www.secplicity.org Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
Submission: On November 14 via manual (November 14th 2023, 9:55:38 pm UTC) from US — Scanned from NL

Summary HTTP 83 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 11 domains to perform 83 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.secplicity.org.
TLS certificate: Issued by GTS CA 1P5 on October 23rd 2023. Valid for: 3 months.

This is the only time www.secplicity.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
48	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
4	152.195.15.58 152.195.15.58	15133 (EDGECAST) (EDGECAST)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
5	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6812:83ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400c:c0b::9c	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
83	14

48 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.secplicity.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 152.195.15.58 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:83ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	secplicity.org www.secplicity.org	577 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	432 KB
6	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 342	114 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 3040	55 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	21 KB
3	bizible.com cdn.bizible.com — Cisco Umbrella Rank: 6659	26 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	245 KB
2	google.nl www.google.nl — Cisco Umbrella Rank: 10244	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78	407 B
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2855 pixel.wp.com — Cisco Umbrella Rank: 2799	3 KB
1	bizibly.com cdn.bizibly.com — Cisco Umbrella Rank: 13040	203 B
83	11

	Domain	Requested by
48	www.secplicity.org	www.secplicity.org
6	cdn.cookielaw.org	www.secplicity.org cdn.cookielaw.org
5	www.google.com	www.secplicity.org www.gstatic.com www.google.com
4	www.gstatic.com	www.google.com www.gstatic.com
3	cdn.bizible.com	www.googletagmanager.com cdn.bizible.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	www.secplicity.org www.google-analytics.com
2	fonts.gstatic.com	www.google.com
2	www.google.nl
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
1	cdn.bizibly.com
1	pixel.wp.com
1	region1.analytics.google.com	www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	stats.wp.com	www.secplicity.org
83	15

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
www.facebook.com
twitter.com
www.youtube.com
eepurl.com
github.com
www.watchguard.com
cookiepedia.co.uk
onetrust.com

Subject Issuer	Validity	Valid
secplicity.org GTS CA 1P5	`2023-10-23` - `2024-01-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
io.bizible.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-01` - `2024-07-01`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
Frame ID: C969BAE583BC6EF17432B336653D9E47
Requests: 83 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LewipEUAAAAAEZ5kj5owPPOPMCiJY6hQdzAsd5w&co=aHR0cHM6Ly93d3cuc2VjcGxpY2l0eS5vcmc6NDQz&hl=nl&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=83sxf43323oi
Frame ID: 180D9D210DF1234D7BE5E8A1F2D1EF58
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Scratching the Surface of Rhysida Ransomware - Secplicity - Security SimplifiedBack ButtonSearch IconFilter Icon

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

83
Requests

100 %
HTTPS

85 %
IPv6

11
Domains

15
Subdomains

14
IPs

3
Countries

1474 kB
Transfer

3473 kB
Size

14
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.linkedin.com/company/watchguard-technologies

Search URL Search Domain Scan URL

URL: https://www.facebook.com/watchguardtechnologies

Search URL Search Domain Scan URL

URL: https://twitter.com/watchguard

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/CoreyNachDIR/feed/

Search URL Search Domain Scan URL

URL: http://eepurl.com/b9iUbr

Search URL Search Domain Scan URL

URL: https://twitter.com/malwrhunterteam/status/1658829565215604738
Title: post

Search URL Search Domain Scan URL

URL: https://github.com/libtom/libtomcrypt
Title: LibTomCrypt

Search URL Search Domain Scan URL

URL: https://www.watchguard.com/
Title: WatchGuard Technologies

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

83 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/ 75 KB
17 KB 2483ms
2116ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

619bf57a6c1437d68316f79960ac0a02b3c914be83495fa83f36aeba42b16590

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 0
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=600
cf-cache-status: DYNAMIC
cf-edge-cache: cache,platform=wordpress
cf-ray: 82627fc2b8fa8232-IAD
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 14 Nov 2023 21:55:32 GMT
link: <https://www.secplicity.org/wp-json/>; rel="https://api.w.org/" <https://www.secplicity.org/wp-json/wp/v2/posts/20071>; rel="alternate"; type="application/json" <https://www.secplicity.org/?p=20071>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tdf0jPcmY2BL203FxWmNIgQQIAcU%2FLc86TW7Shk8ryWRNzPDsUKEoozPiRUo4RN2WhMC7XwIPFUCeQAkN%2BeY2Puw4g4hVJ2LYK9fRpxenspeRSPdS7oo3kLHkSb8rolBN%2BNwRRceOeRjQ87uqY%2B6VzE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding, Cookie, Cookie
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-pantheon-styx-hostname: styx-fe3-b-7d459b97d9-npp47
x-pingback: https://www.secplicity.org/xmlrpc.php
x-served-by: cache-chi-kigq8000049-CHI, cache-iad-kiad7000123-IAD
x-styx-req-id: 8726dd0a-8338-11ee-9319-5ab6b287513b
x-timer: S1699998930.369155,VS0,VE1927

GET
H2 200 autoptimize_single_60c115aff41eb4b54f57f3f608958689.css
www.secplicity.org/wp-content/uploads/autoptimize/css/ 30 KB
7 KB 201ms
199ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/wp-content/uploads/autoptimize/css/autoptimize_single_60c115aff41eb4b54f57f3f608958689.css?ver=3.1

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62250987ddba100f13f4bf490af5a07a95b7a8e7680f20d915ea009f4f9d2f8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Fri, 27 Sep 2024 07:12:38 GMT
date: Tue, 14 Nov 2023 21:55:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 297111
cf-polished: origSize=31009
content-encoding: br
x-cache: HIT, HIT
x-cache-hits: 1, 1
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-kigq8000037-CHI, cache-iad-kiad7000052-IAD
cf-bgj: minify
last-modified: Wed, 29 Jun 2022 15:19:17 GMT
server: cloudflare
x-timer: S1699701822.949425,VS0,VE2
etag: W/"62bc6d75-7921"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BeFyx4PDWftw59FTuoUSk9aj5J%2Fy2LShzwR2iI5zXkOEcNTv07AU73nUW1fFFk0ANR%2BrQUP2j%2BoMCLvNt5XVLEEnXPG%2B9cq%2FHM9hyk2jRvF5gZVfL3PgS4p7GShV1WaEdfKpu7Ze1ziTWpsu%2FdeBlew%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-styx-req-id: 3d7ee1a4-5d05-11ee-b599-2eb5376b3416
cache-control: max-age=31622400
cf-ray: 82627fd02a258232-IAD
x-pantheon-styx-hostname: styx-fe3-a-6fcbcb6768-vzfpb

GET
H2 200 style.min.css
www.secplicity.org/wp-includes/css/dist/block-library/ 102 KB
14 KB 212ms
210ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/wp-includes/css/dist/block-library/style.min.css?ver=6.3.1

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Fri, 11 Oct 2024 10:16:52 GMT
date: Tue, 14 Nov 2023 21:55:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 405117
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-b-68df48cffd-l6c4s
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-kigq8000044-CHI, cache-iad-kiad7000118-IAD
last-modified: Wed, 11 Oct 2023 08:22:02 GMT
server: cloudflare
x-timer: S1699593815.362663,VS0,VE2
etag: W/"65265b2a-19824"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qM%2B%2B7zLUnCVzCA5E7lJPYQOQWAdoExvOPg8ODY1XEe12P9aSFvN6zcJZ0FtodoNJ6pWNpHLCDUmiVHDNiSx7vCvZybTo1kDNH%2F%2BfX1O4KbIdvErE4wB0F2uZgUs7Eds296dVm8qpoUXL3Vw0BRPtEQQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-styx-req-id: 4c517282-681f-11ee-bff3-e6fe379ebed3
cache-control: max-age=31622400
cf-ray: 82627fd02a288232-IAD
x-cache-hits: 1, 1

GET
H2 200 autoptimize_single_d55f4b939d68ed652b0d9f2b5717ea21.css
www.secplicity.org/wp-content/uploads/autoptimize/css/ 602 B
779 B 233ms
232ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/wp-content/uploads/autoptimize/css/autoptimize_single_d55f4b939d68ed652b0d9f2b5717ea21.css?minify=false&ver=34ae973733627b74a14e

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d749579e51cf490ba27a6782bcfe07c52e44ffa8e3fbb4db7a4dded9d0d9ef29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Thu, 03 Oct 2024 16:11:35 GMT
date: Tue, 14 Nov 2023 21:55:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 213326
content-encoding: br
x-cache: HIT, HIT
x-cache-hits: 1, 1
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-klot8100072-CHI, cache-iad-kiad7000133-IAD
cf-bgj: minify
last-modified: Mon, 18 Sep 2023 18:16:13 GMT
server: cloudflare
x-timer: S1699785607.681846,VS0,VE1
etag: W/"650893ed-25a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZxJjlxI2XFrc6cp2Vf3j7c4izMm2jqxlzmC83b0JoXnUx0t8LsO7Sv3RBeeXkxUnMhLK5umyQzMmb1GzVuubpPn7CypakHxVjWa9JlzVhGw3at4aZcv8tg00qOiqrIDgl8G%2B9ff5A%2FoCQfYYaijhlxY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-styx-req-id: 8679e614-6207-11ee-b97f-56525b9095c8
cache-control: max-age=31622400
cf-ray: 82627fd02a2a8232-IAD
x-pantheon-styx-hostname: styx-fe3-a-f9d8bf5c4-zmn2g

GET
H2 200 mediaelementplayer-legacy.min.css
www.secplicity.org/wp-includes/js/mediaelement/ 11 KB
3 KB 197ms
196ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Wed, 26 Jun 2024 22:11:45 GMT
date: Tue, 14 Nov 2023 21:55:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 9475167
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-a-5cbbd7565d-sfd7l
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-klot8100046-CHI, cache-iad-kiad7000146-IAD
last-modified: Sun, 25 Jun 2023 15:16:55 GMT
server: cloudflare
x-timer: S1690523766.648767,VS0,VE9
etag: W/"64985a67-2bf8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1NMgBm3hc8nSwyVQ2%2FK%2BK826udvhNRLQz0FUFPO%2BFJGh7dQSLXhDLcqTvU7GQ8PgPxZPDoO8N2FjbBxZmoCBAiIhgX8FDif1JhRf5xFDsSaymayJDitZa5YMxIBK1b0uPTzSjkSuKQ8S4K7MPmXhU8o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-styx-req-id: 70550595-146e-11ee-9c26-36378b759a59
cache-control: max-age=31622400
cf-ray: 82627fd02a2c8232-IAD
x-cache-hits: 1, 1

GET
H2 200 wp-mediaelement.min.css
www.secplicity.org/wp-includes/js/mediaelement/ 4 KB
2 KB 195ms
194ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.3.1

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Fri, 11 Oct 2024 12:49:29 GMT
date: Tue, 14 Nov 2023 21:55:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 372715
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-b-68df48cffd-9m4g9
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-kigq8000170-CHI, cache-iad-kiad7000032-IAD
last-modified: Wed, 11 Oct 2023 08:22:02 GMT
server: cloudflare
x-timer: S1699626217.369076,VS0,VE2
etag: W/"65265b2a-105a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bxuOE%2BNRgstaPMq8%2BP8kCZMdPB9i2FBJo7Js%2BGYsYzDMWCB71MPYru4HkOAnW%2FEj63Wjsq%2F%2FFew0jNQP3zSXwJrqm0pl1CfXbIyK26dYw09UFZ6MJR9wxfnKCPWL4JaBkakxWfqLbAWdfskHFnaTJaE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-styx-req-id: 9e0fcf00-6834-11ee-b747-ba44389d6db1
cache-control: max-age=31622400
cf-ray: 82627fd02a2d8232-IAD
x-cache-hits: 1, 1

GET
H2 200 autoptimize_single_0e4a098f3f6e3faede64db8b9da80ba2.css
www.secplicity.org/wp-content/uploads/autoptimize/css/ 2 KB
1 KB 220ms
219ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/wp-content/uploads/autoptimize/css/autoptimize_single_0e4a098f3f6e3faede64db8b9da80ba2.css?ver=5.8

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e8995aad4337a22e0487bd75ec1347183909ee662b4eb84107aec807c84c479

