blog.starti.com.br Open in urlscan Pro
2606:4700:30::6812:20d5 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
Submission: On June 17 via api (June 17th 2019, 12:29:18 am UTC) from US

Summary HTTP 37 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 17 domains to perform 37 HTTP transactions. The main IP is 2606:4700:30::6812:20d5, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is blog.starti.com.br.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 26th 2019. Valid for: a year.

This is the only time blog.starti.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700:30:... 2606:4700:30::6812:20d5	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:824::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700::68... 2606:4700::6813:c397	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
7	52.85.188.50 52.85.188.50	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:825::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700:10:... 2606:4700:10::6814:3777	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	205.185.208.52 205.185.208.52	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
2 4	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	2a00:1450:400... 2a00:1450:400c:c0a::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.198.189.172 104.198.189.172	15169 (GOOGLE) (GOOGLE - Google LLC)
1	54.221.201.226 54.221.201.226	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:81a::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81a::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
37	16

9 2606:4700:30::6812:20d5 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

blog.starti.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

lh6.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:c397 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.85.188.50 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-188-50.fra2.r.cloudfront.net

d335luupugsy2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:3777 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.pushcrew.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.208.52 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip052.ssl.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0a::9c (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.198.189.172 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 172.189.198.104.bc.googleusercontent.com

pageview-notify.rdstation.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.221.201.226 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-221-201-226.compute-1.amazonaws.com

pages.rdstation.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	starti.com.br blog.starti.com.br	2 MB
7	cloudfront.net d335luupugsy2.cloudfront.net	78 KB
5	googleusercontent.com lh3.googleusercontent.com lh6.googleusercontent.com	180 KB
4	google-analytics.com 2 redirects www.google-analytics.com	35 KB
2	rdstation.com.br pageview-notify.rdstation.com.br pages.rdstation.com.br	33 KB
2	google.de www.google.de	218 B
2	google.com 2 redirects www.google.com	359 B
2	doubleclick.net 2 redirects stats.g.doubleclick.net	318 B
2	googletagmanager.com www.googletagmanager.com	44 KB
1	gstatic.com fonts.gstatic.com	11 KB
1	youtube.com www.youtube.com
1	googleapis.com fonts.googleapis.com	1 KB
1	facebook.com staticxx.facebook.com
1	jquery.com code.jquery.com	30 KB
1	facebook.net connect.facebook.net	72 KB
1	pushcrew.com cdn.pushcrew.com	67 KB
1	cloudflare.com ajax.cloudflare.com	4 KB
37	17

	Domain	Requested by
9	blog.starti.com.br	blog.starti.com.br ajax.cloudflare.com
7	d335luupugsy2.cloudfront.net	ajax.cloudflare.com d335luupugsy2.cloudfront.net
4	www.google-analytics.com	2 redirects www.googletagmanager.com
3	lh3.googleusercontent.com	blog.starti.com.br
2	www.google.de
2	www.google.com	2 redirects
2	stats.g.doubleclick.net	2 redirects
2	www.googletagmanager.com	blog.starti.com.br www.googletagmanager.com
2	lh6.googleusercontent.com	blog.starti.com.br
1	fonts.gstatic.com
1	www.youtube.com	d335luupugsy2.cloudfront.net
1	fonts.googleapis.com	d335luupugsy2.cloudfront.net
1	pages.rdstation.com.br	d335luupugsy2.cloudfront.net
1	pageview-notify.rdstation.com.br	d335luupugsy2.cloudfront.net
1	staticxx.facebook.com	connect.facebook.net
1	code.jquery.com	ajax.cloudflare.com
1	connect.facebook.net	blog.starti.com.br
1	cdn.pushcrew.com	blog.starti.com.br
1	ajax.cloudflare.com	blog.starti.com.br
37	19

This site contains links to these domains. Also see Links.

Domain
www.starti.com.br
www.facebook.com
feedly.com
br.investing.com
br.malwarebytes.com
bit.ly
www.sonicwall.com
blog.malwarebytes.com
twitter.com
ghost.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-02-26` - `2020-02-26`	a year	crt.sh
*.googleusercontent.com Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-03-02` - `2019-09-08`	6 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2018-10-08` - `2019-10-09`	a year	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
*.pushcrew.com Go Daddy Secure Certificate Authority - G2	`2016-06-02` - `2019-07-31`	3 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-06-06` - `2019-09-04`	3 months	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
www.google.de Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
*.rdstation.com.br Sectigo RSA Domain Validation Secure Server CA	`2019-04-08` - `2020-07-06`	a year	crt.sh
pages.rdstation.com.br Let's Encrypt Authority X3	`2019-04-17` - `2019-07-16`	3 months	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
Frame ID: C6FC16C4E4FD40BC22F9A560A93FA71E
Requests: 35 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 3664B5DC2D76D3E89539D6771AB3A7E0
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/cCUPVC6DW9E?autoplay=1&rel=0
Frame ID: 8442B239395312EBC50A8394943F3C99
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ghost (Blogs) Expand

Overall confidence: 100%
Detected patterns

meta generator /Ghost(?:\s([\d.]+))?/i

Node.js (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /Ghost(?:\s([\d.]+))?/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

37
Requests

100 %
HTTPS

78 %
IPv6

17
Domains

19
Subdomains

16
IPs

4
Countries

2351 kB
Transfer

2965 kB
Size

1
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.starti.com.br/
Title: Ir para Site

Search URL Search Domain Scan URL

URL: https://www.facebook.com/startioficial
Title:

Search URL Search Domain Scan URL

URL: https://feedly.com/i/subscription/feed/https://blog.starti.com.br/rss/
Title:

