neocyber.fr Open in urlscan Pro
104.21.64.161  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response neocyber.fr/ransomnegotiation/	68 KB 22 KB	255ms 194ms	Document text/html	104.21.64.161 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://neocyber.fr/ransomnegotiation/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.64.161 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2 Resource Hash 76d08e8f61b256d0731f61a4814d543e460942ab4990343e8d730d495ea505a8 Request headers :method GET :authority neocyber.fr :scheme https :path /ransomnegotiation/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Mon, 20 Sep 2021 12:22:55 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/7.2 cache-control max-age=3600, must-revalidate hummingbird-cache Served vary Accept-Encoding cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EHy3eL9OGwRW5tTCmc5CKZ6x48zwDF9FFcesFri3YPLHrXiqeGyBAmvmmijdBhJ5glHhgr%2BmJRyR6vgsFT8DqNT1jy3VLTouogK3yLhhBTZh6e560mvuJnCKED7xuw%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 691b05a49c5ff9d6-PRG content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	style.min.css neocyber.fr/wp-includes/css/dist/block-library/	79 KB 11 KB	118ms 116ms	Stylesheet text/css	104.21.64.161 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://neocyber.fr/wp-includes/css/dist/block-library/style.min.css Requested by Host: neocyber.fr URL: https://neocyber.fr/ransomnegotiation/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.64.161 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a Request headers :path /wp-includes/css/dist/block-library/style.min.css pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority neocyber.fr referer https://neocyber.fr/ransomnegotiation/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://neocyber.fr/ransomnegotiation/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 20 Sep 2021 12:22:55 GMT content-encoding br cf-cache-status MISS last-modified Tue, 20 Jul 2021 22:37:26 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZKoCkIRXKlhNdpEeznevAuJ49EnCVtt5Z7Y%2B%2BoRwDVDgADDKd%2FAYxrC2wMFd8HREbncMJ8cYoaRLArcA7WrSZY66zry7zkVKdeuZAPrvJRhw0xHsXhCXErq7X0Qzg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 691b05a5fd56f9d6-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Mon, 20 Sep 2021 12:37:55 GMT
GET H2	200	ecb9459d5972e7078905d65960d1ec5b.css neocyber.fr/wp-content/uploads/hummingbird-assets/	648 B 521 B	92ms 90ms	Stylesheet text/css	104.21.64.161 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://neocyber.fr/wp-content/uploads/hummingbird-assets/ecb9459d5972e7078905d65960d1ec5b.css Requested by Host: neocyber.fr URL: https://neocyber.fr/ransomnegotiation/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.64.161 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f5547ed51780337f368cf90694664a7c54c4d8b3038edd225f03ab8dd3ae30ac Request headers :path /wp-content/uploads/hummingbird-assets/ecb9459d5972e7078905d65960d1ec5b.css pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority neocyber.fr referer https://neocyber.fr/ransomnegotiation/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://neocyber.fr/ransomnegotiation/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 20 Sep 2021 12:22:55 GMT content-encoding br cf-cache-status MISS last-modified Fri, 17 Sep 2021 11:55:16 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6BWPl0ci5hMQw2O22SdscZDibCgEnP74TW3wRskemG8LolOfBj%2Bqy2LK1tGRMd%2FnHO8qrZaNJ5sQEEHehudKHkv1veqT1ld8LE2Fmx9kaztkWT8r5%2F1dwtNXrV78mw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 691b05a5fd58f9d6-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Mon, 20 Sep 2021 12:37:55 GMT