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Wed, 18 Sep 2024 18:17:28 GMT
date: Tue, 14 Nov 2023 21:55:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 40513
cf-polished: origSize=2321
content-encoding: br
x-cache: HIT, HIT
x-cache-hits: 1, 1
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-klot8100076-CHI, cache-iad-kiad7000037-IAD
cf-bgj: minify
last-modified: Mon, 24 Apr 2023 17:02:38 GMT
server: cloudflare
x-timer: S1699958419.073976,VS0,VE2
etag: W/"6446b62e-911"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yiiowac7ux1UfqhGCZsTZP3G73dAOnAnVYPKkHgh8yU3YO2wk5U7okAVybNsVGdYiL1ELRzWV2PV43KTwYu9v6EqW9h1qF1nvg4cRnC%2BWEcc4tVihLOTiDExOaoztVOOAE6YUaZt%2BOOgfW7mij%2FIddw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-styx-req-id: 9feb9db8-564f-11ee-81f0-e20908b73524
cache-control: max-age=31622400
cf-ray: 82627fd03a3d8232-IAD
x-pantheon-styx-hostname: styx-fe3-b-f64b97cc5-bq9mq

GET
H2 200 dashicons.min.css
www.secplicity.org/wp-includes/css/ 58 KB
35 KB 368ms
367ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/wp-includes/css/dashicons.min.css?ver=6.3.1

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Fri, 25 Oct 2024 17:14:30 GMT
date: Tue, 14 Nov 2023 21:55:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 495124
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-a-7f44764b9c-mrmjm
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-klot8100057-CHI, cache-iad-kiad7000041-IAD
last-modified: Tue, 24 Oct 2023 09:14:46 GMT
server: cloudflare
x-timer: S1699503809.536079,VS0,VE2
etag: W/"65378b06-e688"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d56ymsqbHhn83bQvhjpqp0m%2BrdubD64Sza%2FIVmw4Yx8b5Wt%2BYHNagl2QwU9%2BsP7yIcKTzEkoHUrBBvLfBT2nxjZzvRwAE1a%2FZGpX8Kjm462vyKQeeONtUI%2BlRn8jqH8oVg15v2E09r5j8WJIAKkS4ts%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-styx-req-id: f55adcda-7359-11ee-a530-aa9f33975ffc
cache-control: max-age=31622400
cf-ray: 82627fd03a3f8232-IAD
x-cache-hits: 2, 1

GET
H2 200 autoptimize_single_75cff761286bc648aa0ad67c61dca2b7.css
www.secplicity.org/wp-content/uploads/autoptimize/css/ 26 KB
5 KB 358ms
358ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/wp-content/uploads/autoptimize/css/autoptimize_single_75cff761286bc648aa0ad67c61dca2b7.css?ver=1699934948

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68d8c72a1380ed65dfb8f9163cdd8b7db3de836c00611ab533535cd8a5df689e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Thu, 14 Nov 2024 04:16:14 GMT
date: Tue, 14 Nov 2023 21:55:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 63558
content-encoding: br
x-cache: MISS, MISS
x-cache-hits: 0, 0
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-kigq8000090-CHI, cache-iad-kiad7000116-IAD
cf-bgj: minify
last-modified: Wed, 29 Jun 2022 15:19:17 GMT
server: cloudflare
x-timer: S1699935374.288416,VS0,VE157
etag: W/"62bc6d75-66d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQB7Y0k6sFAEimChQxi7gaekVmJ49ntwhLJ1WEmoKmOh1c7ruhUSaaPMy2%2Ft6Y%2BlaNAbDEHFE5EmLcPhBrXAhxBqL%2B0wTELTIOJtn%2BEaM54TcG0hRazdcTc1sp6hhwPvIHnfd3diWmWYj%2B6I3JPK%2B5o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-styx-req-id: 8cccf198-82a4-11ee-bd1b-ba6629f935c1
cache-control: max-age=31622400
cf-ray: 82627fd03a418232-IAD
x-pantheon-styx-hostname: styx-fe3-b-5f8bd4889f-7fqzz

GET
H2 200 autoptimize_single_9d5cce3983740651049f33171bf8f25e.css
www.secplicity.org/wp-content/uploads/autoptimize/css/ 98 KB
19 KB 227ms
226ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/wp-content/uploads/autoptimize/css/autoptimize_single_9d5cce3983740651049f33171bf8f25e.css?ver=12.5

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

132ec91647e14be7805449a2d7c44cd5f91896a0172d14c2ec90c0558aa5218c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Wed, 18 Sep 2024 18:17:28 GMT
date: Tue, 14 Nov 2023 21:55:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 559932
content-encoding: br
x-cache: HIT, HIT
x-cache-hits: 2, 1
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-kigq8000050-CHI, cache-iad-kiad7000160-IAD
cf-bgj: minify
last-modified: Mon, 18 Sep 2023 18:16:13 GMT
server: cloudflare
x-timer: S1699439001.910009,VS0,VE3
etag: W/"650893ed-186c9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gWKunuCekeqvuYmoA%2F2Mi4%2BQyu1yHScB%2FsHziK%2B1Btm4SISxkOBEqGb69RBD4OJUHoy2VK7A%2FQzAg9QtlXJtPEPrs%2B27Zw85iWoQvsUbU5%2Ficlsnp0EC30xHtRXrC2RwXlAHUmwqKRYkueesjoVEkFg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-styx-req-id: 9ffd4829-564f-11ee-8a9f-9e967b8d2ac0
cache-control: max-age=31622400
cf-ray: 82627fd03a428232-IAD
x-pantheon-styx-hostname: styx-fe3-b-f64b97cc5-xz888

GET
H2 200 /
www.secplicity.org/ 15 KB
4 KB 220ms
219ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/?custom-css=9d3d5bfaa9

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9e849ce1aa8faab3ca6c1d08c500a661869f75b272172882cee4ee39c2f3c68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

cf-edge-cache: cache,platform=wordpress
date: Tue, 14 Nov 2023 21:55:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 18911
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-b-55f9644964-69s79
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-kigq8000028-CHI, cache-iad-kiad7000123-IAD
expires: Sat, 09 Nov 2024 02:00:12 GMT
server: cloudflare
x-timer: S1699998933.527409,VS0,VE2
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H74Skbcco3TaC998eE16A0b2nEk7eJoh2l7H3qiNlMVZuV4HDRq2k8u6R5DafG%2Bmasv99RGKDpux8OJgId3txIsQ5ZFlTZGL6%2BaG%2FiPlshzaKbhhluCi5aUPPVHzFS072Jga6kJGsAGvB0FprOkk9EU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
x-styx-req-id: e248c519-7f6c-11ee-ad04-4abe9d864b4d
cf-ray: 82627fd03a448232-IAD
x-cache-hits: 155, 1

GET
H2 200 DiE-edit.png
www.secplicity.org/wp-content/uploads/2023/05/ 49 KB
49 KB 411ms
410ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secplicity.org/wp-content/uploads/2023/05/DiE-edit.png

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3962a3771a89df4f1653f8685fae56bff6288be63abce38c98a665a61c6b0f57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Fri, 08 Nov 2024 05:04:34 GMT
date: Tue, 14 Nov 2023 21:55:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 10904
x-cache: HIT, MISS
x-pantheon-styx-hostname: styx-fe3-b-55f9644964-sszb8
alt-svc: h3=":443"; ma=86400
content-length: 49711
x-served-by: cache-chi-klot8100064-CHI, cache-iad-kiad7000087-IAD
last-modified: Tue, 23 May 2023 05:44:10 GMT
server: cloudflare
x-timer: S1699988028.036612,VS0,VE27
etag: "646c52aa-c22f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9qaX0UuiJSEXYNunXfZyRZ2Zgs6pXxiKMmzZIWdi9hGQKzRiVFE7bowZEccGmMX1BHIn15XVGBtUhWr6h1TYSZe1SHqyecwzpcs9sGdI8vjxKMWbFuDeqXcbr0qXYjz6Cf0PpHKv93rUvWleg7df5tk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: 4ef5aa1a-7df4-11ee-8aff-4e82373ded40
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 82627fd14b978232-IAD
x-cache-hits: 1, 0

GET
H2 200 Die_Entropy.png
www.secplicity.org/wp-content/uploads/2023/05/ 54 KB
54 KB 412ms
411ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secplicity.org/wp-content/uploads/2023/05/Die_Entropy.png

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0432d41dd9a7324f78502851c46b3fd31439a03649771bff3726d53e40bfbbb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Thu, 10 Oct 2024 15:51:42 GMT
date: Tue, 14 Nov 2023 21:55:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-pantheon-styx-hostname: styx-fe3-b-68df48cffd-vdpf6
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400
content-length: 55050
x-served-by: cache-chi-kigq8000069-CHI, cache-iad-kiad7000151-IAD
last-modified: Tue, 23 May 2023 05:34:41 GMT
server: cloudflare
x-timer: S1699998933.696413,VS0,VE3
etag: "646c5071-d70a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3heU51Jooo8Rp3diRomJjfXatksLjDVavQ3PbNZPgtYepYUn9znB6qKjbWHotF1%2FwPHYqjWqAeAtJRYpUYD3E4oc1ZRnrLlKKoS6sHaVlLSIogDD6ikbbAsitdSz1N3QadVVW9OV30Cpb%2F7TezPAHQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: e84e0d75-6784-11ee-b15f-22b56de3d27f
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 82627fd14b988232-IAD
x-cache-hits: 1, 1

GET
H2 200 strings-edit.png
www.secplicity.org/wp-content/uploads/2023/05/ 15 KB
16 KB 411ms
411ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secplicity.org/wp-content/uploads/2023/05/strings-edit.png

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93ef6a93fbd2c0b8883f62ae549da876ddd5b866aac25abfafa1d1f18aaad02d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Wed, 16 Oct 2024 16:32:19 GMT
date: Tue, 14 Nov 2023 21:55:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-pantheon-styx-hostname: styx-fe3-a-f9d8bf5c4-zjm2q
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400
content-length: 15464
x-served-by: cache-chi-klot8100129-CHI, cache-iad-kiad7000043-IAD
last-modified: Tue, 23 May 2023 05:46:35 GMT
server: cloudflare
x-timer: S1699998933.696938,VS0,VE2
etag: "646c533b-3c68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x2ZFukRO7lXE7zDwdlELqVpkA6ySgRBuM1K2D9kYIlctNwhOrk4JPd821XrRuhJvKICaWCTbjl7gaeKt0d7%2Fk2DeguSTOjV%2FmKVoDyzYk6CAaW3woMA8HOpQYRe%2B1TxduWnKpxXicw7paVEzsht8euo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: 930eaec5-6c41-11ee-9349-f6544157d242
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 82627fd14b998232-IAD
x-cache-hits: 1, 1

GET
H2 200 secplicity-logo-white.png
www.secplicity.org/wp-content/uploads/2018/06/ 4 KB
5 KB 177ms
176ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secplicity.org/wp-content/uploads/2018/06/secplicity-logo-white.png

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34f16fee02d3c44c72f5e4748a432c9b70d843d0b7abb2d2c97f10413fcf8b48

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Fri, 20 Sep 2024 20:51:37 GMT
date: Tue, 14 Nov 2023 21:55:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 38476
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-b-f64b97cc5-p9pht
alt-svc: h3=":443"; ma=86400
content-length: 4283
x-served-by: cache-chi-kigq8000056-CHI, cache-iad-kiad7000117-IAD
last-modified: Fri, 13 Dec 2019 22:55:33 GMT
server: cloudflare
x-timer: S1699960458.528315,VS0,VE1
etag: "5df416e5-10bb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cmZ4Tr6VFKIpvSdZJG3lCssiLGpaMiI5cBbhFj4FYyBP4D3%2B6sWQi03G%2BXzcBNUSDlDawL4yAKJ29%2FGLQyfKO3eIL6%2FSPh2zqwiNppptcrYozvVy6eEWW%2FmJ0LYbAJcAuF68oJBY%2F6qJ9pnG72ExDkI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: 7dc11524-57f7-11ee-b031-72e894c97ba0
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 82627fd3cf2e8232-IAD
x-cache-hits: 1, 1

