www.databreaches.net Open in urlscan Pro
2606:4700:20::681a:5d0 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-b...
Submission: On March 26 via api (March 26th 2020, 5:58:31 pm UTC) from US

Summary HTTP 45 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 6 domains to perform 45 HTTP transactions. The main IP is 2606:4700:20::681a:5d0, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.databreaches.net.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on November 7th 2019. Valid for: a year.

This is the only time www.databreaches.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
35	2606:4700:20:... 2606:4700:20::681a:5d0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:816::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:ca00:1c:8a07:5e80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:218... 2600:9000:2182:ec00:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:214f:0:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	18.196.75.213 18.196.75.213	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
45	9

35 2606:4700:20::681a:5d0 (United States)

ASN13335 (CLOUDFLARENET, US)

www.databreaches.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:ca00:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:ec00:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:0:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.196.75.213 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-75-213.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	databreaches.net www.databreaches.net	418 KB
5	sharethis.com 1 redirects platform-api.sharethis.com buttons-config.sharethis.com l.sharethis.com	31 KB
2	google-analytics.com google-analytics.com www.google-analytics.com	18 KB
2	gstatic.com fonts.gstatic.com	18 KB
1	consensu.org c.sharethis.mgr.consensu.org
1	googleapis.com fonts.googleapis.com	843 B
45	6

	Domain	Requested by
35	www.databreaches.net	www.databreaches.net
3	l.sharethis.com	1 redirects www.databreaches.net
2	fonts.gstatic.com	www.databreaches.net
1	www.google-analytics.com
1	google-analytics.com	www.databreaches.net
1	c.sharethis.mgr.consensu.org	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	platform-api.sharethis.com	www.databreaches.net
1	fonts.googleapis.com	www.databreaches.net
45	9

This site contains links to these domains. Also see Links.

Domain
app.myidcare.com
twitter.com
www.facebook.com
www.linkedin.com
pinterest.com
www.reddit.com
vk.com
www.pogowasright.org
wordpress.org
www.mageewp.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-07` - `2020-10-09`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.sharethis.com Go Daddy Secure Certificate Authority - G2	`2017-09-26` - `2020-09-29`	3 years	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.sharethis.mgr.consensu.org Go Daddy Secure Certificate Authority - G2	`2018-05-21` - `2020-05-21`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
Frame ID: 6F6B4CF9BE359A5B3EC01E852496FB0F
Requests: 44 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal.html
Frame ID: 29E06EE887DA779C005F40387704A307
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i

prettyPhoto (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

html /(?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i
html /(?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)/i

Page Statistics

45
Requests

100 %
HTTPS

89 %
IPv6

6
Domains

9
Subdomains

9
IPs

2
Countries

485 kB
Transfer

1415 kB
Size

0
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://app.myidcare.com/account-creation/protect
Title: https://app.myidcare.com/account-creation/protect

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Attacked%20by%20ransomware,%20Central%20Kansas%20Orthopedic%20Group%20refused%20to%20pay%20ransom%20and%20restored%20from%20backups&url=https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer/sharer.php?u=https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/&title=Attacked%20by%20ransomware,%20Central%20Kansas%20Orthopedic%20Group%20refused%20to%20pay%20ransom%20and%20restored%20from%20backups&source=&summary=On%20January%209,%20Central%20Kansas%20Orthopedic%20Group%20posted%20a%20breach%20notice%20on%20their%20website.%C2%A0%20Today,%20the%20incident,%20which%20they%20reported%20to%20HHS%20on%20January%2028,%20was%20added%20to%20HHS%E2%80%99s%20breach%20tool.%C2%A0%20From%20the%20provider%E2%80%99s%20notice:%20Central%20Kansas%20Orthopedic%20Group%20(%E2%80%9CCKOG%E2%80%9D)%20recently%20discovered%20that%20an%20unauthorized%20party%20or%20group%20gained%20access%20to%20its%20computer%20system.%20CKOG%20learned%20of%20this%20intrusion%20on%20November%2011,%202019,%20when%20the%20attacker%20deployed%20ransomware%20against%20CKOG.%20CKOG%20did%20not%20pay%20the%20demanded%20ransom%20and%20was%20able%20to%20restore%20its%20system%20from%20available%20backups.%20All%20medical%20records%20were%20restored.%20However,%20it%20is%20possible%20an%20unauthorized%20person%20or%20persons%20had%20access%20to%20medical%20records.%20The%20information%20in%20the%20patient%20records%20included:%20address,%20date%20of%20birth,%20driver%E2%80%99s%20license%20number%20(or%20other%20form%20of%20state-issued%20identification),%20health%20information%20related%20to%20treatment%20at%20CKOG%20or%20referring%20providers,%20health%20insurance%20number,%20social%20security%20number%20and%20email%20address.%20When%20CKOG%20discovered%20the%20ransomware%20attack,%20it%20immediately%20engaged%20outside%20counsel%20and%20a%20third-party%20forensic%20investigator%20to%20determine%20the%20scope%20and%20cause%20of%20the%20breach.%20After%20a%20full%20forensic%20investigation,%20CKOG%20has%20no%20evidence%20to%20suggest%20that%20any%20personal%20information%20was%20removed%20from%20its%20system%20by%20any%20third%20party%20(including%20the%20attacker).%20CKOG%20has%20received%20no%20indication%20that%20any%20personal%20information%20has%20been%20misused%20in%20any%20way%20since%20the%20attack.%20In%20the%20aftermath%20of%20discovering%20the%20attack,%20CKOG%20took%20immediate%20steps%20to%20increase%20security%20that%20assisted%20in%20shutting%20down%20access%20by%20the%20unauthorized%20party%20or%20parties.%20%C2%A0CKOG%20will%20also%20be%20receiving%20recommendations%20from%20the%20forensic%20investigators%20on%20how%20to%20further%20harden%20its%20overall%20security%20platform%20and,%20to%20the%20extent%20those%20measures%20have%20not%20already%20been%20implemented,%20will%20implement%20further%20security%20protocols.%20In%20the%20interest%20of%20protecting%20its%20patients,%20CKOG%20will%20be%20offering%20identity%20theft%20protection%20services%20through%20ID%20Experts%C2%AE,%20an%20industry%20leader%20in%20credit%20monitoring%20and%20identity%20theft%20recovery,%20to%20affected%20individuals.%20%C2%A0The%20identity%20theft%20protection%20service%20is%20known%20as%20%C2%A0MyIDCare%E2%84%A2%20and%20includes:%2012%20months%20of%20credit%20and%20CyberScan%20monitoring,%20a%20$1,000,000%20insurance%20reimbursement%20policy,%20and%20fully%20managed%20id%20theft%20recovery%20services.%20With%20this%20protection,%20MyIDCare%20will%20help%20patients%20resolve%20issues%20if%20your%20identity%20is%20compromised.%20A%20call%20center%20has%20been%20set%20up%20to%20field%20any%20questions%20or%20concerns%20regarding%20this%20incident.%20The%20phone%20number%20to%20call%20is%C2%A01-800-939-4170.%20All%20patients%20will%20be%20receiving%20additional%20information,%20along%20with%20an%20enrollment%20number%20that%20can%20be%20used%20to%20create%20a%20free%20account%20using%20this%20website:%C2%A0https://app.myidcare.com/account-creation/protect.%20Comment:%20The%20above%20is%20a%20clearly%20written%20breach%20explanation%20and%20the%20entity%20seems%20to%20be%20willing%20to%20err%20on%20the%20side%20of%20caution%20to%20offer%20complimentary%20services%20to%20patients.%C2%A0%20That%20and%20the%20fact%20that%20they%20were%20also%20able%20to%20recover%20by%20restoring%20from%20backup%20puts%20them%20in%20the%20top%2025%%20or%20so%20of%20entities%20in%20my%20unofficial%20and%20undocumented%20rankings%20of%20incident%20response.%20According%20to%20their%20report%20to%20HHS,%20they%20notified%2017,214%20patients.