Search URL Search Domain Scan URL

URL: https://br.investing.com/crypto/bitcoin/btc-brl-converter
Title: R$ 32.793,00

Search URL Search Domain Scan URL

URL: https://br.malwarebytes.com/ransomware/
Title: ransomware

Search URL Search Domain Scan URL

URL: https://bit.ly/316T1di

Search URL Search Domain Scan URL

URL: http://www.sonicwall.com/ThreatReport.
Title: SonicWall

Search URL Search Domain Scan URL

URL: https://blog.malwarebytes.com/cybercrime/2017/10/badrabbit-ransomware-strikes-eastern-europe/
Title: BadRabbit

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Ransomware%3A%20entenda%20o%20que%20%C3%A9%20e%20como%20se%20proteger%20dessa%20amea%C3%A7a!&url=https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
Title:

Search URL Search Domain Scan URL

URL: https://ghost.org/
Title: Ghost

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://www.google-analytics.com/r/collect?v=1&_v=j76&a=1781112922&t=pageview&_s=1&dl=https%3A%2F%2Fblog.starti.com.br%2Fransomware-o-que-e-e-como-proteger-se%2F&ul=en-us&de=UTF-8&dt=Ransomware%3A%20TUDO%20o%20que%20voc%C3%AA%20precisa%20saber!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAAAB~&jid=478384096&gjid=1275690357&cid=1293763051.1560731342&tid=UA-8615187-3&_gid=179353181.1560731342&_r=1&gtm=2wg651NSH75QC&z=478465690 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-8615187-3&cid=1293763051.1560731342&jid=478384096&_gid=179353181.1560731342&gjid=1275690357&_v=j76&z=478465690 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-8615187-3&cid=1293763051.1560731342&jid=478384096&_v=j76&z=478465690 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-8615187-3&cid=1293763051.1560731342&jid=478384096&_v=j76&z=478465690&slf_rd=1&random=184707836

Request Chain 25

https://www.google-analytics.com/r/collect?v=1&_v=j76&a=1781112922&t=pageview&_s=1&dl=https%3A%2F%2Fblog.starti.com.br%2Fransomware-o-que-e-e-como-proteger-se%2F&ul=en-us&de=UTF-8&dt=Ransomware%3A%20TUDO%20o%20que%20voc%C3%AA%20precisa%20saber!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aEDAAUAB~&jid=878773893&gjid=400386503&cid=1293763051.1560731342&tid=UA-8615187-1&_gid=179353181.1560731342&_r=1&gtm=2ou651&z=357817167 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-8615187-1&cid=1293763051.1560731342&jid=878773893&_gid=179353181.1560731342&gjid=400386503&_v=j76&z=357817167 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-8615187-1&cid=1293763051.1560731342&jid=878773893&_v=j76&z=357817167 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-8615187-1&cid=1293763051.1560731342&jid=878773893&_v=j76&z=357817167&slf_rd=1&random=3534769172

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/ 33 KB
12 KB 1217ms
1183ms Document
text/html 2606:4700:30::6812:20d5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6812:20d5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 48daf27f2ce3de5a7c12dd2a0d14004ec9e2aafd738abbe556462dbaf4d551c3

Request headers

:method: GET
:authority: blog.starti.com.br
:scheme: https
:path: /ransomware-o-que-e-e-como-proteger-se/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Mon, 17 Jun 2019 00:28:59 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=dc08e18e831b025dcaad0fdc9aea620dc1560731338; expires=Tue, 16-Jun-20 00:28:58 GMT; path=/; domain=.starti.com.br; HttpOnly; Secure
x-powered-by: Express
cache-control: public, max-age=0
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4e80e8111cbe279c-FRA
content-encoding: br

GET
H2 200 screen.css
blog.starti.com.br/assets/built/ 35 KB
7 KB 911ms
910ms Stylesheet
text/css 2606:4700:30::6812:20d5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.starti.com.br/assets/built/screen.css?v=d1e047eabe
Requested by: Host: blog.starti.com.br
URL: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6812:20d5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 84adada4ae49510fd8d76aaaaaf12b2cdfc27c66ca7cac419e83b42b9e8e8c7d

Request headers

Referer: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 00:29:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 16 Oct 2018 16:38:22 GMT
server: cloudflare
x-powered-by: Express
etag: W/"8b71-1667dbe1830"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
status: 200
cache-control: public, max-age=14400
cf-ray: 4e80e8188ed7279c-FRA
expires: Mon, 17 Jun 2019 04:29:00 GMT

GET
H2 200 Logo-Starti-Security-30x120-branco-01.png
blog.starti.com.br/content/images/2019/02/ 5 KB
5 KB 891ms
890ms Image
image/png 2606:4700:30::6812:20d5
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.starti.com.br/content/images/2019/02/Logo-Starti-Security-30x120-branco-01.png
Requested by: Host: blog.starti.com.br
URL: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6812:20d5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8392f980450a06680c8af263a5c2b226067c55b2f505dc44bab2b1fb5fb18570

Request headers

Referer: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 00:29:00 GMT
cf-cache-status: MISS
last-modified: Wed, 27 Feb 2019 13:38:45 GMT
server: cloudflare
x-powered-by: Express
etag: W/"1504-1692f2dd187"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 4e80e8188ed8279c-FRA
content-length: 5380
expires: Tue, 16 Jun 2020 00:29:00 GMT