GET
H2 200 rocket-loader.min.js Show response
www.secplicity.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 168ms
167ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:55:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 16:16:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: gzip
etag: W/"654bb442-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m8aQOYaHKRWkPBnXf3Xuid4O3oLKYR%2BzJsLsUKRrxepmmhgIV%2FD5fQgjrXLG4mufY7JlL1aVJlDHYlVyUshpYHTCPdO0NHodBidy5wwAefuFVC1e3V8EjM37FSRNoxWds9CIJh5E%2FL0PeVZsk9XfJ04%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 82627fd3df378232-IAD
expires: Thu, 16 Nov 2023 21:55:33 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 245 KB
82 KB 90ms
42ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N2CTSV

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d443a564f95fc36614c9d63f2c1efa87b0792c23a9272218dd776fe57fdb0de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:55:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83868
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 14 Nov 2023 21:55:33 GMT

GET
H2 200 circuit-bg.png
www.secplicity.org/wp-content/uploads/2018/06/ 32 KB
33 KB 175ms
174ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secplicity.org/wp-content/uploads/2018/06/circuit-bg.png

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/?custom-css=9d3d5bfaa9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b9007c650d4e92c92481577eb23ca3344422d0ba58f5d3ccdecf3f93434ab02

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/?custom-css=9d3d5bfaa9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Tue, 22 Oct 2024 20:59:23 GMT
date: Tue, 14 Nov 2023 21:55:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 372716
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-b-8466695d9f-9cvr2
alt-svc: h3=":443"; ma=86400
content-length: 32665
x-served-by: cache-chi-kigq8000039-CHI, cache-iad-kiad7000032-IAD
last-modified: Fri, 13 Dec 2019 22:55:33 GMT
server: cloudflare
x-timer: S1699626218.503812,VS0,VE2
etag: "5df416e5-7f99"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2brE6G0RCRt18PMSdf5tC7tSFif4Art00xOYZS6%2B3%2BgcxceHxiUQlDXCJSDHC7iOfNFPoGitg6i9k9ExB2p5%2FeI7L2iTFDLSdS8XeN6XBl8u4GJ%2BkIUYwDcl5RZu7uQ194NeTtJ%2FDWQNYyvb8O%2Be%2FXE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: e0b7beec-711d-11ee-937d-b64ecc9a9ff0
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 82627fd3ef4c8232-IAD
x-cache-hits: 1, 1

GET
H2 200 secplicity-logo-red-white.png
www.secplicity.org/wp-content/uploads/2019/03/ 10 KB
11 KB 192ms
191ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secplicity.org/wp-content/uploads/2019/03/secplicity-logo-red-white.png

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/?custom-css=9d3d5bfaa9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d8111faa1d2b03acd0a99f656b68f0715c9c46c94405950ed55f828271b8414

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/?custom-css=9d3d5bfaa9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Fri, 13 Sep 2024 20:36:12 GMT
date: Tue, 14 Nov 2023 21:55:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 1247641
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-a-86d66977b5-p8xp9
alt-svc: h3=":443"; ma=86400
content-length: 10667
x-served-by: cache-chi-kigq8000143-CHI, cache-iad-kiad7000074-IAD
last-modified: Fri, 13 Dec 2019 22:55:33 GMT
server: cloudflare
x-timer: S1698751292.495847,VS0,VE2
etag: "5df416e5-29ab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZ%2FZD0it68vMnvr7a0M%2BSWNCVJuLg9T2XlQKGla8QO8PdKUPEjBALkAOY3Yb8QB%2FTTfw0ayfML%2Bw65oSilDf8B20cMeChYMHW2ik%2F2cyc%2Fg9U3FrNi%2Ff5QQ4040rHKlJIJod6PFD2s2RjmZUzDTBt%2FQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: 2dcc62a2-5275-11ee-bdd8-eeb9918916c4
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 82627fd3ef4e8232-IAD
x-cache-hits: 1, 1

GET
H2 200 social-sprite.png
www.secplicity.org/wp-content/uploads/2016/09/ 7 KB
7 KB 198ms
198ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secplicity.org/wp-content/uploads/2016/09/social-sprite.png

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/?custom-css=9d3d5bfaa9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

038725776643cf72297fea8df75e5b31a35e32c234a3939b5b1bb63260f37870

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/?custom-css=9d3d5bfaa9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Wed, 23 Oct 2024 09:12:14 GMT
date: Tue, 14 Nov 2023 21:55:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 534730
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-b-8466695d9f-7kzsc
alt-svc: h3=":443"; ma=86400
content-length: 7009
x-served-by: cache-chi-klot8100103-CHI, cache-iad-kiad7000055-IAD
last-modified: Fri, 13 Dec 2019 22:55:31 GMT
server: cloudflare
x-timer: S1699464203.051088,VS0,VE4
etag: "5df416e3-1b61"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4PTftqvc1vSF0Nrv%2FFc2r8GrD7B3Jo35p9sHGI%2BsFvMuBWixyvIqzNtTZ5c1CzDZzLvxSIWD7eZsRUoP%2BSHDmPL7ncpRLhOV%2BgdWlaopFZWOi%2FCaL1oBhlPo6INYarmvR%2BPrtIIQtMF%2B0lhHVfTl2kE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: 41a326a9-7184-11ee-8ab8-4a5fa7de18a2
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 82627fd3ef4f8232-IAD
x-cache-hits: 1, 1

GET
H2 200 checkbox.png
www.secplicity.org/wp-content/uploads/2016/09/ 262 B
773 B 199ms
199ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secplicity.org/wp-content/uploads/2016/09/checkbox.png

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/?custom-css=9d3d5bfaa9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00c8a86cf7659405698e4a02f58e6710af0b02a5e329e99078026b8cef2c453c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/?custom-css=9d3d5bfaa9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Fri, 27 Sep 2024 14:33:33 GMT
date: Tue, 14 Nov 2023 21:55:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 286311
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-b-5cbc988cb-z244t
alt-svc: h3=":443"; ma=86400
content-length: 262
x-served-by: cache-chi-kigq8000042-CHI, cache-iad-kiad7000174-IAD
last-modified: Fri, 13 Dec 2019 22:55:31 GMT
server: cloudflare
x-timer: S1699712623.784273,VS0,VE1
etag: "5df416e3-106"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zw6QHOBr3tvAc0%2Fm493Slvjcq209xnvCFBEfQuhFaVipabNt%2BUoBvxJt8y4SjAwPa22wNr995o9Of7qT4DPhJu%2FFISXWwTQmNRssL4zUchaGCCP9O9kVvezog7KDIU47Odmu2K629ZHh70F9i264KGQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: d63dd64d-5d42-11ee-8192-820da9060d6c
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 82627fd3ef558232-IAD
x-cache-hits: 1, 1

GET
H2 200 Rhysida-parseOptions-edit.png
www.secplicity.org/wp-content/uploads/2023/05/ 35 KB
35 KB 400ms
398ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secplicity.org/wp-content/uploads/2023/05/Rhysida-parseOptions-edit.png

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08a111b23141cb015e1d25e55e46e729b67731b06c1275259361afdbe45a41dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 18:47:59 GMT
date: Tue, 14 Nov 2023 21:55:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-pantheon-styx-hostname: styx-fe3-b-5cbc988cb-rwfbz
x-cache: HIT, MISS
alt-svc: h3=":443"; ma=86400
content-length: 35722
x-served-by: cache-chi-kigq8000103-CHI, cache-iad-kiad7000072-IAD
last-modified: Tue, 23 May 2023 05:57:09 GMT
server: cloudflare
x-timer: S1699998933.289459,VS0,VE21
etag: "646c55b5-8b8a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=brZiZzOXIDPUKLgnWH4Bl28%2F5H%2FEqqjaeE3NRuo1Q7j1V52rgzHG2m2CRDFG4DZq%2BDPZJkpynkMK9PrFby77Y1l3TKIV5%2FKYDwq3EK3kizJTsRoWBA63TDfpoOkGtKecc%2FLHw8fi%2BZqM%2Bu2XEphLtqM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: 36de8c67-5c9d-11ee-9618-76465eb2d399
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 82627fd4f8d88232-IAD
x-cache-hits: 1, 0

GET
H2 200 Rhysida-selfRemove.png
www.secplicity.org/wp-content/uploads/2023/05/ 13 KB
14 KB 372ms
370ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secplicity.org/wp-content/uploads/2023/05/Rhysida-selfRemove.png

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

590b3830aba0a9186ce40c5d3e95781a42729bd5208acf70b404326a995ee183

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Fri, 27 Sep 2024 14:04:05 GMT
date: Tue, 14 Nov 2023 21:55:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-pantheon-styx-hostname: styx-fe3-b-5cbc988cb-g7rhx
x-cache: HIT, MISS
alt-svc: h3=":443"; ma=86400
content-length: 13686
x-served-by: cache-chi-klot8100043-CHI, cache-iad-kiad7000050-IAD
last-modified: Tue, 23 May 2023 06:05:00 GMT
server: cloudflare
x-timer: S1699998933.285881,VS0,VE22
etag: "646c578c-3576"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SJ%2FKPxFo7RtI5XXn8dZp%2F3xm8iA2bCUeYYzAD3fQMClb2vvcGkPosX00YljYNzFyGqaijTC9OjWi32azXJ3jwsF2tVi2AB74tNJ7P%2FN54rTnnBfgg4%2FQQ%2BQbWlHsnUsyd2eUbCFenTc5rAudgyibEtI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: b86ebb48-5d3e-11ee-810d-16c5e47dd368
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 82627fd4f8da8232-IAD
x-cache-hits: 1, 0

GET
H2 200 main1-edit.png
www.secplicity.org/wp-content/uploads/2023/05/ 47 KB
48 KB 402ms
401ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secplicity.org/wp-content/uploads/2023/05/main1-edit.png

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

579e6fc60f250f19275868a034f9d2165dc0f9610fc72643e4a85ab0019eb716

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Fri, 11 Oct 2024 17:14:26 GMT
date: Tue, 14 Nov 2023 21:55:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-pantheon-styx-hostname: styx-fe3-b-68df48cffd-pfzpk
x-cache: HIT, MISS
alt-svc: h3=":443"; ma=86400
content-length: 48310
x-served-by: cache-chi-kigq8000071-CHI, cache-iad-kiad7000153-IAD
last-modified: Tue, 23 May 2023 06:14:23 GMT
server: cloudflare
x-timer: S1699998933.292021,VS0,VE25
etag: "646c59bf-bcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQJQumlrKSm0frE1VrVdCLU0Ydr%2FFgwomrLIXIfdKloiZa32Hi8v%2Ffyv6jaV4YkmoEc60vKDSe1nS5N2kMxarUtNtOECU7fafG%2BEFQ33y7If%2BLZ5ahQrANfKJJz1%2BEuBpoLVIx5ZH5E4nRsxNlVB3dM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: a18db03c-6859-11ee-86ea-2a9276c83e8f
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 82627fd4f8dc8232-IAD
x-cache-hits: 1, 0

GET
H2 200 podcast-cover.jpg
www.secplicity.org/wp-content/uploads/2018/06/ 19 KB
20 KB 319ms
318ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secplicity.org/wp-content/uploads/2018/06/podcast-cover.jpg

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5d3791343bc3fd5dd88e8940f85431da73ec5340335c6ca621a4953e1835a16

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Tue, 22 Oct 2024 11:36:20 GMT
date: Tue, 14 Nov 2023 21:55:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 304312
x-cache: HIT, HIT
x-cache-hits: 1, 1
alt-svc: h3=":443"; ma=86400
content-length: 19417
x-served-by: cache-chi-klot8100056-CHI, cache-iad-kiad7000024-IAD
cf-bgj: h2pri
last-modified: Fri, 13 Dec 2019 22:55:33 GMT
server: cloudflare
x-timer: S1699694621.426584,VS0,VE1
etag: "5df416e5-4bd9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OkMLPRNCPQLNphrKsnIMQ7QDF1i8wm5OUxKjk0ggh%2Bp%2FuXJZHCyDZmpjlyR8fFn1Jc8Y%2BVhwZSabpPeOyE4tEOrLLxfvc2mOFztv71Y9RxUudoEmdpcILT6cJX2h5gCKCFqgCc%2FI8O5F4oEZGXbKPDw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-styx-req-id: 389ecc2d-70cf-11ee-9b8f-4a5fa7de18a2
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 82627fd4f8dd8232-IAD
x-pantheon-styx-hostname: styx-fe3-b-8466695d9f-7kzsc