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/&description=On%20January%209,%20Central%20Kansas%20Orthopedic%20Group%20posted%20a%20breach%20notice%20on%20their%20website.%C2%A0%20Today,%20the%20incident,%20which%20they%20reported%20to%20HHS%20on%20January%2028,%20was%20added%20to%20HHS%E2%80%99s%20breach%20tool.%C2%A0%20From%20the%20provider%E2%80%99s%20notice:%20Central%20Kansas%20Orthopedic%20Group%20(%E2%80%9CCKOG%E2%80%9D)%20recently%20discovered%20that%20an%20unauthorized%20party%20or%20group%20gained%20access%20to%20its%20computer%20system.%20CKOG%20learned%20of%20this%20intrusion%20on%20November%2011,%202019,%20when%20the%20attacker%20deployed%20ransomware%20against%20CKOG.%20CKOG%20did%20not%20pay%20the%20demanded%20ransom%20and%20was%20able%20to%20restore%20its%20system%20from%20available%20backups.%20All%20medical%20records%20were%20restored.%20However,%20it%20is%20possible%20an%20unauthorized%20person%20or%20persons%20had%20access%20to%20medical%20records.%20The%20information%20in%20the%20patient%20records%20included:%20address,%20date%20of%20birth,%20driver%E2%80%99s%20license%20number%20(or%20other%20form%20of%20state-issued%20identification),%20health%20information%20related%20to%20treatment%20at%20CKOG%20or%20referring%20providers,%20health%20insurance%20number,%20social%20security%20number%20and%20email%20address.%20When%20CKOG%20discovered%20the%20ransomware%20attack,%20it%20immediately%20engaged%20outside%20counsel%20and%20a%20third-party%20forensic%20investigator%20to%20determine%20the%20scope%20and%20cause%20of%20the%20breach.%20After%20a%20full%20forensic%20investigation,%20CKOG%20has%20no%20evidence%20to%20suggest%20that%20any%20personal%20information%20was%20removed%20from%20its%20system%20by%20any%20third%20party%20(including%20the%20attacker).%20CKOG%20has%20received%20no%20indication%20that%20any%20personal%20information%20has%20been%20misused%20in%20any%20way%20since%20the%20attack.%20In%20the%20aftermath%20of%20discovering%20the%20attack,%20CKOG%20took%20immediate%20steps%20to%20increase%20security%20that%20assisted%20in%20shutting%20down%20access%20by%20the%20unauthorized%20party%20or%20parties.%20%C2%A0CKOG%20will%20also%20be%20receiving%20recommendations%20from%20the%20forensic%20investigators%20on%20how%20to%20further%20harden%20its%20overall%20security%20platform%20and,%20to%20the%20extent%20those%20measures%20have%20not%20already%20been%20implemented,%20will%20implement%20further%20security%20protocols.%20In%20the%20interest%20of%20protecting%20its%20patients,%20CKOG%20will%20be%20offering%20identity%20theft%20protection%20services%20through%20ID%20Experts%C2%AE,%20an%20industry%20leader%20in%20credit%20monitoring%20and%20identity%20theft%20recovery,%20to%20affected%20individuals.%20%C2%A0The%20identity%20theft%20protection%20service%20is%20known%20as%20%C2%A0MyIDCare%E2%84%A2%20and%20includes:%2012%20months%20of%20credit%20and%20CyberScan%20monitoring,%20a%20$1,000,000%20insurance%20reimbursement%20policy,%20and%20fully%20managed%20id%20theft%20recovery%20services.%20With%20this%20protection,%20MyIDCare%20will%20help%20patients%20resolve%20issues%20if%20your%20identity%20is%20compromised.%20A%20call%20center%20has%20been%20set%20up%20to%20field%20any%20questions%20or%20concerns%20regarding%20this%20incident.%20The%20phone%20number%20to%20call%20is%C2%A01-800-939-4170.%20All%20patients%20will%20be%20receiving%20additional%20information,%20along%20with%20an%20enrollment%20number%20that%20can%20be%20used%20to%20create%20a%20free%20account%20using%20this%20website:%C2%A0https://app.myidcare.com/account-creation/protect.%20Comment:%20The%20above%20is%20a%20clearly%20written%20breach%20explanation%20and%20the%20entity%20seems%20to%20be%20willing%20to%20err%20on%20the%20side%20of%20caution%20to%20offer%20complimentary%20services%20to%20patients.%C2%A0%20That%20and%20the%20fact%20that%20they%20were%20also%20able%20to%20recover%20by%20restoring%20from%20backup%20puts%20them%20in%20the%20top%2025%%20or%20so%20of%20entities%20in%20my%20unofficial%20and%20undocumented%20rankings%20of%20incident%20response.%20According%20to%20their%20report%20to%20HHS,%20they%20notified%2017,214%20patients.&media=

