URL: https://www.trellix.com/blogs/research/akira-ransomware/
Submission: On January 14 via api from ID — Scanned from NL

Summary

This website contacted 24 IPs in 4 countries across 16 domains to perform 137 HTTP transactions. The main IP is 2a02:26f0:ab00::214:8e59, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1 Akamai International B.V., NL. The main domain is www.trellix.com. The Cisco Umbrella rank of the primary domain is 288833.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on October 22nd 2024. Valid for: a year.
This is the only time www.trellix.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
97 2a02:26f0:ab0... 20940 (AKAMAI-AS...)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a02:26f0:350... 20940 (AKAMAI-AS...)
3 104.17.24.14 13335 (CLOUDFLAR...)
1 3.160.150.115 16509 (AMAZON-02)
1 2a04:4e42::485 54113 (FASTLY)
4 104.16.92.80 13335 (CLOUDFLAR...)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
2 142.250.185.132 15169 (GOOGLE)
1 2a02:26f0:170... 20940 (AKAMAI-AS...)
1 2600:9000:206... 16509 (AMAZON-02)
1 3.70.145.125 16509 (AMAZON-02)
1 2a02:26f0:710... 20940 (AKAMAI-AS...)
2 2001:4860:480... 15169 (GOOGLE)
3 52.212.192.25 16509 (AMAZON-02)
1 52.45.10.76 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.195.214.91 16509 (AMAZON-02)
2 63.140.62.27 16509 (AMAZON-02)
1 1 54.75.135.140 16509 (AMAZON-02)
3 23.96.124.68 8075 (MICROSOFT...)
1 66.235.152.221 16509 (AMAZON-02)
1 143.204.98.30 16509 (AMAZON-02)
1 104.16.93.80 13335 (CLOUDFLAR...)
137 24
Apex Domain
Subdomains
Transfer
99 trellix.com
www.trellix.com — Cisco Umbrella Rank: 288833
smetrics.trellix.com — Cisco Umbrella Rank: 761409
3 MB
5 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 625
s.clarity.ms — Cisco Umbrella Rank: 7882
30 KB
5 mktoweb.com
627-oog-590.mktoweb.com
77 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 262
musarubra.demdex.net
3 KB
4 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 458
134 KB
3 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 5010
buttons-config.sharethis.com — Cisco Umbrella Rank: 5845
l.sharethis.com — Cisco Umbrella Rank: 5470
48 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
44 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
293 KB
2 d41.co
api2932.d41.co
cdn-0.d41.co — Cisco Umbrella Rank: 27568
26 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1652
c.go-mpulse.net — Cisco Umbrella Rank: 782
50 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
1019 B
1 omtrdc.net
trellix.tt.omtrdc.net
842 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1608
490 B
1 gstatic.com
www.gstatic.com
217 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
65 KB
137 16
Domain Requested by
97 www.trellix.com www.trellix.com
5 627-oog-590.mktoweb.com www.trellix.com
627-oog-590.mktoweb.com
4 assets.adobedtm.com www.trellix.com
assets.adobedtm.com
3 s.clarity.ms www.trellix.com
3 cdnjs.cloudflare.com www.trellix.com
3 www.googletagmanager.com www.trellix.com
www.googletagmanager.com
2 smetrics.trellix.com assets.adobedtm.com
2 musarubra.demdex.net assets.adobedtm.com
www.trellix.com
2 dpm.demdex.net assets.adobedtm.com
www.trellix.com
2 region1.google-analytics.com www.googletagmanager.com
2 www.google.com www.trellix.com
2 www.clarity.ms www.trellix.com
www.clarity.ms
1 cdn-0.d41.co assets.adobedtm.com
1 trellix.tt.omtrdc.net www.trellix.com
1 cm.everesttech.net 1 redirects
1 www.gstatic.com www.google.com
1 api2932.d41.co assets.adobedtm.com
1 c.go-mpulse.net s.go-mpulse.net
1 l.sharethis.com platform-api.sharethis.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 s.go-mpulse.net www.trellix.com
1 cdn.jsdelivr.net www.trellix.com
1 platform-api.sharethis.com www.trellix.com
137 23
Subject Issuer Validity Valid
www.trellix.com
Sectigo RSA Organization Validation Secure Server CA
2024-10-22 -
2025-10-22
a year crt.sh
*.google-analytics.com
WR2
2024-12-09 -
2025-03-03
3 months crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-07-09 -
2025-08-09
a year crt.sh
cdnjs.cloudflare.com
WE1
2024-11-26 -
2025-02-24
3 months crt.sh
sharethis.com
Amazon RSA 2048 M03
2024-04-19 -
2025-05-17
a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3
2024-07-30 -
2025-08-31
a year crt.sh
627-oog-590.mktoweb.com
WE1
2024-11-17 -
2025-02-15
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2024-09-04 -
2025-09-04
a year crt.sh
*.google.com
WR2
2024-12-09 -
2025-03-03
3 months crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1
2024-07-31 -
2025-07-31
a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-09-25 -
2025-10-26
a year crt.sh
*.d41.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-01-15 -
2025-02-14
a year crt.sh
*.gstatic.com
WR2
2024-12-09 -
2025-03-03
3 months crt.sh
smetrics.trellix.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-12-07 -
2026-01-07
a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08
2024-06-23 -
2025-06-18
a year crt.sh
*.tt.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1
2024-02-26 -
2025-03-28
a year crt.sh

This page contains 4 frames:

Primary Page: https://www.trellix.com/blogs/research/akira-ransomware/
Frame ID: 6D1B5C905CE507D95B1AC8F7E5A5C4CB
Requests: 136 HTTP requests in this frame

Frame: https://musarubra.demdex.net/dest5.html?d_nsid=0
Frame ID: E0702A3933BA1EB48C3CE895DAC0A0CC
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfqXqAlAAAAAOcuwHMDX6Uo3mWxPTJUxjh8kcZu&co=aHR0cHM6Ly93d3cudHJlbGxpeC5jb206NDQz&hl=nl&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=6mslcfeojgd2
Frame ID: FE53A8B7F346888D7289D28F6C1AE40F
Requests: 1 HTTP requests in this frame

Frame: https://627-oog-590.mktoweb.com/index.php/form/XDFrame
Frame ID: D3E4B0D767826E7BA8A25DD519F2FC6F
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Akira Ransomware

Page URL History Show full URLs

  1. https://www.trellix.com/blogs/research/akira-ransomware/ Page URL
  2. https://www.trellix.com/blogs/research/akira-ransomware/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc\.clientlibs/

Overall confidence: 75%
Detected patterns
  • /Chart(?:\.bundle)?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

137
Requests

99 %
HTTPS

42 %
IPv6

16
Domains

23
Subdomains

24
IPs

4
Countries

3658 kB
Transfer

8047 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.trellix.com/blogs/research/akira-ransomware/ Page URL
  2. https://www.trellix.com/blogs/research/akira-ransomware/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 118
  • https://cm.everesttech.net/cm/dd?d_uuid=30494725529187962874001649371520922787 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z4XMSQAAAEmnqQNn