GET
H2 200 threat-landscape-screenshot.jpg
www.secplicity.org/wp-content/uploads/2018/06/ 38 KB
38 KB 329ms
328ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secplicity.org/wp-content/uploads/2018/06/threat-landscape-screenshot.jpg

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

305170a9b60864dde1e2f512feabc0f75a31388154e798e52310ea07db6461e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Thu, 05 Sep 2024 08:20:38 GMT
date: Tue, 14 Nov 2023 21:55:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 1258442
x-cache: HIT, HIT
x-cache-hits: 1, 1
alt-svc: h3=":443"; ma=86400
content-length: 38813
x-served-by: cache-chi-kigq8000174-CHI, cache-iad-kiad7000110-IAD
cf-bgj: h2pri
last-modified: Fri, 13 Dec 2019 22:55:33 GMT
server: cloudflare
x-timer: S1698740491.262730,VS0,VE2
etag: "5df416e5-979d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jY71Lg3pD%2F%2BM5AAUHeB9WgbqD3PYd%2B1iJ2O3Ndv5vLDvTXsHgky%2Bwcuo7I9VtlZBrJF%2BlcSWHSTopGx2MLIcX%2FFvFyPKXuc%2BW%2B5izDtZD8haQYDX7ZMKgODCeYu%2FTW0DSip59e5BQei%2FikbnWk8IlyU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-styx-req-id: 1882d988-4bc5-11ee-8ee3-62fd6cd151ba
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 82627fd4f8de8232-IAD
x-pantheon-styx-hostname: styx-fe3-a-94d5cdf4b-7tbrf

GET
H2 200 20212-featured-150x80.jpg
www.secplicity.org/wp-content/uploads/wordpress-popular-posts/ 10 KB
10 KB 356ms
355ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secplicity.org/wp-content/uploads/wordpress-popular-posts/20212-featured-150x80.jpg

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47214d225ad892ba760518c358d3352eb48f37010d84735a5960075ea93f9e81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Wed, 16 Oct 2024 18:16:14 GMT
date: Tue, 14 Nov 2023 21:55:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 1251241
x-cache: HIT, HIT
x-cache-hits: 1, 1
alt-svc: h3=":443"; ma=86400
content-length: 10146
x-served-by: cache-chi-klot8100158-CHI, cache-iad-kiad7000060-IAD
cf-bgj: h2pri
last-modified: Mon, 16 Oct 2023 18:14:17 GMT
server: cloudflare
x-timer: S1698747692.024731,VS0,VE2
etag: "652d7d79-27a2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vvqjNACU%2F8v8kSijjAxzva6IJDt77HFDb7OYLELUiIkrEEMPF7Iw4JVZtTmHF%2F%2BJLqyyttKEi4kM%2B%2FtXRgwAg66xuraErsWG6Zekv9bUcCpbnSr%2FtN6X2i%2FNDFyGE%2FBDw0YEqqUDcT5GcdBHgZgXIQE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-styx-req-id: 1788e0c7-6c50-11ee-9e66-129a143ca5ae
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 82627fd4f8df8232-IAD
x-pantheon-styx-hostname: styx-fe3-b-68df48cffd-p7hhw

GET
H2 200 20224-featured-150x80.jpg
www.secplicity.org/wp-content/uploads/wordpress-popular-posts/ 10 KB
10 KB 365ms
364ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secplicity.org/wp-content/uploads/wordpress-popular-posts/20224-featured-150x80.jpg

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6553f91a04e7a83fbc1d36fd2f136fa6d9b027dccf277738f31f2cdf3d8f6770

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Mon, 11 Nov 2024 08:01:36 GMT
date: Tue, 14 Nov 2023 21:55:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 300712
x-cache: HIT, MISS
x-cache-hits: 6, 0
alt-svc: h3=":443"; ma=86400
content-length: 10150
x-served-by: cache-chi-kigq8000125-CHI, cache-iad-kiad7000068-IAD
cf-bgj: h2pri
last-modified: Sat, 11 Nov 2023 07:48:48 GMT
server: cloudflare
x-timer: S1699698222.629965,VS0,VE18
etag: "654f31e0-27a6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IkDiSYsxRzbB7UmrIWYcm6PkUFbUefT0mehpfo4uWGfTYQIomkq4rrP6KDHtbRsSEDOMijKI%2BWPNMUM5zQUEqbyxl6uMpdMPdgJyovrwhVukqToG1OhmVuhA%2F6QPZztPNEk%2B8B5ctJt3OQz7%2Bm6BKP4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-styx-req-id: 894007fc-8068-11ee-9fed-ea9981d10505
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 82627fd4f8e08232-IAD
x-pantheon-styx-hostname: styx-fe3-a-8c86c97b-fd5pg

GET
H2 200 20215-featured-150x80.jpg
www.secplicity.org/wp-content/uploads/wordpress-popular-posts/ 10 KB
11 KB 364ms
363ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secplicity.org/wp-content/uploads/wordpress-popular-posts/20215-featured-150x80.jpg

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79f90375e470ce3b2cb3428719c3e6cf856838ce5a62d7b8a78308d8f256869c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 05:43:39 GMT
date: Tue, 14 Nov 2023 21:55:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 1251241
x-cache: HIT, HIT
x-cache-hits: 7, 1
alt-svc: h3=":443"; ma=86400
content-length: 10321
x-served-by: cache-chi-kigq8000179-CHI, cache-iad-kiad7000175-IAD
cf-bgj: h2pri
last-modified: Tue, 31 Oct 2023 05:41:43 GMT
server: cloudflare
x-timer: S1698747692.024331,VS0,VE2
etag: "65409397-2851"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bAFK1%2BDC%2FSFSJsNJGEOU2jP%2FOQ9bW1EtrQ5E2%2BvdecZzFrFZP0xu%2Fc%2BY35EqueidYPTiezWZ3vc46kzoVbosNNyeai5QabkTU8CmrUNA%2FjxUrmbmBUDLEKHkcPUts27s%2BbPyj7TpSVWW2OmuVylnF1I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-styx-req-id: 71345430-77b0-11ee-b252-463bbbb192ea
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 82627fd4f8e38232-IAD
x-pantheon-styx-hostname: styx-fe3-b-8466695d9f-wzrzv

GET
H2 200 20220-featured-150x80.jpg
www.secplicity.org/wp-content/uploads/wordpress-popular-posts/ 10 KB
11 KB 349ms
349ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secplicity.org/wp-content/uploads/wordpress-popular-posts/20220-featured-150x80.jpg

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

587923a560cf30f1282a66d7ae44903e5223aef3d0abe1c7b36257533767698c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Thu, 07 Nov 2024 02:31:17 GMT
date: Tue, 14 Nov 2023 21:55:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 559932
x-cache: HIT, HIT
x-cache-hits: 1, 1
alt-svc: h3=":443"; ma=86400
content-length: 10270
x-served-by: cache-chi-kigq8000117-CHI, cache-iad-kiad7000079-IAD
cf-bgj: h2pri
last-modified: Tue, 07 Nov 2023 02:26:40 GMT
server: cloudflare
x-timer: S1699439001.999720,VS0,VE2
etag: "6549a060-281e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QmGkJQEZYtcLD6j2mo0VYuhsz0CYuqv%2Bvcu41BccNMpN2K4hLLLAkRG5M9exA0ivTYy7EYBpAxhS5yBSDArAjXdcNLtkl3mfqAPaaUBeH4ezPKlf4NfwZP2Y4rnQmoHfGCls3m99D8uZ%2BBb1GQbCc70%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-styx-req-id: bad15d9b-7d15-11ee-9486-6e276dee1edc
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 82627fd4f8e48232-IAD
x-pantheon-styx-hostname: styx-fe3-a-8c86c97b-7bpz6

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 101ms
31ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2CTSV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 14 Nov 2023 21:16:44 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2329
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 14 Nov 2023 23:16:44 GMT

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 67 KB
25 KB 74ms
14ms Script
application/x-javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/scripts/bizible.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2CTSV
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA7) /
Resource Hash: 1ef794d2735aea1a72ecc51376a0dec90f188ed0031eb818ed3a71e863d245ce

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:55:33 GMT
content-encoding: gzip
last-modified: Thu, 09 Nov 2023 19:35:04 GMT
server: ECS (amb/6BA7)
age: 2601
etag: "b7bd83d64313da1:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 25393

GET
DATA 200
OK truncated Show response
/ 60 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 221107c22ab40fe8aead0c0e39b1cc9e8db4657822983c3e80a76cbffdc2f44e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 autoptimize_single_94bc4228bb5941670e191e40a6bc44bd.js Show response
www.secplicity.org/wp-content/uploads/autoptimize/js/ 6 KB
2 KB 230ms
224ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/wp-content/uploads/autoptimize/js/autoptimize_single_94bc4228bb5941670e191e40a6bc44bd.js?ver=1699934946

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a88ba0b09a4416c080044dc095eabf66ca59e4d12a1d6201457b693687be85d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Thu, 14 Nov 2024 04:16:14 GMT
date: Tue, 14 Nov 2023 21:55:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 63559
content-encoding: br
x-cache: MISS, MISS
x-cache-hits: 0, 0
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-klot8100163-CHI, cache-iad-kiad7000130-IAD
cf-bgj: minify
last-modified: Mon, 12 Dec 2022 16:48:49 GMT
server: cloudflare
x-timer: S1699935375.508837,VS0,VE65
etag: W/"63975b71-1720"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJzlU1BBygha2MmRkQAu%2F3f0HXvrwB9CBEl870mz%2Bq5VQvOJZPRIGzuwaRwW8lcCRvGITNPBaF4RPmYR37r1YLqXjuzZw3xQtiMnFD6hqmy2gsMsaivr9zGVUE3QmqVqsZhIB8Ko3ujfiQTG0Y9q1lU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 8ce6dae4-82a4-11ee-bd1b-ba6629f935c1
cache-control: max-age=31622400
cf-ray: 82627fd508fa8232-IAD
x-pantheon-styx-hostname: styx-fe3-b-5f8bd4889f-7fqzz

GET
H2 200 e-202346.js Show response
stats.wp.com/ 7 KB
3 KB 49ms
13ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202346.js
Requested by: Host: www.secplicity.org
URL: https://www.secplicity.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT ams
date: Tue, 14 Nov 2023 21:55:33 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/13576-1695421998473.3982
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 10 Nov 2024 23:27:35 GMT

GET
H2 200 autoptimize_single_da610e54fa6e947776a5182a42eda940.js Show response
www.secplicity.org/wp-content/uploads/autoptimize/js/ 991 B
1012 B 228ms
223ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/wp-content/uploads/autoptimize/js/autoptimize_single_da610e54fa6e947776a5182a42eda940.js?ver=5.8

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f26e74a5392e23175b93e81e7b642e02c20d3ca132207dc7f00abfb7dae2b6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Wed, 02 Oct 2024 23:23:12 GMT
date: Tue, 14 Nov 2023 21:55:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 141320
content-encoding: br
x-cache: HIT, HIT
x-cache-hits: 1, 1
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-klot8100106-CHI, cache-iad-kiad7000029-IAD
cf-bgj: minify
last-modified: Mon, 18 Sep 2023 18:16:13 GMT
server: cloudflare
x-timer: S1699857613.003828,VS0,VE1
etag: W/"650893ed-3df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F4aFfQzB8XTaudIOS0RJ8dVan%2FdIEfPXORbH9Qjw7E29EIOrDOGWXtqiZTyWX8aIZzi1ydsFE%2FXDBevY1SXtwmUKhujMEBO6kt%2BrRZe7s1rh17YMYFXPY9zwQkZ33gBqgeRlr8m5viniYXch51%2FGz%2BA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: a7f6ba73-617a-11ee-88ba-6ea38a268b26
cache-control: max-age=31622400
cf-ray: 82627fd508fc8232-IAD
x-pantheon-styx-hostname: styx-fe3-a-f9d8bf5c4-d4lxr