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/&title=Attacked%20by%20ransomware,%20Central%20Kansas%20Orthopedic%20Group%20refused%20to%20pay%20ransom%20and%20restored%20from%20backups&source=&summary=On%20January%209,%20Central%20Kansas%20Orthopedic%20Group%20posted%20a%20breach%20notice%20on%20their%20website.%C2%A0%20Today,%20the%20incident,%20which%20they%20reported%20to%20HHS%20on%20January%2028,%20was%20added%20to%20HHS%E2%80%99s%20breach%20tool.%C2%A0%20From%20the%20provider%E2%80%99s%20notice:%20Central%20Kansas%20Orthopedic%20Group%20(%E2%80%9CCKOG%E2%80%9D)%20recently%20discovered%20that%20an%20unauthorized%20party%20or%20group%20gained%20access%20to%20its%20computer%20system.%20CKOG%20learned%20of%20this%20intrusion%20on%20November%2011,%202019,%20when%20the%20attacker%20deployed%20ransomware%20against%20CKOG.%20CKOG%20did%20not%20pay%20the%20demanded%20ransom%20and%20was%20able%20to%20restore%20its%20system%20from%20available%20backups.%20All%20medical%20records%20were%20restored.%20However,%20it%20is%20possible%20an%20unauthorized%20person%20or%20persons%20had%20access%20to%20medical%20records.%20The%20information%20in%20the%20patient%20records%20included:%20address,%20date%20of%20birth,%20driver%E2%80%99s%20license%20number%20(or%20other%20form%20of%20state-issued%20identification),%20health%20information%20related%20to%20treatment%20at%20CKOG%20or%20referring%20providers,%20health%20insurance%20number,%20social%20security%20number%20and%20email%20address.%20When%20CKOG%20discovered%20the%20ransomware%20attack,%20it%20immediately%20engaged%20outside%20counsel%20and%20a%20third-party%20forensic%20investigator%20to%20determine%20the%20scope%20and%20cause%20of%20the%20breach.%20After%20a%20full%20forensic%20investigation,%20CKOG%20has%20no%20evidence%20to%20suggest%20that%20any%20personal%20information%20was%20removed%20from%20its%20system%20by%20any%20third%20party%20(including%20the%20attacker).%20CKOG%20has%20received%20no%20indication%20that%20any%20personal%20information%20has%20been%20misused%20in%20any%20way%20since%20the%20attack.%20In%20the%20aftermath%20of%20discovering%20the%20attack,%20CKOG%20took%20immediate%20steps%20to%20increase%20security%20that%20assisted%20in%20shutting%20down%20access%20by%20the%20unauthorized%20party%20or%20parties.%20%C2%A0CKOG%20will%20also%20be%20receiving%20recommendations%20from%20the%20forensic%20investigators%20on%20how%20to%20further%20harden%20its%20overall%20security%20platform%20and,%20to%20the%20extent%20those%20measures%20have%20not%20already%20been%20implemented,%20will%20implement%20further%20security%20protocols.%20In%20the%20interest%20of%20protecting%20its%20patients,%20CKOG%20will%20be%20offering%20identity%20theft%20protection%20services%20through%20ID%20Experts%C2%AE,%20an%20industry%20leader%20in%20credit%20monitoring%20and%20identity%20theft%20recovery,%20to%20affected%20individuals.%20%C2%A0The%20identity%20theft%20protection%20service%20is%20known%20as%20%C2%A0MyIDCare%E2%84%A2%20and%20includes:%2012%20months%20of%20credit%20and%20CyberScan%20monitoring,%20a%20$1,000,000%20insurance%20reimbursement%20policy,%20and%20fully%20managed%20id%20theft%20recovery%20services.%20With%20this%20protection,%20MyIDCare%20will%20help%20patients%20resolve%20issues%20if%20your%20identity%20is%20compromised.%20A%20call%20center%20has%20been%20set%20up%20to%20field%20any%20questions%20or%20concerns%20regarding%20this%20incident.%20The%20phone%20number%20to%20call%20is%C2%A01-800-939-4170.%20All%20patients%20will%20be%20receiving%20additional%20information,%20along%20with%20an%20enrollment%20number%20that%20can%20be%20used%20to%20create%20a%20free%20account%20using%20this%20website:%C2%A0https://app.myidcare.com/account-creation/protect.%20Comment:%20The%20above%20is%20a%20clearly%20written%20breach%20explanation%20and%20the%20entity%20seems%20to%20be%20willing%20to%20err%20on%20the%20side%20of%20caution%20to%20offer%20complimentary%20services%20to%20patients.%C2%A0%20That%20and%20the%20fact%20that%20they%20were%20also%20able%20to%20recover%20by%20restoring%20from%20backup%20puts%20them%20in%20the%20top%2025%%20or%20so%20of%20entities%20in%20my%20unofficial%20and%20undocumented%20rankings%20of%20incident%20response.%20According%20to%20their%20report%20to%20HHS,%20they%20notified%2017,214%20patients.

Search URL Search Domain Scan URL

URL: http://www.reddit.com/submit/?url=https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Search URL Search Domain Scan URL

URL: http://vk.com/share.php?url=https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/&title=Attacked%20by%20ransomware,%20Central%20Kansas%20Orthopedic%20Group%20refused%20to%20pay%20ransom%20and%20restored%20from%20backups

Search URL Search Domain Scan URL

URL: http://www.pogowasright.org/
Title: PogoWasRight.org

Search URL Search Domain Scan URL

URL: https://twitter.com/PogoWasRight

Search URL Search Domain Scan URL

URL: http://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

URL: http://www.mageewp.com/
Title: Magee Themes

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://l.sharethis.com/pview?event=pview&hostname=www.databreaches.net&location=%2Fattacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups%2F&product=ga&url=https%3A%2F%2Fwww.databreaches.net%2Fattacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups%2F&source=sharethis.js&fcmp=false&title=Attacked%20by%20ransomware%2C%20Central%20Kansas%20Orthopedic%20Group%20refused%20to%20pay%20ransom%20and%20restored%20from%20backups&cms=unknown&publisher=5c2fe745ca77ad0011af66a9&sop=true&ts1585245494619=&consentDomain=.consensu.org&bsamesite=true&version=st_sop.js&lang=en HTTP 301
https://l.sharethis.com/sc?event=pview&hostname=www.databreaches.net&location=%2Fattacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups%2F&product=ga&url=https%3A%2F%2Fwww.databreaches.net%2Fattacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups%2F&source=sharethis.js&fcmp=false&title=Attacked%20by%20ransomware%2C%20Central%20Kansas%20Orthopedic%20Group%20refused%20to%20pay%20ransom%20and%20restored%20from%20backups&cms=unknown&publisher=5c2fe745ca77ad0011af66a9&sop=true&ts1585245494619=&consentDomain=.consensu.org&bsamesite=true&version=st_sop.js&lang=en&samesite=None