GET H2	200	dashicons.min.css neocyber.fr/wp-includes/css/	58 KB 35 KB	128ms 126ms	Stylesheet text/css	104.21.64.161 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://neocyber.fr/wp-includes/css/dashicons.min.css Requested by Host: neocyber.fr URL: https://neocyber.fr/ransomnegotiation/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.64.161 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e Request headers :path /wp-includes/css/dashicons.min.css pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority neocyber.fr referer https://neocyber.fr/ransomnegotiation/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://neocyber.fr/ransomnegotiation/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 20 Sep 2021 12:22:55 GMT content-encoding br cf-cache-status MISS last-modified Thu, 15 Apr 2021 11:02:00 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCX1fGkoOWrk2u%2BccnH%2BpoHzKlbR3pPuQAbsyxQicNaBFLJsRFKUtOyTwQ%2FWV8mDtTYAGiDwwyXqYLyuN5WbWhwA%2BnSHrfjAlE817VgpGuDcAshbXJCSFOQgz1PNpg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 691b05a5fd59f9d6-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Mon, 20 Sep 2021 12:37:55 GMT
GET H2	200	e3c030a28027a2db62194c9c4e4f1ba1.css neocyber.fr/wp-content/uploads/hummingbird-assets/	52 KB 6 KB	91ms 89ms	Stylesheet text/css	104.21.64.161 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://neocyber.fr/wp-content/uploads/hummingbird-assets/e3c030a28027a2db62194c9c4e4f1ba1.css Requested by Host: neocyber.fr URL: https://neocyber.fr/ransomnegotiation/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.64.161 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ba55ec5bebf52c87f1c1b0732c149e7b2cd0240f4e1341315db40ca1b01db50 Request headers :path /wp-content/uploads/hummingbird-assets/e3c030a28027a2db62194c9c4e4f1ba1.css pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority neocyber.fr referer https://neocyber.fr/ransomnegotiation/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://neocyber.fr/ransomnegotiation/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 20 Sep 2021 12:22:55 GMT content-encoding br cf-cache-status MISS last-modified Fri, 17 Sep 2021 11:55:16 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EwVzt3KYI%2FYdGIoieqUWDSx7UsILClw8w%2B%2BhczKsS9qtUFX8S%2BqAHQZU%2BaXVlm3GrsHe9e9J6Aa81Z4euITpGBpKV0t%2FVs4T4J6teq6InbyalfkRv6KcsLDW%2FF%2BrEw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 691b05a5fd5af9d6-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Mon, 20 Sep 2021 12:37:55 GMT
GET H2	200	9ba9a429e01d7bca0fd227683d273e14.css neocyber.fr/wp-content/uploads/hummingbird-assets/	85 KB 3 KB	95ms 93ms	Stylesheet text/css	104.21.64.161 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://neocyber.fr/wp-content/uploads/hummingbird-assets/9ba9a429e01d7bca0fd227683d273e14.css Requested by Host: neocyber.fr URL: https://neocyber.fr/ransomnegotiation/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.64.161 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 068b05c01dc99b32f3f138c93659feee4b3720d6dab08d92d1de6a59ed9f5932 Request headers :path /wp-content/uploads/hummingbird-assets/9ba9a429e01d7bca0fd227683d273e14.css pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority neocyber.fr referer https://neocyber.fr/ransomnegotiation/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://neocyber.fr/ransomnegotiation/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 20 Sep 2021 12:22:55 GMT content-encoding br cf-cache-status MISS last-modified Fri, 17 Sep 2021 11:55:17 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TMTtbvLTT6LdBiuo2SzxspWr2R1tPHylm992F4voXTvYhDdIZTwvnVYeKBPTVDf6l%2F2wS2fDW47SOmsD7dAfP3Lsmz60YG1kLwOo1hOPuoPRKUtDS71o%2Fh1WIKweAA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 691b05a5fd5bf9d6-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Mon, 20 Sep 2021 12:37:55 GMT
GET H2	200	bootstrap-theme.min.css neocyber.fr/wp-content/themes/bigwigs/vendors/bootstrap-dist/css/	148 KB 24 KB	113ms 112ms	Stylesheet text/css	104.21.64.161 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://neocyber.fr/wp-content/themes/bigwigs/vendors/bootstrap-dist/css/bootstrap-theme.min.css Requested by Host: neocyber.fr URL: https://neocyber.fr/ransomnegotiation/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.64.161 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f20249c79a58f9838f78766572051bb0da0a86254880fcf4c114e01599b89c8 Request headers :path /wp-content/themes/bigwigs/vendors/bootstrap-dist/css/bootstrap-theme.min.css pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority neocyber.fr referer https://neocyber.fr/ransomnegotiation/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://neocyber.fr/ransomnegotiation/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 20 Sep 2021 12:22:55 GMT content-encoding br cf-cache-status MISS last-modified Fri, 09 Jul 2021 11:57:38 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2F9O9otgpJwwBbhMn%2B9UgO949u%2Fwa8InQRjSWeLkDlIXYasafQ2rbNAbYQ%2BdmNk43bnP%2FW3ARJTwjMIsCBu3k6JPgKytzaOQAcOCmsrYPxLLzlxJXD1BpgAtDmA1Mg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 691b05a5fd5cf9d6-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Mon, 20 Sep 2021 12:37:55 GMT
