arcticwolf.com Open in urlscan Pro
13.224.189.102 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Submission: On June 13 via api (June 13th 2024, 8:16:28 am UTC) from DE — Scanned from DE

Summary HTTP 224 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 50 IPs in 7 countries across 39 domains to perform 224 HTTP transactions. The main IP is 13.224.189.102, located in United States and belongs to AMAZON-02, US. The main domain is arcticwolf.com. The Cisco Umbrella rank of the primary domain is 74159.
TLS certificate: Issued by DigiCert EV RSA CA G2 on May 11th 2024. Valid for: 5 months.

This is the only time arcticwolf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
79	13.224.189.102 13.224.189.102	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
12	2606:4700::68... 2606:4700::6813:b234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
10	13.32.99.8 13.32.99.8	16509 (AMAZON-02) (AMAZON-02)
8	104.17.74.206 104.17.74.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	52.200.144.213 52.200.144.213	14618 (AMAZON-AES) (AMAZON-AES)
12	23.53.42.251 23.53.42.251	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
1	2a02:26f0:480... 2a02:26f0:480:15::213:7e63	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE)
2	184.31.85.59 184.31.85.59	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:4700:440... 2606:4700:4400::6812:2b1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	104.16.117.43 104.16.117.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	18.245.86.14 18.245.86.14	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::6812:24c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.244.142.80 35.244.142.80	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.65.167 151.101.65.167	54113 (FASTLY) (FASTLY)
1	93.184.221.165 93.184.221.165	15133 (EDGECAST) (EDGECAST)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
3 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2606:4700:440... 2606:4700:4400::ac40:92d7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	34.111.208.231 34.111.208.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:3c00:1c:f10a:ad80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.126.143.238 3.126.143.238	16509 (AMAZON-02) (AMAZON-02)
1	192.28.147.68 192.28.147.68	15224 (OMNITURE) (OMNITURE)
2	2620:1ec:29:1... 2620:1ec:29:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	35.173.88.167 35.173.88.167	14618 (AMAZON-AES) (AMAZON-AES)
1	169.63.31.200 169.63.31.200	36351 (SOFTLAYER) (SOFTLAYER)
7	2600:1f18:e8a... 2600:1f18:e8a:cd08:3437:aff5:50c:d298	14618 (AMAZON-AES) (AMAZON-AES)
4	20.114.190.119 20.114.190.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	142.250.186.40 142.250.186.40	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2 2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2 3	142.250.186.36 142.250.186.36	15169 (GOOGLE) (GOOGLE)
4	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0b::9c	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:ab0... 2a02:26f0:ab00::214:8e70	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	104.18.37.212 104.18.37.212	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	13.248.142.121 13.248.142.121	16509 (AMAZON-02) (AMAZON-02)
224	50

79 13.224.189.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-102.fra2.r.cloudfront.net

arcticwolf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6813:b234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 13.32.99.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-8.fra60.r.cloudfront.net

app.cdn.lookbookhq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-app.pathfactory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.17.74.206 (None, )

ASN13335 (CLOUDFLARENET, US)

cybersecurity.arcticwolf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.200.144.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-144-213.compute-1.amazonaws.com

jukebox.pathfactory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 23.53.42.251 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-42-251.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:15::213:7e63 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.31.85.59 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-85-59.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:2b1f (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.g2crowd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.16.117.43 (None, )

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ws-assets.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.245.86.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-14.fra60.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:24c4 (United States)

ASN13335 (CLOUDFLARENET, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.65.167 (San Francisco, United States)

ASN54113 (FASTLY, US)

s.swiftypecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.184.221.165 (London, United Kingdom)

ASN15133 (EDGECAST, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:92d7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.208.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.208.111.34.bc.googleusercontent.com

ibc-flow.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-adaptive-growth.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:3c00:1c:f10a:ad80:93a1 (United States)

ASN16509 (AMAZON-02, US)

ob.robotflowermobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.143.238 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-143-238.eu-central-1.compute.amazonaws.com

6145655.global.siteimproveanalytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.147.68 (United States)

ASN15224 (OMNITURE, US)

840-osq-661.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:29:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.173.88.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-88-167.compute-1.amazonaws.com

spcollector.pathfactory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.63.31.200 (United States)

ASN36351 (SOFTLAYER, US)
PTR: c8.1f.3fa9.ip4.static.sl-reverse.com

cc.swiftype.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1f18:e8a:cd08:3437:aff5:50c:d298 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.robotflowermobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.114.190.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

x.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.40 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.36 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ab00::214:8e70 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.37.212 (None, )

