www.waterisac.org Open in urlscan Pro
162.249.111.146 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
Submission: On August 26 via api (August 26th 2021, 6:24:35 am UTC) from SG

Summary HTTP 77 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 77 HTTP transactions. The main IP is 162.249.111.146, located in United States and belongs to CONTE-25-BLA-RST, US. The main domain is www.waterisac.org.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 24th 2020. Valid for: 2 years.

This is the only time www.waterisac.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
64	162.249.111.146 162.249.111.146	36473 (CONTE-25-...) (CONTE-25-BLA-RST)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3037::6815:4e07	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
77	6

64 162.249.111.146 (United States)

ASN36473 (CONTE-25-BLA-RST, US)
PTR: wisac1-cos-mp1.blackmesh.com

www.waterisac.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:4e07 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	waterisac.org www.waterisac.org	814 KB
5	gstatic.com fonts.gstatic.com	82 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	cloudflare.com cdnjs.cloudflare.com	82 KB
2	fontawesome.com use.fontawesome.com	98 KB
2	googleapis.com fonts.googleapis.com	2 KB
77	6

	Domain	Requested by
64	www.waterisac.org	www.waterisac.org
5	fonts.gstatic.com	fonts.googleapis.com
2	www.google-analytics.com	www.waterisac.org www.google-analytics.com
2	cdnjs.cloudflare.com	www.waterisac.org cdnjs.cloudflare.com
2	use.fontawesome.com	www.waterisac.org
2	fonts.googleapis.com	www.waterisac.org
77	6

This site contains links to these domains. Also see Links.

Domain
www.fbi.gov
twitter.com

Subject Issuer	Validity	Valid
*.waterisac.org Sectigo RSA Domain Validation Secure Server CA	`2020-05-24` - `2022-08-26`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-26` - `2021-10-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
Frame ID: 8DDDE771484C830F17ACCA6DE0BF658A
Requests: 77 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FBI FLASH: OnePercent Group Ransomware Indicators of Compromise | WaterISAC

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Drupal(?:\s([\d.]+))?/i
headers expires /19 Nov 1978/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Drupal(?:\s([\d.]+))?/i
headers expires /19 Nov 1978/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

77
Requests

100 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

1099 kB
Transfer

1367 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.fbi.gov/contact-us/field-offices
Title: local FBI field office

Search URL Search Domain Scan URL

URL: https://twitter.com/waterisac
Title: Twitter

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

77 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request fbi-flash-onepercent-group-ransomware-indicators-compromise Show response
www.waterisac.org/portal/ 35 KB
9 KB 600ms
275ms Document
text/html 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache / PHP/7.3.27

Resource Hash

f34c5f1f93a50cbad1b5163f7a080f6fcedf17b24b4ecf84a401e5a4a7cfd257

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Host: www.waterisac.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:14 GMT
Server: Apache
X-Content-Type-Options: nosniff nosniff
X-Powered-By: PHP/7.3.27
X-Drupal-Cache: MISS
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: public, max-age=0
Content-Language: en
X-Frame-Options: SAMEORIGIN
Permissions-Policy: interest-cohort=()
X-Generator: Drupal 7 (https://www.drupal.org)
Link: <https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise>; rel="canonical",<https://www.waterisac.org/node/14676>; rel="shortlink"
Etag: "1629959054-1"
Last-Modified: Thu, 26 Aug 2021 06:24:14 GMT
Vary: Cookie,Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 43ms
14ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,800|Open+Sans:400,400i,700

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0bb69582e9a5923b49839268c7d698b086f85e0a17c0378fc09b784faecac765

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.waterisac.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 06:24:17 GMT
server: ESF
date: Thu, 26 Aug 2021 06:24:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 26 Aug 2021 06:24:17 GMT

GET
H/1.1 200
OK system.base.css
www.waterisac.org/modules/system/ 5 KB
6 KB 99ms
94ms Stylesheet
text/css 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/modules/system/system.base.css?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

bf6028e15a460586c16adb0210d268374501f60ecf36f11e554e2ffd089c636b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Jul 2021 09:40:20 GMT
Server: Apache
ETag: "1534-5c79ef56ee900"
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 5428
Expires: Thu, 09 Sep 2021 06:24:14 GMT

GET
H/1.1 200
OK system.menus.css
www.waterisac.org/modules/system/ 2 KB
2 KB 194ms
92ms Stylesheet
text/css 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/modules/system/system.menus.css?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

8ddd16e82813d3b21156531806bf2621098f1315544b9dd93386b42fea3b6633

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Jul 2021 09:40:20 GMT
Server: Apache
ETag: "7f3-5c79ef56ee900"
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2035
Expires: Thu, 09 Sep 2021 06:24:14 GMT

GET
H/1.1 200
OK system.messages.css
www.waterisac.org/modules/system/ 961 B
1 KB 282ms
93ms Stylesheet
text/css 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/modules/system/system.messages.css?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

d0bbad771a8a5ac5f9446791109693aeca1d676d44ced48f8514857f7d3e6fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Jul 2021 09:40:20 GMT
Server: Apache
ETag: "3c1-5c79ef56ee900"
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 961
Expires: Thu, 09 Sep 2021 06:24:14 GMT

GET
H/1.1 200
OK system.theme.css
www.waterisac.org/modules/system/ 4 KB
4 KB 283ms
93ms Stylesheet
text/css 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/modules/system/system.theme.css?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

ff7750952a601dbf03688b01a2eced6e5671a8335393eb063201bb732f12c99a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Jul 2021 09:40:20 GMT
Server: Apache
ETag: "e7f-5c79ef56ee900"
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3711
Expires: Thu, 09 Sep 2021 06:24:14 GMT

GET
H/1.1 200
OK collapsiblock.css
www.waterisac.org/sites/all/modules/collapsiblock/ 175 B
547 B 287ms
92ms Stylesheet
text/css 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/modules/collapsiblock/collapsiblock.css?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

6a2b865047df992a2c0c0fd9de430064a7f35ebc23f24a33f7b56e5f2217bc9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 12 May 2015 12:57:58 GMT
Server: Apache
ETag: "af-515e20b2f6180"
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 175
Expires: Thu, 09 Sep 2021 06:24:14 GMT

GET
H/1.1 200
OK search.css
www.waterisac.org/modules/search/ 564 B
936 B 289ms
95ms Stylesheet
text/css 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/modules/search/search.css?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

50f8d8e45f6742713a156c9fcf1b20d7c8c2dbddc7c649b76ee377775c6c4b83

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Jul 2021 09:40:20 GMT
Server: Apache
ETag: "234-5c79ef56ee900"
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 564
Expires: Thu, 09 Sep 2021 06:24:14 GMT