GET H2	200	css fonts.googleapis.com/	3 KB 999 B	134ms 93ms	Stylesheet text/css	142.250.186.170 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Poppins%3A400%2C400i%2C700&subset=latin&ver=0.7.3 Requested by Host: neocyber.fr URL: https://neocyber.fr/ransomnegotiation/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.170 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f10.1e100.net Software ESF / Resource Hash c281b845cbdd8cef2846a39a0c4036fc13b638bcd401d49c63e6d1ac94044e81 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://neocyber.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 20 Sep 2021 12:22:55 GMT server ESF date Mon, 20 Sep 2021 12:22:55 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 20 Sep 2021 12:22:55 GMT
GET H2	200	329f4ac5d1a2df35ba6af2ac470eb91a.css neocyber.fr/wp-content/uploads/hummingbird-assets/	20 KB 6 KB	92ms 91ms	Stylesheet text/css	104.21.64.161 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://neocyber.fr/wp-content/uploads/hummingbird-assets/329f4ac5d1a2df35ba6af2ac470eb91a.css Requested by Host: neocyber.fr URL: https://neocyber.fr/ransomnegotiation/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.64.161 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f1d18acfac800a31ebdcafa2a3d16070800fc37c7fe723b79c98fbdf743f3a55 Request headers :path /wp-content/uploads/hummingbird-assets/329f4ac5d1a2df35ba6af2ac470eb91a.css pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority neocyber.fr referer https://neocyber.fr/ransomnegotiation/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://neocyber.fr/ransomnegotiation/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 20 Sep 2021 12:22:55 GMT content-encoding br cf-cache-status MISS last-modified Fri, 17 Sep 2021 11:55:17 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2BGn8VKuaK2lLbFw%2BapMM5Xd4U9v2LYkhh4w2Jy7RgJwUQRrdUHSdhqwlimDUz9kNNM1G7UZfEqW%2B1xZZNSdnvKnj2YKWZ2GM3%2FD1UT6FrtW7YFwR7ViIPb%2FLVrhfg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 691b05a5fd5df9d6-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Mon, 20 Sep 2021 12:37:55 GMT
GET H2	200	8c6a2b411e979df358f98a491ebb42d6.js Show response neocyber.fr/wp-content/uploads/hummingbird-assets/	98 KB 35 KB	117ms 116ms	Script application/javascript	104.21.64.161 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://neocyber.fr/wp-content/uploads/hummingbird-assets/8c6a2b411e979df358f98a491ebb42d6.js Requested by Host: neocyber.fr URL: https://neocyber.fr/ransomnegotiation/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.64.161 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0d8fce81d557aec4a2db5cb4391e6c38c6103d863f50ec2dc866f9bef2d3cf59 Request headers :path /wp-content/uploads/hummingbird-assets/8c6a2b411e979df358f98a491ebb42d6.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority neocyber.fr referer https://neocyber.fr/ransomnegotiation/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://neocyber.fr/ransomnegotiation/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 20 Sep 2021 12:22:55 GMT content-encoding br cf-cache-status MISS last-modified Fri, 17 Sep 2021 11:02:05 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y69P57kA8FqgC%2BqnAXH6rMAiz9pMGcuf1Lylap050dhB9vsQbj8sxCExuTAdm8bskHuUg%2Bka5ytlz0MC8A5wA%2Bkq54gmKd%2BlPTayJUNHNXPWb6iwQjk6vhQSJpJZ7g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 691b05a5fd5ff9d6-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Mon, 20 Sep 2021 12:37:55 GMT