137 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
www.trellix.com/blogs/research/akira-ransomware/
2 KB
2 KB
Document
General
Full URL
https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
e755a4e9e6b108dc4223f18ac8739922393d1336b1de9041423af702b2ea4565
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1223
content-type
text/html
date
Tue, 14 Jan 2025 02:30:31 GMT
expires
0
mime-version
1.0
server-timing
cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1736821831699_34901589_61471774_17_10265_20_0_255";dur=1
strict-transport-security
max-age=15768000
vary
Accept-Encoding
verify
www.trellix.com/_sec/
16 B
757 B
XHR
General
Full URL
https://www.trellix.com/_sec/verify?provider=interstitial
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

mime-version
1.0
expires
Tue, 14 Jan 2025 02:30:31 GMT
strict-transport-security
max-age=15768000
server-timing
cdn-cache; desc=HIT, edge; dur=5, ak_p; desc="1736821831748_34901589_61471802_456_4996_20_0_255";dur=1
content-length
16
date
Tue, 14 Jan 2025 02:30:31 GMT
content-type
application/json
Primary Request /
www.trellix.com/blogs/research/akira-ransomware/
186 KB
49 KB
Document
General
Full URL
https://www.trellix.com/blogs/research/akira-ransomware/
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
6de791ec9a12ff82ca115b101e2cfb7afed3b8ab1e35d1a34924df447bf77fc9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.trellix.com/blogs/research/akira-ransomware/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=14400, s-maxage=14400
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Tue, 14 Jan 2025 02:30:33 GMT
etag
W/"2d56f-62ba15862fc99-gzip"
expires
Thu, 01 Jan 1970 00:00:00 GMT
last-modified
Tue, 14 Jan 2025 02:30:32 GMT
referrer-policy
no-referrer-when-downgrade
server-timing
cdn-cache; desc=REVALIDATE edge; dur=129 origin; dur=1078 ak_p; desc="1736821831786_34901589_61471817_120779_12164_20_0_255";dur=1
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mTOE,3mRUM,1
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
Montserrat-VF.woff2
www.trellix.com/www/css/fonts/
120 KB
120 KB
Font
General
Full URL
https://www.trellix.com/www/css/fonts/Montserrat-VF.woff2?v=1.0
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
30340b72c6991d891792731fb1dd492ff6a2c530adee3b22d13c5fbc522601e8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.trellix.com
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

content-encoding
gzip
etag
"1dfc4-604b4f3ca26c0"
x-content-type-options
nosniff
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1736821833129_34901589_61472378_57_10091_25_0_219";dur=1
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Wed, 06 Sep 2023 18:31:31 GMT
vary
Accept-Encoding
content-type
application/octet-stream
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
122871
x-xss-protection
1; mode=block
bootstrap-icons.woff2
www.trellix.com/www/css/fonts/
128 KB
128 KB
Font
General
Full URL
https://www.trellix.com/www/css/fonts/bootstrap-icons.woff2?v=1.0
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
d029b51d694d1b0b226cacde588b0dd3c0cd0be4b9ead38b4e6e728442b2b8d9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.trellix.com
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
accept-ranges
bytes
server-timing
cdn-cache; desc=HIT, edge; dur=80, origin; dur=0, ak_p; desc="1736821833130_34901589_61472379_8027_9820_20_0_219";dur=1
x-xss-protection
1; mode=block
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
content-type
application/octet-stream
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
utm-cookie-setter.min.js
www.trellix.com/www/js/
4 KB
2 KB
Script
General
Full URL
https://www.trellix.com/www/js/utm-cookie-setter.min.js?v=1.0
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
f5220de08601a1ac90a232b88b0d39488905190d45535bcc5fefbe9b100eba32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1736821833316_34901589_61472475_174_12707_23_0_146";dur=1
content-length
1334
x-xss-protection
1; mode=block
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
content-type
application/javascript
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
js
www.googletagmanager.com/gtag/
330 KB
110 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P2K9CJ3DRL
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
90633ab8d8a85fb737ed77153f292914990cc61b89f8e69153e555c9b301e1ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 14 Jan 2025 02:30:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 14 Jan 2025 02:30:33 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
112293
x-xss-protection
0
server
Google Tag Manager
common.min.css
www.trellix.com/www/css/
965 KB
107 KB
Stylesheet
General
Full URL
https://www.trellix.com/www/css/common.min.css?v=5.0
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
8e2714ed8933c81229e93a438311088923e5f70fdbc6408db766efdfd6dec2d7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
accept-ranges
bytes
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1736821833129_34901589_61472377_55_10096_25_0_255";dur=1
content-length
109291
x-xss-protection
1; mode=block
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
content-type
text/css
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
newco.min.js
www.trellix.com/www/js/
93 KB
26 KB
Script
General
Full URL
https://www.trellix.com/www/js/newco.min.js?v=1.0
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
c9e2b515dbd3297d3582f93d2379df40fb1f622cedd8a0bfd68d5ba3a4887eac
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1736821833330_34901589_61472476_1537_12082_22_0_146";dur=1
content-length
26240
x-xss-protection
1; mode=block
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
content-type
application/javascript
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
launch-675ffef2af24.min.js
assets.adobedtm.com/f0febc6281f5/daaefd9d8423/
358 KB
111 KB
Script
General
Full URL
https://assets.adobedtm.com/f0febc6281f5/daaefd9d8423/launch-675ffef2af24.min.js
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
41ff9779305bdc6ddb5a5e7eeff448010e4dc8372402114b4ce4b312b26f869d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

cache-control
max-age=3600
timing-allow-origin
*
content-encoding
gzip
etag
"745d08af8ad0be9130feb1d366752080:1727385979.627149"
x-content-type-options
nosniff
expires
Tue, 14 Jan 2025 03:30:33 GMT
accept-ranges
bytes
access-control-allow-origin
https://www.trellix.com
content-length
113003
date
Tue, 14 Jan 2025 02:30:33 GMT
content-type
application/x-javascript
last-modified
Thu, 26 Sep 2024 21:26:19 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.5/
71 KB
26 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.5/gsap.min.js
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28033e449a31ebcc396e5be8b13b63152bf03094288fb5867034321927bce087
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"65a9b559-63ab"
age
1730448
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UFdt5q2pxTB7LDUZU1qmt2EN%2Fr5MDv6%2FrnxujNQNacUWFLfgtIhsxGROAPMzL4ot59IWQPy6oDcu7FBdk7VgD%2B1nq5%2FhHhx3RPH6CGf0LgQxAgv%2Be6SmKrOIbgIn6nATrHEqBcNK"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 04 Jan 2026 02:30:33 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 14 Jan 2025 02:30:33 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 18 Jan 2024 23:33:45 GMT
vary
Accept-Encoding
priority
u=3,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
901a346a4f2b9fcc-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
25515
server
cloudflare
ScrollTrigger.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.5/
42 KB
16 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.5/ScrollTrigger.min.js
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad33c2df9ada8a663c2147357828f980d0b7ca731ef33eb3c6e4f327c3b2cda5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"65a9b559-3e20"
age
1726699
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6zZhCjwlI6HGUb8RKiC07YAsAQXP1TS0nwyyFv02S8J5u1kE7BbKhaF0kcnvVQ%2FjXsdaIts%2BOq%2B9EyqaeAEpbGDbpi2CUfuP44vK7w0bf7JQdgtgctZ6AyjjxCGJXWFcMTyEX5UI"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 04 Jan 2026 02:30:33 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 14 Jan 2025 02:30:33 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 18 Jan 2024 23:33:45 GMT
vary
Accept-Encoding
priority
u=3,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
901a346a4f2c9fcc-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
15904
server
cloudflare
ScrollToPlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.5/
4 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.5/ScrollToPlugin.min.js
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e82f1a686ce2f7a62a7078bf101a386c58bd4e3b0b2e99f5774b7c1e54f8440f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"65a9b559-6bc"
age
2198
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7QaqFv62WlE9bpn5dfdZ%2FrpT00e2mWha46dtBn3lE6jzC6dY1Ode1QTlx2R0zu%2BJ9vzjbtrjgGpxRiqo00x2FbGSgTyoaejpYaTEjNMsV0FDzoyqJsv5bGBWGtV8Obj4%2BWBzB240"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 04 Jan 2026 02:30:33 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 14 Jan 2025 02:30:33 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 18 Jan 2024 23:33:45 GMT
vary
Accept-Encoding
priority
u=3,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
901a346a4f2d9fcc-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
1724
server
cloudflare
popper-v2.11.5.js
www.trellix.com/www/js/
19 KB
7 KB
Script
General
Full URL
https://www.trellix.com/www/js/popper-v2.11.5.js
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
7ab491a2f3105aa299a74df2993d21b1d90113e151ab397da33f3b6aa22ca7e4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