GET
H/1.1 200
OK user.css
www.waterisac.org/modules/user/ 2 KB
2 KB 287ms
93ms Stylesheet
text/css 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/modules/user/user.css?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

63eeb9baf46a801bccb55ef3c1a60610e820d57f90814480a393a0ec8edb36a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Jul 2021 09:40:20 GMT
Server: Apache
ETag: "723-5c79ef56ee900"
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1827
Expires: Thu, 09 Sep 2021 06:24:14 GMT

GET
H/1.1 200
OK views.css
www.waterisac.org/sites/all/modules/views/css/ 707 B
1 KB 289ms
93ms Stylesheet
text/css 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/modules/views/css/views.css?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

0dd53ceca07de8b1b2c16d9fee7a1d33dc90bc462a24abd38b2b9da7b8d27bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 05 Mar 2020 16:19:31 GMT
Server: Apache
ETag: "2c3-5a01de6d88ac0"
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 707
Expires: Thu, 09 Sep 2021 06:24:14 GMT

GET
H/1.1 200
OK ckeditor.css
www.waterisac.org/sites/all/modules/ckeditor/css/ 431 B
803 B 381ms
98ms Stylesheet
text/css 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/modules/ckeditor/css/ckeditor.css?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

f2470640af17a4eb9988eed14e1110ae897fc6314340d0df1bf050d2c8d38ea6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 17 Mar 2020 19:29:13 GMT
Server: Apache
ETag: "1af-5a111f35c9440"
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 431
Expires: Thu, 09 Sep 2021 06:24:14 GMT

GET
H/1.1 200
OK ctools.css
www.waterisac.org/sites/all/modules/ctools/css/ 509 B
881 B 382ms
99ms Stylesheet
text/css 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/modules/ctools/css/ctools.css?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

c1247c6c6e2fa2a3b02f04886deac34f46ccef66483b1c64c1347e6b95e158b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 30 Jan 2021 06:36:12 GMT
Server: Apache
ETag: "1fd-5ba1856374f00"
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 509
Expires: Thu, 09 Sep 2021 06:24:14 GMT

GET
H/1.1 200
OK video.css
www.waterisac.org/sites/all/modules/video/css/ 2 KB
2 KB 409ms
118ms Stylesheet
text/css 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/modules/video/css/video.css?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

88307f9b98de9f43afe97d6b3961f3bea4a715e05d9e48b1e0a604d01dcaf786

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 13 Mar 2019 15:43:11 GMT
Server: Apache
ETag: "636-583fba9b821c0"
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1590
Expires: Thu, 09 Sep 2021 06:24:14 GMT

GET
H/1.1 200
OK taxonomy_access.css
www.waterisac.org/sites/all/modules/taxonomy_access/ 2 KB
2 KB 406ms
115ms Stylesheet
text/css 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/modules/taxonomy_access/taxonomy_access.css?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

13298a2fb4a4a271a0fb679efceae710084a25b98eac4274af29895303ae70c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 19 Sep 2015 03:57:30 GMT
Server: Apache
ETag: "798-52011a5b21e80"
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1944
Expires: Thu, 09 Sep 2021 06:24:14 GMT

GET
H/1.1 200
OK print_ui.theme.css
www.waterisac.org/sites/all/modules/print/print_ui/css/ 516 B
888 B 410ms
119ms Stylesheet
text/css 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/modules/print/print_ui/css/print_ui.theme.css?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

f801352938ceff7879d5ca45cd3dec9b390f1b04248e15674d01b3d3f5d8d2b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 05 Oct 2018 17:13:21 GMT
Server: Apache
ETag: "204-5777e63698e40"
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 516
Expires: Thu, 09 Sep 2021 06:24:14 GMT

GET
H/1.1 200
OK mmenu.css
www.waterisac.org/sites/all/libraries/mmenu/dist/ 46 KB
47 KB 410ms
120ms Stylesheet
text/css 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/libraries/mmenu/dist/mmenu.css?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

6da922d109eacd88de031d9d8617967726cfd928dc21da535ed34a141c9e847b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 29 Sep 2020 21:08:35 GMT
Server: Apache
ETag: "b9d4-5b07a2f9efac0"
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 47572
Expires: Thu, 09 Sep 2021 06:24:14 GMT

GET
H/1.1 200
OK crm-i.css
www.waterisac.org/sites/all/modules/civicrm/css/ 1 KB
1 KB 501ms
120ms Stylesheet
text/css 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/modules/civicrm/css/crm-i.css?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

eafae0b008b388dc228d1577bfe254d26b6fdc9f3d092a2058478b97c954552e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 30 Aug 2019 07:45:34 GMT
Server: Apache
ETag: "400-59150cea6c380"
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1024
Expires: Thu, 09 Sep 2021 06:24:14 GMT

GET
H/1.1 200
OK civicrm.css
www.waterisac.org/sites/all/modules/civicrm/css/ 82 KB
82 KB 502ms
121ms Stylesheet
text/css 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/modules/civicrm/css/civicrm.css?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

eeb180eb5431d688d74e9bc89484ee2eed5987e270001a88af1703d522916277

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 18 Mar 2021 09:46:17 GMT
Server: Apache
ETag: "14603-5bdcc788c6c40"
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 83459
Expires: Thu, 09 Sep 2021 06:24:14 GMT

GET
H/1.1 200
OK responsive_menu.css
www.waterisac.org/sites/all/modules/responsive_menu/css/ 3 KB
4 KB 502ms
97ms Stylesheet
text/css 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/modules/responsive_menu/css/responsive_menu.css?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

7652f2f63eedd9701ba8b1c7444d8987bd40f96ad16db6a99c3080db3c3beda3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 29 Aug 2020 06:47:55 GMT
Server: Apache
ETag: "d0f-5adfe8c8e7cc0"
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3343
Expires: Thu, 09 Sep 2021 06:24:14 GMT

GET
H/1.1 200
OK superfish.css
www.waterisac.org/sites/all/libraries/superfish/css/ 7 KB
8 KB 505ms
94ms Stylesheet
text/css 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/libraries/superfish/css/superfish.css?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

934c8a929f79fbcb89c23881f6271a54df97a5afb425b3b58a5526e49f16d82d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 30 May 2017 11:33:43 GMT
Server: Apache
ETag: "1cbe-550bc2d0613c0"
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 7358
Expires: Thu, 09 Sep 2021 06:24:14 GMT

GET
H/1.1 200
OK page.css
www.waterisac.org/sites/all/themes/responsive_bartik/css/ 3 KB
3 KB 503ms
92ms Stylesheet
text/css 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/themes/responsive_bartik/css/page.css?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