ASN13335 (CLOUDFLARENET, US)

js.zi-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.142.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: ac3ff6aafb2cddae2.awsglobalaccelerator.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
87	arcticwolf.com arcticwolf.com — Cisco Umbrella Rank: 74159 cybersecurity.arcticwolf.com — Cisco Umbrella Rank: 643762	1 MB
17	pathfactory.com cdn-app.pathfactory.com — Cisco Umbrella Rank: 48367 jukebox.pathfactory.com — Cisco Umbrella Rank: 41223 spcollector.pathfactory.com — Cisco Umbrella Rank: 49325	440 KB
13	6sc.co j.6sc.co — Cisco Umbrella Rank: 5930 c.6sc.co — Cisco Umbrella Rank: 8413 ipv6.6sc.co — Cisco Umbrella Rank: 6075 b.6sc.co — Cisco Umbrella Rank: 3843	21 KB
12	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 378	249 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 776 x.clarity.ms — Cisco Umbrella Rank: 7537 c.clarity.ms — Cisco Umbrella Rank: 1472	29 KB
8	robotflowermobile.com ob.robotflowermobile.com — Cisco Umbrella Rank: 547125 obs.robotflowermobile.com — Cisco Umbrella Rank: 407697	40 KB
7	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 352 www.linkedin.com — Cisco Umbrella Rank: 558 px4.ads.linkedin.com — Cisco Umbrella Rank: 6457	4 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	675 KB
6	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 5178 ws-assets.zoominfo.com — Cisco Umbrella Rank: 14408	30 KB
5	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 5 region1.analytics.google.com — Cisco Umbrella Rank: 3078	409 B
4	google.de www.google.de — Cisco Umbrella Rank: 8196	254 B
4	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 63 stats.g.doubleclick.net — Cisco Umbrella Rank: 132	453 B
4	gstatic.com fonts.gstatic.com	73 KB
3	zi-scripts.com js.zi-scripts.com — Cisco Umbrella Rank: 7394	4 KB
3	swiftypecdn.com s.swiftypecdn.com — Cisco Umbrella Rank: 14478	148 KB
3	techtarget.com trk.techtarget.com — Cisco Umbrella Rank: 30012 ibc-flow.techtarget.com — Cisco Umbrella Rank: 26488	2 KB
3	driftt.com js.driftt.com — Cisco Umbrella Rank: 7352	62 KB
3	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 357 c.bing.com — Cisco Umbrella Rank: 226	16 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	3 KB
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 10109	706 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 68	21 KB
2	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 135	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	3 KB
2	cloudfunctions.net us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 4401	122 B
2	g2crowd.com tracking.g2crowd.com — Cisco Umbrella Rank: 8733	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 205	71 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 4509	6 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 90	15 KB
2	lookbookhq.com app.cdn.lookbookhq.com — Cisco Umbrella Rank: 90805	3 KB
1	swiftype.com cc.swiftype.com — Cisco Umbrella Rank: 15728	279 B
1	mktoresp.com 840-osq-661.mktoresp.com	318 B
1	siteimproveanalytics.io 6145655.global.siteimproveanalytics.io — Cisco Umbrella Rank: 852339	149 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 938	392 B
1	t.co t.co — Cisco Umbrella Rank: 711	377 B
1	siteimproveanalytics.com siteimproveanalytics.com — Cisco Umbrella Rank: 4604	16 KB
1	pdst.fm cdn.pdst.fm — Cisco Umbrella Rank: 4251	18 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 958	17 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 881	15 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 638	295 B
224	39