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/ 59 KB
12 KB 1325ms
1283ms Document
text/html 2606:4700:20::681a:5d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7496e10a0b7a36dcdd0df7116074f23f37e3cc710a212a32d5e1472c385d38ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.databreaches.net
:scheme: https
:path: /attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
date: Thu, 26 Mar 2020 17:58:13 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d86d36fe1808f9dac88e376d854af4f171585245492; expires=Sat, 25-Apr-20 17:58:12 GMT; path=/; domain=.databreaches.net; HttpOnly; SameSite=Lax
link: <https://www.databreaches.net/?p=78127>; rel=shortlink
access-control-allow-credentials: true
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 57a2c2264f693248-FRA
content-encoding: br

GET
H2 200 style.min.css
www.databreaches.net/wp-includes/css/dist/block-library/ 40 KB
6 KB 54ms
52ms Stylesheet
text/css 2606:4700:20::681a:5d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreaches.net/wp-includes/css/dist/block-library/style.min.css?ver=5.3.2

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 26 Mar 2020 17:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6628
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 13 Nov 2019 11:32:15 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dcbe9bf-a1fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 57a2c22e583f3248-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 css
fonts.googleapis.com/ 7 KB
843 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C700&ver=5.3.2

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b1f5548a7fc890aa44b896f957ca567c10fdb011ca4e2cb42750f50f2d41e6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 26 Mar 2020 17:58:13 GMT
server: ESF
date: Thu, 26 Mar 2020 17:58:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 26 Mar 2020 17:58:13 GMT

GET
H2 200 bootstrap.css
www.databreaches.net/wp-content/themes/alchem/plugins/bootstrap/css/ 144 KB
20 KB 38ms
36ms Stylesheet
text/css 2606:4700:20::681a:5d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreaches.net/wp-content/themes/alchem/plugins/bootstrap/css/bootstrap.css?ver=5.3.2

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef9c554bca3ce5b9f978b626ff8c3a441c0468af2599bdb4e9b6b32f6743f058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 26 Mar 2020 17:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6628
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 27 May 2019 20:08:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5cec43b5-23fe6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 57a2c22e58433248-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 font-awesome.min.css
www.databreaches.net/wp-content/themes/alchem/plugins/font-awesome/css/ 26 KB
6 KB 25ms
23ms Stylesheet
text/css 2606:4700:20::681a:5d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreaches.net/wp-content/themes/alchem/plugins/font-awesome/css/font-awesome.min.css?ver=4.3.0

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 26 Mar 2020 17:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6628
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 27 May 2019 20:08:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5cec43b5-6857"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 57a2c22e58463248-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 animate.css
www.databreaches.net/wp-content/themes/alchem/plugins/ 71 KB
4 KB 24ms
22ms Stylesheet
text/css 2606:4700:20::681a:5d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreaches.net/wp-content/themes/alchem/plugins/animate.css?ver=5.3.2

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e948e5869da246bfe815e9957eb26f2782c0954928aa6b073cc1243e9ad8821e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 26 Mar 2020 17:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6628
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 27 May 2019 20:08:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5cec43b5-11da1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 57a2c22e58473248-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 prettyPhoto.css
www.databreaches.net/wp-content/themes/alchem/css/ 27 KB
3 KB 33ms
31ms Stylesheet
text/css 2606:4700:20::681a:5d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreaches.net/wp-content/themes/alchem/css/prettyPhoto.css?ver=5.3.2

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a72aab0d3d34e56edf238b971194f6dd1cb76da642089f18177c09c01fdd265

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 26 Mar 2020 17:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6628
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 27 May 2019 20:08:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5cec43b5-6a12"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 57a2c22e584c3248-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 owl.carousel.css
www.databreaches.net/wp-content/themes/alchem/plugins/owl-carousel/assets/ 4 KB
1 KB 47ms
45ms Stylesheet
text/css 2606:4700:20::681a:5d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreaches.net/wp-content/themes/alchem/plugins/owl-carousel/assets/owl.carousel.css?ver=2.2.0

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7342aa28694e4ad5609e0b47a82f860d116a0231f81dea54437127015e82ca3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 26 Mar 2020 17:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6628
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 27 May 2019 20:08:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5cec43b5-1010"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 57a2c22e585d3248-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 custom.css
www.databreaches.net/wp-content/themes/alchem/css/ 7 KB
2 KB 37ms
35ms Stylesheet
text/css 2606:4700:20::681a:5d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreaches.net/wp-content/themes/alchem/css/custom.css?ver=5.3.2

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fc63c61b06080d86cdc3086a87d9e397674e8066e7893a2d5612931321eb992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 26 Mar 2020 17:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6628
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 27 May 2019 20:08:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5cec43b5-1b0d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 57a2c22e58603248-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 customize.css
www.databreaches.net/wp-content/themes/alchem/css/ 616 B
230 B 27ms
25ms Stylesheet
text/css 2606:4700:20::681a:5d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreaches.net/wp-content/themes/alchem/css/customize.css?ver=5.3.2

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51ecfd7c82af356c74daaabf8826a740bd5143ddad2b73d39cad0f52801d4308

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 26 Mar 2020 17:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6628
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 27 May 2019 20:08:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5cec43b5-268"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 57a2c22e58633248-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 shortcode.css
www.databreaches.net/wp-content/themes/alchem/css/ 64 KB
10 KB 39ms
37ms Stylesheet
text/css 2606:4700:20::681a:5d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreaches.net/wp-content/themes/alchem/css/shortcode.css?ver=1.4.7

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d9b3020fd227d460c31848a0345c76aedef1c685a0f44804338f4313f3ef059

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 26 Mar 2020 17:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6628
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 27 May 2019 20:08:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5cec43b5-10068"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 57a2c22e58643248-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 woo.css
www.databreaches.net/wp-content/themes/alchem/css/ 9 KB
2 KB 28ms
26ms Stylesheet
text/css 2606:4700:20::681a:5d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreaches.net/wp-content/themes/alchem/css/woo.css?ver=5.3.2

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

815cd3c17e574dcd8d7e571313f047e7b7b05ffc2a974bebaee9f6ea41e3fc43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 26 Mar 2020 17:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6628
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 27 May 2019 20:08:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5cec43b5-2501"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 57a2c22e58663248-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 style.css
www.databreaches.net/wp-content/themes/alchem/ 39 KB
8 KB 38ms
36ms Stylesheet
text/css 2606:4700:20::681a:5d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreaches.net/wp-content/themes/alchem/style.css?ver=5.3.2