5f59934ae92e86f1d490bf2ed2bb58cb2e854d16cda19787bef3c80b7a479cf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 08 Oct 2018 13:13:55 GMT
Server: Apache
ETag: "b1a-577b764a7eac0"
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 2842
Expires: Thu, 09 Sep 2021 06:24:14 GMT

GET
H/1.1 200
OK layout.css
www.waterisac.org/sites/all/themes/responsive_bartik/css/ 58 KB
58 KB 600ms
93ms Stylesheet
text/css 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/themes/responsive_bartik/css/layout.css?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

2472955beac8e53598f76edc0f7d5d1b1f0e6ba1220e682af6efd93bdfe95c77

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 30 Dec 2019 14:49:04 GMT
Server: Apache
ETag: "e6dc-59aecf1d85800"
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 59100
Expires: Thu, 09 Sep 2021 06:24:14 GMT

GET
H/1.1 200
OK paragraphs.css
www.waterisac.org/sites/all/themes/responsive_bartik/css/ 4 KB
5 KB 598ms
91ms Stylesheet
text/css 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/themes/responsive_bartik/css/paragraphs.css?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

8335f378c2ee973ed82667fd8b7492e1eb5e5396a72c982fc1bbd75a2f679158

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 16 Mar 2018 19:27:10 GMT
Server: Apache
ETag: "1096-5678c98313f80"
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 4246
Expires: Thu, 09 Sep 2021 06:24:14 GMT

GET
H/1.1 200
OK block.css
www.waterisac.org/sites/all/themes/responsive_bartik/css/ 726 B
1 KB 598ms
92ms Stylesheet
text/css 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/themes/responsive_bartik/css/block.css?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

8a9bf4b8a6023abd456ba6081dc1b22f84ad1fc1ce500b58d7c1a64f7ece905d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 12 Aug 2020 17:58:58 GMT
Server: Apache
ETag: "2d6-5acb1f11dbc80"
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 726
Expires: Thu, 09 Sep 2021 06:24:14 GMT

GET
H/1.1 200
OK menu.css
www.waterisac.org/sites/all/themes/responsive_bartik/css/ 5 KB
6 KB 598ms
93ms Stylesheet
text/css 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/themes/responsive_bartik/css/menu.css?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

bab501c47a70b8ead8f244c2f796d5fa8ad5aabc961e953352a3f2c585be0a69

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 10 Aug 2018 12:23:24 GMT
Server: Apache
ETag: "158e-57313cf5b6700"
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 5518
Expires: Thu, 09 Sep 2021 06:24:14 GMT

GET
H/1.1 200
OK entity.css
www.waterisac.org/sites/all/themes/responsive_bartik/css/ 8 B
376 B 669ms
93ms Stylesheet
text/css 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/themes/responsive_bartik/css/entity.css?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

eb17a67694d6d7fcbd603935322fe0581f80cd56178e57b0089c82c3f8aba452

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 16 Mar 2018 19:27:08 GMT
Server: Apache
ETag: "8-5678c9812bb00"
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 8
Expires: Thu, 09 Sep 2021 06:24:14 GMT

GET
H/1.1 200
OK node.css
www.waterisac.org/sites/all/themes/responsive_bartik/css/ 3 KB
4 KB 688ms
92ms Stylesheet
text/css 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/themes/responsive_bartik/css/node.css?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

d3b712c5eb2c4fa4d3252b7ef38e8494d3e50eef3f88d180afb8798995621278

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 08 Aug 2018 20:38:24 GMT
Server: Apache
ETag: "d88-572f27deeb000"
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 3464
Expires: Thu, 09 Sep 2021 06:24:14 GMT

GET
H/1.1 200
OK adminportal.css
www.waterisac.org/sites/all/themes/responsive_bartik/css/ 13 KB
13 KB 688ms
93ms Stylesheet
text/css 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/themes/responsive_bartik/css/adminportal.css?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

b2e0e74b3ab1183b84fa6096021ef968bca2ef0937088d818aae74da72fcfd3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 06 Aug 2018 18:14:17 GMT
Server: Apache
ETag: "3224-572c83ed93040"
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 12836
Expires: Thu, 09 Sep 2021 06:24:14 GMT

GET
H/1.1 200
OK view.css
www.waterisac.org/sites/all/themes/responsive_bartik/css/ 7 KB
7 KB 689ms
92ms Stylesheet
text/css 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/themes/responsive_bartik/css/view.css?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

b16a7b86eec5a71e7652a9109c318ebb1c962719b213ee76f29d0ae99a28860d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 09 Dec 2019 12:51:19 GMT
Server: Apache
ETag: "1bbd-59944da121fc0"
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 7101
Expires: Thu, 09 Sep 2021 06:24:14 GMT

GET
H/1.1 200
OK field.css
www.waterisac.org/sites/all/themes/responsive_bartik/css/ 590 B
962 B 760ms
92ms Stylesheet
text/css 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/themes/responsive_bartik/css/field.css?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

e1d4c3ec762ff0b4d5767feb628bbd873f21c37d25c706cf0069e741814a7af9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 16 Mar 2018 19:27:08 GMT
Server: Apache
ETag: "24e-5678c9812bb00"
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 590
Expires: Thu, 09 Sep 2021 06:24:14 GMT

GET
H/1.1 200
OK text.css
www.waterisac.org/sites/all/themes/responsive_bartik/css/ 20 KB
21 KB 782ms
92ms Stylesheet
text/css 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/themes/responsive_bartik/css/text.css?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

9b186c805cee455f2299d5e4642742fcdd55d032b9d501a543c5dbe972893b00

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 08 Nov 2019 17:49:12 GMT
Server: Apache
ETag: "5136-596d9664dd600"
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 20790
Expires: Thu, 09 Sep 2021 06:24:15 GMT

GET
H/1.1 200
OK colors.css
www.waterisac.org/sites/all/themes/responsive_bartik/css/ 1 KB
2 KB 783ms
92ms Stylesheet
text/css 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/themes/responsive_bartik/css/colors.css?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

40244020a57585e35cb2bb4250fcbea3337e50a1e42a841c75a309e393ebeb80

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 04 Sep 2018 14:19:14 GMT
Server: Apache
ETag: "50c-5750c57a45c80"
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 1292
Expires: Thu, 09 Sep 2021 06:24:15 GMT

GET
H/1.1 200
OK civi-custom.css
www.waterisac.org/sites/all/themes/responsive_bartik/css/ 4 KB
4 KB 783ms
92ms Stylesheet
text/css 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/themes/responsive_bartik/css/civi-custom.css?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

e1f8d4878b8114f6baa5b48db414d2a6f2635ce113d7340cb3dacf4ebdac3d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Mar 2021 18:59:43 GMT
Server: Apache
ETag: "f50-5be38c8fca5c0"
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 3920
Expires: Thu, 09 Sep 2021 06:24:15 GMT