GET
H2 200 a5TI3cZyj2lGFl3OpkymvVXvd2pJ-1EGy-segTE8ysuGueFndbZN9ccJ1RyheYvcL1UIjfKYJrAbpbMSuj5I0A5CSSITAdPccCVKYTvdv58B5mrr7apyNqWcxdgk3QPmujD6owHP
lh3.googleusercontent.com/ 44 KB
44 KB 234ms
199ms Image
image/jpeg 2a00:1450:4001:809::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a5TI3cZyj2lGFl3OpkymvVXvd2pJ-1EGy-segTE8ysuGueFndbZN9ccJ1RyheYvcL1UIjfKYJrAbpbMSuj5I0A5CSSITAdPccCVKYTvdv58B5mrr7apyNqWcxdgk3QPmujD6owHP

Requested by

Host: blog.starti.com.br
URL: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

e9fa3f5e4adac72c0c7cf5839161b7178420e517903f9e62b50a9ddcada8e59c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 00:28:59 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="Design sem nome (6).jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 45347
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 18 Jun 2019 00:28:59 GMT

GET
H2 200 KyeBJ_f1baczXER1qSdOsJjvRchyVp2APTnOJcR9x_fidlsAo6Il4FAdsLtgYbh5soC_mkc42VEVoZ-A8v3-n6xrODCXJw5GRNGX4pLdne2OkdAhhnwBrXK8gV4iouIBnxyiTwRd
lh3.googleusercontent.com/ 41 KB
41 KB 230ms
195ms Image
image/jpeg 2a00:1450:4001:809::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/KyeBJ_f1baczXER1qSdOsJjvRchyVp2APTnOJcR9x_fidlsAo6Il4FAdsLtgYbh5soC_mkc42VEVoZ-A8v3-n6xrODCXJw5GRNGX4pLdne2OkdAhhnwBrXK8gV4iouIBnxyiTwRd

Requested by

Host: blog.starti.com.br
URL: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

57c89c5acd3e66c3c78aacf7d688e79cc82d38653c45abf7c14209fded652157

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 00:28:59 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="Design sem nome.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42109
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 18 Jun 2019 00:28:59 GMT

GET
H2 200 oReXkexnFQzWHAKPTH9P1Yx44aXR_z5LHcuMtGpM6PpzlsI8D1RHFI50b9xNXmOorwdnHBmRv5V9tXs5LgLDugV_MF53bd1Oq5CHDQ2XvAXC7z3P4SxUmIY06Isz8fRU_aXchYzM
lh6.googleusercontent.com/ 25 KB
25 KB 229ms
194ms Image
image/jpeg 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/oReXkexnFQzWHAKPTH9P1Yx44aXR_z5LHcuMtGpM6PpzlsI8D1RHFI50b9xNXmOorwdnHBmRv5V9tXs5LgLDugV_MF53bd1Oq5CHDQ2XvAXC7z3P4SxUmIY06Isz8fRU_aXchYzM

Requested by

Host: blog.starti.com.br
URL: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

adea81df2289d027c47d574df4e911e522db1b62f228b10daee57937ad6035c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 00:28:59 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="Design sem nome (7).jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 25445
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 18 Jun 2019 00:28:59 GMT

GET
H2 200 banner-minisse-rie-blog.jpg
blog.starti.com.br/content/images/2019/05/ 175 KB
175 KB 1338ms
1336ms Image
image/jpeg 2606:4700:30::6812:20d5
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.starti.com.br/content/images/2019/05/banner-minisse-rie-blog.jpg
Requested by: Host: blog.starti.com.br
URL: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6812:20d5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: cf34ea09037b9c51b75466ccb834ffba0dd96be94554ac57df874931a8ca1092

Request headers

Referer: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 00:29:00 GMT
cf-cache-status: MISS
last-modified: Fri, 31 May 2019 12:47:02 GMT
server: cloudflare
x-powered-by: Express
etag: W/"2ba31-16b0dede306"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 4e80e8188eda279c-FRA
content-length: 178737
expires: Tue, 16 Jun 2020 00:29:00 GMT

GET
H2 200 wudg1dL6fL2hMl1GRcjmtbyXf3pAiMKic_h_T6WnlXPgKYTCqJEXfw912rshVUHAV-o--v1wy_q7lLIIHa87SIQAYeXX-mCBK7bKKfVE3u6mYMnx1z5HpiohBGGyDs_88VkiSKcT
lh6.googleusercontent.com/ 30 KB
31 KB 223ms
189ms Image
image/jpeg 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/wudg1dL6fL2hMl1GRcjmtbyXf3pAiMKic_h_T6WnlXPgKYTCqJEXfw912rshVUHAV-o--v1wy_q7lLIIHa87SIQAYeXX-mCBK7bKKfVE3u6mYMnx1z5HpiohBGGyDs_88VkiSKcT

Requested by

Host: blog.starti.com.br
URL: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

84364cdfa1d80f90f201275f25f1f323880483fe797fe42f701662d9f3f61bc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 00:28:59 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="Design sem nome (1).jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 31189
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 18 Jun 2019 00:28:59 GMT

GET
H2 200 GyNbc5wEam_zzec7B5t6UJkOWaXVo8v-gUp_BJeAcOZODJ-6dEcxZ87Lr8fUXQwTacFXSYS7-g3lit6czQ1VZBvndfvb_uU6EWbj6wuCXZXCyG__3HgIgu2scI4Nm4UzfZwBD9Bh
lh3.googleusercontent.com/ 38 KB
39 KB 226ms
192ms Image
image/jpeg 2a00:1450:4001:809::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/GyNbc5wEam_zzec7B5t6UJkOWaXVo8v-gUp_BJeAcOZODJ-6dEcxZ87Lr8fUXQwTacFXSYS7-g3lit6czQ1VZBvndfvb_uU6EWbj6wuCXZXCyG__3HgIgu2scI4Nm4UzfZwBD9Bh