	Domain	Requested by
79	arcticwolf.com	arcticwolf.com
12	cdn.cookielaw.org	arcticwolf.com cdn.cookielaw.org
10	b.6sc.co	arcticwolf.com
8	cdn-app.pathfactory.com	arcticwolf.com cdn-app.pathfactory.com
8	cybersecurity.arcticwolf.com	arcticwolf.com cybersecurity.arcticwolf.com
7	obs.robotflowermobile.com	ob.robotflowermobile.com arcticwolf.com
7	www.googletagmanager.com	arcticwolf.com www.googletagmanager.com ob.robotflowermobile.com
6	jukebox.pathfactory.com	cdn-app.pathfactory.com
5	px.ads.linkedin.com	3 redirects snap.licdn.com
5	ws.zoominfo.com	arcticwolf.com js.zi-scripts.com ws-assets.zoominfo.com
4	www.google.de	arcticwolf.com
4	x.clarity.ms	www.clarity.ms
4	fonts.gstatic.com	fonts.googleapis.com
3	js.zi-scripts.com	arcticwolf.com js.zi-scripts.com
3	www.google.com	2 redirects
3	spcollector.pathfactory.com	cdn-app.pathfactory.com
3	s.swiftypecdn.com	arcticwolf.com s.swiftypecdn.com
3	js.driftt.com	arcticwolf.com js.driftt.com
3	fonts.googleapis.com	arcticwolf.com cybersecurity.arcticwolf.com
2	epsilon.6sense.com	j.6sc.co
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	c.clarity.ms	1 redirects
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	googleads.g.doubleclick.net	2 redirects
2	www.googleadservices.com	1 redirects www.googletagmanager.com
2	www.facebook.com	arcticwolf.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	us-central1-adaptive-growth.cloudfunctions.net	cdn.pdst.fm
2	ibc-flow.techtarget.com	trk.techtarget.com
2	tracking.g2crowd.com	arcticwolf.com tracking.g2crowd.com
2	connect.facebook.net	arcticwolf.com connect.facebook.net
2	bat.bing.com	arcticwolf.com bat.bing.com
2	munchkin.marketo.net	arcticwolf.com munchkin.marketo.net
2	www.youtube.com	arcticwolf.com www.youtube.com
2	app.cdn.lookbookhq.com	arcticwolf.com
1	ws-assets.zoominfo.com	js.zi-scripts.com
1	c.bing.com	1 redirects
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	cc.swiftype.com	arcticwolf.com
1	840-osq-661.mktoresp.com	munchkin.marketo.net
1	6145655.global.siteimproveanalytics.io	arcticwolf.com
1	ob.robotflowermobile.com	www.googletagmanager.com
1	px4.ads.linkedin.com	arcticwolf.com
1	www.linkedin.com	1 redirects
1	analytics.twitter.com	arcticwolf.com
1	t.co	arcticwolf.com
1	siteimproveanalytics.com	www.googletagmanager.com
1	cdn.pdst.fm	arcticwolf.com
1	trk.techtarget.com	arcticwolf.com
1	snap.licdn.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	j.6sc.co	arcticwolf.com
1	geolocation.onetrust.com	cdn.cookielaw.org
224	55

This site contains links to these domains. Also see Links.

Domain
github.com
www.facebook.com
www.twitter.com
www.youtube.com
www.linkedin.com
cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
arcticwolf.com DigiCert EV RSA CA G2	`2024-05-11` - `2024-10-21`	5 months	crt.sh
upload.video.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.pathfactory.com Amazon RSA 2048 M02	`2024-05-11` - `2025-06-08`	a year	crt.sh
cybersecurity.arcticwolf.com Cloudflare Inc ECC CA-3	`2024-03-05` - `2024-12-31`	10 months	crt.sh
*.gstatic.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
6sc.co R3	`2024-04-09` - `2024-07-08`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-12-11`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-05-01` - `2024-06-27`	2 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-22` - `2024-06-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-24` - `2024-07-23`	a year	crt.sh
zoominfo.com E1	`2024-05-20` - `2024-08-18`	3 months	crt.sh
drift.com Amazon RSA 2048 M02	`2023-08-15` - `2024-09-11`	a year	crt.sh
trk.techtarget.com GTS CA 1P5	`2024-05-24` - `2024-08-22`	3 months	crt.sh
cdn.pdst.fm WR3	`2024-05-17` - `2024-08-15`	3 months	crt.sh
siteimproveanalytics.com GTS CA 1P5	`2024-04-23` - `2024-07-22`	3 months	crt.sh
s.swiftypecdn.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-04-04` - `2025-05-06`	a year	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-08` - `2025-05-07`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
ibc-flow.techtarget.com GTS CA 1D4	`2024-05-06` - `2024-08-04`	3 months	crt.sh
misc.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.robotflowermobile.com Amazon RSA 2048 M02	`2023-07-18` - `2024-08-15`	a year	crt.sh
*.global.r1.siteimproveanalytics.io Amazon RSA 2048 M03	`2023-10-26` - `2024-11-23`	a year	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-10-07`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.swiftype.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-21` - `2024-07-14`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.google.de WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.googleadservices.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
zi-scripts.com GTS CA 1P5	`2024-05-27` - `2024-08-25`	3 months	crt.sh
*.6sense.com Amazon RSA 2048 M03	`2024-03-31` - `2025-04-29`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Frame ID: EAA98D73032C52828FC8ACD0343B4852
Requests: 212 HTTP requests in this frame

Frame: https://cybersecurity.arcticwolf.com/index.php/form/XDFrame
Frame ID: 7EF912199490DA751FB575E278E0FC76
Requests: 2 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=zaxd53bdwtvy&eId=zaxd53bdwtvy&region=US&forceShow=false&skipCampaigns=false&sessionId=4cb12385-d8a2-4020-abd6-f42affd553df&sessionStarted=1718266581.233&campaignRefreshToken=64f432a6-e536-4242-b2b1-6843e66dd993&hideController=false&pageLoadStartTime=1718266575862&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F
Frame ID: 69C630E465790C675818FFECE69BDE44
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1718266575862
Frame ID: E1C2985995E802E706C63B0702460007
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Lost in the Fog: A New Ransomware Threat - Arctic Wolf