GET
DATA 200
OK truncated Show response
/ 167 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0371a0d53247ea16a5b281efe3ce22f4a3a647081af625b741c4c8a6232c1c17

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 wp-polyfill.min.js Show response
www.secplicity.org/wp-includes/js/dist/vendor/ 16 KB
6 KB 229ms
224ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Thu, 07 Nov 2024 07:29:44 GMT
date: Tue, 14 Nov 2023 21:55:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 137720
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-a-8c86c97b-w9cbw
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-kigq8000051-CHI, cache-iad-kiad7000088-IAD
last-modified: Mon, 06 Nov 2023 07:15:06 GMT
server: cloudflare
x-timer: S1699861214.822848,VS0,VE1
etag: W/"6548927a-3f12"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CNL0Im0oa79YwChiMhC1la3XSHlnEmdZqDhdgkqqC9jUljaaLPhHdd4%2BQrEMeQzkJhTA5tT0oHOhkCIAi67HSqxCe4cghn19DDEFGpF47LferoDteik8nWLjRT0h2XblmUSoSSBKVJsHv3wrY2URhMc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 6c52d6f1-7d3f-11ee-b99f-56840024ebd3
cache-control: max-age=31622400
cf-ray: 82627fd509018232-IAD
x-cache-hits: 1, 1

GET
H2 200 regenerator-runtime.min.js Show response
www.secplicity.org/wp-includes/js/dist/vendor/ 6 KB
3 KB 227ms
223ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Wed, 01 May 2024 14:33:01 GMT
date: Tue, 14 Nov 2023 21:55:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 17046232
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-b-59f59d9dc-b77vv
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-kigq8000087-CHI, cache-iad-kiad7000059-IAD
last-modified: Mon, 01 May 2023 14:32:41 GMT
server: cloudflare
x-timer: S1682952701.052644,VS0,VE3
etag: W/"644fcd89-19cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QyrlsdYXDFOeWaYeXRz0xFrwSEU7XQYt%2F69OY2Nzl5RWAuZwhW9SA1HmP7X2PGgUHpRfGvMrojDPEdrB2nENSaaxmEA6XGSU3%2BPoJaVXR%2BvAR3LArQKJRF5brbWgrajE%2Fu7EFrTW4SLh2C%2FC5ieW6tg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 137d30ab-e82d-11ed-b062-5ad066019291
cache-control: max-age=31622400
cf-ray: 82627fd509038232-IAD
x-cache-hits: 4, 1

GET
H2 200 wp-polyfill-inert.min.js Show response
www.secplicity.org/wp-includes/js/dist/vendor/ 8 KB
3 KB 229ms
225ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Fri, 11 Oct 2024 12:33:42 GMT
date: Tue, 14 Nov 2023 21:55:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 559933
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-a-f9d8bf5c4-kfk9k
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-klot8100103-CHI, cache-iad-kiad7000150-IAD
last-modified: Tue, 10 Oct 2023 23:49:31 GMT
server: cloudflare
x-timer: S1699439001.921216,VS0,VE2
etag: W/"6525e30b-1feb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2yw2VDqZcxuxUS6bkNPsrP%2F8PS3T3NbAhgxrmYN0BmeCQV47WGiKyeqoHB%2BYgrcA%2FWPs7O%2BpkNy6drGp1U0WGZtInJNNsJYnv%2F%2FQ7YxIxsjlC5jae2OdiIQzfAPH0ULZ%2FCFLuQMka7j%2FY1%2F7OSUqPX0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 6998631c-6832-11ee-9dfa-eae9bcafece4
cache-control: max-age=31622400
cf-ray: 82627fd5190c8232-IAD
x-cache-hits: 1, 1

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 86ms
34ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LewipEUAAAAAEZ5kj5owPPOPMCiJY6hQdzAsd5w&ver=3.0

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

286ce13182f352804df18eafa40b79d74a8a91f19ca12284c94a8ea7b7af9f04

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:55:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 14 Nov 2023 21:55:33 GMT

GET
H2 200 comment-reply.min.js Show response
www.secplicity.org/wp-includes/js/ 3 KB
2 KB 231ms
228ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/wp-includes/js/comment-reply.min.js?ver=6.3.1

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Sat, 09 Nov 2024 23:53:09 GMT
date: Tue, 14 Nov 2023 21:55:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 38476
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-a-8c86c97b-qnnvj
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-klot8100081-CHI, cache-iad-kiad7000143-IAD
last-modified: Thu, 09 Nov 2023 12:28:01 GMT
server: cloudflare
x-timer: S1699960458.600226,VS0,VE1
etag: W/"654cd051-ba5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y9R%2Ft2CQgbd2QIFMpwSl9Ag8h%2FLODlDSO9IuqucrCT0ZFmijk0pJq0VtmK%2BhZUjxMaP4UTetaV9NL%2BxxJGp9XzH3UvLBckxlrNlgtIOOPC%2FznI9q4bmyCUmgjukONiIOjggR65iHAVt3ZZJI4dI65j8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 22bf0a02-7f5b-11ee-9251-aae4eab097dd
cache-control: max-age=31622400
cf-ray: 82627fd5190e8232-IAD
x-cache-hits: 2, 1

GET
H2 200 autoptimize_single_202b20ee76acd4670ff8bbddbe901584.js Show response
www.secplicity.org/wp-content/uploads/autoptimize/js/ 1 KB
954 B 233ms
230ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/wp-content/uploads/autoptimize/js/autoptimize_single_202b20ee76acd4670ff8bbddbe901584.js?ver=1.18.1

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4f4090a9b2fa60a224e449bd148663b695bca8e6304f8736ac6c6fea5c580aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Wed, 18 Sep 2024 18:17:29 GMT
date: Tue, 14 Nov 2023 21:55:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 4936738
content-encoding: br
x-cache: HIT, HIT
x-cache-hits: 6, 1
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-klot8100120-CHI, cache-iad-kiad7000154-IAD
cf-bgj: minify
last-modified: Mon, 18 Sep 2023 18:16:13 GMT
server: cloudflare
x-timer: S1695062196.897870,VS0,VE2
etag: W/"650893ed-514"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oeg0RNdBnyhqlBQ0xrULqbf4tOoaa%2FQKE1%2BU3yMXaoPmrwc6RlmUH%2BkX8AJ7J467ut5j5E64br5nkb73VwMD1DbqTgB2lrbzBc2X1QuneS0LREyf1Iol%2FB1wCC6xUXrgBzsUAOZlFjj2Sn4hat8eMkc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: a0897edc-564f-11ee-81f0-e20908b73524
cache-control: max-age=31622400
cf-ray: 82627fd5190f8232-IAD
x-pantheon-styx-hostname: styx-fe3-b-f64b97cc5-bq9mq

GET
H2 200 autoptimize_single_abe07dd594951200c9b7dc217fd5098b.js Show response
www.secplicity.org/wp-content/uploads/autoptimize/js/ 838 B
911 B 230ms
227ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/wp-content/uploads/autoptimize/js/autoptimize_single_abe07dd594951200c9b7dc217fd5098b.js?ver=1.18.1

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11a3c1e71281b46e8a07b624b4269e922215a506a37f711266e298cc94ce56d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Fri, 20 Sep 2024 09:06:16 GMT
date: Tue, 14 Nov 2023 21:55:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 137720
content-encoding: br
x-cache: HIT, HIT
x-cache-hits: 1, 1
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-kigq8000063-CHI, cache-iad-kiad7000088-IAD
cf-bgj: minify
last-modified: Mon, 18 Sep 2023 18:16:13 GMT
server: cloudflare
x-timer: S1699861213.210477,VS0,VE1
etag: W/"650893ed-346"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F0n0VHsghABehtmgXklWJDoXRSuYwiCjFKBMioeG7o6T4H3lHyIcllXSpru6W9Tb4hKq4yMaY9Vo8F6U%2Fb59jKxa5Zy7m944Gqq7VDrVF%2BGDjC3hgOMAM47m1Cfw%2BdZ5S5ldHtrAKjPcAdXrZeHZPeY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: f46a37af-5794-11ee-a5b8-0e53a248f8b5
cache-control: max-age=31622400
cf-ray: 82627fd519118232-IAD
x-pantheon-styx-hostname: styx-fe3-a-86d66977b5-p7558

GET
H2 200 autoptimize_single_5bc2b1fa970f9cecb3c30c0c92c98271.js Show response
www.secplicity.org/wp-content/uploads/autoptimize/js/ 13 KB
5 KB 228ms
225ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/wp-content/uploads/autoptimize/js/autoptimize_single_5bc2b1fa970f9cecb3c30c0c92c98271.js?ver=5.8

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Thu, 10 Oct 2024 12:18:22 GMT
date: Tue, 14 Nov 2023 21:55:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 223310
content-encoding: br
x-cache: HIT, MISS
x-cache-hits: 1, 0
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-kigq8000044-CHI, cache-iad-kiad7000155-IAD
cf-bgj: minify
last-modified: Mon, 24 Apr 2023 17:02:38 GMT
server: cloudflare
x-timer: S1699775624.628948,VS0,VE25
etag: W/"6446b62e-328f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qq8fTp9dcGr0JYQS6oV88uwwGLYORf5zkwdLf7lVASWqPrOk%2FUBQtt5VI4ktEHSAATA64DGwweSlKHGKF%2FRDTTTntUOGJPRWnKoaGxWzXsstsbFZBVdtV6KKrKjN91sPX5VCeeMi7tvyTixhxl8lvo8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 1b0d1c75-6767-11ee-892c-921054da9955
cache-control: max-age=31622400
cf-ray: 82627fd519138232-IAD
x-pantheon-styx-hostname: styx-fe3-a-f9d8bf5c4-dpcfp

GET
DATA 200
OK truncated Show response
/ 132 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01a3875a5584b519e73b2c967a5ae0ce83fcf81e3fb0629a4184bd055dd48eae

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 autoptimize_single_6ce86c3105139cb3c80913e6a3696a96.js Show response
www.secplicity.org/wp-content/uploads/autoptimize/js/ 11 KB
4 KB 230ms
227ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/wp-content/uploads/autoptimize/js/autoptimize_single_6ce86c3105139cb3c80913e6a3696a96.js?ver=5.8

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Thu, 03 Oct 2024 14:13:54 GMT
date: Tue, 14 Nov 2023 21:55:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 1136002
content-encoding: br
x-cache: HIT, HIT
x-cache-hits: 1, 1
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-kigq8000109-CHI, cache-iad-kiad7000036-IAD
cf-bgj: minify
last-modified: Mon, 18 Sep 2023 18:16:13 GMT
server: cloudflare
x-timer: S1698862931.305108,VS0,VE3
etag: W/"650893ed-2a12"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1zN1fj818bMxatE36GR%2BHkLFbE7HM5euRXg%2Bo6kpDVl%2FyQuehSdrIrzEm2yajba4quvkYuakAGG1v%2B2UcXaSswHET9p0UPMBCmYlqnSFEQOM5LMPlqhZY7E8Go%2BRFF1BuSIQsH6%2FQx4%2Fx3ba4sfbcQI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 157bdea1-61f7-11ee-89c0-0a8bf9062628
cache-control: max-age=31622400
cf-ray: 82627fd519158232-IAD
x-pantheon-styx-hostname: styx-fe3-a-f9d8bf5c4-fd4t4

GET
DATA 200
OK truncated Show response
/ 323 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7bc097d4d2d9a27a3160f0b43a4ff31026b99e2a6919a490c792b3cf3255fc10

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 87 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a4ba4a340b3f30596d32c1b272ddcfdbf3ccb8e89c2fa917ea60469017aeee4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 31 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8aa38f691970c20b4dcbb277be1ffe2d25bdfd055d37e165f987cc4bcf8670fa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 92ms
30ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b1fc966c38b12c845f9fd8bdb76027106b776783fd44eeed917663942b5fd16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 14 Nov 2023 21:55:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: R1P6TtSHAQZyvOSI/KawHw==
age: 53001
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6821
x-ms-lease-status: unlocked
last-modified: Thu, 09 Nov 2023 14:41:49 GMT
server: cloudflare
etag: 0x8DBE13201873ECE
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 615f4d5d-701e-0057-437a-1397b0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82627fd4abb05d96-FRA