Requested by

Host: blog.starti.com.br
URL: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

16a4e5a07997a0c1decbafa49bbcffd1a33b1e58f6a6f59c0ec431f100dbfa5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 00:28:59 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="Design sem nome.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 39380
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 18 Jun 2019 00:28:59 GMT

GET
H2 200 Foto-Mirian.jpg
blog.starti.com.br/content/images/2019/04/ 463 KB
464 KB 1304ms
1302ms Image
image/jpeg 2606:4700:30::6812:20d5
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.starti.com.br/content/images/2019/04/Foto-Mirian.jpg
Requested by: Host: blog.starti.com.br
URL: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6812:20d5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f716820b2132d68f91c7bb5ae70f92713c0ebb5135c78751217c5c84ac90b22d

Request headers

Referer: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 00:29:00 GMT
cf-cache-status: MISS
last-modified: Wed, 17 Apr 2019 12:32:44 GMT
server: cloudflare
x-powered-by: Express
etag: W/"73dc3-16a2b48f9f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 4e80e8188edb279c-FRA
content-length: 474563
expires: Tue, 16 Jun 2020 00:29:00 GMT

GET
H2 200 favicon_a137554e0ac8c4ed84904a2ae1210d36.png
blog.starti.com.br/content/images/2019/02/ 1 KB
1 KB 892ms
890ms Image
image/png 2606:4700:30::6812:20d5
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.starti.com.br/content/images/2019/02/favicon_a137554e0ac8c4ed84904a2ae1210d36.png
Requested by: Host: blog.starti.com.br
URL: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6812:20d5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 2d38c0dad64080d5df729a86b458c3267ab00dbe9b961621104815d334bf92d6

Request headers

Referer: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 00:29:00 GMT
cf-cache-status: MISS
last-modified: Wed, 27 Feb 2019 17:13:34 GMT
server: cloudflare
x-powered-by: Express
etag: W/"505-1692ff27b2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 4e80e8188edc279c-FRA
content-length: 1285
expires: Tue, 16 Jun 2020 00:29:00 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/ 12 KB
4 KB 22ms
8ms Script
application/javascript 2606:4700::6813:c397
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js

Requested by

Host: blog.starti.com.br
URL: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

09cb7c36c13be7810320607e581c11cd14b5b53eefe52a528b944a43f5a91cda

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 00:28:59 GMT
content-encoding: gzip
last-modified: Mon, 10 Jun 2019 15:33:43 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5cfe7857-2ef5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 4e80e8189de4bef1-FRA
expires: Wed, 19 Jun 2019 00:28:59 GMT

GET
H2 200 jquery.fitvids.js Show response
blog.starti.com.br/assets/built/ 2 KB
810 B 883ms
879ms Script
application/javascript 2606:4700:30::6812:20d5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.starti.com.br/assets/built/jquery.fitvids.js?v=d1e047eabe
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6812:20d5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1b560f221a3ee06277331e405b956b384d5ef7830a643b4e0c257189b7adf887

Request headers

Referer: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 00:29:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 16 Oct 2018 16:38:22 GMT
server: cloudflare
x-powered-by: Express
etag: W/"778-1667dbe1830"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=14400
cf-ray: 4e80e819df46279c-FRA
expires: Mon, 17 Jun 2019 04:29:00 GMT

GET
H2 200 d6662d36-21ff-4e90-899e-14907830d2da-loader.js Show response
d335luupugsy2.cloudfront.net/js/loader-scripts/ 3 KB
2 KB 61ms
13ms Script
application/javascript 52.85.188.50
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/d6662d36-21ff-4e90-899e-14907830d2da-loader.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.85.188.50 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-85-188-50.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 873f097adcad48ffe7a3e7cdce97947ea525f987b10c00e743fd219f5153c09a

Request headers

Referer: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 08 Jun 2019 12:45:12 GMT
content-encoding: gzip
last-modified: Mon, 25 Feb 2019 12:17:18 GMT
server: AmazonS3
age: 733428
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: _MiBnTkMqN6z8SOKelkwVQzuAAOhxLRC
status: 200
cache-control: max-age=2592000
x-amz-cf-pop: FRA2
content-type: application/javascript
x-amz-cf-id: IHfVRZ03ji53R1Eyhzk3m-jxL9CbP8UhKCImTWtw3Sjr9Mh3R8-UJA==
via: 1.1 c55f09a9188f77960d35c97bad15e1b2.cloudfront.net (CloudFront)

GET
H2 200 roubo-de-dados.jpg
blog.starti.com.br/content/images/2019/06/ 600 KB
601 KB 1326ms
1324ms Image
image/jpeg 2606:4700:30::6812:20d5
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.starti.com.br/content/images/2019/06/roubo-de-dados.jpg
Requested by: Host: blog.starti.com.br
URL: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6812:20d5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d584daa03cbd3ad7cf96a3a426822fd151aaf70a6f963bedc8222d5b1851717f

Request headers

Referer: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 00:29:01 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Jun 2019 17:54:44 GMT
server: cloudflare
x-powered-by: Express
etag: W/"96189-16b51fa4358"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 4e80e819ef47279c-FRA
content-length: 614793
expires: Tue, 16 Jun 2020 00:29:00 GMT

GET
H2 200 IMAGEM-ARTIGO-1106.jpg
blog.starti.com.br/content/images/2019/06/ 529 KB
530 KB 1323ms
1322ms Image
image/jpeg 2606:4700:30::6812:20d5
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.starti.com.br/content/images/2019/06/IMAGEM-ARTIGO-1106.jpg
Requested by: Host: blog.starti.com.br
URL: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6812:20d5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1a9092a83655bc61e112ee471bb63b6356027ae84adf89f69ef17bd0d44a4fad