content-encoding
gzip
etag
"4d0f-5e44138d45540-gzip"
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1736821833316_34901589_61472477_182_12617_23_0_146";dur=1
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Wed, 20 Jul 2022 19:01:01 GMT
vary
Accept-Encoding
content-type
application/javascript
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
7189
x-xss-protection
1; mode=block
sharethis.js
platform-api.sharethis.com/js/
206 KB
46 KB
Script
General
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-115.fra60.r.cloudfront.net
Software
/
Resource Hash
98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=600, public
content-encoding
gzip
etag
W/"336d0-g/6wprihOkYe7HpMswOVDodT6lU"
age
571
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
3wxBh0gS1EExIr0OI7yF936rimeY70ZO-nhH5u14bpqdYdOJ8-COaw==
edge-control
cache-maxage=60m,downstream-ttl=60m
date
Tue, 14 Jan 2025 02:21:02 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-amz-cf-pop
FRA60-P7
x-frame-options
SAMEORIGIN
chart.js
cdn.jsdelivr.net/npm/
201 KB
65 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/chart.js
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
206b6e8bb00fc7bba2c7ee80ca41db3e9e05ba7be0aa35abeba9cfd5357f5d0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"32441-uTOisoVBnJE0Fs8r7OHSgA4blcY"
age
38098
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Tue, 14 Jan 2025 02:30:33 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230122-FRA, cache-ams2100126-AMS
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
66011
x-jsd-version
4.4.7
button-control.min.js
www.trellix.com/www/js/
43 KB
8 KB
Script
General
Full URL
https://www.trellix.com/www/js/button-control.min.js?v=1.2
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
35d5c7cdbecbf3a7affa221bf7ff7e61a61d57b0187693a2bf9ea65835878812
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.trellix.com
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1736821833129_34901589_61472380_63_10235_25_0_219";dur=1
content-length
8025
x-xss-protection
1; mode=block
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
content-type
application/javascript
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
header-footer-control.min.js
www.trellix.com/www/js/
4 KB
2 KB
Script
General
Full URL
https://www.trellix.com/www/js/header-footer-control.min.js?v=1.0
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
d899dcbc7eaea8bddf03382c290f577abc55f04dbaf498f1f33c32fd1a69269a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1736821833316_34901589_61472478_174_12697_23_0_146";dur=1
content-length
1616
x-xss-protection
1; mode=block
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
content-type
application/javascript
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
form-control.min.js
www.trellix.com/www/js/
64 KB
19 KB
Script
General
Full URL
https://www.trellix.com/www/js/form-control.min.js?v=1.0
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
419e8d55d3c9dc42570b5aef98d606fab8aeb82b1620f02c98b882ccf46b017e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1736821833316_34901589_61472479_185_12583_23_0_146";dur=1
content-length
19290
x-xss-protection
1; mode=block
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
content-type
application/javascript
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
fancyapps-control-v5.min.js
www.trellix.com/www/js/
2 KB
1 KB
Script
General
Full URL
https://www.trellix.com/www/js/fancyapps-control-v5.min.js?v=1.0
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
2be3c9e333c016d1449decbf1abf10d4d4aef32099dcf5cb61bb23ee7e6aec64
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.trellix.com
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1736821833129_34901589_61472381_59_10003_25_0_219";dur=1
content-length
681
x-xss-protection
1; mode=block
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
content-type
application/javascript
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
jquery.rollNumber.js
www.trellix.com/www/js/
4 KB
2 KB
Script
General
Full URL
https://www.trellix.com/www/js/jquery.rollNumber.js
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
c82b40567e9093a0ef5749ac800d9014cbcaf35820d1dd464cd16bdc4636d965
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

content-encoding
gzip
etag
"115d-600f03edbb0c0-gzip"
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1736821833354_34901589_61472496_569_12489_20_0_146";dur=1
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Thu, 20 Jul 2023 19:35:07 GMT
vary
Accept-Encoding
content-type
application/javascript
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
1515
x-xss-protection
1; mode=block
charts-control.min.js
www.trellix.com/www/js/
1 KB
963 B
Script
General
Full URL
https://www.trellix.com/www/js/charts-control.min.js
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
f6f99807d1cf7f4261135efad153abb36f5d778ff4b381c05f953d9d93160d28
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

content-encoding
gzip
etag
"46f-626fbd146f880-gzip"
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1736821833354_34901589_61472497_550_12446_20_0_146";dur=1
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Fri, 15 Nov 2024 23:20:50 GMT
vary
Accept-Encoding
content-type
application/javascript
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
527
x-xss-protection
1; mode=block
toc-control.min.js
www.trellix.com/www/js/
864 B
903 B
Script
General
Full URL
https://www.trellix.com/www/js/toc-control.min.js
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
8c3a1927bf00edb2ad50aec1d493925daa858bf15b22dcb6f69dd7e902978446
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

content-encoding
gzip
etag
"360-605f61de67480-gzip"
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1736821833354_34901589_61472498_551_12418_20_0_146";dur=1
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Fri, 22 Sep 2023 17:41:22 GMT
vary
Accept-Encoding
content-type
application/javascript
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
467
x-xss-protection
1; mode=block
gsap-control.js
www.trellix.com/www/js/
10 KB
3 KB
Script
General
Full URL
https://www.trellix.com/www/js/gsap-control.js
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
f096c83e22eeb23c8ad000001e071c55ece03f074cd1fe5d8c66b22f32f902f7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