GET
H/1.1 200
OK sru-newsletter.css
www.waterisac.org/sites/all/themes/responsive_bartik/css/ 6 KB
6 KB 851ms
92ms Stylesheet
text/css 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/themes/responsive_bartik/css/sru-newsletter.css?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

1875fc720f7470011f1e22c48e4f2f218e6f847d208aa46e2e43d2f79f57dd4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 28 Jul 2021 14:12:34 GMT
Server: Apache
ETag: "1804-5c82f93e79880"
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 6148
Expires: Thu, 09 Sep 2021 06:24:15 GMT

GET
H/1.1 200
OK print.css
www.waterisac.org/sites/all/themes/responsive_bartik/css/ 755 B
1 KB 876ms
94ms Stylesheet
text/css 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/themes/responsive_bartik/css/print.css?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

b958a323ec67d9233516886d51b5dd99208c8b55cbdc195bad90b387b5edd332

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 16 Mar 2018 19:27:10 GMT
Server: Apache
ETag: "2f3-5678c98313f80"
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 755
Expires: Thu, 09 Sep 2021 06:24:15 GMT

GET
H/1.1 200
OK jquery.min.js Show response
www.waterisac.org/sites/all/modules/jquery_update/replace/jquery/1.9/ 90 KB
91 KB 875ms
92ms Script
application/javascript 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/modules/jquery_update/replace/jquery/1.9/jquery.min.js?v=1.9.1

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
Connection: keep-alive
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Oct 2015 22:18:12 GMT
Server: Apache
ETag: "169d5-52290a32fb100"
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 92629
Expires: Thu, 09 Sep 2021 06:24:15 GMT

GET
H/1.1 200
OK jquery-extend-3.4.0.js Show response
www.waterisac.org/misc/ 3 KB
4 KB 882ms
93ms Script
application/javascript 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/misc/jquery-extend-3.4.0.js?v=1.9.1

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

c54103ba57ee210ca55c052e70415402707548a4e6a68dd6efb3895019bee392

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
Connection: keep-alive
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Jul 2021 09:40:20 GMT
Server: Apache
ETag: "d57-5c79ef56ee900"
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 3415
Expires: Thu, 09 Sep 2021 06:24:15 GMT

GET
H/1.1 200
OK jquery-html-prefilter-3.5.0-backport.js Show response
www.waterisac.org/misc/ 12 KB
13 KB 940ms
92ms Script
application/javascript 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/misc/jquery-html-prefilter-3.5.0-backport.js?v=1.9.1

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

fad84efa145fb507e5df9b582fa01b1c4e6313de7f72ebdd55726d92fa4dbf06

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
Connection: keep-alive
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Jul 2021 09:40:20 GMT
Server: Apache
ETag: "3155-5c79ef56ee900"
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 12629
Expires: Thu, 09 Sep 2021 06:24:15 GMT

GET
H/1.1 200
OK jquery.once.js Show response
www.waterisac.org/misc/ 3 KB
3 KB 944ms
93ms Script
application/javascript 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/misc/jquery.once.js?v=1.2

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

1430f42c0d760ba8e05bb3762480502e541f654fec5739ee40625ab22dc38c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
Connection: keep-alive
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Jul 2021 09:40:20 GMT
Server: Apache
ETag: "b9e-5c79ef56ee900"
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 2974
Expires: Thu, 09 Sep 2021 06:24:15 GMT

GET
H/1.1 200
OK drupal.js Show response
www.waterisac.org/misc/ 20 KB
20 KB 956ms
92ms Script
application/javascript 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/misc/drupal.js?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

2e08dccbd4d8b728a6871562995a4636b89bfe0ed3b8fb0138191c922228b116

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
Connection: keep-alive
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Jul 2021 09:40:20 GMT
Server: Apache
ETag: "5027-5c79ef56ee900"
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 20519
Expires: Thu, 09 Sep 2021 06:24:15 GMT

GET
H/1.1 200
OK jquery.cookie.js Show response
www.waterisac.org/sites/all/modules/jquery_update/replace/ui/external/ 4 KB
4 KB 969ms
93ms Script
application/javascript 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/modules/jquery_update/replace/ui/external/jquery.cookie.js?v=67fb34f6a866c40d0570

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

4ba03e57203ea578ec51f56d317a69cc2bb83af0933780683890fd9e046b66e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
Connection: keep-alive
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Oct 2015 22:18:12 GMT
Server: Apache
ETag: "e47-52290a32fb100"
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 3655
Expires: Thu, 09 Sep 2021 06:24:15 GMT

GET
H/1.1 200
OK jquery.form.min.js Show response
www.waterisac.org/sites/all/modules/jquery_update/replace/misc/ 10 KB
11 KB 978ms
93ms Script
application/javascript 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/modules/jquery_update/replace/misc/jquery.form.min.js?v=2.69

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

ceb75ce509de10d6c7289619ad2fc21b8dfd88a88e366df84857c2e63294f85f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
Connection: keep-alive
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Oct 2015 22:18:12 GMT
Server: Apache
ETag: "2962-52290a32fb100"
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 10594
Expires: Thu, 09 Sep 2021 06:24:15 GMT

GET
H/1.1 200
OK ajax.js Show response
www.waterisac.org/misc/ 26 KB
26 KB 1033ms
93ms Script
application/javascript 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/misc/ajax.js?v=7.82

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

9032259f96c06cb70bfe474654b34328339cd8e950c4ddece511d5695420e7b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
Connection: keep-alive
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Jul 2021 09:40:20 GMT
Server: Apache
ETag: "66a9-5c79ef56ee900"
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 26281
Expires: Thu, 09 Sep 2021 06:24:15 GMT

GET
H/1.1 200
OK jquery_update.js Show response
www.waterisac.org/sites/all/modules/jquery_update/js/ 302 B
688 B 1034ms
92ms Script
application/javascript 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/modules/jquery_update/js/jquery_update.js?v=0.0.1

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

fa385dc43825fc9f723153ad0a845eb66d6f04e1a09c71691781f7cf333a4aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
Connection: keep-alive
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Oct 2015 22:18:12 GMT
Server: Apache
ETag: "12e-52290a32fb100"
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 302
Expires: Thu, 09 Sep 2021 06:24:15 GMT

GET
H/1.1 200
OK collapsiblock.js Show response
www.waterisac.org/sites/all/modules/collapsiblock/ 4 KB
4 KB 1061ms
93ms Script
application/javascript 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/modules/collapsiblock/collapsiblock.js?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