Request headers

Referer: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 00:29:01 GMT
cf-cache-status: MISS
last-modified: Tue, 11 Jun 2019 17:52:56 GMT
server: cloudflare
x-powered-by: Express
etag: W/"84432-16b47abe761"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 4e80e819ef48279c-FRA
content-length: 541746
expires: Tue, 16 Jun 2020 00:29:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 50 KB
19 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:825::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NSH75QC

Requested by

Host: blog.starti.com.br
URL: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

da00c24d4bc892da4e1160579cbdcb8a1b55c37b29abe666f428fa059c20aa8d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 00:29:01 GMT
content-encoding: br
last-modified: Thu, 13 Jun 2019 17:57:39 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 19250
x-xss-protection: 0
expires: Mon, 17 Jun 2019 00:29:01 GMT

GET
H2 200 6e65ba6bf72176783326b14667da0ebd.js Show response
cdn.pushcrew.com/js/ 236 KB
67 KB 517ms
453ms Script
application/javascript 2606:4700:10::6814:3777
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushcrew.com/js/6e65ba6bf72176783326b14667da0ebd.js
Requested by: Host: blog.starti.com.br
URL: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:3777 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 115290b0011781c1eda351f803720cc4b336d1832d4216033bb8a85c6363a86c

Request headers

Referer: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 00:29:02 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 14 May 2019 14:02:12 GMT
server: cloudflare
etag: W/"5cdaca64-3b098"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=43200
cf-ray: 4e80e826cef4d721-FRA
expires: Mon, 17 Jun 2019 12:29:02 GMT

GET
H2 200 xfbml.customerchat.js Show response
connect.facebook.net/pt_BR/sdk/ 244 KB
72 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk/xfbml.customerchat.js

Requested by

Host: blog.starti.com.br
URL: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

0f7ecfb0fc24c9176b1151a9290cf7f8b6ed69915b227bac54104ee922c76750

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: VjsaJEy/I0eFDqMCmJTBrg==
status: 200
date: Mon, 17 Jun 2019 00:29:01 GMT
vary: Accept-Encoding
content-length: 73287
x-fb-debug: GLrkiRwvkzmWqpkFVmmofRJ5/39WTyWv81EWQOTiIYUHUI51CEPoPTT+A24qsw+PXJBd9txT1WpJqJGE+BxbWQ==
x-fb-content-md5: 195908638f4b7e29979fa262a462eb64
etag: "aa19336f4965eb671b0c4e42fb0b21b9"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 17 Jun 2019 00:33:37 GMT

GET
H/1.1 200
OK jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 19ms
19ms Script
application/javascript 205.185.208.52
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip052.ssl.hwcdn.net
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
Origin: https://blog.starti.com.br

Response headers

Date: Mon, 17 Jun 2019 00:29:01 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Mar 2017 19:01:15 GMT
Server: nginx
ETag: W/"58d026fb-15283"
Vary: Accept-Encoding
X-HW: 1560731333.dop037.lo4.t,1560731333.cds080.lo4.shn,1560731341.dop037.lo4.t,1560731341.cds058.lo4.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 30125

GET
H2 200 xd_arbiter.php
staticxx.facebook.com/connect/ Frame 3664 0
0 8ms
6ms Document
text/html 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk/xfbml.customerchat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter.php?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Sun, 14 Jun 2020 22:35:08 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: NYPNhXB8P2D+YMMtYKe1pgeeCUDdDO8JQES3Mbde5aTFJi59c9OoRCmS6KkDbMsUwsny52cQxy44ju5K8C07QA==
content-length: 11202
date: Mon, 17 Jun 2019 00:29:01 GMT

GET
H2 200 traffic-source-cookie.min.js Show response
d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/ 2 KB
1 KB 10ms
10ms Script
application/javascript 52.85.188.50
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/traffic-source-cookie.min.js
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/d6662d36-21ff-4e90-899e-14907830d2da-loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.85.188.50 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-85-188-50.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 23c49eb1402fa6afe843b8dade085148af4d890f11d09d572ce970585e42f17c

Request headers

Referer: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 02 Jun 2019 00:06:37 GMT
content-encoding: gzip
age: 1297345
x-cache: Hit from cloudfront
status: 200
content-length: 912
last-modified: Mon, 06 Feb 2017 16:35:04 GMT
server: AmazonS3
etag: "57ab0bbd7fce16f93e97fc33ff6ec7dc"
x-amz-version-id: inXXjDFoqD4i5dbZCPHdHZe2iZD88xAn
via: 1.1 c55f09a9188f77960d35c97bad15e1b2.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 8_uGP-kOtZQQmLRsNYsBmtrj1tobTlQqHJdia-SAjhH5E2nj2uTqXA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSH75QC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 May 2019 23:53:44 GMT
server: Golfe2
age: 5437
date: Sun, 16 Jun 2019 22:58:24 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17595
expires: Mon, 17 Jun 2019 00:58:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 65 KB
25 KB 77ms
77ms Script
application/javascript 2a00:1450:4001:825::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-8615187-1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSH75QC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

af463c819b9c71ff384e7bf19ed28ab9603b6438e6da798c75d31f4db4b71e71

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 00:29:01 GMT
content-encoding: br
last-modified: Thu, 13 Jun 2019 17:57:39 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 25379
x-xss-protection: 0
expires: Mon, 17 Jun 2019 00:29:01 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j76&a=1781112922&t=pageview&_s=1&dl=https%3A%2F%2Fblog.starti.com.br%2Fransomware-o-que-e-e-como-proteger-se%2F&ul=en-us&de=UTF-8&dt=Ransomware%3A%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-8615187-3&cid=1293763051.1560731342&jid=478384096&_gid=179353181.1560731342&gjid=1275690357&_v=j76&z=478465690
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-8615187-3&cid=1293763051.1560731342&jid=478384096&_v=j76&z=478465690
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-8615187-3&cid=1293763051.1560731342&jid=478384096&_v=j76&z=478465690&slf_rd=1&random=184707836