content-encoding
gzip
etag
"286d-62b5db19be200-gzip"
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1736821833354_34901589_61472499_548_12463_20_0_146";dur=1
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Fri, 10 Jan 2025 17:47:52 GMT
vary
Accept-Encoding
content-type
application/javascript
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
2610
x-xss-protection
1; mode=block
4d9391c9
www.trellix.com/akam/13/
26 KB
10 KB
Script
General
Full URL
https://www.trellix.com/akam/13/4d9391c9
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
fec6a89222e93e0aa76ac73b02507aaf21b174a99a0894f72b36c6d53bb6346b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=21600
content-encoding
gzip
etag
"0543185c2f54e9226e3d26954755efdcb509a46055eaa5797fa4a3b30b414df3"
server-timing
cdn-cache; desc=HIT, edge; dur=502, origin; dur=0, ak_p; desc="1736821833354_34901589_61472500_50706_6563_20_0_146";dur=1
content-length
8799
date
Tue, 14 Jan 2025 02:30:33 GMT
stored-attribute-sha-checksum
fec6a89222e93e0aa76ac73b02507aaf21b174a99a0894f72b36c6d53bb6346b
last-modified
Thu, 22 Feb 2024 19:52:15 GMT
content-type
application/javascript
vary
Accept-Encoding
Trellix-Logo-Black.svg
www.trellix.com/en-us/assets/logos/
2 KB
1 KB
Image
General
Full URL
https://www.trellix.com/en-us/assets/logos/Trellix-Logo-Black.svg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
f1db9226a29ed07a02ee3a1743c325277f2248cfdb8315ba8602418c5c1610db
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

content-encoding
gzip
etag
"865-6214de23b4f00"
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1736821833129_34901589_61472382_69_10125_25_0_182";dur=1
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Wed, 04 Sep 2024 16:44:12 GMT
vary
Accept-Encoding
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
1067
x-xss-protection
1; mode=block
T0307-grad.svg
www.trellix.com/en-us/img/icons/gradient/
2 KB
1 KB
Image
General
Full URL
https://www.trellix.com/en-us/img/icons/gradient/T0307-grad.svg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
b5d92d039d7e5b586da380cd3972abbfb70da8f47d460fc8bad00b7ef8ee590b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

content-encoding
gzip
etag
"86f-5e689808a2b40"
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1736821833130_34901589_61472383_66_10279_25_0_182";dur=1
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Thu, 18 Aug 2022 20:05:25 GMT
vary
Accept-Encoding
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
953
x-xss-protection
1; mode=block
T0266-grad.svg
www.trellix.com/en-us/img/icons/gradient/
2 KB
1 KB
Image
General
Full URL
https://www.trellix.com/en-us/img/icons/gradient/T0266-grad.svg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
9febcf4a23351d2662253aa22007bb307431d2ba5bd4925adb7161dd4aed2965
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

content-encoding
gzip
etag
"6b6-5e6897e4655c0"
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1736821833263_34901589_61472443_48_12562_21_0_182";dur=1
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Thu, 18 Aug 2022 20:04:47 GMT
vary
Accept-Encoding
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
814
x-xss-protection
1; mode=block
T0022-grad.svg
www.trellix.com/en-us/img/icons/gradient/
1 KB
1 KB
Image
General
Full URL
https://www.trellix.com/en-us/img/icons/gradient/T0022-grad.svg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
e52fe8dc347f5b0cb9583c614bf3888a85701b27aafb61b6530d2f451df5f15f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

content-encoding
gzip
etag
"5cf-5e689734eb7c0"
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1736821833279_34901589_61472449_158_12026_21_0_182";dur=1
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Thu, 18 Aug 2022 20:01:43 GMT
vary
Accept-Encoding
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
679
x-xss-protection
1; mode=block
T0001-grad.svg
www.trellix.com/en-us/img/icons/gradient/
2 KB
1 KB
Image
General
Full URL
https://www.trellix.com/en-us/img/icons/gradient/T0001-grad.svg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
516580cb2ff8b38b4319ed3840509e5ecae6c7bea3157f5e50cb21c4b96895e4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

content-encoding
gzip
etag
"7a9-5e68972791840"
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1736821833301_34901589_61472460_43_12175_23_0_182";dur=1
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Thu, 18 Aug 2022 20:01:29 GMT
vary
Accept-Encoding
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
851
x-xss-protection
1; mode=block
au.svg
www.trellix.com/en-us/img/state-flags/circle-flags/
866 B
839 B
Image
General
Full URL
https://www.trellix.com/en-us/img/state-flags/circle-flags/au.svg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
2dca728e7e70fffba5efeb1d7f5230f9fad0a4851c5b4daeb187f84f775e845d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

content-encoding
gzip
etag
"362-5f9b539857e40"
x-content-type-options
nosniff
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1736821833354_34901589_61472501_558_12353_20_0_146";dur=1
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Wed, 19 Apr 2023 19:13:53 GMT
vary
Accept-Encoding
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
437
x-xss-protection
1; mode=block
br.svg
www.trellix.com/en-us/img/state-flags/circle-flags/
686 B
815 B
Image
General
Full URL
https://www.trellix.com/en-us/img/state-flags/circle-flags/br.svg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
2333b293cbc44e8b736565ac84d4bd03cb136f017e5194d321dcc8ca46aa0464
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

content-encoding
gzip
etag
"2ae-5f9b539f04e00"
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1736821833354_34901589_61472502_557_12356_20_0_146";dur=1
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Wed, 19 Apr 2023 19:14:00 GMT
vary
Accept-Encoding
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
388
x-xss-protection
1; mode=block
ca.svg
www.trellix.com/en-us/img/state-flags/circle-flags/
438 B
718 B
Image
General
Full URL
https://www.trellix.com/en-us/img/state-flags/circle-flags/ca.svg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
be435f09cf3e411f2436202801a90d127800cc5f7b970fdd95aa4f177f8075a9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

content-encoding
gzip
etag
"1b6-5f9b53a0ed280"
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1736821833354_34901589_61472503_560_12340_20_0_146";dur=1
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Wed, 19 Apr 2023 19:14:02 GMT
vary
Accept-Encoding
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
292
x-xss-protection
1; mode=block
de.svg
www.trellix.com/en-us/img/state-flags/circle-flags/
334 B
664 B
Image
General
Full URL
https://www.trellix.com/en-us/img/state-flags/circle-flags/de.svg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
3f6dc3fa445f3225e6ed2a1b4bcdb6b74684b5804e6bb2cb6b50aa0325b8d81a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

content-encoding
gzip
etag
"14e-5f9b53a6a6000"
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1736821833361_34901589_61472508_1188_15120_20_0_146";dur=1
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Wed, 19 Apr 2023 19:14:08 GMT
vary
Accept-Encoding
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
236
x-xss-protection
1; mode=block
es.svg
www.trellix.com/en-us/img/state-flags/circle-flags/
2 KB
1 KB
Image
General
Full URL
https://www.trellix.com/en-us/img/state-flags/circle-flags/es.svg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
3a001c14356b470b8c7ef544144aed6db1298b95cf33303d0471afeae26f197e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

content-encoding
gzip
etag
"99d-5f9b53af3b440"
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1736821833361_34901589_61472509_1174_15135_20_0_146";dur=1
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Wed, 19 Apr 2023 19:14:17 GMT
vary
Accept-Encoding
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
880
x-xss-protection
1; mode=block
fr.svg
www.trellix.com/en-us/img/state-flags/circle-flags/
340 B
669 B
Image
General
Full URL
https://www.trellix.com/en-us/img/state-flags/circle-flags/fr.svg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
1d0c12a2157fc4a25fb7eb4e989b7555289c118fcb20c5eacebbfe0dafcbe30c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