98c95043408054eb2f1ca1bb4eca403b7513e98c782535476908f34850a81c12

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
Connection: keep-alive
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 12 May 2015 12:57:58 GMT
Server: Apache
ETag: "1057-515e20b2f6180"
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 4183
Expires: Thu, 09 Sep 2021 06:24:15 GMT

GET
H/1.1 200
OK video.js Show response
www.waterisac.org/sites/all/modules/video/js/ 3 KB
3 KB 1071ms
93ms Script
application/javascript 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/modules/video/js/video.js?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

290570ec87160eb54659973bbac1ec5329c375ee9ca1e9afbbfe4e9fbbc6726d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
Connection: keep-alive
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 13 Mar 2019 15:43:11 GMT
Server: Apache
ETag: "b9e-583fba9b821c0"
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 2974
Expires: Thu, 09 Sep 2021 06:24:15 GMT

GET
H/1.1 200
OK base.js Show response
www.waterisac.org/sites/all/modules/views/js/ 3 KB
4 KB 1127ms
92ms Script
application/javascript 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/modules/views/js/base.js?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

ba15df4d5b36f211301991e834a567a125a6c9e3b2150b200df5d7097e399773

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
Connection: keep-alive
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 05 Mar 2020 16:19:31 GMT
Server: Apache
ETag: "d5f-5a01de6d88ac0"
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 3423
Expires: Thu, 09 Sep 2021 06:24:15 GMT

GET
H/1.1 200
OK progress.js Show response
www.waterisac.org/misc/ 3 KB
3 KB 1128ms
93ms Script
application/javascript 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/misc/progress.js?v=7.82

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

641a569bfca5cae7e5ec706c4ea44064250f68b631afa519df60c97913b57db9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
Connection: keep-alive
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Jul 2021 09:40:20 GMT
Server: Apache
ETag: "c28-5c79ef56ee900"
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 3112
Expires: Thu, 09 Sep 2021 06:24:15 GMT

GET
H/1.1 200
OK ajax_view.js Show response
www.waterisac.org/sites/all/modules/views/js/ 6 KB
6 KB 1131ms
92ms Script
application/javascript 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/modules/views/js/ajax_view.js?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

da6fec7f2ea96e70f5e677fcc45eacc44a05e4e3bdc61b902af3eab43d1fc1d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
Connection: keep-alive
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 05 Mar 2020 16:19:31 GMT
Server: Apache
ETag: "16d3-5a01de6d88ac0"
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 5843
Expires: Thu, 09 Sep 2021 06:24:15 GMT

GET
H/1.1 200
OK mmenu.js Show response
www.waterisac.org/sites/all/libraries/mmenu/dist/ 69 KB
69 KB 1154ms
93ms Script
application/javascript 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/libraries/mmenu/dist/mmenu.js?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

da1a497dea4ec262c01ba8a020b5760bf874100ad08938b54f420e9d8ade10b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
Connection: keep-alive
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 29 Sep 2020 21:08:35 GMT
Server: Apache
ETag: "112f8-5b07a2f9efac0"
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 70392
Expires: Thu, 09 Sep 2021 06:24:15 GMT

GET
H/1.1 200
OK googleanalytics.js Show response
www.waterisac.org/sites/all/modules/google_analytics/ 6 KB
6 KB 1164ms
92ms Script
application/javascript 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/modules/google_analytics/googleanalytics.js?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

312d73c2d350568c141e8b4eb5b3a2eca40d64b56ecf50eb80e37a1f70e1fc2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
Connection: keep-alive
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 11 Feb 2019 01:28:43 GMT
Server: Apache
ETag: "1874-581943aab48c0"
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 6260
Expires: Thu, 09 Sep 2021 06:24:15 GMT

GET
H/1.1 200
OK field_group.js Show response
www.waterisac.org/sites/all/modules/field_group/ 8 KB
8 KB 1220ms
92ms Script
application/javascript 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/modules/field_group/field_group.js?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

ac66523e2d9f15f378bb3b237813dfbf078319fc9fc13f68e70383d206103b0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
Connection: keep-alive
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Nov 2017 23:28:49 GMT
Server: Apache
ETag: "2037-55d1c77818e40"
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 8247
Expires: Thu, 09 Sep 2021 06:24:15 GMT

GET
H/1.1 200
OK jquery.hoverIntent.minified.js Show response
www.waterisac.org/sites/all/libraries/superfish/ 1 KB
2 KB 1220ms
92ms Script
application/javascript 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/libraries/superfish/jquery.hoverIntent.minified.js?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

d24a2e5db8c476184f3f4b28fe5be7cfd159c276d1f58af244d72de55d5dee16

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
Connection: keep-alive
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 30 May 2017 11:33:43 GMT
Server: Apache
ETag: "5b8-550bc2d0613c0"
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 1464
Expires: Thu, 09 Sep 2021 06:24:15 GMT

GET
H/1.1 200
OK sftouchscreen.js Show response
www.waterisac.org/sites/all/libraries/superfish/ 5 KB
6 KB 1222ms
92ms Script
application/javascript 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/libraries/superfish/sftouchscreen.js?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

f3aab94d78450562b233c8df62f81342b13f889a42160df9c461974865f97d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
Connection: keep-alive
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 30 May 2017 11:33:43 GMT
Server: Apache
ETag: "15cc-550bc2d0613c0"
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 5580
Expires: Thu, 09 Sep 2021 06:24:15 GMT

GET
H/1.1 200
OK supposition.js Show response
www.waterisac.org/sites/all/libraries/superfish/ 4 KB
4 KB 1260ms
93ms Script
application/javascript 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/libraries/superfish/supposition.js?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

175ee046a405fdea2ddc37ae7acaf6729958a10a59c4d97e03777eecd26d1874

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
Connection: keep-alive
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 30 May 2017 11:33:43 GMT
Server: Apache
ETag: "e57-550bc2d0613c0"
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 3671
Expires: Thu, 09 Sep 2021 06:24:15 GMT

GET
H/1.1 200
OK superfish.js Show response
www.waterisac.org/sites/all/libraries/superfish/ 4 KB
5 KB 1303ms
93ms Script
application/javascript 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/libraries/superfish/superfish.js?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

46a288f2d06f48267aec521a2454200d8d8225cbdebd3f98f43c846f58458edb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
Connection: keep-alive
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 30 May 2017 11:33:43 GMT
Server: Apache
ETag: "1134-550bc2d0613c0"
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 4404
Expires: Thu, 09 Sep 2021 06:24:15 GMT

GET
H/1.1 200
OK supersubs.js Show response
www.waterisac.org/sites/all/libraries/superfish/ 5 KB
5 KB 1312ms
93ms Script
application/javascript 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/libraries/superfish/supersubs.js?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