GET
H2 200 front.min.js Show response
www.secplicity.org/wp-content/plugins/wp-gdpr-compliance/Assets/js/ 58 KB
17 KB 230ms
227ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/wp-content/plugins/wp-gdpr-compliance/Assets/js/front.min.js?ver=1699934948

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e5da322ed022b5762d70293cd84e3e73009781267f36f48553ef8cd4bee4ef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Thu, 14 Nov 2024 04:16:14 GMT
date: Tue, 14 Nov 2023 21:55:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 63559
content-encoding: br
x-cache: MISS, MISS
x-pantheon-styx-hostname: styx-fe3-a-647f56896f-5w76x
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-kigq8000143-CHI, cache-iad-kiad7000124-IAD
last-modified: Mon, 13 Nov 2023 14:02:06 GMT
server: cloudflare
x-timer: S1699935374.497152,VS0,VE63
etag: W/"65522c5e-e6f5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uA7DL3IQF51cjcADwhBkJ0j%2Fl2ZK4Tjn2tHM7HvOw5EnP549kKJxC2pqykjqqeToXXif3Cw43oI%2FXIC3Ej5HJ%2FHsogEkSOy9ApCLaJw4emqxsp1vuN4uEABLs%2FIHIkgkYtmhlnmmtZTloYDsiRix3hw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 8ce5a8a0-82a4-11ee-ac29-f2359539b152
cache-control: max-age=31622400
cf-ray: 82627fd519168232-IAD
x-cache-hits: 0, 0

GET
DATA 200
OK truncated Show response
/ 356 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 270fe3eec15cf7065d258a5e99c02bb398d902be70dec10ee4c103aa78a0fab8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 autoptimize_single_2afe6db39007a29f1009d81cf36ae452.js Show response
www.secplicity.org/wp-content/uploads/autoptimize/js/ 805 B
777 B 228ms
226ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/wp-content/uploads/autoptimize/js/autoptimize_single_2afe6db39007a29f1009d81cf36ae452.js?ver=1.0.0

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17db8c2fe36a6e281047508a2516723ba277065d11a5b374712e5e5b2374aeea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Fri, 20 Sep 2024 07:28:21 GMT
date: Tue, 14 Nov 2023 21:55:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 739949
content-encoding: br
x-cache: HIT, HIT
x-cache-hits: 1, 1
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-klot8100151-CHI, cache-iad-kiad7000095-IAD
cf-bgj: minify
last-modified: Wed, 29 Jun 2022 15:19:16 GMT
server: cloudflare
x-timer: S1667603617.541032,VS0,VE4
etag: W/"62bc6d74-325"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O3AKGRob8hekPCrJiSEgNKRbBMO1BPkxUXiYmPvUs40nL4iYUhVYwxfKGDpEd12RYi9HH4afIAhAmhRpR4UpUSCM6Mb0ToB2fZsBws7OsIWfBnZ0T7OXMmIj%2FVpp%2BdusOVEZrgPxqbRvp51O%2FPVREjE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 11df02b0-54fe-11ed-8c1d-3a118fe185e2
cache-control: max-age=31622400
cf-ray: 82627fd519188232-IAD
x-pantheon-styx-hostname: styx-fe3-a-586884d754-r2nx2

GET
H2 200 autoptimize_single_e187fb380c83fec6e782c94312187f7e.js Show response
www.secplicity.org/wp-content/uploads/autoptimize/js/ 218 B
647 B 228ms
226ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/wp-content/uploads/autoptimize/js/autoptimize_single_e187fb380c83fec6e782c94312187f7e.js?ver=1.0.0

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

693335ce59675a25146b80a05623079801ad5fa9f5ef011f9cd4b0f5e9409881

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Wed, 18 Sep 2024 17:47:24 GMT
date: Tue, 14 Nov 2023 21:55:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 159322
content-encoding: br
x-cache: HIT, HIT
x-cache-hits: 1, 1
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-kigq8000076-CHI, cache-iad-kiad7000050-IAD
cf-bgj: minify
last-modified: Wed, 29 Jun 2022 15:19:16 GMT
server: cloudflare
x-timer: S1699839612.719817,VS0,VE2
etag: W/"62bc6d74-da"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KjBpTIXB1k69OHI4KnEDzETw7F8HOG7E5z55L8SerREaKkc7%2BYDDrW761HzzMOs%2FpdYUsoytUQ0fg8mBXTAsmbsEVcP46p00ii%2BZIdxRZflXiNn7fUyPZXRsCoBckt7olXIU3iBxJzdgDco0rUG0zec%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 6ca37ee7-564b-11ee-9ff2-fe5c1fe13a70
cache-control: max-age=31622400
cf-ray: 82627fd519198232-IAD
x-pantheon-styx-hostname: styx-fe3-b-f64b97cc5-mzwbh

GET
H2 200 jquery-migrate.min.js Show response
www.secplicity.org/wp-includes/js/jquery/ 13 KB
5 KB 227ms
226ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 18:51:45 GMT
date: Tue, 14 Nov 2023 21:55:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 38476
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-a-6fcbcb6768-vzfpb
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-kigq8000094-CHI, cache-iad-kiad7000102-IAD
last-modified: Mon, 25 Sep 2023 21:16:37 GMT
server: cloudflare
x-timer: S1699960458.600278,VS0,VE2
etag: W/"6511f8b5-3509"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q5iT3WBHbvliA3f14Vebv5h06BvAbTkJohNOUkbD3WUi1p6nYGx%2BKy4GRlhJZDlyDHEP%2Fdr3KZhRhu6yFLk6ZXM%2BdX4JJhZE8LvxOB%2BtUEWS1FDB5s1%2Fng8BAHfigwsxLOBxk%2FHUoaBkJUFGXg98EX4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: bda93b5f-5c9d-11ee-b599-2eb5376b3416
cache-control: max-age=31622400
cf-ray: 82627fd5191a8232-IAD
x-cache-hits: 1, 1

GET
H2 200 jquery.min.js Show response
www.secplicity.org/wp-includes/js/jquery/ 85 KB
31 KB 259ms
258ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Mon, 04 Nov 2024 18:48:32 GMT
date: Tue, 14 Nov 2023 21:55:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 54915
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-b-55f9644964-pbzhj
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-klot8100165-CHI, cache-iad-kiad7000091-IAD
last-modified: Fri, 03 Nov 2023 09:00:45 GMT
server: cloudflare
x-timer: S1699944018.422256,VS0,VE2
etag: W/"6544b6bd-155ba"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uN6dm2EHigHbTC%2FAFf1itKMRudru6pk10jsAhLdfofBcTuO2JP3uTdxmp2KTMAnn1AwFv%2BGB4%2FhKg3RVykRRhJYoHHWvH1QziTrWv2H5k6N8zo5D9obBONHcUfUnIL5x44tQs37%2Fcu4EpOwDISmDcvc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: c05b73c9-7b42-11ee-a3e4-56191d0501b8
cache-control: max-age=31622400
cf-ray: 82627fd5191b8232-IAD
x-cache-hits: 1, 1

GET
H2 200 wpp.min.js Show response
www.secplicity.org/wp-content/plugins/wordpress-popular-posts/assets/js/ 4 KB
2 KB 261ms
259ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.3.2

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a85904e098cd1b968434e3bdcedd5a1465fec7d762b06d54348f334dc51bfc54

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Fri, 01 Nov 2024 03:00:53 GMT
date: Tue, 14 Nov 2023 21:55:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 126919
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-a-7f44764b9c-qtcrn
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-klot8100130-CHI, cache-iad-kiad7000144-IAD
last-modified: Tue, 31 Oct 2023 16:21:16 GMT
server: cloudflare
x-timer: S1699872014.048568,VS0,VE0
etag: W/"6541297c-1194"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gug0QcenOPudNFitS6jZGWUoLQjIyT2Fd5EUEtvJjsGsb1EK0cnkJbp9vhtL21Jt%2BKFVsI5ZN5S5nM4aFTnos9UgkBiEpu95Hy%2B72YdCEkqHbQYTX00QjI7zuZ8A6OgCouEeBOo6ao8Fb8rqXgOO6qs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: df00cf39-7862-11ee-b061-c24ec65d15e4
cache-control: max-age=31622400
cf-ray: 82627fd529358232-IAD
x-cache-hits: 1, 2

GET
H2 200 picturefill.min.js Show response
www.secplicity.org/wp-content/plugins/wp-retina-2x-pro/app/ 12 KB
6 KB 259ms
258ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/wp-content/plugins/wp-retina-2x-pro/app/picturefill.min.js?ver=1699934948

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22c29473716ed14198adc9db4ea074c19b2bce1caba9d7075b5a35777f902dcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Thu, 14 Nov 2024 04:16:14 GMT
date: Tue, 14 Nov 2023 21:55:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 63559
content-encoding: br
x-cache: MISS, MISS
x-pantheon-styx-hostname: styx-fe3-a-647f56896f-5w76x
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-kigq8000126-CHI, cache-iad-kiad7000037-IAD
last-modified: Mon, 13 Nov 2023 00:13:22 GMT
server: cloudflare
x-timer: S1699935374.354279,VS0,VE47
etag: W/"65516a22-2e37"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TCWgCAD2YHYjPMYjlq6Ln3eM0Z7DDgJudGnJDnrSGO1pOs7uJk89yLBGa2C0OJNHKz8LTRVxXIZu48pLHWJ5QQ6I%2F%2F0oUw1xUAfP646HjmYhSQPfBQz2mo53yvb3KxSTZjy99JrrQQ%2FQy%2FnxUOHIAyY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 8cd05aa9-82a4-11ee-ac29-f2359539b152
cache-control: max-age=31622400
cf-ray: 82627fd529378232-IAD
x-cache-hits: 0, 0

GET
H2 200 related-posts.min.js Show response
www.secplicity.org/wp-content/plugins/jetpack/_inc/build/related-posts/ 6 KB
2 KB 258ms
257ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/wp-content/plugins/jetpack/_inc/build/related-posts/related-posts.min.js?ver=20211209

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a68827190bc01a61ee0a62ec59efa74497a6bc5aa8586f1fac50a58d0cf42d88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 15:14:47 GMT
date: Tue, 14 Nov 2023 21:55:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 97644
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-b-8466695d9f-9z9cs
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-klot8100162-CHI, cache-iad-kiad7000108-IAD
last-modified: Thu, 26 Oct 2023 05:30:47 GMT
server: cloudflare
x-timer: S1699901290.585225,VS0,VE2
etag: W/"6539f987-1661"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cRFceW0kDibVgq3knhI2kTPMRd5cg9n4BJH5tCVPoC5MlN7plsEDMPfyW%2FyHf1uNDh9A29N4XrYTnDT%2FTd9wJnEO29Iay6BjOBchEC%2BTF52Q2Kw2P2CgvmQuHpAZSQj9ZPwPUL0pakH50LKLgoZas%2FE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 66c84a38-7412-11ee-81bd-0a9ba9bc3309
cache-control: max-age=31622400
cf-ray: 82627fd529398232-IAD
x-cache-hits: 1, 1

GET
DATA 200
OK truncated Show response
/ 81 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80c073f3b250d5e17cb70cdb31a3be4ec7f1ab22d05d8f89d2baf1e264ccde30

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: text/javascript

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
223 B 27ms
27ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1615101712&t=pageview&_s=1&dl=https%3A%2F%2Fwww.secplicity.org%2F2023%2F05%2F23%2Fscratching-the-surface-of-rhysida-ransomware%2F&ul=en-us&de=UTF-8&dt=Scratching%20the%20Surface%20of%20Rhysida%20Ransomware%20-%20Secplicity%20-%20Security%20Simplified&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=875781001&gjid=1726185060&cid=1959763737.1699998933&tid=UA-701459-22&_gid=484703385.1699998933&_r=1&_slc=1&gtm=45He3b81n71N2CTSV&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=944448917