content-encoding
gzip
etag
"154-5f9b53b30bd40"
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1736821833361_34901589_61472510_1181_15058_20_0_146";dur=1
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Wed, 19 Apr 2023 19:14:21 GMT
vary
Accept-Encoding
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
242
x-xss-protection
1; mode=block
hk.svg
www.trellix.com/en-us/img/state-flags/circle-flags/
704 B
855 B
Image
General
Full URL
https://www.trellix.com/en-us/img/state-flags/circle-flags/hk.svg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
050572c4702c51dd080efe7c0d3860163d6784e16216cb4df9cfb9b1d212d87d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

content-encoding
gzip
etag
"2c0-5f9b53bba1180"
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1736821833361_34901589_61472511_1177_16675_20_0_146";dur=1
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Wed, 19 Apr 2023 19:14:30 GMT
vary
Accept-Encoding
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
427
x-xss-protection
1; mode=block
in.svg
www.trellix.com/en-us/img/state-flags/circle-flags/
475 B
687 B
Image
General
Full URL
https://www.trellix.com/en-us/img/state-flags/circle-flags/in.svg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
2ca4c5390345dec3c0c86d73c1f40e798027600ffbb5a96653f7799a7f71896c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

content-encoding
gzip
etag
"1db-5f9b53c159f00"
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1736821833361_34901589_61472512_1211_14989_20_0_146";dur=1
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Wed, 19 Apr 2023 19:14:36 GMT
vary
Accept-Encoding
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
259
x-xss-protection
1; mode=block
it.svg
www.trellix.com/en-us/img/state-flags/circle-flags/
340 B
669 B
Image
General
Full URL
https://www.trellix.com/en-us/img/state-flags/circle-flags/it.svg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
8f3ce99568a7c2e2560aa69cb825ac34a68dd483ffcb5c71a1204d52f882f45e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

content-encoding
gzip
etag
"154-5f9b53c342380"
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1736821833361_34901589_61472513_1220_14658_20_0_146";dur=1
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Wed, 19 Apr 2023 19:14:38 GMT
vary
Accept-Encoding
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
242
x-xss-protection
1; mode=block
jp.svg
www.trellix.com/en-us/img/state-flags/circle-flags/
273 B
626 B
Image
General
Full URL
https://www.trellix.com/en-us/img/state-flags/circle-flags/jp.svg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
17cea0bab5029d578ee10727a9d9b93ab89720e394241ff6d59b5744d44f3d9c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

content-encoding
gzip
etag
"111-5f9b53c4365c0"
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1736821833361_34901589_61472514_1196_14888_20_0_146";dur=1
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Wed, 19 Apr 2023 19:14:39 GMT
vary
Accept-Encoding
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
198
x-xss-protection
1; mode=block
kr.svg
www.trellix.com/en-us/img/state-flags/circle-flags/
933 B
857 B
Image
General
Full URL
https://www.trellix.com/en-us/img/state-flags/circle-flags/kr.svg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
a0176d1f7b6aefb13f9233976b017ba8a8da82634b03e8150ccf5f78f4db9494
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

content-encoding
gzip
etag
"3a5-5f9b53c712c80"
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1736821833361_34901589_61472515_1191_15077_20_0_146";dur=1
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Wed, 19 Apr 2023 19:14:42 GMT
vary
Accept-Encoding
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
429
x-xss-protection
1; mode=block
mx.svg
www.trellix.com/en-us/img/state-flags/circle-flags/
2 KB
1 KB
Image
General
Full URL
https://www.trellix.com/en-us/img/state-flags/circle-flags/mx.svg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
2348643e40a35e21443e9913eec800683a12acdad9aa96ba07d786fe1747e192
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

content-encoding
gzip
etag
"638-5f9b53d190540"
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1736821833368_34901589_61472516_1970_14516_22_0_146";dur=1
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Wed, 19 Apr 2023 19:14:53 GMT
vary
Accept-Encoding
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
722
x-xss-protection
1; mode=block
sg.svg
www.trellix.com/en-us/img/state-flags/circle-flags/
829 B
815 B
Image
General
Full URL
https://www.trellix.com/en-us/img/state-flags/circle-flags/sg.svg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
9885d0fa075819d785e2bffb9d001b53b6730c4812e259b1c93b9cd1e5f05a02
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

content-encoding
gzip
etag
"33d-5f9b53ef20b00"
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1736821833368_34901589_61472517_1896_14420_22_0_146";dur=1
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Wed, 19 Apr 2023 19:15:24 GMT
vary
Accept-Encoding
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
387
x-xss-protection
1; mode=block
gb.svg
www.trellix.com/en-us/img/state-flags/circle-flags/
817 B
879 B
Image
General
Full URL
https://www.trellix.com/en-us/img/state-flags/circle-flags/gb.svg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
88169c656c516ac6374fe2a7988e103f6eb99db165ce6478aa68ce1b74e67ba9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

content-encoding
gzip
etag
"331-5f9b53b4f41c0"
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1736821833368_34901589_61472518_1891_14492_22_0_146";dur=1
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Wed, 19 Apr 2023 19:14:23 GMT
vary
Accept-Encoding
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
451
x-xss-protection
1; mode=block
us.svg
www.trellix.com/en-us/img/state-flags/circle-flags/
723 B
754 B
Image
General
Full URL
https://www.trellix.com/en-us/img/state-flags/circle-flags/us.svg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
7f3012f520e4aefcff6acbb8cc7198fee604f3f806fd228f59c94077437bda82
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

content-encoding
gzip
etag
"2d3-5f9b541175c00"
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=17, ak_p; desc="1736821833368_34901589_61472519_3557_14552_22_0_219";dur=1
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Wed, 19 Apr 2023 19:16:00 GMT
vary
Accept-Encoding
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
326
x-xss-protection
1; mode=block
nav-no-alert-left-behind-card.jpg
www.trellix.com/en-us/img/cards/
38 KB
39 KB
Image
General
Full URL
https://www.trellix.com/en-us/img/cards/nav-no-alert-left-behind-card.jpg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
6802b345a7a0a8598d73665be12bd678f2ebcee723b9082e93409f8a4d2fdbaf
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
etag
"99f0-6252e003d3ac0"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
expires
Thu, 01 Jan 1970 00:00:00 GMT
accept-ranges
bytes
server-timing
cdn-cache; desc=HIT, edge; dur=17, ak_p; desc="1736821833361_34901589_61472520_2882_14317_22_0_146";dur=1
content-length
39408
x-xss-protection
1; mode=block
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Thu, 24 Oct 2024 00:22:43 GMT
content-type
image/jpeg
x-frame-options
SAMEORIGIN
nav-trellix-thrive-card.jpg
www.trellix.com/en-us/img/cards/
33 KB
33 KB
Image
General
Full URL
https://www.trellix.com/en-us/img/cards/nav-trellix-thrive-card.jpg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
78ac4d2a654f89abd04afbc49a220020660b70464e4826e39673de4e37cc95bb
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
etag
"830d-624c757c6c480"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
expires
Thu, 01 Jan 1970 00:00:00 GMT
accept-ranges
bytes
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1736821833368_34901589_61472521_1898_14371_22_0_146";dur=1
content-length
33549
x-xss-protection
1; mode=block
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Fri, 18 Oct 2024 21:54:10 GMT
content-type
image/jpeg
x-frame-options
SAMEORIGIN
nav-weekly-tech-talk-card.jpg
www.trellix.com/en-us/img/cards/
22 KB
22 KB
Image
General
Full URL
https://www.trellix.com/en-us/img/cards/nav-weekly-tech-talk-card.jpg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
8fb4d49c66b26a87070b52ff59ad02931f9d3dbc3029c0a378a108dd9689166d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
etag
"56a6-624c79da21180"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
expires
Thu, 01 Jan 1970 00:00:00 GMT
accept-ranges
bytes
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1736821833368_34901589_61472522_1897_14372_22_0_146";dur=1
content-length
22182
x-xss-protection
1; mode=block
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Fri, 18 Oct 2024 22:13:42 GMT
content-type
image/jpeg
x-frame-options
SAMEORIGIN
nav-control.min.js
www.trellix.com/www/js/
2 KB
1 KB
Script
General
Full URL
https://www.trellix.com/www/js/nav-control.min.js
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
30545707854a2822b07daed1aae8e94b571f673adac8e661762b125ae1350de5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