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Elementor (Landing Page Builders) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href=(?:"|')[^"']*elementor/assets

Mustache (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

mustache(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

224
Requests

96 %
HTTPS

43 %
IPv6

39
Domains

55
Subdomains

50
IPs

7
Countries

3052 kB
Transfer

11020 kB
Size

55
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://github.com/mitchmoser/SharpShares
Title: open-source tool

Search URL Search Domain Scan URL

URL: https://github.com/sadshade/veeam-creds/blob/main/Veeam-Get-Creds.ps1
Title: open-source PowerShell script

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ArcticWolfNetworks

Search URL Search Domain Scan URL

URL: https://www.twitter.com/AWNetworks
Title: 𝕏

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/ArcticWolfNetworks

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/arctic-wolf-networks

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 104

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50605&time=1718266577515&url=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50605&time=1718266577515&url=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D50605%26time%3D1718266577515%26url%3Dhttps%253A%252F%252Farcticwolf.com%252Fresources%252Fblog%252Flost-in-the-fog-a-new-ransomware-threat%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50605&time=1718266577515&url=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50605&time=1718266577515&url=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&cookiesTest=true&liSync=true&e_ipv6=AQIVClfeh6lRnQAAAZAQq0ZHkOkpBKw0jPzXu821pStEi24NmbRL5fTPRQsS28nBLgZQuIU

Request Chain 169

https://www.googleadservices.com/pagead/conversion/410966486/?label=lzDbCJmv1ocYENaz-8MB&guid=ON&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/410966486/?label=lzDbCJmv1ocYENaz-8MB&guid=ON&script=0&ct_cookie_present=false&random=996448952&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIw8uX6ZHYhgMVQkD2CB1WHAb1MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vYXJjdGljd29sZi5jb20v HTTP 302
https://www.google.com/pagead/1p-conversion/410966486/?label=lzDbCJmv1ocYENaz-8MB&guid=ON&script=0&ct_cookie_present=false&random=996448952&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIw8uX6ZHYhgMVQkD2CB1WHAb1MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vYXJjdGljd29sZi5jb20v&is_vtc=1&cid=CAQSGwDaQooLQiu7sgmfqBiOa2kfzDy7vCJc-aQvfw&random=2276890842 HTTP 302
https://www.google.de/pagead/1p-conversion/410966486/?label=lzDbCJmv1ocYENaz-8MB&guid=ON&script=0&ct_cookie_present=false&random=996448952&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIw8uX6ZHYhgMVQkD2CB1WHAb1MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vYXJjdGljd29sZi5jb20v&is_vtc=1&cid=CAQSGwDaQooLQiu7sgmfqBiOa2kfzDy7vCJc-aQvfw&random=2276890842&ipr=y

Request Chain 178

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/410966486/?random=2082058555&cv=11&fst=1718266580925&bg=ffffff&guid=ON&async=1&gtm=45be46c0v896750397za200zb78485517&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&label=lzDbCJmv1ocYENaz-8MB&hn=www.googleadservices.com&frm=0&tiba=Lost%20in%20the%20Fog%3A%20A%20New%20Ransomware%20Threat%20-%20Arctic%20Wolf&gtm_ee=1&npa=1&pscdl=noapi&auid=1872408152.1718266577&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ3RyaWdnZXI7bmF2aWdhdGlvbi1zb3VyY2UsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMImuW_6ZHYhgMVwFj2CB06vwgBMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vYXJjdGljd29sZi5jb20v HTTP 302
https://www.google.com/pagead/1p-conversion/410966486/?random=2082058555&cv=11&fst=1718266580925&bg=ffffff&guid=ON&async=1&gtm=45be46c0v896750397za200zb78485517&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&label=lzDbCJmv1ocYENaz-8MB&hn=www.googleadservices.com&frm=0&tiba=Lost%20in%20the%20Fog%3A%20A%20New%20Ransomware%20Threat%20-%20Arctic%20Wolf&gtm_ee=1&npa=1&pscdl=noapi&auid=1872408152.1718266577&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ3RyaWdnZXI7bmF2aWdhdGlvbi1zb3VyY2UsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMImuW_6ZHYhgMVwFj2CB06vwgBMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vYXJjdGljd29sZi5jb20v&is_vtc=1&cid=CAQSKQDaQooLYu47gL98fn2BQ2DsYyZaKQj4hzyHZLOr5Jv7N7Khvk00bxx_&random=3049013986 HTTP 302
https://www.google.de/pagead/1p-conversion/410966486/?random=2082058555&cv=11&fst=1718266580925&bg=ffffff&guid=ON&async=1&gtm=45be46c0v896750397za200zb78485517&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&label=lzDbCJmv1ocYENaz-8MB&hn=www.googleadservices.com&frm=0&tiba=Lost%20in%20the%20Fog%3A%20A%20New%20Ransomware%20Threat%20-%20Arctic%20Wolf&gtm_ee=1&npa=1&pscdl=noapi&auid=1872408152.1718266577&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ3RyaWdnZXI7bmF2aWdhdGlvbi1zb3VyY2UsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMImuW_6ZHYhgMVwFj2CB06vwgBMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vYXJjdGljd29sZi5jb20v&is_vtc=1&cid=CAQSKQDaQooLYu47gL98fn2BQ2DsYyZaKQj4hzyHZLOr5Jv7N7Khvk00bxx_&random=3049013986&ipr=y