GET H2	200	9b99ce1c092fecff8bc3f0da33c936c3.js Show response neocyber.fr/wp-content/uploads/hummingbird-assets/	2 KB 1 KB	86ms 86ms	Script application/javascript	104.21.64.161 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://neocyber.fr/wp-content/uploads/hummingbird-assets/9b99ce1c092fecff8bc3f0da33c936c3.js Requested by Host: neocyber.fr URL: https://neocyber.fr/ransomnegotiation/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.64.161 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 92e66bfc85a0133a96d96d2e8f5e9cd6c4658561a433601bfc408c20e7e7322f Request headers :path /wp-content/uploads/hummingbird-assets/9b99ce1c092fecff8bc3f0da33c936c3.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority neocyber.fr referer https://neocyber.fr/ransomnegotiation/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://neocyber.fr/ransomnegotiation/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 20 Sep 2021 12:22:55 GMT content-encoding br cf-cache-status MISS last-modified Fri, 17 Sep 2021 11:55:17 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aga%2FcQPWUatnfwZ5uFMRsSiB%2FXLsfEljBDeEsGorS320irT%2Brfuo3RibufMlz6X8vG6NJS9MhSsmF6YNoSmBZe1JpsBSOFVlgAYO6BWg6AwtNn0NEni8YZQk4jonrA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 691b05a5fd60f9d6-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Mon, 20 Sep 2021 12:37:55 GMT
GET H3	200	cropped-cropped-logo-web-1-1.png neocyber.fr/wp-content/uploads/2021/05/	17 KB 17 KB	62ms 62ms	Image image/png	104.21.64.161 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://neocyber.fr/wp-content/uploads/2021/05/cropped-cropped-logo-web-1-1.png Requested by Host: neocyber.fr URL: https://neocyber.fr/ransomnegotiation/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.64.161 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ce7a75f85ac1ede729539e2324cd03d8bd87f7508333f38942c888b8388b1ef8 Request headers :path /wp-content/uploads/2021/05/cropped-cropped-logo-web-1-1.png pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority neocyber.fr referer https://neocyber.fr/ransomnegotiation/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://neocyber.fr/ransomnegotiation/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 20 Sep 2021 12:22:55 GMT cf-cache-status MISS last-modified Thu, 13 May 2021 11:21:33 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TGaOqD%2BSEaslv8ZLR%2FDCk9AK6LwJl%2B6NpThdnj2WWGsdCIjelcUnx%2F6MnQoM3yELX6gWjzuEMGY8%2B41W5pIllVdh9QYNx83v5XCISomPm4z9javqYArOBv9ByXgAqg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 691b05a77d3c2790-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 17291 expires Mon, 20 Sep 2021 12:37:55 GMT
GET H3	200	email-decode.min.js Show response neocyber.fr/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	25ms 25ms	Script application/javascript	104.21.64.161 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://neocyber.fr/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: neocyber.fr URL: https://neocyber.fr/ransomnegotiation/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.64.161 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers :path /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority neocyber.fr referer https://neocyber.fr/ransomnegotiation/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://neocyber.fr/ransomnegotiation/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 20 Sep 2021 12:22:55 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 17 Sep 2021 09:29:40 GMT server cloudflare etag W/"61446004-4d7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options DENY report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qc%2FfMHIhhGvhqWyN8xxhk1NaSxZF0hCzA43P3kY4a096VZO%2FMFoNrfmGPVhR17UHmn960f1Lixy2YMbUl8FZUrBD5uXZsc89SjzrLRaDC1p5hXMj6yRgMPt%2BJ4FhwQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=172800 public nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 691b05a6cc9f2790-PRG vary Accept-Encoding expires Wed, 22 Sep 2021 12:22:55 GMT