42 B
109 B

18ms
18ms

Image
image/gif

2a00:1450:4001:81c::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-8615187-3&cid=1293763051.1560731342&jid=478384096&_v=j76&z=478465690&slf_rd=1&random=184707836

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jun 2019 00:29:01 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Jun 2019 00:29:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-8615187-3&cid=1293763051.1560731342&jid=478384096&_v=j76&z=478465690&slf_rd=1&random=184707836
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-8615187-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 May 2019 23:53:44 GMT
server: Golfe2
age: 5438
date: Sun, 16 Jun 2019 22:58:24 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17595
expires: Mon, 17 Jun 2019 00:58:24 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j76&a=1781112922&t=pageview&_s=1&dl=https%3A%2F%2Fblog.starti.com.br%2Fransomware-o-que-e-e-como-proteger-se%2F&ul=en-us&de=UTF-8&dt=Ransomware%3A%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-8615187-1&cid=1293763051.1560731342&jid=878773893&_gid=179353181.1560731342&gjid=400386503&_v=j76&z=357817167
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-8615187-1&cid=1293763051.1560731342&jid=878773893&_v=j76&z=357817167
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-8615187-1&cid=1293763051.1560731342&jid=878773893&_v=j76&z=357817167&slf_rd=1&random=3534769172

42 B
109 B

19ms
19ms

Image
image/gif

2a00:1450:4001:81c::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-8615187-1&cid=1293763051.1560731342&jid=878773893&_v=j76&z=357817167&slf_rd=1&random=3534769172

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jun 2019 00:29:02 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Jun 2019 00:29:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-8615187-1&cid=1293763051.1560731342&jid=878773893&_v=j76&z=357817167&slf_rd=1&random=3534769172
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lead-tracking.min.js Show response
d335luupugsy2.cloudfront.net/js/lead-tracking/stable/ 2 KB
1 KB 8ms
7ms Script
application/javascript 52.85.188.50
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/d6662d36-21ff-4e90-899e-14907830d2da-loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.85.188.50 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-85-188-50.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 910e6d1ee43040c21092dd271297df680adc2959d703420d9eeb0da480e1869c

Request headers

Referer: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: Wqkgm0HiG02vQhaW6JlDFVRZzgTRtBNF
content-encoding: gzip
last-modified: Mon, 02 Jul 2018 20:33:41 GMT
server: AmazonS3
age: 59133
etag: "0fc7a25446b0867801a6101e3f703801"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
date: Sun, 16 Jun 2019 08:06:01 GMT
x-amz-cf-pop: FRA2
accept-ranges: bytes
content-length: 1082
via: 1.1 c55f09a9188f77960d35c97bad15e1b2.cloudfront.net (CloudFront)
x-amz-cf-id: W5Yrsb_9gbi4vNUOzjZ_tBBUddcqw40ZjO_jAVcB1pD9qXXfAYPvkw==

GET
H2 200 rdstation-popup.min.js Show response
d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/ 34 KB
12 KB 10ms
9ms Script
application/javascript 52.85.188.50
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/d6662d36-21ff-4e90-899e-14907830d2da-loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.85.188.50 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-85-188-50.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 96e17b4cbcb9a15467547485a5c4b67d19b6cdca4df110bdf4e6fa3336d96363

Request headers

Referer: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: fjvy2u_TBRijKB834mqtCeBHngnyKhkl
content-encoding: gzip
age: 29507
x-cache: Hit from cloudfront
status: 200
date: Sun, 16 Jun 2019 16:17:20 GMT
content-length: 11450
last-modified: Mon, 10 Jun 2019 16:16:58 GMT
server: AmazonS3
etag: "e6a8e9fe8d92d510e432f4af66980d2a"
content-type: application/javascript; charset=utf-8
via: 1.1 c55f09a9188f77960d35c97bad15e1b2.cloudfront.net (CloudFront)
cache-control: max-age=86400, must-revalidate
x-amz-cf-pop: FRA2
accept-ranges: bytes
x-amz-cf-id: KDvJOhXPVWDtIPsJfgfZjPKkx_YE9MMQwlc7OH83ZbTb2DjlsoEq6A==

GET
H2 200 rd-js-integration.min.js Show response
d335luupugsy2.cloudfront.net/js/integration/stable/ 8 KB
4 KB 10ms
9ms Script
application/javascript 52.85.188.50
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/integration/stable/rd-js-integration.min.js?v=1
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/d6662d36-21ff-4e90-899e-14907830d2da-loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.85.188.50 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-85-188-50.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 719e041a7309a18d7038a356664f0fe96054d879ad6009277fcdfd5489402768

Request headers

Referer: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: Ct5pRk0iGs7oJaBC5h1pY6mayReHXkIR
content-encoding: gzip
age: 72113
x-cache: Hit from cloudfront
status: 200
date: Sun, 16 Jun 2019 04:29:10 GMT
content-length: 3270
last-modified: Wed, 21 Nov 2018 11:44:19 GMT
server: AmazonS3
etag: "b0aec5eeb2956da5ea014d2b9bc7da31"
content-type: application/javascript; charset=utf-8
via: 1.1 c55f09a9188f77960d35c97bad15e1b2.cloudfront.net (CloudFront)
cache-control: max-age=86400, must-revalidate
x-amz-cf-pop: FRA2
accept-ranges: bytes
x-amz-cf-id: wjalmDw74cflsWjkCPmrFr-ZTNFhihnvXXyRciYlCYYECwDpHtwb6g==

