fbb2b9e93b70527a943b8c35b9d6e81ebb42
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
f055e217bde76d711bd8b42af773f9f99b8a29d81ad9ed10b6379cc7e6c60452
f0edf4ed283d119399dcb7025914b6a68a187667085bcbc49fe91db20f952cc1
f22794a58cde7aff4240853e4bba73575ef360fad49a314d0b6cebf195ab3ea1
f748f1cb344daf015fdac7a2aa10fcf0a3c400e2a7fcc8b367679ffdea90c124
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

www.welivesecurity.com Open in urlscan Pro 2606:2800:233:1cb7:261b:1f9c:2074:3c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

68 Requests

100 %HTTPS

57 %IPv6

11 Domains

14 Subdomains

14 IPs

6 Countries

2968 kBTransfer

3927 kBSize

7 Cookies

39 Outgoing links

Page URL History

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.welivesecurity.com Open in urlscan Pro
2606:2800:233:1cb7:261b:1f9c:2074:3c Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

100 %
HTTPS

57 %
IPv6

11
Domains

14
Subdomains

14
IPs

6
Countries

2968 kB
Transfer

3927 kB
Size

7
Cookies

68 HTTP transactions
0 data transactions