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

edd4c804b12e7f7a074e3e4dc409a7d8418309d07cf1fc5224909718c1195f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secplicity.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 21:55:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.secplicity.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
84 B 27ms
27ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1615101712&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.secplicity.org%2F2023%2F05%2F23%2Fscratching-the-surface-of-rhysida-ransomware%2F&ul=en-us&de=UTF-8&dt=Scratching%20the%20Surface%20of%20Rhysida%20Ransomware%20-%20Secplicity%20-%20Security%20Simplified&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Page%20Load%20Time&ea=%2F2023%2F05%2F23%2Fscratching-the-surface-of-rhysida-ransomware%2F&el=3.4&ev=3&_u=aEDAAEABAAAAACAAI~&jid=1428461201&gjid=1463101834&cid=1959763737.1699998933&tid=UA-701459-12&_gid=484703385.1699998933&_r=1&_slc=1&gtm=45He3b81n71N2CTSV&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cg1=research&cg2=Ryan%20Estes&cg3=malware%2Cmalware-analysis%2Cransomware&cg4=2023&cg5=500-800&cd2=post&cd3=research&cd4=malware%2Cmalware-analysis%2Cransomware&cd5=57&cd6=Ryan%20Estes&cd7=May%2023%2C%202023&cd8=2023&cd9=05&cd10=Tuesday&z=2121243990

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9742ebed14283fb388640507cbb641bf526def7c43533cf4d3b21509c4a56138

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secplicity.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 21:55:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.secplicity.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
81 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JB689N02NP&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

83496d57c248eb4e086e6dbf9c6a4df961ed6333cc76df87817e560db168b4d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:55:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83197
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 Nov 2023 21:55:33 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
351 B 74ms
24ms XHR
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-701459-12&cid=1959763737.1699998933&jid=1428461201&gjid=1463101834&_gid=484703385.1699998933&_u=aEDAAEABAAAAACAAI~&z=1889835237

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secplicity.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 14 Nov 2023 21:55:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.secplicity.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
81 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2TQ4RK7K19&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b14f37568309bbb7cec36d3edad8005b184d57bd0491943e311082baf5912e3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:55:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83310
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 Nov 2023 21:55:33 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 50ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JB689N02NP&gtm=45je3b81v9125625408&_p=1699998932971&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1959763737.1699998933&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.secplicity.org%2F2023%2F05%2F23%2Fscratching-the-surface-of-rhysida-ransomware%2F&dt=Scratching%20the%20Surface%20of%20Rhysida%20Ransomware%20-%20Secplicity%20-%20Security%20Simplified&sid=1699998933&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3531
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JB689N02NP&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 21:55:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.secplicity.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 42ms
34ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-701459-12&cid=1959763737.1699998933&jid=1428461201&_u=aEDAAEABAAAAACAAI~&z=110029378

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 21:55:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 95ms
37ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-701459-12&cid=1959763737.1699998933&jid=1428461201&_u=aEDAAEABAAAAACAAI~&z=110029378

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 21:55:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 50ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-2TQ4RK7K19&gtm=45je3b81v9164384366&_p=1699998932971&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1959763737.1699998933&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.secplicity.org%2F2023%2F05%2F23%2Fscratching-the-surface-of-rhysida-ransomware%2F&dt=Scratching%20the%20Surface%20of%20Rhysida%20Ransomware%20-%20Secplicity%20-%20Security%20Simplified&sid=1699998933&sct=1&seg=0&en=%2F2023%2F05%2F23%2Fscratching-the-surface-of-rhysida-ransomware%2F&_fv=1&_ss=1&_ee=1&ep.ua_content_group_1=research&ep.ua_content_group_2=Ryan%20Estes&ep.ua_content_group_3=malware%2Cmalware-analysis%2Cransomware&ep.ua_content_group_4=2023&ep.ua_content_group_5=500-800&ep.ua_dimension_2=post&ep.ua_dimension_3=research&ep.ua_dimension_4=malware%2Cmalware-analysis%2Cransomware&ep.ua_dimension_5=57&ep.ua_dimension_6=Ryan%20Estes&ep.ua_dimension_7=May%2023%2C%202023&ep.ua_dimension_8=2023&ep.ua_dimension_9=05&ep.ua_dimension_10=Tuesday&ep.event_category=Page%20Load%20Time&ep.event_label=3.4&ep.value=3&tfd=3559
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2TQ4RK7K19&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 21:55:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.secplicity.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 24ms
23ms Ping
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2TQ4RK7K19&cid=1959763737.1699998933&gtm=45je3b81v9164384366&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2TQ4RK7K19&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 21:55:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.secplicity.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
107 B 71ms
39ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2TQ4RK7K19&cid=1959763737.1699998933&gtm=45je3b81v9164384366&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=1391502875

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 21:55:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/ 132 B
640 B 480ms
480ms XHR
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/?relatedposts=1

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/wp-content/plugins/jetpack/_inc/build/related-posts/related-posts.min.js?ver=20211209

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95fe1a5340d218db5aef82192cb484fc14ca4b04e937a8fcb6a27d7a5586cf34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secplicity.org/2023/05/23/scratching-the-surface-of-rhysida-ransomware/
x-requested-with: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

cf-edge-cache: cache,platform=wordpress
date: Tue, 14 Nov 2023 21:55:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 varnish, 1.1 varnish
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-pingback: https://www.secplicity.org/xmlrpc.php
x-cache: MISS, MISS
content-encoding: br
x-cache-hits: 0, 0
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-kigq8000050-CHI, cache-iad-kiad7000123-IAD
server: cloudflare
x-timer: S1699998934.596308,VS0,VE286
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=033xMX%2FsqqeC0G53XdwKRPKnXkcc29dWbrDi032lPQx%2BWyF4sbPwHToPovdO90q39xb7H2O4OuO%2FSpa7fBYR9lDs9U%2BAM6NqeN7S%2BtEDGdA9GdKc2txfYYs4nEbkTYuOJQWz4919E9HfktaXH34rDhQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
x-styx-req-id: 89126398-8338-11ee-9319-5ab6b287513b
cache-control: public, max-age=600
cf-ray: 82627fd6eb858232-IAD
x-pantheon-styx-hostname: styx-fe3-b-7d459b97d9-npp47

GET
H2 200 399554ad-9366-4aac-95e3-40f9be141b6e.json Show response
cdn.cookielaw.org/consent/399554ad-9366-4aac-95e3-40f9be141b6e/ 3 KB
2 KB 80ms
37ms XHR
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/399554ad-9366-4aac-95e3-40f9be141b6e/399554ad-9366-4aac-95e3-40f9be141b6e.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae3c3dee3cc8e95ec7dff3f257f8a28a8386428197a5301b440d07c2a60da11e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 14 Nov 2023 21:55:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 41441
content-md5: WKOEjlKv0fDKZELBZqcvaA==
content-length: 1162
x-ms-lease-status: unlocked
last-modified: Thu, 18 Mar 2021 18:22:15 GMT
server: cloudflare
etag: 0x8D8EA3AC230C8E2
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: f8af5f1a-d01e-0061-1b97-f01ac0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82627fd67af86973-FRA
expires: Wed, 15 Nov 2023 21:55:33 GMT

GET
H2 200 recaptcha__nl.js Show response
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ 468 KB
188 KB 70ms
21ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__nl.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LewipEUAAAAAEZ5kj5owPPOPMCiJY6hQdzAsd5w&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82f0e1fb9a662917f52ca8afe5f6395a785586bfeb67d0211c95416c114c31e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.secplicity.org/
Origin: https://www.secplicity.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:28:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379620
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191782
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 03:03:27 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Nov 2024 12:28:33 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
153 B 19ms
13ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=181419019&post=20071&tz=-8&srv=www.secplicity.org&j=1%3A12.5&host=www.secplicity.org&ref=&fcp=3161&rand=0.9497784677230994
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 14 Nov 2023 21:55:33 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 ipv
cdn.bizible.com/ 43 B
303 B 15ms
14ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=04130be6e28f4f7dfffe41a7a8bb744a&_biz_l=https%3A%2F%2Fwww.secplicity.org%2F2023%2F05%2F23%2Fscratching-the-surface-of-rhysida-ransomware%2F&_biz_t=1699998933217&_biz_i=Scratching%20the%20Surface%20of%20Rhysida%20Ransomware%20-%20Secplicity%20-%20Security%20Simplified&_biz_n=0&rnd=898797&cdn_o=a&_biz_z=1699998933467
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B77) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 21:55:33 GMT
last-modified: Tue, 14 Nov 2023 17:44:10 GMT
server: ECS (amb/6B77)
age: 15083
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 u
cdn.bizibly.com/ 43 B
203 B 22ms
14ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizibly.com/u?_biz_u=04130be6e28f4f7dfffe41a7a8bb744a&_biz_l=https%3A%2F%2Fwww.secplicity.org%2F2023%2F05%2F23%2Fscratching-the-surface-of-rhysida-ransomware%2F&_biz_t=1699998933470&_biz_i=Scratching%20the%20Surface%20of%20Rhysida%20Ransomware%20-%20Secplicity%20-%20Security%20Simplified&rnd=107818&cdn_o=a&_biz_z=1699998933470
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B97) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 21:55:33 GMT
last-modified: Tue, 14 Nov 2023 17:44:15 GMT
server: ECS (amb/6B97)
age: 15078
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 116 B
347 B 119ms
119ms Script
text/javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/xdc.js?_biz_u=04130be6e28f4f7dfffe41a7a8bb744a&_biz_h=-1906410348&cdn_o=a&jsVer=4.23.11.09
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBB) /
Resource Hash: 027de8b32de3e7ca88e7732a17153474e378d352bba9f7ea5e4788d9a581ef4a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:55:32 GMT
content-encoding: gzip
server: ECS (amb/6BBB)
etag: 8879CEA7
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
content-length: 217

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.15.0/ 372 KB
83 KB 31ms
31ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.15.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a964d2953dc3df9f7532f7e033397e6fffd16b2316c7bd20e2270bb3cdfc5e9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 14 Nov 2023 21:55:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: irsyHA4ScyRoaWoUUTe5ww==
age: 75142
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 84314
x-ms-lease-status: unlocked
last-modified: Tue, 23 Mar 2021 01:57:54 GMT
server: cloudflare
etag: 0x8D8ED9F12F4599F
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b66c4d25-501e-00a4-3a92-133025000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82627fd6bd745d96-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/399554ad-9366-4aac-95e3-40f9be141b6e/9f95b286-eeee-4cbe-a78c-3fbb65e2a19d/ 28 KB
8 KB 50ms
50ms Fetch
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/399554ad-9366-4aac-95e3-40f9be141b6e/9f95b286-eeee-4cbe-a78c-3fbb65e2a19d/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.15.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

610db78c4477b281f57516e5d1e2f893b8555e4a7acbd545fed324bb84c8ac2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 14 Nov 2023 21:55:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 41440
content-md5: ASZOXBnjrtYP2DfG4icQfQ==
content-length: 7782
x-ms-lease-status: unlocked
last-modified: Thu, 18 Mar 2021 18:22:17 GMT
server: cloudflare
etag: 0x8D8EA3AC35580B6
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 78cd0bc2-201e-0007-1cc1-1255e0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82627fd71b7a6973-FRA
expires: Wed, 15 Nov 2023 21:55:33 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 180D 59 KB
33 KB 47ms
46ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LewipEUAAAAAEZ5kj5owPPOPMCiJY6hQdzAsd5w&co=aHR0cHM6Ly93d3cuc2VjcGxpY2l0eS5vcmc6NDQz&hl=nl&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=83sxf43323oi

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__nl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

864186dd5d339b30112dc46f34c30fe189a08efc299259a2432868ae6951a39a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IBTiwYmqlUOexoX0YZeIAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.secplicity.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-IBTiwYmqlUOexoX0YZeIAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 21:55:33 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.15.0/assets/ 12 KB
3 KB 36ms
35ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.15.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.15.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6f671638248959ffc2d4a5ab50761cbb5f482ae1fb203f3c8310eb4ccb64108

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 14 Nov 2023 21:55:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: FTl5ijosCMU3Ic++8F/2bw==
age: 15597
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2864
x-ms-lease-status: unlocked
last-modified: Tue, 23 Mar 2021 01:57:46 GMT
server: cloudflare
etag: 0x8D8ED9F0DD0D265
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 80c0402c-201e-0007-6267-1455e0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82627fd78bc56973-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.15.0/assets/v2/ 47 KB
12 KB 34ms
34ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.15.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.15.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5de3651c0aa89e6497da505565c8944039fd6480aa161b1f270d1f5953c9d5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.secplicity.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 14 Nov 2023 21:55:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: NVRdUTwSJ80fWmOVvW55uQ==
age: 33533
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 11511
x-ms-lease-status: unlocked
last-modified: Tue, 23 Mar 2021 01:57:48 GMT
server: cloudflare
etag: 0x8D8ED9F0F508FF7
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 3395619e-b01e-003a-7241-0d23fb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82627fd78bc76973-FRA