Request Chain 187

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=720441CBEDE140C58F70F73A7BE72140&RedC=c.clarity.ms&MXFR=33FF6666212D6233276772FB252D6C63 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=720441CBEDE140C58F70F73A7BE72140&MUID=2E93954D1F7F65432AAD81D01EF4642A

224 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/ 193 KB
38 KB 392ms
202ms Document
text/html 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4c6e205e2b8e47a51b55161d9560461314bd820ec2f2658acf313ccf125ced1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 4513
cache-control: must-revalidate, max-age=0, s-maxage=86400
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 13 Jun 2024 07:01:02 GMT
etag: W/"1eeaf11d04f1992eb7c1154120cdeded"
last-modified: Fri, 07 Jun 2024 21:32:04 GMT
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 d818b372f81cbe23bb149df5877c444a.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-amz-cf-id: h1p4hY5YQvg4oI-vSbuFVL1Jb_oih6UIF5m5lKrwIcfEeZI7WbQN8g==
x-amz-cf-pop: FRA60-P9 FRA2-C1
x-amz-version-id: Xe9Mt71QS764cajW0IkIgZJrFD5WRKda
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 premium-addons.min.css
arcticwolf.com/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-css/ 381 KB
44 KB 63ms
36ms Stylesheet
text/css 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-css/premium-addons.min.css?ver=4.10.33

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

67984cd94304cb2f8823adb06162520d35adb6cd2bbefc9e4dcbd01a759fec0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:08:59 GMT
x-amz-version-id: DrdtIY1eYFRpUq9UF1LgMwCDJrGkvPnJ
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36437
via: 1.1 5f82872daec754c74bbd4ef1bc7f7314.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:38 GMT
server: AmazonS3
etag: W/"82055b0dc1186dc94a31ec22ffadcf9b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: devm4ON7ySIqftVwb0vhjs4Z9X5UZ4DkTs8HHIqT7qbrqvYeRo6ilg==

GET
H2 200 premium-addons.min.css
arcticwolf.com/wp-content/plugins/premium-addons-pro/assets/frontend/min-css/ 224 KB
30 KB 98ms
72ms Stylesheet
text/css 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/premium-addons-pro/assets/frontend/min-css/premium-addons.min.css?ver=2.9.17

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

dd78479933b8a4cc0484ab876cec63c96efd77d042d7d80215cd83e363d095f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:08:59 GMT
x-amz-version-id: Rm9wcAR69DsM5V0HuXmq7uRokCi0wp3d
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36437
via: 1.1 d2c570942164f5ee69dab53f43b0f1d2.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:39 GMT
server: AmazonS3
etag: W/"33725135b33b85a607fd3eacf0fc82e2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: SLjZ9c9Jarjxb6bKBtSYIOqIT2KuX2e8NigUpYM1qRMTUukEEwd6Mg==

GET
H2 200 styles.css
arcticwolf.com/wp-content/plugins/sitepress-multilingual-cms/dist/css/blocks/ 58 KB
9 KB 82ms
55ms Stylesheet
text/css 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/sitepress-multilingual-cms/dist/css/blocks/styles.css?ver=4.6.11

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

58c855e7eb9b917e71e6b733e73c542c25bacb986f3ba7df2be1570200312135

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:08:59 GMT
x-amz-version-id: 9SCR92OnFLMbPoQLWJ82npb_j.T7gHeC
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36437
via: 1.1 4770dda4e92393e930d8a34dcbb04db2.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:29 GMT
server: AmazonS3
etag: W/"4940e4ae72b6124a6eab7e97fc8df1f4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: B3ynSmoT8yNhLSJl1hfssvOGfNdD93wXj-hZPwS2meKE2cZWn3ywBw==

GET
H2 200 strattic-search.css
arcticwolf.com/wp-content/plugins/strattic-search-extension/assets/ 2 KB
1 KB 113ms
87ms Stylesheet
text/css 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/strattic-search-extension/assets/strattic-search.css?ver=1.0