content-encoding
gzip
etag
"7cd-5ff34d71df400-gzip"
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1736821833316_34901589_61472465_154_12966_23_0_219";dur=1
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Wed, 28 Jun 2023 18:34:56 GMT
vary
Accept-Encoding
content-type
application/javascript
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
656
x-xss-protection
1; mode=block
forms2.min.js
627-oog-590.mktoweb.com/js/forms2/js/
199 KB
67 KB
Script
General
Full URL
https://627-oog-590.mktoweb.com/js/forms2/js/forms2.min.js
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.92.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e1bfe53260b5fa35318df2850a20f74c97d41af88b7d233d331811d842f26d3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

cache-control
public, max-age=14400
content-encoding
gzip
cf-cache-status
EXPIRED
etag
"14e0e7f-31b73-6265eec8b4c73"
x-content-type-options
nosniff
cf-ray
901a346acf8b7742-AMS
expires
Tue, 14 Jan 2025 06:30:33 GMT
date
Tue, 14 Jan 2025 02:30:33 GMT
content-type
application/x-javascript; charset=utf-8
last-modified
Fri, 08 Nov 2024 04:09:57 GMT
vary
Accept-Encoding
server
cloudflare
clientlib-jquery.min.js
www.trellix.com/etc.clientlibs/corpcom/clientlibs/
333 KB
95 KB
Script
General
Full URL
https://www.trellix.com/etc.clientlibs/corpcom/clientlibs/clientlib-jquery.min.js
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
f3d349153ec64a6071289c225bddc3bb6266ac51382757005adb80972ba57bca
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

content-encoding
gzip
etag
"53205-62751c7221dc0-gzip"
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1736821833316_34901589_61472466_160_12895_23_0_182";dur=1
date
Tue, 14 Jan 2025 02:30:33 GMT
last-modified
Wed, 20 Nov 2024 05:54:07 GMT
content-disposition
inline
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
96670
x-xss-protection
1; mode=block
clientlibs.min.js
www.trellix.com/etc.clientlibs/corpcom/components/content/marketoForm/
37 KB
9 KB
Script
General
Full URL
https://www.trellix.com/etc.clientlibs/corpcom/components/content/marketoForm/clientlibs.min.js
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
145695f6c0f7dc538cda53af1d9da845855a2e73eac69bbd20824f62516ea9db
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

content-encoding
gzip
etag
"946c-62abf5c10f800-gzip"
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1736821833316_34901589_61472467_193_12558_23_0_182";dur=1
date
Tue, 14 Jan 2025 02:30:33 GMT
last-modified
Thu, 02 Jan 2025 20:53:52 GMT
content-disposition
inline
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
8756
x-xss-protection
1; mode=block
gtm.js
www.googletagmanager.com/
203 KB
73 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K45F7Q73
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6385d9ee776cd40990a43d3624b096bbb0d11171488b61a35d2e055af871fabc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 14 Jan 2025 02:30:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 14 Jan 2025 02:30:33 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 14 Jan 2025 01:20:32 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
74060
x-xss-protection
0
server
Google Tag Manager
hkgsujld4i
www.clarity.ms/tag/
571 B
826 B
Script
General
Full URL
https://www.clarity.ms/tag/hkgsujld4i
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e63fe9034089674e00d018b935ae681a53f386ffa701cef131519b7c2e142f8e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
571
date
Tue, 14 Jan 2025 02:30:33 GMT
content-type
application/x-javascript
x-azure-ref
20250114T023033Z-179f9cc895cx976chC1DUSu42n0000000bv000000000k1qh
ajax-loading.gif
www.trellix.com/admin/images/
2 KB
3 KB
Image
General
Full URL
https://www.trellix.com/admin/images/ajax-loading.gif
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
11f59915c5e02c29fb22980a76c5994bafa5379b73483442ec25b5edf1d7d076
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

strict-transport-security
max-age=15768000
etag
"903-5d4566a678b40"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
server-timing
cdn-cache; desc=HIT, edge; dur=17, ak_p; desc="1736821833368_34901589_61472523_3568_14379_22_0_146";dur=1
content-length
2307
x-xss-protection
1; mode=block
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
attachment
last-modified
Thu, 30 Dec 2021 05:35:01 GMT
content-type
image/gif
x-frame-options
SAMEORIGIN
api.js
www.google.com/recaptcha/
2 KB
1019 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6LfqXqAlAAAAAOcuwHMDX6Uo3mWxPTJUxjh8kcZu&onload=grecaptchaListeners_ready
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
ESF /
Resource Hash
dfdea86e2cfd0077db13c4c0082bad5ddf4e57fdfdcb09851ddd6b586c44cc99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Tue, 14 Jan 2025 02:30:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Tue, 14 Jan 2025 02:30:33 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
trellix-xpand-live-2022-horz-wht.svg
www.trellix.com/en-us/img/events/xpand-live/
5 KB
3 KB
Image
General
Full URL
https://www.trellix.com/en-us/img/events/xpand-live/trellix-xpand-live-2022-horz-wht.svg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
791b87e15baa22bedacfcdc48292787390d530e8462366dc6351caff2069188a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