POST
H2 200 send Show response
pageview-notify.rdstation.com.br/ 36 B
606 B 381ms
120ms XHR
text/html 104.198.189.172
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pageview-notify.rdstation.com.br/send

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.198.189.172 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

172.189.198.104.bc.googleusercontent.com

Software

nginx/1.15.8 /

Resource Hash

39596f5da20926370ba34d9e1d6e8f571ad4ca9860855cd55c6c5c036ebc0c21

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
Origin: https://blog.starti.com.br
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 17 Jun 2019 00:29:02 GMT
x-content-type-options: nosniff
server: nginx/1.15.8
status: 200
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html;charset=utf-8
access-control-allow-origin: https://blog.starti.com.br
access-control-max-age: 1728000
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-headers: *, Content-Type, Accept, AUTHORIZATION, Cache-Control
content-length: 36
x-xss-protection: 1; mode=block
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma

GET
H2 200 show.json Show response
pages.rdstation.com.br/popup/ 33 KB
33 KB 423ms
189ms XHR
application/json 54.221.201.226
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://pages.rdstation.com.br/popup/show.json?account_id=3150&uniq=_fl0tamlq8
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.221.201.226 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-221-201-226.compute-1.amazonaws.com
Software: /
Resource Hash: 7adca3e9752473fe4f5f8f98e4570dfec94494ee9b5c998def053d39a40c3db1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
Origin: https://blog.starti.com.br

Response headers

status: 200
date: Mon, 17 Jun 2019 00:29:02 GMT
access-control-allow-origin: *
content-type: application/json

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1 KB 18ms
18ms Stylesheet
text/css 2a00:1450:4001:81a::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

ed9b3ccbf02d54159072216b94635a0e9b5f6ab9ac6998b0a861d0b2c49ddfc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 17 Jun 2019 00:29:02 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 17 Jun 2019 00:29:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Mon, 17 Jun 2019 00:29:02 GMT

GET
H2 200 cCUPVC6DW9E
www.youtube.com/embed/ Frame 8442 0
0 168ms
147ms Document
text/html 2a00:1450:4001:81a::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/cCUPVC6DW9E?autoplay=1&rel=0

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/cCUPVC6DW9E?autoplay=1&rel=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/

Response headers

status: 200
expires: Tue, 27 Apr 1971 19:44:06 EST
content-encoding: br
x-content-type-options: nosniff
content-type: text/html; charset=utf-8
cache-control: no-cache
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
date: Mon, 17 Jun 2019 00:29:03 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=WrJm8oy0mPU; path=/; domain=.youtube.com; expires=Sat, 14-Dec-2019 00:29:02 GMT; httponly GPS=1; path=/; domain=.youtube.com; expires=Mon, 17-Jun-2019 00:59:02 GMT PREF=f1=50000000; path=/; domain=.youtube.com; expires=Sat, 15-Feb-2020 12:22:03 GMT VISITOR_INFO1_LIVE=WrJm8oy0mPU; path=/; domain=.youtube.com; expires=Sat, 14-Dec-2019 00:29:02 GMT; httponly YSC=bWNMpD_32WQ; path=/; domain=.youtube.com; httponly
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 $jj2ogsx9qsc
d335luupugsy2.cloudfront.net/cms/files/3150/1559568589/ 5 KB
6 KB 885ms
884ms Image
image/png 52.85.188.50
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d335luupugsy2.cloudfront.net/cms/files/3150/1559568589/$jj2ogsx9qsc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.85.188.50 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-85-188-50.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8392f980450a06680c8af263a5c2b226067c55b2f505dc44bab2b1fb5fb18570

Request headers

Referer: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Jun 2019 22:10:32 GMT
via: 1.1 c55f09a9188f77960d35c97bad15e1b2.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jun 2019 13:31:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA2
etag: "1d8ebdc9b24e3eb4b0b208a13de7d786"
x-cache: RefreshHit from cloudfront
x-amz-version-id: 9Wqf1PhBSoDOpiTXNeb5aqbftaaYkNQx
status: 200
accept-ranges: bytes
content-type: image/png
content-length: 5380
x-amz-cf-id: oWqK19fgaW7pBQbDBBqZp-5DAXoN_KnWaSKIylidR5nQ3b0oR8bzAg==

GET
H2 200 $up5r07q3oj
d335luupugsy2.cloudfront.net/cms/files/3150/1559568589/ 53 KB
53 KB 855ms
854ms Image
image/png 52.85.188.50
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d335luupugsy2.cloudfront.net/cms/files/3150/1559568589/$up5r07q3oj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.85.188.50 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-85-188-50.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3c8192820afa6acc4e5cc013db4f77f73e7775852a09dd7546752ccca95cb65f

Request headers

Referer: https://blog.starti.com.br/ransomware-o-que-e-e-como-proteger-se/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Jun 2019 22:10:32 GMT
via: 1.1 c55f09a9188f77960d35c97bad15e1b2.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jun 2019 13:33:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA2
etag: "88fbf8c351b1fd04d0664cb463ff9429"
x-cache: RefreshHit from cloudfront
x-amz-version-id: KE1UMD_3v6lHVyO63qeMFGgRgSPA_zNl
status: 200
accept-ranges: bytes
content-type: image/png
content-length: 53770
x-amz-cf-id: HYqmb18etva00J6t3kdKX3cQww79-quUPfqjKKrUWlprI-8iiFLryQ==