72577aa16f7c9c183cf42fe2a5bff2b9d7c1e5160ee6f95eec9e73aec6830588

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
Connection: keep-alive
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 30 May 2017 11:33:43 GMT
Server: Apache
ETag: "12e3-550bc2d0613c0"
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 4835
Expires: Thu, 09 Sep 2021 06:24:15 GMT

GET
H/1.1 200
OK superfish.js Show response
www.waterisac.org/sites/all/modules/superfish/ 2 KB
2 KB 1313ms
93ms Script
application/javascript 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/modules/superfish/superfish.js?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

0103d3084aa9ad0ff76e846efa03089f49248bdd1103a5970544bcfd5af00d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
Connection: keep-alive
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 25 Nov 2015 03:36:32 GMT
Server: Apache
ETag: "615-525552a14b000"
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 1557
Expires: Thu, 09 Sep 2021 06:24:15 GMT

GET
H/1.1 200
OK collapsible-menu.js Show response
www.waterisac.org/sites/all/themes/responsive_bartik/js/ 1 KB
2 KB 1314ms
92ms Script
application/javascript 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/themes/responsive_bartik/js/collapsible-menu.js?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

e5f8dba76cab32e41dfa1cab0776cbe1be7263f9e6e128213a403c17af3a1a2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
Connection: keep-alive
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 16 Mar 2018 19:27:12 GMT
Server: Apache
ETag: "5b9-5678c984fc400"
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 1465
Expires: Thu, 09 Sep 2021 06:24:15 GMT

GET
H/1.1 200
OK custom-scripts.js Show response
www.waterisac.org/sites/all/themes/responsive_bartik/js/ 6 KB
7 KB 1353ms
94ms Script
application/javascript 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/themes/responsive_bartik/js/custom-scripts.js?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

8fc36e868888e8c382365c1221289168706ba869cf365bbd9d5248d62cae60da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
Connection: keep-alive
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 06 Dec 2018 18:00:32 GMT
Server: Apache
ETag: "18a9-57c5e46507000"
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 6313
Expires: Thu, 09 Sep 2021 06:24:15 GMT

GET
H/1.1 200
OK main.js Show response
www.waterisac.org/sites/all/themes/responsive_bartik/js/ 1 KB
2 KB 1397ms
93ms Script
application/javascript 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/themes/responsive_bartik/js/main.js?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

d2a10ea72198ee871b08bda04554c3362186089a009aca20b46d95b11c1d08b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
Connection: keep-alive
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 08 Aug 2018 12:29:42 GMT
Server: Apache
ETag: "5ec-572ebaa347980"
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 1516
Expires: Thu, 09 Sep 2021 06:24:15 GMT

GET
H2 200 solid.js Show response
use.fontawesome.com/releases/v5.0.8/js/ 277 KB
88 KB 40ms
20ms Script
application/javascript 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.8/js/solid.js
Requested by: Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5330b0397393eb12fa26f806ed3683cab71fd856ffdbc93999cc59847910591

Request headers

Origin: https://www.waterisac.org
Referer: https://www.waterisac.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:24:18 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4350665
access-control-allow-methods: GET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: ZMP79PFJ6TX5CXYV
x-amz-id-2: bvRFy+23ZlAL+nyiJPK2iaHTTaQDBHIi0JcUi3Oxre4TUOeZ/oBVTy6eazqa5qO89GYBACZaQro=
last-modified: Wed, 30 Jun 2021 15:28:04 GMT
server: cloudflare
etag: W/"fe5686f51899382a5671da02cda5815f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FHp23DxOyhu%2Fzo1gWe0T9zRbcgZesOuvh%2BjDQS6%2FJcH75RnCzKDP4yf%2BjP9LygWG%2BvaXcCAqUFDyro1rQCQgRpcxOyJ0iWKTrFCUsTUJmHjd17EKnGcPODXheAWoq42KNuym0NBcFfL9IBff3xzRz9EG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 684af9f3f9373140-FRA

GET
H2 200 fontawesome.js Show response
use.fontawesome.com/releases/v5.0.8/js/ 27 KB
11 KB 17ms
12ms Script
application/javascript 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.8/js/fontawesome.js
Requested by: Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8e3256cf5e9c1d7653ef8f13112f7f78e449626711353248ed1629ea5984f08

Request headers

Origin: https://www.waterisac.org
Referer: https://www.waterisac.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:24:18 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4350665
access-control-allow-methods: GET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: ZMP9H3NNV7CBBQDT
x-amz-id-2: NGO4krsnWdWEJtP+bWY90MpKGx8OpyNgTU2F19oLcxTC2Vj2mON/iT1o4epURKmtDVMXtu+1DR8=
last-modified: Wed, 30 Jun 2021 15:28:03 GMT
server: cloudflare
etag: W/"f5c0b4c20350dfc310a36f140482dad4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AgQXwt9zSsn6kPhmnqn7mTFdm9KuCwFda8o0wzwwFd0AWOzC%2FtXfFXGN4TJTSVhv1DkILetbCBE55UtG17kv1CLeftzJb1xAsOP2lEw36CTrBYdPv9YyvaVIq9y%2Ffs577khBxLERnEh3y4QTT%2F45xmfN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 684af9f3f9383140-FRA

GET
H/1.1 200
OK logo-wi.png
www.waterisac.org/sites/all/themes/responsive_bartik/images/ 9 KB
10 KB 95ms
92ms Image
image/png 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.waterisac.org/sites/all/themes/responsive_bartik/images/logo-wi.png

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

f68a43f9ecb5ce8e5106df296dd1e1d18e7e6b5161e6bccc62e3fc821fe41417

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
Cookie: has_js=1
Connection: keep-alive
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Mar 2018 19:13:33 GMT
Server: Apache
ETag: "24c4-567f0fcb3b140"
Content-Type: image/png
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Content-Length: 9412
Expires: Thu, 09 Sep 2021 06:24:15 GMT

GET
H/1.1 200
OK application-pdf.png
www.waterisac.org/modules/file/icons/ 346 B
719 B 95ms
93ms Image
image/png 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.waterisac.org/modules/file/icons/application-pdf.png

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

68ca5057647026994169cea33508c7cbf967c1b5252460b6d75be996de396eaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
Cookie: has_js=1
Connection: keep-alive
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Jul 2021 09:40:20 GMT
Server: Apache
ETag: "15a-5c79ef56ee900"
Content-Type: image/png
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 346
Expires: Thu, 09 Sep 2021 06:24:15 GMT

GET
H/1.1 200
OK responsive_menu.config.js Show response
www.waterisac.org/sites/all/modules/responsive_menu/js/ 2 KB
3 KB 94ms
93ms Script
application/javascript 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.waterisac.org/sites/all/modules/responsive_menu/js/responsive_menu.config.js?qyarbf