GET H3	200	573104dd725e7a0a31096263caa92637.js Show response neocyber.fr/wp-content/uploads/hummingbird-assets/	82 KB 25 KB	111ms 111ms	Script application/javascript	104.21.64.161 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://neocyber.fr/wp-content/uploads/hummingbird-assets/573104dd725e7a0a31096263caa92637.js Requested by Host: neocyber.fr URL: https://neocyber.fr/ransomnegotiation/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.64.161 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fdf3a0cbd79bf9af0cd7f756e7f1a090130ff79ed90a5dcd2bec677b83036ee3 Request headers :path /wp-content/uploads/hummingbird-assets/573104dd725e7a0a31096263caa92637.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority neocyber.fr referer https://neocyber.fr/ransomnegotiation/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://neocyber.fr/ransomnegotiation/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 20 Sep 2021 12:22:55 GMT content-encoding br cf-cache-status MISS last-modified Fri, 17 Sep 2021 11:55:18 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O0%2BrGBcYT1y%2B3ezJEorr66nb85K%2BBkj0SDX%2BJ06sM9wx3S4i1f%2FKk7SwzuPXcOFyuVkdNOZcfAtHutKtJ0KPzsU6zkmDQWrmKvIB3RcJeQxYzwelsM5vmVJdPeHlJw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 691b05a6fcbf2790-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Mon, 20 Sep 2021 12:37:55 GMT
GET H3	200	hoverIntent.min.js Show response neocyber.fr/wp-includes/js/	1 KB 1 KB	55ms 55ms	Script application/javascript	104.21.64.161 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://neocyber.fr/wp-includes/js/hoverIntent.min.js Requested by Host: neocyber.fr URL: https://neocyber.fr/ransomnegotiation/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.64.161 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cd1cc14b59f5918e11725643ef36381b85cf569c6626fb4fdbe39c2eba9bdfe8 Request headers :path /wp-includes/js/hoverIntent.min.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority neocyber.fr referer https://neocyber.fr/ransomnegotiation/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://neocyber.fr/ransomnegotiation/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 20 Sep 2021 12:22:55 GMT content-encoding br cf-cache-status MISS last-modified Tue, 20 Jul 2021 22:37:27 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=szgvp4PXQJprP9UoR0H44y2nVPDEp9FTwkYcr2VoLDqFkbLw0%2BDVx4j6lt5R%2BjmGcEmrXBM3UrdI140zbTgwY5jdRQqL3dK85ybiz6lQ8OiF3RsUXUmJTqgKWmJDBw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 691b05a76d262790-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Mon, 20 Sep 2021 12:37:55 GMT
GET H3	200	739f7cd09d37d24da6a845abbfd83dee.js Show response neocyber.fr/wp-content/uploads/hummingbird-assets/	17 KB 5 KB	88ms 87ms	Script application/javascript	104.21.64.161 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://neocyber.fr/wp-content/uploads/hummingbird-assets/739f7cd09d37d24da6a845abbfd83dee.js Requested by Host: neocyber.fr URL: https://neocyber.fr/ransomnegotiation/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.64.161 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4eb2e7e00d03eba4cc9753babe284ded78dcd85fa77802c0234723afde8b4271 Request headers :path /wp-content/uploads/hummingbird-assets/739f7cd09d37d24da6a845abbfd83dee.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority neocyber.fr referer https://neocyber.fr/ransomnegotiation/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://neocyber.fr/ransomnegotiation/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 20 Sep 2021 12:22:55 GMT content-encoding br cf-cache-status MISS last-modified Fri, 17 Sep 2021 11:55:19 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hqd2470pFrVG8OC7zy%2Bq%2FbjEzJiAjJwdpkNWzTRcrpwDWQmBcjeDEP91vm1MHXOmE5QzDzL5m6uRzIZ3ozOiHaSld7pDvbZJ82wzTuw3bPRFe7YxId4IpZhcecCGtA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 691b05a77d392790-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Mon, 20 Sep 2021 12:37:55 GMT
GET H2	200	pxiEyp8kv8JHgFVrJJfecg.woff2 fonts.gstatic.com/s/poppins/v15/	8 KB 8 KB	35ms 10ms	Font font/woff2	142.250.74.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C400i%2C700&subset=latin&ver=0.7.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.74.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f3.1e100.net Software sffe / Resource Hash 41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://neocyber.fr Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 13 Sep 2021 14:59:01 GMT x-content-type-options nosniff age 595434 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7900 x-xss-protection 0 last-modified Thu, 05 Nov 2020 22:02:01 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 13 Sep 2022 14:59:01 GMT