content-encoding
gzip
etag
"1349-5e64ce47f3c40"
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=271, origin; dur=0, ak_p; desc="1736821833377_34901589_61472524_29838_14802_26_0_146";dur=1
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Mon, 15 Aug 2022 19:46:49 GMT
vary
Accept-Encoding
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
2291
x-xss-protection
1; mode=block
akira-ransomware-1.jpg
www.trellix.com/en-us/img/newsroom/stories/
131 KB
131 KB
Image
General
Full URL
https://www.trellix.com/en-us/img/newsroom/stories/akira-ransomware-1.jpg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
a23965caec08b1d7f4d0001fef4f9c7520d5ab4a8055344249cd55c181a21d05
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
etag
"20b2c-60ad43bb005c0"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
expires
Thu, 01 Jan 1970 00:00:00 GMT
accept-ranges
bytes
server-timing
cdn-cache; desc=HIT, edge; dur=480, origin; dur=0, ak_p; desc="1736821833377_34901589_61472525_50738_14425_20_0_146";dur=1
content-length
133932
x-xss-protection
1; mode=block
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Thu, 23 Nov 2023 16:21:51 GMT
content-type
image/jpeg
x-frame-options
SAMEORIGIN
akira-ransomware-2.jpg
www.trellix.com/en-us/img/newsroom/stories/
34 KB
35 KB
Image
General
Full URL
https://www.trellix.com/en-us/img/newsroom/stories/akira-ransomware-2.jpg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
40b5bb6e8d9a4896efd16d5737b93110f8d1b88faa197ecfe923a09c8776f812
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
etag
"89bf-60ad43bce8a40"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
server-timing
cdn-cache; desc=HIT, edge; dur=345, origin; dur=0, ak_p; desc="1736821833377_34901589_61472526_37290_13866_21_0_146";dur=1
content-length
35263
x-xss-protection
1; mode=block
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Thu, 23 Nov 2023 16:21:53 GMT
content-type
image/jpeg
x-frame-options
SAMEORIGIN
akira-ransomware-3.jpg
www.trellix.com/en-us/img/newsroom/stories/
24 KB
25 KB
Image
General
Full URL
https://www.trellix.com/en-us/img/newsroom/stories/akira-ransomware-3.jpg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
8c57dd0d86b9df6c7756a55abd97ad37203bf19d0f60377dfc09a0ebe7c9c7ae
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
etag
"60db-60ad43bed0ec0"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
expires
Thu, 01 Jan 1970 00:00:00 GMT
accept-ranges
bytes
server-timing
cdn-cache; desc=HIT, edge; dur=354, origin; dur=0, ak_p; desc="1736821833378_34901589_61472527_38311_12927_21_0_146";dur=1
content-length
24795
x-xss-protection
1; mode=block
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Thu, 23 Nov 2023 16:21:55 GMT
content-type
image/jpeg
x-frame-options
SAMEORIGIN
akira-ransomware-4.jpg
www.trellix.com/en-us/img/newsroom/stories/
18 KB
19 KB
Image
General
Full URL
https://www.trellix.com/en-us/img/newsroom/stories/akira-ransomware-4.jpg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
f3b022caffafd19451cb1bd45de011a2218fcc20e8620b151bfcfabff7da7b9e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
etag
"48aa-60ad43c0b9340"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
server-timing
cdn-cache; desc=HIT, edge; dur=331, origin; dur=0, ak_p; desc="1736821833378_34901589_61472528_35859_13677_21_0_146";dur=1
content-length
18602
x-xss-protection
1; mode=block
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Thu, 23 Nov 2023 16:21:57 GMT
content-type
image/jpeg
x-frame-options
SAMEORIGIN
akira-ransomware-5.jpg
www.trellix.com/en-us/img/newsroom/stories/
34 KB
34 KB
Image
General
Full URL
https://www.trellix.com/en-us/img/newsroom/stories/akira-ransomware-5.jpg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
ba25dfd7c06a4ba1a8e9ae51d9b12f8362ec458532861bcb1b2e45bf8db45f78
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
etag
"8802-60ad43c1ad580"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
expires
Thu, 01 Jan 1970 00:00:00 GMT
accept-ranges
bytes
server-timing
cdn-cache; desc=HIT, edge; dur=360, origin; dur=0, ak_p; desc="1736821833378_34901589_61472529_38796_13647_21_0_146";dur=1
content-length
34818
x-xss-protection
1; mode=block
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Thu, 23 Nov 2023 16:21:58 GMT
content-type
image/jpeg
x-frame-options
SAMEORIGIN
akira-ransomware-6.jpg
www.trellix.com/en-us/img/newsroom/stories/
43 KB
43 KB
Image
General
Full URL
https://www.trellix.com/en-us/img/newsroom/stories/akira-ransomware-6.jpg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
a4b67d5b964ed2d20398cb1a9f45ab42d9c339cdb68fa2332a0bac769bd9aeac
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
etag
"aa18-60ad43c2a17c0"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
expires
Thu, 01 Jan 1970 00:00:00 GMT
accept-ranges
bytes
server-timing
cdn-cache; desc=HIT, edge; dur=354, origin; dur=0, ak_p; desc="1736821833377_34901589_61472530_38120_14148_21_0_146";dur=1
content-length
43544
x-xss-protection
1; mode=block
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Thu, 23 Nov 2023 16:21:59 GMT
content-type
image/jpeg
x-frame-options
SAMEORIGIN
akira-ransomware-7.jpg
www.trellix.com/en-us/img/newsroom/stories/
3 KB
4 KB
Image
General
Full URL
https://www.trellix.com/en-us/img/newsroom/stories/akira-ransomware-7.jpg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
2471177495ddce754b52e10f31be7e2ccd2b8bdc2ed1d7db7ddcb9304cb96d36
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
etag
"d5c-60ad441d3ad80"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
expires
Thu, 01 Jan 1970 00:00:00 GMT
accept-ranges
bytes
server-timing
cdn-cache; desc=HIT, edge; dur=257, origin; dur=0, ak_p; desc="1736821833378_34901589_61472531_28542_13052_26_0_146";dur=1
content-length
3420
x-xss-protection
1; mode=block
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Thu, 23 Nov 2023 16:23:34 GMT
content-type
image/jpeg
x-frame-options
SAMEORIGIN
akira-ransomware-8.jpg
www.trellix.com/en-us/img/newsroom/stories/
4 KB
5 KB
Image
General
Full URL
https://www.trellix.com/en-us/img/newsroom/stories/akira-ransomware-8.jpg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
686ce6953c062f2c434e6a4c0615950bb3804f5bfecb3d5eeacf5a3993216f60
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
etag
"10c2-60ad441f23200"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
expires
Thu, 01 Jan 1970 00:00:00 GMT
accept-ranges
bytes
server-timing
cdn-cache; desc=HIT, edge; dur=263, origin; dur=0, ak_p; desc="1736821833385_34901589_61472532_29830_12674_26_0_146";dur=1
content-length
4290
x-xss-protection
1; mode=block
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Thu, 23 Nov 2023 16:23:36 GMT
content-type
image/jpeg
x-frame-options
SAMEORIGIN
akira-ransomware-9.jpg
www.trellix.com/en-us/img/newsroom/stories/
4 KB
4 KB
Image
General
Full URL
https://www.trellix.com/en-us/img/newsroom/stories/akira-ransomware-9.jpg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
7719f6bfda951566f6fe80c3cc987519de3bee4954710fbedee2d06565fb9233
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
etag