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

8c63b29a9b51a611ae31577abf8c8c60772d7f909cfe1683d4c01f3d84debafe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
Cookie: has_js=1
Connection: keep-alive
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 29 Aug 2020 06:47:55 GMT
Server: Apache
ETag: "971-5adfe8c8e7cc0"
Content-Type: application/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 2417
Expires: Thu, 09 Sep 2021 06:24:15 GMT

GET
H3-29 200 css
fonts.googleapis.com/ 2 KB
511 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:500

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/sites/all/themes/responsive_bartik/css/adminportal.css?qyarbf

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b2f6194a666edb08fcfad23b0e31d744c979fbc38e01f227fa488c982d425372

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.waterisac.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 05:39:03 GMT
server: ESF
date: Thu, 26 Aug 2021 06:24:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 26 Aug 2021 06:24:17 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 48ms
20ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/sites/all/themes/responsive_bartik/css/text.css?qyarbf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.waterisac.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:24:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 190275
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 5631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ziRJK%2BMklvR0H8b4%2B2m8y%2FhkyZSOkHQt6l8LISHT7kLqEjkRAdHP5QZLiI8lDdiBN7JpbtzA1y9Bq6FPmPRxBj1Epfyo%2FJA5doqFilWhj32E219NtZxCxJ5UtEIyCv7qip0Z4pv7PMw3hWNFnJaAsJmI"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 684af9f08d4b2b29-FRA
expires: Tue, 16 Aug 2022 06:24:18 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.waterisac.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 5534
date: Thu, 26 Aug 2021 04:52:04 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Thu, 26 Aug 2021 06:52:04 GMT

GET
H/1.1 200
OK wastewater-plant-bg.jpg
www.waterisac.org/sites/default/files/styles/footer_cta_background_image/public/ 184 KB
184 KB 92ms
92ms Image
image/jpeg 162.249.111.146
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.waterisac.org/sites/default/files/styles/footer_cta_background_image/public/wastewater-plant-bg.jpg?itok=abFDPJHj

Requested by

Host: www.waterisac.org
URL: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.249.111.146 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

wisac1-cos-mp1.blackmesh.com

Software

Apache /

Resource Hash

671892c62cb4fe6866a375e8828ed6aa5ccd60979c71e78b916fe74ea17454f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.waterisac.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
Cookie: has_js=1
Connection: keep-alive
Referer: https://www.waterisac.org/portal/fbi-flash-onepercent-group-ransomware-indicators-compromise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:24:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 18 May 2018 17:28:26 GMT
Server: Apache
ETag: "2ded8-56c7e47924280"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 188120
Expires: Thu, 09 Sep 2021 06:24:15 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ 14 KB
15 KB 27ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,800|Open+Sans:400,400i,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.waterisac.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 00:29:56 GMT
x-content-type-options: nosniff
age: 194062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:25 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 00:29:56 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_c5H3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 20 KB
20 KB 38ms
16ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_c5H3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,800|Open+Sans:400,400i,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3202c5584350517cab7f1de0d43d54db0979c449df18fe70241e8c35de80919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.waterisac.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 00:41:09 GMT
x-content-type-options: nosniff
age: 193389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20016
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:21:37 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 00:41:09 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
20 KB 33ms
12ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,800|Open+Sans:400,400i,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.waterisac.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 00:36:29 GMT
x-content-type-options: nosniff
age: 193669
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:10 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 00:36:29 GMT

GET
H3-29 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 28ms
18ms Font
application/octet-stream 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.waterisac.org
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:24:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1565021
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BsfWHw2lQ7udlaiNYA46Htnu2ATtkgMPAk%2Bh0CULKp57QLTTQINWjyHCpenkHIEfJdJ%2FeNCxro7eRipspUJLgY7sL2lhgnJ6XPxNNRnxtisAl%2FYWtL%2F73f%2BFDvkPp%2B5sNVVL9ozFDFt4ZDcldQy3aLNC"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 684af9f418d64a56-FRA
expires: Tue, 16 Aug 2022 06:24:18 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 15 KB
15 KB 30ms
11ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,800|Open+Sans:400,400i,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.waterisac.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 14:28:00 GMT
x-content-type-options: nosniff
age: 143778
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:34 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 14:28:00 GMT

GET
H2 200 mem6YaGs126MiZpBA-UFUK0Zdc0.woff2
fonts.gstatic.com/s/opensans/v23/ 13 KB
14 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem6YaGs126MiZpBA-UFUK0Zdc0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,800|Open+Sans:400,400i,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa4607112a6b3245394fee13973cf8cf8a22b727f919f60636436a945886005b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.waterisac.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 00:31:22 GMT
x-content-type-options: nosniff
age: 193976
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13792
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:08 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 00:31:22 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 27ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=1491969595&t=pageview&_s=1&dl=https%3A%2F%2Fwww.waterisac.org%2Fportal%2Ffbi-flash-onepercent-group-ransomware-indicators-compromise&ul=en-us&de=UTF-8&dt=FBI%20FLASH%3A%20OnePercent%20Group%20Ransomware%20Indicators%20of%20Compromise%20%7C%20WaterISAC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=967096275&gjid=1268144981&cid=1137982607.1629959059&tid=UA-118523699-1&_gid=116428043.1629959059&_r=1&_slc=1&cd1=anonymous%20user&z=851870971