GET H2	200	pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v15/	8 KB 8 KB	32ms 8ms	Font font/woff2	142.250.74.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C400i%2C700&subset=latin&ver=0.7.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.74.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f3.1e100.net Software sffe / Resource Hash b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://neocyber.fr Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 18 Sep 2021 13:24:01 GMT x-content-type-options nosniff age 169134 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7832 x-xss-protection 0 last-modified Thu, 05 Nov 2020 22:01:48 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 18 Sep 2022 13:24:01 GMT
GET H2	200	pxiGyp8kv8JHgFVrJJLucHtA.woff2 fonts.gstatic.com/s/poppins/v15/	8 KB 9 KB	37ms 14ms	Font font/woff2	142.250.74.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v15/pxiGyp8kv8JHgFVrJJLucHtA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C400i%2C700&subset=latin&ver=0.7.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.74.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f3.1e100.net Software sffe / Resource Hash f41bc54bcb1241a706432b6ca646835b27140a2eca0f50595ac4fbdd9eeef0f5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://neocyber.fr Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 19 Sep 2021 14:29:56 GMT x-content-type-options nosniff age 78779 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8656 x-xss-protection 0 last-modified Thu, 05 Nov 2020 22:02:01 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 19 Sep 2022 14:29:56 GMT
GET H3	200	ransomware-1-1024x768.png neocyber.fr/wp-content/uploads/2021/08/	39 KB 39 KB	133ms 132ms	Image image/png	104.21.64.161 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://neocyber.fr/wp-content/uploads/2021/08/ransomware-1-1024x768.png Requested by Host: neocyber.fr URL: https://neocyber.fr/ransomnegotiation/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.64.161 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 967212e0413922633a220a8bd1a79d946ccf831de4273d4f292c008531bd5928 Request headers :path /wp-content/uploads/2021/08/ransomware-1-1024x768.png pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority neocyber.fr referer https://neocyber.fr/ransomnegotiation/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://neocyber.fr/ransomnegotiation/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 20 Sep 2021 12:22:56 GMT cf-cache-status MISS last-modified Sat, 28 Aug 2021 16:27:14 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wpxDa5U5%2BMgu6fbZfNukubX0scReZN7ndpkibaIWZYfu5n0Q%2FFQJNEZJfDhCyVG%2F7sMPgvAmEZNikrpg9VNdeQOLsgCHDEDF2kzD4JWwqY0qoLKJdfMN72WF8swc0w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 691b05a7ad4f2790-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 39467 expires Mon, 20 Sep 2021 12:37:56 GMT
GET H2	200	fr.svg cdn.weglot.com/flags/circle/	420 B 773 B	118ms 7ms	Image image/svg+xml	13.224.193.85 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.weglot.com/flags/circle/fr.svg Requested by Host: neocyber.fr URL: https://neocyber.fr/wp-content/uploads/hummingbird-assets/9ba9a429e01d7bca0fd227683d273e14.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.193.85 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-193-85.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 51a91cd7779dbae9848793227ad2fe5815ce4f3fa2a04f4f9f8181871728ed31 Request headers Accept-Language de-DE,de;q=0.9 Referer https://neocyber.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 20 Sep 2021 09:17:06 GMT via 1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront) last-modified Mon, 06 Sep 2021 09:57:59 GMT server AmazonS3 age 11151 etag "1dfb88f30f5e2c0d92e42babb9ca360c" x-cache Hit from cloudfront x-amz-version-id null cache-control max-age=2592000 x-amz-cf-pop FRA2-C1 content-type image/svg+xml; charset=utf-8 content-length 420 x-amz-cf-id 6GteSUdupgoWw7N2OJht7-lasB9vVSXdy47jAsnB-xGBv6-epaDzcQ==