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

409f17e5894ccb9e68cf82131f48c363cd140c660ed915f21735b75e7f815210

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 26 Mar 2020 17:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6628
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 27 May 2019 20:08:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5cec43b5-9b13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 57a2c22e58683248-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 jquery.js Show response
www.databreaches.net/wp-includes/js/jquery/ 95 KB
32 KB 34ms
32ms Script
application/javascript 2606:4700:20::681a:5d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreaches.net/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3600
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 22 May 2019 02:31:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ce4b48e-17a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 57a2c22e58693248-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 jquery-migrate.min.js Show response
www.databreaches.net/wp-includes/js/jquery/ 10 KB
4 KB 46ms
45ms Script
application/javascript 2606:4700:20::681a:5d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreaches.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3600
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Tue, 21 Jun 2016 18:39:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"576989f5-2748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 57a2c22e586c3248-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 less.min.js Show response
www.databreaches.net/wp-content/themes/alchem/plugins/ 135 KB
40 KB 39ms
38ms Script
application/javascript 2606:4700:20::681a:5d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreaches.net/wp-content/themes/alchem/plugins/less.min.js?ver=2.5.1

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2e45645865c7d939611174ceb58996aef0ebd418e1b8c0fab438e94bc02ded4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3600
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 27 May 2019 20:08:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5cec43b5-21aff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 57a2c22e58703248-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 respond.min.js Show response
www.databreaches.net/wp-content/themes/alchem/js/ 4 KB
2 KB 34ms
32ms Script
application/javascript 2606:4700:20::681a:5d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreaches.net/wp-content/themes/alchem/js/respond.min.js?ver=2.0.0

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83a8807ef669fa70d0d9375347f5552897f76c6ae8e2e6f97ef592595462d8d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3600
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 27 May 2019 20:08:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5cec43b5-1119"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 57a2c22e58733248-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 jquery.nav.js Show response
www.databreaches.net/wp-content/themes/alchem/js/ 6 KB
2 KB 76ms
74ms Script
application/javascript 2606:4700:20::681a:5d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreaches.net/wp-content/themes/alchem/js/jquery.nav.js?ver=3.0.0

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b8a33baee7cf3b2dd1228472d8608fa3a48019e0defd8fb7f714d70f672c1e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3599
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 27 May 2019 20:08:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5cec43b5-1808"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 57a2c22e58783248-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 92 KB
29 KB 35ms
10ms Script
text/javascript 2600:9000:2057:ca00:1c:8a07:5e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:ca00:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a26ed9666a793864dcca2fac49aacff610203150c3d52524ff83f8e308c2393d

Request headers

Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:52:36 GMT
content-encoding: gzip
age: 339
etag: W/"17134-pPzYn/yrfuxvEIwqlby/+nw2xLE"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
status: 200
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: E82u8UcI3-Vv9OsasqbEEScYHk0O7rMUGzr0fXGJXutpmiWXyXcYXw==
via: 1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront)

GET
H2 200 wp-emoji-release.min.js Show response
www.databreaches.net/wp-includes/js/ 14 KB
4 KB 36ms
36ms Script
application/javascript 2606:4700:20::681a:5d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreaches.net/wp-includes/js/wp-emoji-release.min.js?ver=5.3.2

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3600
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 13 Nov 2019 11:32:15 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dcbe9bf-362a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 57a2c22e68a43248-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 jquery.mb.YTPlayer.min.css
www.databreaches.net/wp-content/themes/alchem/plugins/YTPlayer/css/ 8 KB
5 KB 22ms
22ms Stylesheet
text/css 2606:4700:20::681a:5d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreaches.net/wp-content/themes/alchem/plugins/YTPlayer/css/jquery.mb.YTPlayer.min.css?ver=5.3.2

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1852465f9eba8a40a6abd01dcdd988d734c41c7e0ccef9f5eda9c6b203290cd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 26 Mar 2020 17:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6628
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 27 May 2019 20:08:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5cec43b5-21d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 57a2c22e68a73248-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 scheme.less Show response
www.databreaches.net/wp-content/themes/alchem/css/ 6 KB
6 KB 1029ms
1028ms XHR
application/octet-stream 2606:4700:20::681a:5d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreaches.net/wp-content/themes/alchem/css/scheme.less?ver=1.4.7

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/wp-content/themes/alchem/plugins/less.min.js?ver=2.5.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23a0f0918062e0364fc720c2b0329729873b091cee5c63ae8e85bc0d9fbbae0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/less
Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 26 Mar 2020 17:58:14 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 6274
x-xss-protection: 1; mode=block
last-modified: Mon, 27 May 2019 20:08:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5cec43b5-1882"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 57a2c22ec9983248-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 5c2fe745ca77ad0011af66a9.js Show response
buttons-config.sharethis.com/js/ 30 B
379 B 407ms
365ms Script
text/javascript 2600:9000:2182:ec00:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/5c2fe745ca77ad0011af66a9.js
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:ec00:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f

Request headers

Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:13:03 GMT
via: 1.1 20f674d6a4a322fa027d3644cb825864.cloudfront.net (CloudFront)
last-modified: Fri, 04 Jan 2019 23:07:50 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: "e6e1643313740711175f51662a65b42f"
x-cache: RefreshHit from cloudfront
content-type: text/javascript
status: 200
cache-control: max-age=60,public
accept-ranges: bytes
content-length: 30
x-amz-cf-id: _CP263i_JnCP3H4EAWwzJ0pAMM662-BejtW7McLYiByRZhTFuNpnEA==

GET
H2 200 jquery.mb.YTPlayer.js Show response
www.databreaches.net/wp-content/themes/alchem/plugins/YTPlayer/ 82 KB
16 KB 36ms
34ms Script
application/javascript 2606:4700:20::681a:5d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreaches.net/wp-content/themes/alchem/plugins/YTPlayer/jquery.mb.YTPlayer.js?ver=5.3.2

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e87f5e9af28d2a89c27d00ea525abe6ce790735061e0da27da6bbc0c38edc88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3598
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 27 May 2019 20:08:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5cec43b5-14908"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 57a2c2356c6a3248-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 bootstrap.js Show response
www.databreaches.net/wp-content/themes/alchem/plugins/bootstrap/js/ 67 KB
13 KB 33ms
31ms Script
application/javascript 2606:4700:20::681a:5d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreaches.net/wp-content/themes/alchem/plugins/bootstrap/js/bootstrap.js