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

3d0a742c9613bf7bb6797f4cf0568f031c40de94b40a3ba2b6df5938a76aa5c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:11:01 GMT
x-amz-version-id: 9_3vwvoa5wvT62Okl9ByJOyR4jCOPTy_
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36315
via: 1.1 6b284415724869adc9db63c19e48e420.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:44 GMT
server: AmazonS3
etag: W/"98becf92e15740fd07b99fe520a9d392"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: fQwtDxfZex1c_OnaOhYYDR5AbEsK4WtPSgU-DHbyMVzjzICULeVn9g==

GET
H2 200 style.min.css
arcticwolf.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/ 2 KB
1 KB 116ms
90ms Stylesheet
text/css 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/style.min.css?ver=1

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1aeb9107928bb523947c28e17358efb50a07b942e15ed0a72259a5794ea2ca96

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:08:59 GMT
x-amz-version-id: t5MJACMVvQbxUExqqULJEuDfSn7zxcPP
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36437
via: 1.1 4770dda4e92393e930d8a34dcbb04db2.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:42 GMT
server: AmazonS3
etag: W/"72a49c98f1c6118869dd01f1bdce2fce"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: 1CP3NsMs8-EAKfCpC3JGr2X3VkwxO8GSlBS5yGNR4Bn0Rowl-kcNrg==

GET
H2 200 style_en.css
arcticwolf.com/wp-content/uploads/maxmegamenu/ 332 KB
27 KB 108ms
82ms Stylesheet
text/css 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/uploads/maxmegamenu/style_en.css?ver=eceb64

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a30d86c107b41090101e0109182ca76dd20bc31efd366ce4d144e74f319e2b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:08:59 GMT
x-amz-version-id: Q3QCTcMGACE4LEMWiVZVCUdtnrcm3EmA
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36437
via: 1.1 45e3ccd889272a7e8732f0eda13e87ca.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:43 GMT
server: AmazonS3
etag: W/"74adb084abebe0ac69fcd632d6eaa855"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: qcX4wLtuq9s4FioRvk1tM9La7ZSPvO9mM3ka5Ln5UTN8BH5mTCtSpQ==

GET
H2 200 dashicons.min.css
arcticwolf.com/wp-includes/css/ 58 KB
35 KB 119ms
94ms Stylesheet
text/css 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-includes/css/dashicons.min.css?ver=6.5.4

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:08:59 GMT
x-amz-version-id: SE5sQk4MIMsah4zaY17.UPLX.WQkYgKz
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36437
via: 1.1 3677df2c828d68a6a84555cd8a40cf50.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:36 GMT
server: AmazonS3
etag: W/"d68d6bf519169d86e155bad0bed833f8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: J11eYHViQ31DiAaNasSLx9UYzBmjDe31UXIJCzIEN6WirtyFwLp7Yg==

GET
H2 200 all.min.css
arcticwolf.com/wp-content/plugins/megamenu-pro/icons/fontawesome6/css/ 100 KB
22 KB 133ms
108ms Stylesheet
text/css 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/megamenu-pro/icons/fontawesome6/css/all.min.css?ver=2.4

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:08:59 GMT
x-amz-version-id: uZ8IsWOKSqOV7fCHOMNa4CF6s604pC0n
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36437
via: 1.1 af1c2193a818b5824fd85ddd651620a8.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:25 GMT
server: AmazonS3
etag: W/"5222e06b77a1692fa2520a219840e6be"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: FHE4qPsUuG4g893Nx1DWbC3s3_vgVWKCSCvGrMP8NzlDQJzr81XGIA==

GET
H2 200 style.css
arcticwolf.com/wp-content/themes/blankslate-child/ 25 KB
6 KB 128ms
102ms Stylesheet
text/css 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/themes/blankslate-child/style.css?ver=6.5.4

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

105383052b2beb806be6d2fb6834ea85569020ef1d3d3f8bfd97335b91b9b153

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:08:59 GMT
x-amz-version-id: Wme5K59IfHNdUvQSrNUqQb5F2DTFxjW1
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36437
via: 1.1 60dc145c687858f10bb3fe6251ad4ffe.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:31 GMT
server: AmazonS3
etag: W/"7d6d4fb9da7dc65f7f5b91f7f67418e0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: jziJ0SK_nun-LNUDZithPaQG3yYGg1hQ6-9QLtw_wIOdlRNJzEBN6g==

GET
H2 200 elementor-icons.min.css
arcticwolf.com/wp-content/plugins/elementor/assets/lib/eicons/css/ 19 KB
5 KB 137ms
112ms Stylesheet
text/css 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.29.0