GET H3	200	wgarrowdown.png neocyber.fr/wp-content/plugins/weglot/dist/images/	164 B 749 B	439ms 438ms	Image image/png	104.21.64.161 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://neocyber.fr/wp-content/plugins/weglot/dist/images/wgarrowdown.png Requested by Host: neocyber.fr URL: https://neocyber.fr/wp-content/uploads/hummingbird-assets/e3c030a28027a2db62194c9c4e4f1ba1.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.64.161 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0a04bb59c5ba002cc53c6df3b51a0bf083fe846296268d66d91a5650f12adefc Request headers :path /wp-content/plugins/weglot/dist/images/wgarrowdown.png pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority neocyber.fr referer https://neocyber.fr/wp-content/uploads/hummingbird-assets/e3c030a28027a2db62194c9c4e4f1ba1.css :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://neocyber.fr/wp-content/uploads/hummingbird-assets/e3c030a28027a2db62194c9c4e4f1ba1.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 20 Sep 2021 12:22:56 GMT cf-cache-status MISS last-modified Fri, 17 Sep 2021 11:00:58 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hYWbWi9QibpJScMuStRrxCh4yvZ6Yh9Lf3GllWCqyFsCHUSyPrO8G2D9NIKsdTbLdi6qadJCZXSydBEiWbsWSc2kVwPReY%2FBUjBQmq16HMgIB%2B45Q2mLiEgZiAmwKw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 691b05a80da12790-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 164 expires Mon, 20 Sep 2021 12:37:56 GMT

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster undefined| $ function| jQuery string| image_save_msg string| no_menu_msg string| smessage function| disableEnterKey function| wccp_free_iscontenteditable function| disable_copy function| disable_copy_ie function| reEnable function| disableSelection function| onlongtouch undefined| timer number| touchduration string| elemtype function| touchstart function| touchend function| wccp_pro_is_passive function| nocontext undefined| timeout_result function| show_wpcp_message function| hide_message function| Popper object| bootstrap object| megamenu object| wp

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://neocyber.fr/wp-content/uploads/hummingbird-assets/9b99ce1c092fecff8bc3f0da33c936c3.js(Line 1) Message: Mixed Content: The page at 'https://neocyber.fr/ransomnegotiation/' was loaded over HTTPS, but requested an insecure element 'http://neocyber.fr/wp-content/plugins/weglot/dist/images/wgarrowdown.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.weglot.com
fonts.googleapis.com
fonts.gstatic.com
neocyber.fr
104.21.64.161
13.224.193.85
142.250.186.170
142.250.74.195
068b05c01dc99b32f3f138c93659feee4b3720d6dab08d92d1de6a59ed9f5932
0a04bb59c5ba002cc53c6df3b51a0bf083fe846296268d66d91a5650f12adefc
0d8fce81d557aec4a2db5cb4391e6c38c6103d863f50ec2dc866f9bef2d3cf59
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2ba55ec5bebf52c87f1c1b0732c149e7b2cd0240f4e1341315db40ca1b01db50
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
4eb2e7e00d03eba4cc9753babe284ded78dcd85fa77802c0234723afde8b4271
51a91cd7779dbae9848793227ad2fe5815ce4f3fa2a04f4f9f8181871728ed31
5f20249c79a58f9838f78766572051bb0da0a86254880fcf4c114e01599b89c8
76d08e8f61b256d0731f61a4814d543e460942ab4990343e8d730d495ea505a8
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
92e66bfc85a0133a96d96d2e8f5e9cd6c4658561a433601bfc408c20e7e7322f
967212e0413922633a220a8bd1a79d946ccf831de4273d4f292c008531bd5928
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c281b845cbdd8cef2846a39a0c4036fc13b638bcd401d49c63e6d1ac94044e81
cd1cc14b59f5918e11725643ef36381b85cf569c6626fb4fdbe39c2eba9bdfe8
ce7a75f85ac1ede729539e2324cd03d8bd87f7508333f38942c888b8388b1ef8
f1d18acfac800a31ebdcafa2a3d16070800fc37c7fe723b79c98fbdf743f3a55
f41bc54bcb1241a706432b6ca646835b27140a2eca0f50595ac4fbdd9eeef0f5
f5547ed51780337f368cf90694664a7c54c4d8b3038edd225f03ab8dd3ae30ac
fdf3a0cbd79bf9af0cd7f756e7f1a090130ff79ed90a5dcd2bec677b83036ee3