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef43a4d502ffb688656851d788c42869d47e8840d007b4f4b66f62530171acd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3598
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 27 May 2019 20:08:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5cec43b5-10d1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 57a2c2356c6d3248-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 jquery.prettyPhoto.js Show response
www.databreaches.net/wp-content/themes/alchem/js/ 34 KB
9 KB 34ms
33ms Script
application/javascript 2606:4700:20::681a:5d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreaches.net/wp-content/themes/alchem/js/jquery.prettyPhoto.js

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af3db9dd15940cc0ea6dd33ab403dd3dfff66cc2fa1db32fe31adf5b12c35a19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3598
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 27 May 2019 20:08:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5cec43b5-89e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 57a2c2356c703248-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 jquery.parallax.js Show response
www.databreaches.net/wp-content/themes/alchem/js/ 2 KB
794 B 34ms
32ms Script
application/javascript 2606:4700:20::681a:5d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreaches.net/wp-content/themes/alchem/js/jquery.parallax.js

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f503129318acedac215ac588bc183f30fa4fe4fda3731681634313776f0f4ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3598
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 27 May 2019 20:08:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5cec43b5-6ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 57a2c2356c713248-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 owl.carousel.min.js Show response
www.databreaches.net/wp-content/themes/alchem/plugins/owl-carousel/ 42 KB
11 KB 38ms
37ms Script
application/javascript 2606:4700:20::681a:5d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreaches.net/wp-content/themes/alchem/plugins/owl-carousel/owl.carousel.min.js

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63c97e11ea143afafc4aa123fe04f28c16fc0aa86dac0e8653d3f8c81fb8d5c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3598
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 27 May 2019 20:08:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5cec43b5-a766"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 57a2c2356c723248-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 jquery.masonry.min.js Show response
www.databreaches.net/wp-content/themes/alchem/plugins/jquery-masonry/ 5 KB
2 KB 33ms
31ms Script
application/javascript 2606:4700:20::681a:5d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreaches.net/wp-content/themes/alchem/plugins/jquery-masonry/jquery.masonry.min.js

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f16322d29a90a66954e7752386d7a952102a85e1fe457dae391b68fc41d3c4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3598
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 27 May 2019 20:08:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5cec43b5-14b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 57a2c2356c733248-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 jquery.easing.min.js Show response
www.databreaches.net/wp-content/themes/alchem/js/ 5 KB
2 KB 39ms
38ms Script
application/javascript 2606:4700:20::681a:5d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreaches.net/wp-content/themes/alchem/js/jquery.easing.min.js

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecfc183e33d25d24aa7c06218e0a413488fff8774e4b4b87543c766db9b0b8ba

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="+d8E3yxdV+gk5+SDLf+4JqFDVkAujwc9b2GPvoYBPjI="; pin-sha256="x9SZw6TwIqfmvrLZ/kz1o0Ossjmn728BnBKpUFqGNVM="; pin-sha256="58qRu/uxh4gFezqAcERupSkRYBlBAvfcw7mEjGPLnNU="; pin-sha256="lCppFqbkrlJ3EcVFAkeip0+44VaoJUymbnOaEUk7tEU="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3598
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="+d8E3yxdV+gk5+SDLf+4JqFDVkAujwc9b2GPvoYBPjI="; pin-sha256="x9SZw6TwIqfmvrLZ/kz1o0Ossjmn728BnBKpUFqGNVM="; pin-sha256="58qRu/uxh4gFezqAcERupSkRYBlBAvfcw7mEjGPLnNU="; pin-sha256="lCppFqbkrlJ3EcVFAkeip0+44VaoJUymbnOaEUk7tEU="; max-age=5184000; includeSubDomains
last-modified: Mon, 27 May 2019 20:08:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5cec43b5-15bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 57a2c2356c753248-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 jquery.waypoints.js Show response
www.databreaches.net/wp-content/themes/alchem/js/ 17 KB
3 KB 25ms
24ms Script
application/javascript 2606:4700:20::681a:5d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreaches.net/wp-content/themes/alchem/js/jquery.waypoints.js?ver=2.0.5

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bc501256a2a000b862cad08ad85dfb17871ded601661edf3b09f372485680e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3598
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 27 May 2019 20:08:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5cec43b5-439e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 57a2c2356c773248-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 main.js Show response
www.databreaches.net/wp-content/themes/alchem/js/ 14 KB
4 KB 22ms
21ms Script
application/javascript 2606:4700:20::681a:5d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreaches.net/wp-content/themes/alchem/js/main.js

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73e5eff4d1c4d0d143be988b78162d20fe45207d088d1ae870cc74b4acfd8162

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="+d8E3yxdV+gk5+SDLf+4JqFDVkAujwc9b2GPvoYBPjI="; pin-sha256="x9SZw6TwIqfmvrLZ/kz1o0Ossjmn728BnBKpUFqGNVM="; pin-sha256="58qRu/uxh4gFezqAcERupSkRYBlBAvfcw7mEjGPLnNU="; pin-sha256="lCppFqbkrlJ3EcVFAkeip0+44VaoJUymbnOaEUk7tEU="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3598
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="+d8E3yxdV+gk5+SDLf+4JqFDVkAujwc9b2GPvoYBPjI="; pin-sha256="x9SZw6TwIqfmvrLZ/kz1o0Ossjmn728BnBKpUFqGNVM="; pin-sha256="58qRu/uxh4gFezqAcERupSkRYBlBAvfcw7mEjGPLnNU="; pin-sha256="lCppFqbkrlJ3EcVFAkeip0+44VaoJUymbnOaEUk7tEU="; max-age=5184000; includeSubDomains
last-modified: Mon, 27 May 2019 20:08:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5cec43b5-3917"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 57a2c2356c783248-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 jquery.infinitescroll.js Show response
www.databreaches.net/wp-content/themes/alchem/js/ 40 KB
15 KB 24ms
23ms Script
application/javascript 2606:4700:20::681a:5d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreaches.net/wp-content/themes/alchem/js/jquery.infinitescroll.js

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc24809b3a90cab3fdbfe33304b138a95123a1070ad8238d38a62141c01f2575

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3598
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 27 May 2019 20:08:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5cec43b5-9ef6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 57a2c2356c793248-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 wp-embed.min.js Show response
www.databreaches.net/wp-includes/js/ 1 KB
1 KB 23ms
22ms Script
application/javascript 2606:4700:20::681a:5d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreaches.net/wp-includes/js/wp-embed.min.js?ver=5.3.2