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.waterisac.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 26 Aug 2021 06:24:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.waterisac.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
use.fontawesome.com
www.google-analytics.com
www.waterisac.org
162.249.111.146
2606:4700:3037::6815:4e07
2606:4700::6810:125e
2a00:1450:4001:813::200a
2a00:1450:4001:827::200e
2a00:1450:4001:831::2003
0103d3084aa9ad0ff76e846efa03089f49248bdd1103a5970544bcfd5af00d3e
0bb69582e9a5923b49839268c7d698b086f85e0a17c0378fc09b784faecac765
0dd53ceca07de8b1b2c16d9fee7a1d33dc90bc462a24abd38b2b9da7b8d27bc2
13298a2fb4a4a271a0fb679efceae710084a25b98eac4274af29895303ae70c1
1430f42c0d760ba8e05bb3762480502e541f654fec5739ee40625ab22dc38c4f
175ee046a405fdea2ddc37ae7acaf6729958a10a59c4d97e03777eecd26d1874
1875fc720f7470011f1e22c48e4f2f218e6f847d208aa46e2e43d2f79f57dd4a
2472955beac8e53598f76edc0f7d5d1b1f0e6ba1220e682af6efd93bdfe95c77
290570ec87160eb54659973bbac1ec5329c375ee9ca1e9afbbfe4e9fbbc6726d
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2e08dccbd4d8b728a6871562995a4636b89bfe0ed3b8fb0138191c922228b116
312d73c2d350568c141e8b4eb5b3a2eca40d64b56ecf50eb80e37a1f70e1fc2c
40244020a57585e35cb2bb4250fcbea3337e50a1e42a841c75a309e393ebeb80
46a288f2d06f48267aec521a2454200d8d8225cbdebd3f98f43c846f58458edb
4ba03e57203ea578ec51f56d317a69cc2bb83af0933780683890fd9e046b66e5
50f8d8e45f6742713a156c9fcf1b20d7c8c2dbddc7c649b76ee377775c6c4b83
5f59934ae92e86f1d490bf2ed2bb58cb2e854d16cda19787bef3c80b7a479cf1
63eeb9baf46a801bccb55ef3c1a60610e820d57f90814480a393a0ec8edb36a3
641a569bfca5cae7e5ec706c4ea44064250f68b631afa519df60c97913b57db9
671892c62cb4fe6866a375e8828ed6aa5ccd60979c71e78b916fe74ea17454f1
68ca5057647026994169cea33508c7cbf967c1b5252460b6d75be996de396eaf
6a2b865047df992a2c0c0fd9de430064a7f35ebc23f24a33f7b56e5f2217bc9c
6da922d109eacd88de031d9d8617967726cfd928dc21da535ed34a141c9e847b
72577aa16f7c9c183cf42fe2a5bff2b9d7c1e5160ee6f95eec9e73aec6830588
7652f2f63eedd9701ba8b1c7444d8987bd40f96ad16db6a99c3080db3c3beda3
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8335f378c2ee973ed82667fd8b7492e1eb5e5396a72c982fc1bbd75a2f679158
88307f9b98de9f43afe97d6b3961f3bea4a715e05d9e48b1e0a604d01dcaf786
8a9bf4b8a6023abd456ba6081dc1b22f84ad1fc1ce500b58d7c1a64f7ece905d
8c63b29a9b51a611ae31577abf8c8c60772d7f909cfe1683d4c01f3d84debafe
8ddd16e82813d3b21156531806bf2621098f1315544b9dd93386b42fea3b6633
8fc36e868888e8c382365c1221289168706ba869cf365bbd9d5248d62cae60da
9032259f96c06cb70bfe474654b34328339cd8e950c4ddece511d5695420e7b1
934c8a929f79fbcb89c23881f6271a54df97a5afb425b3b58a5526e49f16d82d
98c95043408054eb2f1ca1bb4eca403b7513e98c782535476908f34850a81c12
9b186c805cee455f2299d5e4642742fcdd55d032b9d501a543c5dbe972893b00
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a3202c5584350517cab7f1de0d43d54db0979c449df18fe70241e8c35de80919
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
aa4607112a6b3245394fee13973cf8cf8a22b727f919f60636436a945886005b
ac66523e2d9f15f378bb3b237813dfbf078319fc9fc13f68e70383d206103b0c
b16a7b86eec5a71e7652a9109c318ebb1c962719b213ee76f29d0ae99a28860d
b2e0e74b3ab1183b84fa6096021ef968bca2ef0937088d818aae74da72fcfd3f
b2f6194a666edb08fcfad23b0e31d744c979fbc38e01f227fa488c982d425372
b8e3256cf5e9c1d7653ef8f13112f7f78e449626711353248ed1629ea5984f08
b958a323ec67d9233516886d51b5dd99208c8b55cbdc195bad90b387b5edd332
ba15df4d5b36f211301991e834a567a125a6c9e3b2150b200df5d7097e399773
bab501c47a70b8ead8f244c2f796d5fa8ad5aabc961e953352a3f2c585be0a69
bf6028e15a460586c16adb0210d268374501f60ecf36f11e554e2ffd089c636b
c1247c6c6e2fa2a3b02f04886deac34f46ccef66483b1c64c1347e6b95e158b9
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c5330b0397393eb12fa26f806ed3683cab71fd856ffdbc93999cc59847910591
c54103ba57ee210ca55c052e70415402707548a4e6a68dd6efb3895019bee392
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
ceb75ce509de10d6c7289619ad2fc21b8dfd88a88e366df84857c2e63294f85f
d0bbad771a8a5ac5f9446791109693aeca1d676d44ced48f8514857f7d3e6fd0
d24a2e5db8c476184f3f4b28fe5be7cfd159c276d1f58af244d72de55d5dee16
d2a10ea72198ee871b08bda04554c3362186089a009aca20b46d95b11c1d08b3
d3b712c5eb2c4fa4d3252b7ef38e8494d3e50eef3f88d180afb8798995621278
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
da1a497dea4ec262c01ba8a020b5760bf874100ad08938b54f420e9d8ade10b1
da6fec7f2ea96e70f5e677fcc45eacc44a05e4e3bdc61b902af3eab43d1fc1d2
e1d4c3ec762ff0b4d5767feb628bbd873f21c37d25c706cf0069e741814a7af9
e1f8d4878b8114f6baa5b48db414d2a6f2635ce113d7340cb3dacf4ebdac3d3e
e5f8dba76cab32e41dfa1cab0776cbe1be7263f9e6e128213a403c17af3a1a2e
eafae0b008b388dc228d1577bfe254d26b6fdc9f3d092a2058478b97c954552e
eb17a67694d6d7fcbd603935322fe0581f80cd56178e57b0089c82c3f8aba452
eeb180eb5431d688d74e9bc89484ee2eed5987e270001a88af1703d522916277
f2470640af17a4eb9988eed14e1110ae897fc6314340d0df1bf050d2c8d38ea6
f34c5f1f93a50cbad1b5163f7a080f6fcedf17b24b4ecf84a401e5a4a7cfd257
f3aab94d78450562b233c8df62f81342b13f889a42160df9c461974865f97d7f
f68a43f9ecb5ce8e5106df296dd1e1d18e7e6b5161e6bccc62e3fc821fe41417
f801352938ceff7879d5ca45cd3dec9b390f1b04248e15674d01b3d3f5d8d2b9
fa385dc43825fc9f723153ad0a845eb66d6f04e1a09c71691781f7cf333a4aef
fad84efa145fb507e5df9b582fa01b1c4e6313de7f72ebdd55726d92fa4dbf06
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ff7750952a601dbf03688b01a2eced6e5671a8335393eb063201bb732f12c99a

www.waterisac.org Open in urlscan Pro 162.249.111.146 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

77 Requests

100 %HTTPS

83 %IPv6

6 Domains

6 Subdomains

6 IPs

2 Countries

1099 kBTransfer

1367 kBSize

0 Cookies

2 Outgoing links

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.waterisac.org Open in urlscan Pro
162.249.111.146 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

100 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

1099 kB
Transfer

1367 kB
Size

0
Cookies

77 HTTP transactions
0 data transactions