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame 180D 55 KB
24 KB 61ms
20ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LewipEUAAAAAEZ5kj5owPPOPMCiJY6hQdzAsd5w&co=aHR0cHM6Ly93d3cuc2VjcGxpY2l0eS5vcmc6NDQz&hl=nl&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=83sxf43323oi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 17:38:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15422
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 03:03:27 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Nov 2024 17:38:31 GMT

GET
H3 200 recaptcha__nl.js Show response
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame 180D 468 KB
187 KB 71ms
30ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__nl.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82f0e1fb9a662917f52ca8afe5f6395a785586bfeb67d0211c95416c114c31e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:28:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379620
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191782
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 03:03:27 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Nov 2024 12:28:33 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 180D 2 KB
2 KB 20ms
20ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 15:15:26 GMT
x-content-type-options: nosniff
age: 456007
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 16 Nov 2023 15:15:26 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 180D 15 KB
15 KB 73ms
24ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 02:58:03 GMT
x-content-type-options: nosniff
age: 327450
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Nov 2024 02:58:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 180D 15 KB
16 KB 68ms
20ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 18:52:48 GMT
x-content-type-options: nosniff
age: 356565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Nov 2024 18:52:48 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 180D 102 B
135 B 29ms
29ms Other
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=nl&v=fGZmEzpfeSeqDJiApS_XZ4Y2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0d7cb42fd074be8583dba473c3039471501f5a50af7a8fdc646310603157a412

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LewipEUAAAAAEZ5kj5owPPOPMCiJY6hQdzAsd5w&co=aHR0cHM6Ly93d3cuc2VjcGxpY2l0eS5vcmc6NDQz&hl=nl&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=83sxf43323oi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:55:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 14 Nov 2023 21:55:33 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 180D 34 KB
20 KB 83ms
82ms XHR
application/json 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LewipEUAAAAAEZ5kj5owPPOPMCiJY6hQdzAsd5w

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__nl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2d7def4e7eb9cb1ce4d8fde82752d40bb3804e01b959ff1741b456eb163ad30b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LewipEUAAAAAEZ5kj5owPPOPMCiJY6hQdzAsd5w&co=aHR0cHM6Ly93d3cuc2VjcGxpY2l0eS5vcmc6NDQz&hl=nl&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=83sxf43323oi
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 14 Nov 2023 21:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 14 Nov 2023 21:55:34 GMT

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 20:32:30	Name: _GRECAPTCHA Value: 09AKFjXw7DykB2xgAzw0DsA8EWyCVEl6xS5f5AJrGo2lBrW3CwT9yNLJbXQMGo_ZgLZ91a_CE01dr99PnI214kt6I
.secplicity.org/	1970-01-21 00:58:54	Name: _biz_uid Value: 04130be6e28f4f7dfffe41a7a8bb744a
.secplicity.org/	1970-01-21 00:58:54	Name: _biz_nA Value: 1
.secplicity.org/	1970-01-21 01:49:18	Name: _ga Value: GA1.2.1959763737.1699998933
.secplicity.org/	1970-01-20 16:14:45	Name: _gid Value: GA1.2.484703385.1699998933
.secplicity.org/	1970-01-20 16:13:18	Name: _gat_UA-701459-22 Value: 1
.secplicity.org/	1970-01-20 16:13:18	Name: _gat_UA-701459-12 Value: 1
.secplicity.org/	1970-01-21 01:49:18	Name: _ga_JB689N02NP Value: GS1.2.1699998933.1.0.1699998933.0.0.0
.secplicity.org/	1970-01-21 01:49:18	Name: _ga_2TQ4RK7K19 Value: GS1.2.1699998933.1.0.1699998933.60.0.0
.bizible.com/	1970-01-21 00:58:54	Name: _BUID Value: 04130be6e28f4f7dfffe41a7a8bb744a
.secplicity.org/	1970-01-21 00:58:54	Name: _biz_pendingA Value: %5B%5D
.bizibly.com/	1970-01-21 00:58:54	Name: _BUID Value: 576d88759663fb655e9c33d184fc4778
.secplicity.org/	1970-01-21 00:58:54	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.secplicity.org/	1970-01-21 00:58:54	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Tue+Nov+14+2023+22%3A55%3A33+GMT%2B0100+(Central+European+Standard+Time)&version=6.15.0&hosts=&landingPath=https%3A%2F%2Fwww.secplicity.org%2F2023%2F05%2F23%2Fscratching-the-surface-of-rhysida-ransomware%2F&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.bizible.com
cdn.bizibly.com
cdn.cookielaw.org
fonts.gstatic.com
pixel.wp.com
region1.analytics.google.com
region1.google-analytics.com
stats.g.doubleclick.net
stats.wp.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.gstatic.com
www.secplicity.org
152.195.15.58
192.0.76.3
2001:4860:4802:32::36
2001:4860:4802:34::36
2606:4700::6812:83ec
2a00:1450:4001:803::2008
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c0b::9c
2a06:98c1:3121::3
00c8a86cf7659405698e4a02f58e6710af0b02a5e329e99078026b8cef2c453c
01a3875a5584b519e73b2c967a5ae0ce83fcf81e3fb0629a4184bd055dd48eae
027de8b32de3e7ca88e7732a17153474e378d352bba9f7ea5e4788d9a581ef4a
0371a0d53247ea16a5b281efe3ce22f4a3a647081af625b741c4c8a6232c1c17
038725776643cf72297fea8df75e5b31a35e32c234a3939b5b1bb63260f37870
0432d41dd9a7324f78502851c46b3fd31439a03649771bff3726d53e40bfbbb3
08a111b23141cb015e1d25e55e46e729b67731b06c1275259361afdbe45a41dd
0d7cb42fd074be8583dba473c3039471501f5a50af7a8fdc646310603157a412
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
11a3c1e71281b46e8a07b624b4269e922215a506a37f711266e298cc94ce56d1
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
132ec91647e14be7805449a2d7c44cd5f91896a0172d14c2ec90c0558aa5218c
17db8c2fe36a6e281047508a2516723ba277065d11a5b374712e5e5b2374aeea
1a4ba4a340b3f30596d32c1b272ddcfdbf3ccb8e89c2fa917ea60469017aeee4
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d443a564f95fc36614c9d63f2c1efa87b0792c23a9272218dd776fe57fdb0de
1ef794d2735aea1a72ecc51376a0dec90f188ed0031eb818ed3a71e863d245ce
221107c22ab40fe8aead0c0e39b1cc9e8db4657822983c3e80a76cbffdc2f44e
22c29473716ed14198adc9db4ea074c19b2bce1caba9d7075b5a35777f902dcd
270fe3eec15cf7065d258a5e99c02bb398d902be70dec10ee4c103aa78a0fab8
286ce13182f352804df18eafa40b79d74a8a91f19ca12284c94a8ea7b7af9f04
2d7def4e7eb9cb1ce4d8fde82752d40bb3804e01b959ff1741b456eb163ad30b
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
305170a9b60864dde1e2f512feabc0f75a31388154e798e52310ea07db6461e0
34f16fee02d3c44c72f5e4748a432c9b70d843d0b7abb2d2c97f10413fcf8b48
3962a3771a89df4f1653f8685fae56bff6288be63abce38c98a665a61c6b0f57
3d8111faa1d2b03acd0a99f656b68f0715c9c46c94405950ed55f828271b8414
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e5da322ed022b5762d70293cd84e3e73009781267f36f48553ef8cd4bee4ef4
47214d225ad892ba760518c358d3352eb48f37010d84735a5960075ea93f9e81
4b9007c650d4e92c92481577eb23ca3344422d0ba58f5d3ccdecf3f93434ab02
4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032
4e8995aad4337a22e0487bd75ec1347183909ee662b4eb84107aec807c84c479
4f26e74a5392e23175b93e81e7b642e02c20d3ca132207dc7f00abfb7dae2b6d
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
579e6fc60f250f19275868a034f9d2165dc0f9610fc72643e4a85ab0019eb716
587923a560cf30f1282a66d7ae44903e5223aef3d0abe1c7b36257533767698c
590b3830aba0a9186ce40c5d3e95781a42729bd5208acf70b404326a995ee183
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569
610db78c4477b281f57516e5d1e2f893b8555e4a7acbd545fed324bb84c8ac2d
619bf57a6c1437d68316f79960ac0a02b3c914be83495fa83f36aeba42b16590
62250987ddba100f13f4bf490af5a07a95b7a8e7680f20d915ea009f4f9d2f8a
6553f91a04e7a83fbc1d36fd2f136fa6d9b027dccf277738f31f2cdf3d8f6770
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
68d8c72a1380ed65dfb8f9163cdd8b7db3de836c00611ab533535cd8a5df689e
693335ce59675a25146b80a05623079801ad5fa9f5ef011f9cd4b0f5e9409881
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
6b1fc966c38b12c845f9fd8bdb76027106b776783fd44eeed917663942b5fd16
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
79f90375e470ce3b2cb3428719c3e6cf856838ce5a62d7b8a78308d8f256869c
7bc097d4d2d9a27a3160f0b43a4ff31026b99e2a6919a490c792b3cf3255fc10
80c073f3b250d5e17cb70cdb31a3be4ec7f1ab22d05d8f89d2baf1e264ccde30
82f0e1fb9a662917f52ca8afe5f6395a785586bfeb67d0211c95416c114c31e6
83496d57c248eb4e086e6dbf9c6a4df961ed6333cc76df87817e560db168b4d3
864186dd5d339b30112dc46f34c30fe189a08efc299259a2432868ae6951a39a
8aa38f691970c20b4dcbb277be1ffe2d25bdfd055d37e165f987cc4bcf8670fa
93ef6a93fbd2c0b8883f62ae549da876ddd5b866aac25abfafa1d1f18aaad02d
95fe1a5340d218db5aef82192cb484fc14ca4b04e937a8fcb6a27d7a5586cf34
9742ebed14283fb388640507cbb641bf526def7c43533cf4d3b21509c4a56138
a5de3651c0aa89e6497da505565c8944039fd6480aa161b1f270d1f5953c9d5f
a68827190bc01a61ee0a62ec59efa74497a6bc5aa8586f1fac50a58d0cf42d88
a85904e098cd1b968434e3bdcedd5a1465fec7d762b06d54348f334dc51bfc54
a88ba0b09a4416c080044dc095eabf66ca59e4d12a1d6201457b693687be85d3
a964d2953dc3df9f7532f7e033397e6fffd16b2316c7bd20e2270bb3cdfc5e9a
ae3c3dee3cc8e95ec7dff3f257f8a28a8386428197a5301b440d07c2a60da11e
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b14f37568309bbb7cec36d3edad8005b184d57bd0491943e311082baf5912e3f
b4f4090a9b2fa60a224e449bd148663b695bca8e6304f8736ac6c6fea5c580aa
b5d3791343bc3fd5dd88e8940f85431da73ec5340335c6ca621a4953e1835a16
b6f671638248959ffc2d4a5ab50761cbb5f482ae1fb203f3c8310eb4ccb64108
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d749579e51cf490ba27a6782bcfe07c52e44ffa8e3fbb4db7a4dded9d0d9ef29
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9e849ce1aa8faab3ca6c1d08c500a661869f75b272172882cee4ee39c2f3c68
edd4c804b12e7f7a074e3e4dc409a7d8418309d07cf1fc5224909718c1195f6d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

www.secplicity.org Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

83 Requests

100 %HTTPS

85 %IPv6

11 Domains

15 Subdomains

14 IPs

3 Countries

1474 kBTransfer

3473 kBSize

14 Cookies

10 Outgoing links

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.secplicity.org Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

100 %
HTTPS

85 %
IPv6

11
Domains

15
Subdomains

14
IPs

3
Countries

1474 kB
Transfer

3473 kB
Size

14
Cookies

83 HTTP transactions
8 data transactions