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 17:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3598
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 13 Nov 2019 11:32:15 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dcbe9bf-577"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 57a2c2356c7b3248-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 banner1.jpg
www.databreaches.net/wp-content/uploads/ 110 KB
110 KB 29ms
29ms Image
image/jpeg 2606:4700:20::681a:5d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.databreaches.net/wp-content/uploads/banner1.jpg

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fedfd94d66a303a7ff59621251e2d8566c98daf38310d603bb03d41a0e36834

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 17:58:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
content-length: 112741
x-xss-protection: 1; mode=block
last-modified: Tue, 30 Jul 2019 21:00:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5d40aff5-1b865"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 57a2c2356c9c3248-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 fontawesome-webfont.woff2
www.databreaches.net/wp-content/themes/alchem/plugins/font-awesome/fonts/ 63 KB
63 KB 30ms
29ms Font
application/octet-stream 2606:4700:20::681a:5d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreaches.net/wp-content/themes/alchem/plugins/font-awesome/fonts/fontawesome-webfont.woff2?v=4.4.0

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.databreaches.net/wp-content/themes/alchem/plugins/font-awesome/css/font-awesome.min.css?ver=4.3.0
Origin: https://www.databreaches.net
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 26 Mar 2020 17:58:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6627
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
content-length: 64464
x-xss-protection: 1; mode=block
last-modified: Mon, 27 May 2019 20:08:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5cec43b5-fbd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 57a2c2356c9e3248-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C700&ver=5.3.2
Origin: https://www.databreaches.net
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Feb 2020 20:33:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 2669056
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9132
x-xss-protection: 0
expires: Tue, 23 Feb 2021 20:33:58 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C700&ver=5.3.2
Origin: https://www.databreaches.net
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Mar 2020 17:00:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 1385846
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9080
x-xss-protection: 0
expires: Wed, 10 Mar 2021 17:00:48 GMT

GET
H2 200 portal.html
c.sharethis.mgr.consensu.org/ Frame 29E0 0
0 24ms
7ms Document
text/html 2600:9000:214f:0:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal.html
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:0:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Response headers

status: 200
content-type: text/html; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
accept-ranges: bytes
last-modified: Fri, 20 Mar 2020 00:24:50 GMT
content-encoding: gzip
date: Thu, 26 Mar 2020 17:48:54 GMT
cache-control: max-age=600, public
etag: W/"3802-170f5540850"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: uNZ1nu2QhhNvOubbmoeq6RA0rlXVOo1UFt-R-LIS7izh9Vzi9royRw==
age: 560

POST
H2 200 / Show response
www.databreaches.net/ 528 B
358 B 685ms
684ms XHR
text/html 2606:4700:20::681a:5d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreaches.net/?ga_action=googleanalytics_get_script

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec0a6512dc28200d1ffa054d15a08ccf4fad159f553379ca39c2ebce4199bbdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
Origin: https://www.databreaches.net
X-Requested-With: XMLHttpRequest
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 26 Mar 2020 17:58:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-credentials: true
cf-ray: 57a2c235de053248-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since

POST
H2 200 admin-ajax.php Show response
www.databreaches.net/wp-admin/ 254 B
337 B 282ms
282ms XHR
text/html 2606:4700:20::681a:5d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreaches.net/wp-admin/admin-ajax.php

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40e815d37913c258b914c1233bdabfffa9bdd74ccdb810b7e22ee5d7e68eeb0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
Origin: https://www.databreaches.net
X-Requested-With: XMLHttpRequest
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 26 Mar 2020 17:58:14 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-robots-tag: noindex
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.databreaches.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true, true
cf-ray: 57a2c235ee2b3248-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1

301
Moved Permanently

sc Show response
l.sharethis.com/
Redirect Chain

https://l.sharethis.com/pview?event=pview&hostname=www.databreaches.net&location=%2Fattacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups%2F&product...
https://l.sharethis.com/sc?event=pview&hostname=www.databreaches.net&location=%2Fattacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups%2F&product=ga...

0
-1 B

90ms
21ms

XHR
text/html

18.196.75.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/sc?event=pview&hostname=www.databreaches.net&location=%2Fattacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups%2F&product=ga&url=https%3A%2F%2Fwww.databreaches.net%2Fattacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups%2F&source=sharethis.js&fcmp=false&title=Attacked%20by%20ransomware%2C%20Central%20Kansas%20Orthopedic%20Group%20refused%20to%20pay%20ransom%20and%20restored%20from%20backups&cms=unknown&publisher=5c2fe745ca77ad0011af66a9&sop=true&ts1585245494619=&consentDomain=.consensu.org&bsamesite=true&version=st_sop.js&lang=en&samesite=None
Requested by: Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.75.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-75-213.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 26 Mar 2020 17:58:14 GMT
Location: /sc?event=pview&hostname=www.databreaches.net&location=%2Fattacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups%2F&product=ga&url=https%3A%2F%2Fwww.databreaches.net%2Fattacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups%2F&source=sharethis.js&fcmp=false&title=Attacked%20by%20ransomware%2C%20Central%20Kansas%20Orthopedic%20Group%20refused%20to%20pay%20ransom%20and%20restored%20from%20backups&cms=unknown&publisher=5c2fe745ca77ad0011af66a9&sop=true&ts1585245494619=&consentDomain=.consensu.org&bsamesite=true&version=st_sop.js&lang=en&samesite=None
P3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT DEM"
Access-Control-Max-Age: 1728000
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.databreaches.net
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Headers: *
Content-Length: 747
Stid: CiEACl587TYAAAASOi5qAw==

Redirect headers

Date: Thu, 26 Mar 2020 17:58:14 GMT
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.databreaches.net
Access-Control-Max-Age: 1728000
P3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT DEM"
Location: /sc?event=pview&hostname=www.databreaches.net&location=%2Fattacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups%2F&product=ga&url=https%3A%2F%2Fwww.databreaches.net%2Fattacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups%2F&source=sharethis.js&fcmp=false&title=Attacked%20by%20ransomware%2C%20Central%20Kansas%20Orthopedic%20Group%20refused%20to%20pay%20ransom%20and%20restored%20from%20backups&cms=unknown&publisher=5c2fe745ca77ad0011af66a9&sop=true&ts1585245494619=&consentDomain=.consensu.org&bsamesite=true&version=st_sop.js&lang=en&samesite=None
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Headers: *
Content-Length: 747
Stid: CiEACl587TYAAAASOi5qAw==