"f0c-60ad44210b680"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
expires
Thu, 01 Jan 1970 00:00:00 GMT
accept-ranges
bytes
server-timing
cdn-cache; desc=HIT, edge; dur=270, origin; dur=0, ak_p; desc="1736821833383_34901589_61472533_30342_12664_26_0_146";dur=1
content-length
3852
x-xss-protection
1; mode=block
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Thu, 23 Nov 2023 16:23:38 GMT
content-type
image/jpeg
x-frame-options
SAMEORIGIN
akira-ransomware-10.jpg
www.trellix.com/en-us/img/newsroom/stories/
84 KB
85 KB
Image
General
Full URL
https://www.trellix.com/en-us/img/newsroom/stories/akira-ransomware-10.jpg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
3685016ff63938fa9cb87e91aec626bbbe4e0835951f7faa4d4fc3d551baa2f1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
etag
"151e2-60ad4422f3b00"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
expires
Thu, 01 Jan 1970 00:00:00 GMT
accept-ranges
bytes
server-timing
cdn-cache; desc=HIT, edge; dur=363, origin; dur=0, ak_p; desc="1736821833383_34901589_61472534_39692_12669_20_0_146";dur=1
content-length
86498
x-xss-protection
1; mode=block
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Thu, 23 Nov 2023 16:23:40 GMT
content-type
image/jpeg
x-frame-options
SAMEORIGIN
akira-ransomware-11.jpg
www.trellix.com/en-us/img/newsroom/stories/
59 KB
59 KB
Image
General
Full URL
https://www.trellix.com/en-us/img/newsroom/stories/akira-ransomware-11.jpg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
c4955188d3a229ad9ae0f198ce736f9294c2a1568a3db40e5da517d72d25bcf0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
etag
"eab3-60ad4424dbf80"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
expires
Thu, 01 Jan 1970 00:00:00 GMT
accept-ranges
bytes
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=333, origin; dur=88, ak_p; desc="1736821833383_34901589_61472535_45424_13461_20_0_146";dur=1
content-length
60083
x-xss-protection
1; mode=block
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Thu, 23 Nov 2023 16:23:42 GMT
content-type
image/jpeg
x-frame-options
SAMEORIGIN
akira-ransomware-12.jpg
www.trellix.com/en-us/img/newsroom/stories/
55 KB
56 KB
Image
General
Full URL
https://www.trellix.com/en-us/img/newsroom/stories/akira-ransomware-12.jpg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
f6c0d8cdae1187af00f7e680125b2e5698a2d9d0497e8fa174f915ffe5d03525
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
etag
"dceb-60ad4426c4400"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
expires
Thu, 01 Jan 1970 00:00:00 GMT
accept-ranges
bytes
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=348, origin; dur=81, ak_p; desc="1736821833378_34901589_61472536_45713_13770_20_0_146";dur=1
content-length
56555
x-xss-protection
1; mode=block
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Thu, 23 Nov 2023 16:23:44 GMT
content-type
image/jpeg
x-frame-options
SAMEORIGIN
akira-ransomware-13.jpg
www.trellix.com/en-us/img/newsroom/stories/
30 KB
30 KB
Image
General
Full URL
https://www.trellix.com/en-us/img/newsroom/stories/akira-ransomware-13.jpg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
bc8c0821a91fa48b54b655aa3c4fb55f84257c6d07f90d8690f12c2e23b7f386
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
etag
"7735-60ad449840fc0"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
expires
Thu, 01 Jan 1970 00:00:00 GMT
accept-ranges
bytes
server-timing
cdn-cache; desc=HIT, edge; dur=354, origin; dur=0, ak_p; desc="1736821833383_34901589_61472537_38775_12685_21_0_146";dur=1
content-length
30517
x-xss-protection
1; mode=block
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Thu, 23 Nov 2023 16:25:43 GMT
content-type
image/jpeg
x-frame-options
SAMEORIGIN
akira-ransomware-14.jpg
www.trellix.com/en-us/img/newsroom/stories/
25 KB
25 KB
Image
General
Full URL
https://www.trellix.com/en-us/img/newsroom/stories/akira-ransomware-14.jpg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
44937c21e7b8a370ea870a406aa78382404fd6ae882eeff729205c6eb2a5c35d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
etag
"6382-60ad449a29440"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
server-timing
cdn-cache; desc=HIT, edge; dur=351, origin; dur=0, ak_p; desc="1736821833383_34901589_61472538_38531_12619_21_0_146";dur=1
content-length
25474
x-xss-protection
1; mode=block
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Thu, 23 Nov 2023 16:25:45 GMT
content-type
image/jpeg
x-frame-options
SAMEORIGIN
akira-ransomware-15.jpg
www.trellix.com/en-us/img/newsroom/stories/
40 KB
41 KB
Image
General
Full URL
https://www.trellix.com/en-us/img/newsroom/stories/akira-ransomware-15.jpg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
1ad4cdcd647b39666cf8d8d6f2cd57719ccc95464a86fadfbb37ca7345c9cb78
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
etag
"a0f3-60ad449c118c0"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
expires
Thu, 01 Jan 1970 00:00:00 GMT
accept-ranges
bytes
server-timing
cdn-cache; desc=HIT, edge; dur=343, origin; dur=0, ak_p; desc="1736821833382_34901589_61472539_37580_13569_21_0_146";dur=1
content-length
41203
x-xss-protection
1; mode=block
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Thu, 23 Nov 2023 16:25:47 GMT
content-type
image/jpeg
x-frame-options
SAMEORIGIN
akira-ransomware-16.jpg
www.trellix.com/en-us/img/newsroom/stories/
134 KB
135 KB
Image
General
Full URL
https://www.trellix.com/en-us/img/newsroom/stories/akira-ransomware-16.jpg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
0c1f7d09f13b7ca3edf1c5a861a5800301e34886cc205cd8f2478776d999c97a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
etag
"2185d-60ae297354000"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
expires
Thu, 01 Jan 1970 00:00:00 GMT
accept-ranges
bytes
server-timing
cdn-cache; desc=HIT, edge; dur=359, origin; dur=0, ak_p; desc="1736821833395_34901589_61472540_40367_12559_20_0_146";dur=1
content-length
137309
x-xss-protection
1; mode=block
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Fri, 24 Nov 2023 09:29:36 GMT
content-type
image/jpeg
x-frame-options
SAMEORIGIN
akira-ransomware-17.jpg
www.trellix.com/en-us/img/newsroom/stories/
244 KB
245 KB
Image
General
Full URL
https://www.trellix.com/en-us/img/newsroom/stories/akira-ransomware-17.jpg
Requested by
Host: www.trellix.com
URL: https://www.trellix.com/blogs/research/akira-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
3c4e86ab46903749b60f59fff47a04804ac4c23d1faf9c3d909d92b7f5aa2f78
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.trellix.com/blogs/research/akira-ransomware/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=14400, s-maxage=14400
etag
"3d143-60b5b2f6f0b80"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
server-timing
cdn-cache; desc=HIT, edge; dur=368, origin; dur=0, ak_p; desc="1736821833395_34901589_61472541_41321_12913_20_0_146";dur=1
content-length
250179
x-xss-protection
1; mode=block
date
Tue, 14 Jan 2025 02:30:33 GMT
content-disposition
inline
last-modified
Thu, 30 Nov 2023 09:22:06 GMT
content-type
image/jpeg
x-frame-options
SAMEORIGIN
akira-ransomware-18.jpg
www.trellix.com/en-us/img/newsroom/stories/
235 KB
235 KB