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v19/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81a::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v19/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Droid+Sans|Droid+Serif|Lato|Lobster|Open+Sans|Oswald|PT+Sans|Raleway|Source+Sans+Pro|Ubuntu|Roboto
Origin: https://blog.starti.com.br

Response headers

date: Sun, 02 Jun 2019 21:32:33 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:13:33 GMT
server: sffe
age: 1220189
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Mon, 01 Jun 2020 21:32:33 GMT

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.starti.com.br/	1970-01-19 10:17:47	Name: __cfduid Value: dc08e18e831b025dcaad0fdc9aea620dc1560731338

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	(Line 1) Message: The {{get}} helper is not available. The Public API flag must be enabled in labs if you wish to use the {{get}} helper. See https://help.ghost.org/hc/en-us/articles/115000301672-Public-API-Beta
console-api	log	URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/d6662d36-21ff-4e90-899e-14907830d2da-loader.js(Line 1) Message: TrafficSourceCookie
console-api	log	URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/d6662d36-21ff-4e90-899e-14907830d2da-loader.js(Line 1) Message: LeadTracking

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
blog.starti.com.br
cdn.pushcrew.com
code.jquery.com
connect.facebook.net
d335luupugsy2.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
lh3.googleusercontent.com
lh6.googleusercontent.com
pages.rdstation.com.br
pageview-notify.rdstation.com.br
staticxx.facebook.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.youtube.com
104.198.189.172
205.185.208.52
2606:4700:10::6814:3777
2606:4700:30::6812:20d5
2606:4700::6813:c397
2a00:1450:4001:809::2001
2a00:1450:4001:81a::2003
2a00:1450:4001:81a::200a
2a00:1450:4001:81a::200e
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::2004
2a00:1450:4001:81c::200e
2a00:1450:4001:824::2001
2a00:1450:4001:825::2008
2a00:1450:400c:c0a::9c
2a03:2880:f02d:12:face:b00c:0:3
52.85.188.50
54.221.201.226
09cb7c36c13be7810320607e581c11cd14b5b53eefe52a528b944a43f5a91cda
0f7ecfb0fc24c9176b1151a9290cf7f8b6ed69915b227bac54104ee922c76750
115290b0011781c1eda351f803720cc4b336d1832d4216033bb8a85c6363a86c
16a4e5a07997a0c1decbafa49bbcffd1a33b1e58f6a6f59c0ec431f100dbfa5e
1a9092a83655bc61e112ee471bb63b6356027ae84adf89f69ef17bd0d44a4fad
1b560f221a3ee06277331e405b956b384d5ef7830a643b4e0c257189b7adf887
23c49eb1402fa6afe843b8dade085148af4d890f11d09d572ce970585e42f17c
2d38c0dad64080d5df729a86b458c3267ab00dbe9b961621104815d334bf92d6
39596f5da20926370ba34d9e1d6e8f571ad4ca9860855cd55c6c5c036ebc0c21
3c8192820afa6acc4e5cc013db4f77f73e7775852a09dd7546752ccca95cb65f
48daf27f2ce3de5a7c12dd2a0d14004ec9e2aafd738abbe556462dbaf4d551c3
57c89c5acd3e66c3c78aacf7d688e79cc82d38653c45abf7c14209fded652157
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
719e041a7309a18d7038a356664f0fe96054d879ad6009277fcdfd5489402768
7adca3e9752473fe4f5f8f98e4570dfec94494ee9b5c998def053d39a40c3db1
8392f980450a06680c8af263a5c2b226067c55b2f505dc44bab2b1fb5fb18570
84364cdfa1d80f90f201275f25f1f323880483fe797fe42f701662d9f3f61bc1
84adada4ae49510fd8d76aaaaaf12b2cdfc27c66ca7cac419e83b42b9e8e8c7d
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
873f097adcad48ffe7a3e7cdce97947ea525f987b10c00e743fd219f5153c09a
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
910e6d1ee43040c21092dd271297df680adc2959d703420d9eeb0da480e1869c
96e17b4cbcb9a15467547485a5c4b67d19b6cdca4df110bdf4e6fa3336d96363
adea81df2289d027c47d574df4e911e522db1b62f228b10daee57937ad6035c9
af463c819b9c71ff384e7bf19ed28ab9603b6438e6da798c75d31f4db4b71e71
cf34ea09037b9c51b75466ccb834ffba0dd96be94554ac57df874931a8ca1092
d584daa03cbd3ad7cf96a3a426822fd151aaf70a6f963bedc8222d5b1851717f
da00c24d4bc892da4e1160579cbdcb8a1b55c37b29abe666f428fa059c20aa8d
e9fa3f5e4adac72c0c7cf5839161b7178420e517903f9e62b50a9ddcada8e59c
ed9b3ccbf02d54159072216b94635a0e9b5f6ab9ac6998b0a861d0b2c49ddfc5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f716820b2132d68f91c7bb5ae70f92713c0ebb5135c78751217c5c84ac90b22d

blog.starti.com.br Open in urlscan Pro 2606:4700:30::6812:20d5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

37 Requests

100 %HTTPS

78 %IPv6

17 Domains

19 Subdomains

16 IPs

4 Countries

2351 kBTransfer

2965 kBSize

1 Cookies

11 Outgoing links

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

blog.starti.com.br Open in urlscan Pro
2606:4700:30::6812:20d5 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

100 %
HTTPS

78 %
IPv6

17
Domains

19
Subdomains

16
IPs

4
Countries

2351 kB
Transfer

2965 kB
Size

1
Cookies

37 HTTP transactions
0 data transactions