GET
H/1.1 200
OK sc Show response
l.sharethis.com/ 52 B
512 B 22ms
21ms XHR
text/plain 18.196.75.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/sc?event=pview&hostname=www.databreaches.net&location=%2Fattacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups%2F&product=ga&url=https%3A%2F%2Fwww.databreaches.net%2Fattacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups%2F&source=sharethis.js&fcmp=false&title=Attacked%20by%20ransomware%2C%20Central%20Kansas%20Orthopedic%20Group%20refused%20to%20pay%20ransom%20and%20restored%20from%20backups&cms=unknown&publisher=5c2fe745ca77ad0011af66a9&sop=true&ts1585245494619=&consentDomain=.consensu.org&bsamesite=true&version=st_sop.js&lang=en&samesite=None
Requested by: Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.75.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-75-213.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 7eb3004ad010381853b59eca4f9ec877555947b8f10ecf63a63fb0e649e8c513

Request headers

Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
Origin: https://www.databreaches.net
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 26 Mar 2020 17:58:14 GMT
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.databreaches.net
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Headers: *
Content-Length: 52
Stid: CiEACl587TYAAAASOi5qAw==

GET
H2 200 analytics.js Show response
google-analytics.com/ 44 KB
18 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://google-analytics.com/analytics.js

Requested by

Host: www.databreaches.net
URL: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 859
date: Thu, 26 Mar 2020 17:43:56 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Thu, 26 Mar 2020 19:43:56 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
103 B 16ms
15ms Image
image/gif 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=277126265&t=pageview&_s=1&dl=https%3A%2F%2Fwww.databreaches.net%2Fattacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups%2F&ul=en-us&de=UTF-8&dt=Attacked%20by%20ransomware%2C%20Central%20Kansas%20Orthopedic%20Group%20refused%20to%20pay%20ransom%20and%20restored%20from%20backups&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=367206669&gjid=702885977&cid=566096791.1585245495&tid=UA-62804743-5&_gid=223256525.1585245495&_r=1&z=488281215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.databreaches.net/attacked-by-ransomware-central-kansas-orthopedic-group-refused-to-pay-ransom-and-restored-from-backups/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 26 Mar 2020 17:58:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.databreaches.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
fonts.googleapis.com
fonts.gstatic.com
google-analytics.com
l.sharethis.com
platform-api.sharethis.com
www.databreaches.net
www.google-analytics.com
18.196.75.213
2600:9000:2057:ca00:1c:8a07:5e80:93a1
2600:9000:214f:0:c:a9b7:ddc0:93a1
2600:9000:2182:ec00:c:abe:f440:93a1
2606:4700:20::681a:5d0
2a00:1450:4001:806::2004
2a00:1450:4001:814::2003
2a00:1450:4001:816::200a
2a00:1450:4001:817::200e
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
1852465f9eba8a40a6abd01dcdd988d734c41c7e0ccef9f5eda9c6b203290cd2
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
23a0f0918062e0364fc720c2b0329729873b091cee5c63ae8e85bc0d9fbbae0d
2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f
2f503129318acedac215ac588bc183f30fa4fe4fda3731681634313776f0f4ef
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3f16322d29a90a66954e7752386d7a952102a85e1fe457dae391b68fc41d3c4b
409f17e5894ccb9e68cf82131f48c363cd140c660ed915f21735b75e7f815210
40e815d37913c258b914c1233bdabfffa9bdd74ccdb810b7e22ee5d7e68eeb0f
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4d9b3020fd227d460c31848a0345c76aedef1c685a0f44804338f4313f3ef059
4fc63c61b06080d86cdc3086a87d9e397674e8066e7893a2d5612931321eb992
51ecfd7c82af356c74daaabf8826a740bd5143ddad2b73d39cad0f52801d4308
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
63c97e11ea143afafc4aa123fe04f28c16fc0aa86dac0e8653d3f8c81fb8d5c1
6a72aab0d3d34e56edf238b971194f6dd1cb76da642089f18177c09c01fdd265
6b1f5548a7fc890aa44b896f957ca567c10fdb011ca4e2cb42750f50f2d41e6f
7342aa28694e4ad5609e0b47a82f860d116a0231f81dea54437127015e82ca3f
73e5eff4d1c4d0d143be988b78162d20fe45207d088d1ae870cc74b4acfd8162
7496e10a0b7a36dcdd0df7116074f23f37e3cc710a212a32d5e1472c385d38ca
7eb3004ad010381853b59eca4f9ec877555947b8f10ecf63a63fb0e649e8c513
7fedfd94d66a303a7ff59621251e2d8566c98daf38310d603bb03d41a0e36834
815cd3c17e574dcd8d7e571313f047e7b7b05ffc2a974bebaee9f6ea41e3fc43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a8807ef669fa70d0d9375347f5552897f76c6ae8e2e6f97ef592595462d8d1
8b8a33baee7cf3b2dd1228472d8608fa3a48019e0defd8fb7f714d70f672c1e2
8bc501256a2a000b862cad08ad85dfb17871ded601661edf3b09f372485680e9
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
9e87f5e9af28d2a89c27d00ea525abe6ce790735061e0da27da6bbc0c38edc88
a26ed9666a793864dcca2fac49aacff610203150c3d52524ff83f8e308c2393d
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
af3db9dd15940cc0ea6dd33ab403dd3dfff66cc2fa1db32fe31adf5b12c35a19
c2e45645865c7d939611174ceb58996aef0ebd418e1b8c0fab438e94bc02ded4
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
dc24809b3a90cab3fdbfe33304b138a95123a1070ad8238d38a62141c01f2575
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e948e5869da246bfe815e9957eb26f2782c0954928aa6b073cc1243e9ad8821e
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ec0a6512dc28200d1ffa054d15a08ccf4fad159f553379ca39c2ebce4199bbdd
ecfc183e33d25d24aa7c06218e0a413488fff8774e4b4b87543c766db9b0b8ba
ef43a4d502ffb688656851d788c42869d47e8840d007b4f4b66f62530171acd4
ef9c554bca3ce5b9f978b626ff8c3a441c0468af2599bdb4e9b6b32f6743f058

www.databreaches.net Open in urlscan Pro 2606:4700:20::681a:5d0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

45 Requests

100 %HTTPS

89 %IPv6

6 Domains

9 Subdomains

9 IPs

2 Countries

485 kBTransfer

1415 kBSize

0 Cookies

12 Outgoing links

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.databreaches.net Open in urlscan Pro
2606:4700:20::681a:5d0 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

100 %
HTTPS

89 %
IPv6

6
Domains

9
Subdomains

9
IPs

2
Countries

485 kB
Transfer

1415 kB
Size

0
Cookies

45 HTTP transactions
0 data transactions