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

67ac597bed179b5842d996fad80472c6b9514edde408ade8b892161bcf9e9c88

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:09:00 GMT
x-amz-version-id: bEPPxGJI4DH26EdtjRKg5ZU55h24Ls2f
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36436
via: 1.1 3677df2c828d68a6a84555cd8a40cf50.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:41 GMT
server: AmazonS3
etag: W/"45f978120a537b249dfac36306ed5471"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: aCXK8D9MEqi2g2qkhji408ehDQAbJhcm4evY9ly1NiPmPEH8tSdNtg==

GET
H2 200 frontend.min.css
arcticwolf.com/wp-content/plugins/elementor/assets/css/ 170 KB
21 KB 141ms
107ms Stylesheet
text/css 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.21.8

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

962d26a95d58634e18e845e01daed9fd1c5924b1545d7d51e7be4dc1c6689161

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:09:00 GMT
x-amz-version-id: R1gWB8L4ZrVoCc276l3Vp4bw.VoNXUU9
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36436
via: 1.1 af1c2193a818b5824fd85ddd651620a8.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:34 GMT
server: AmazonS3
etag: W/"6c26fcad328eade6a808eb68fc1e2331"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: 6kzueja2D2NjNyns6jGLcH4imxRpoIiWGzsce295UPYnjoDpeX3ieA==

GET
H2 200 swiper.min.css
arcticwolf.com/wp-content/plugins/elementor/assets/lib/swiper/v8/css/ 16 KB
5 KB 149ms
116ms Stylesheet
text/css 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/elementor/assets/lib/swiper/v8/css/swiper.min.css?ver=8.4.5

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c57e64fcb72bddafa9c38de574441c3e69ac6c961df96b0cad34da83658bd196

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:09:00 GMT
x-amz-version-id: nAfQlLc1xrfRyxrDZLaQZuek.F0T6v2s
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36436
via: 1.1 6641a812839e5267ee0880e96b41efc4.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:45 GMT
server: AmazonS3
etag: W/"a2431bc290cf34e330e11ec4cfce1247"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: MfvKd_c6KY8rly5YU6QIUI8MGsdNnUQ1nJ7Y25XXasN_fyvoT8j93g==

GET
H2 200 post-16145.css
arcticwolf.com/wp-content/uploads/elementor/css/ 4 KB
1 KB 150ms
117ms Stylesheet
text/css 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/uploads/elementor/css/post-16145.css?ver=1717683028

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9c637b699240b1c90cdfc30198a397159051cb59db4ab6e49f9d231992824b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:08:59 GMT
x-amz-version-id: Y.KbBMZ80kQjHZ_fQOsa.DJc7rY5UKuG
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36437
via: 1.1 32c1b1f3aed1f2411468b70713ad6556.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:32 GMT
server: AmazonS3
etag: W/"b99a92b7420e4e28f9c6d9458a38b23d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: 8U63PojF7utQzzejnnSmpqRaWVIt63PTeiCRF5zFaWxNhsXNs231qg==

GET
H2 200 frontend.min.css
arcticwolf.com/wp-content/plugins/elementor-pro/assets/css/ 446 KB
43 KB 154ms
121ms Stylesheet
text/css 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.21.3

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f181c751a918d86f11858c2f9f4f8dec570c845c8a02f81bc9ee1241655100fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:09:00 GMT
x-amz-version-id: 2vEWStZ3wpjN5saPsZf7mGc7n_sgj..E
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36436
via: 1.1 c8faaa7d637dd73af72e1355a476ffc2.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:29 GMT
server: AmazonS3
etag: W/"cea6c1ec5a6ce5dee6ab6ff27427e109"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: pXqwgVj-6h55CCijnh0qD9RtBbOudzC28tPAOGVuZWJzYlZnUaBsKw==

GET
H2 200 all.min.css
arcticwolf.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 58 KB
13 KB 162ms
129ms Stylesheet
text/css 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=4.10.33

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:09:00 GMT
x-amz-version-id: Iu0K5WA4H6JoTyQl9HhQL5z.dWMVDp6j
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36436
via: 1.1 840e16b680c94fee8c48b15e01dda782.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:35 GMT
server: AmazonS3
etag: W/"74bab4578692993514e7f882cc15c218"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: wxx2E7SV8Gpz5k-nc8Gc8eWj3e0Yi0JGCPVEpAw0pusHbXer_MkU0g==

GET
H2 200 v4-shims.min.css
arcticwolf.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 26 KB
5 KB 159ms
127ms Stylesheet
text/css 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.21.8

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c55902832fb84522d02ea1a60a30747403a140d8651fa748f13ba398b0c0df3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:08:59 GMT
x-amz-version-id: AApCavdj_DY3gQvMZMiXIAV0yMvep2OO
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36437
via: 1.1 3677df2c828d68a6a84555cd8a40cf50.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:25 GMT
server: AmazonS3
etag: W/"c55205bce667f5d812354fd1353e7389"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: _venRHuXPic4duQIgwjcayNvZLyKTsOZCrU7m7wErCp7eCJRWe-SyA==

GET
H2 200 global.css
arcticwolf.com/wp-content/uploads/elementor/css/ 605 KB
27 KB 146ms
114ms Stylesheet
text/css 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/uploads/elementor/css/global.css?ver=1717683032

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2383376c60a4522bc9eabb992249aeb31ce74f05295fca5cca18c4fde10f5bbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:08:59 GMT
x-amz-version-id: svGFdsaNxWKXr6lUz6CpDl_4KydOpv5N
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36437
via: 1.1 60dc145c687858f10bb3fe6251ad4ffe.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:44 GMT
server: AmazonS3
etag: W/"9357131b1e6ef91173f003585128b676"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: tQC-EQYTBRAtgPrZZhYqXwApQeuRpQKi_PZZEXyThSQPpu0-g-9Gzg==

GET
H2 200 post-48911.css
arcticwolf.com/wp-content/uploads/elementor/css/ 34 KB
4 KB 172ms
140ms Stylesheet
text/css 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/uploads/elementor/css/post-48911.css?ver=1717691214

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b6efe2fcec52552ef0ce7ab748e10d5887bf7e8fdf884bbcdcd876911cfb652d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:11:01 GMT
x-amz-version-id: FZVzio0bqlLB6a9ECUwGY86ELqauUXNV
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36315
via: 1.1 9b70adf7c49e859435e96eb0fc35c216.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 20:19:53 GMT
server: AmazonS3
etag: W/"e5138da354f9a39f7674a4c978db979a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: 8lOS5Yzd3pDpafdT3crokZn7BjO59zd6BSy3S4n5DAqrs4yFjbHo1Q==

GET
H2 200 style.min.css
arcticwolf.com/wp-content/plugins/happy-elementor-addons/assets/fonts/ 25 KB
6 KB 163ms
131ms Stylesheet
text/css 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/happy-elementor-addons/assets/fonts/style.min.css?ver=3.11.0

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a526f7e1a82516f99f2639fc48cd8033545c9d1ddae99c01942dede8116d4ee5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:09:00 GMT
x-amz-version-id: 6oAxT1v1HoXaD8TiIR1aY73ISmlJRNfl
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36436
via: 1.1 27cdec4bbea3c020f504b2062d4e122c.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:36 GMT
server: AmazonS3
etag: W/"2a122fab955f87f5d0f9662a8fc5fc24"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: lmVkw0AJ7JGpniT5aDI2dchbjJ8KvnkiEi3QxlezhLkHUlhen_RS8g==

GET
H2 200 font-awesome.min.css
arcticwolf.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 30 KB
7 KB 175ms
143ms Stylesheet
text/css 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:09:00 GMT
x-amz-version-id: wMQI25bZuz_CSNgmZjNMgS6GvO0ZCsra
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36436
via: 1.1 dbddc07d9edf6f99394912c390c6ef32.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:48 GMT
server: AmazonS3
etag: W/"008e0bb5ebfa7bc298a042f95944df25"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: JJOywtZAq6wEExsYmauv6jjyiGc85lkgDJS8U-HIdpKtcmZkGLwMdw==

GET
H2 200 general.min.css
arcticwolf.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/ 4 KB
1 KB 173ms
141ms Stylesheet
text/css 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.9.23

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

683e7dd72e8bf31eaddb50de149bd4a87d9ed27541b29711a5cbcb1ea3262a45

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:09:00 GMT
x-amz-version-id: Z0l5wga6O1jas_DumVmvR0n3LaLukNyZ
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36436
via: 1.1 2ad26f5878b778b17955978bf962dc9a.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:29 GMT
server: AmazonS3
etag: W/"8bb2b5364db51aded1e696f2a19b33ca"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: rH5CnKi46TrFizr6VyYtq7nhs_bo3kzhndms2Sho4p9s9nv17_eEcw==

GET
H2 200 css
fonts.googleapis.com/ 44 KB
2 KB 184ms
55ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Encode+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.5.4

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

afce4a48ff6cd57b37739a40bdd95f78cafecebfb4d7e616d2c4173a57ae3c66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 13 Jun 2024 08:16:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 13 Jun 2024 08:10:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Jun 2024 08:16:16 GMT

GET
H2 200 fontawesome.min.css
arcticwolf.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 57 KB
13 KB 169ms
138ms Stylesheet
text/css 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

fafc4160788beca657ec3e3041976281fb6d54a0e82bb4d22a433f7c6bb8b1d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:11:01 GMT
x-amz-version-id: 1hAIueUiCHJYD3zS2twK2MF7wfUmQqol
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36315
via: 1.1 ad82d8a80f2c6497aad660c7722475c0.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:25 GMT
server: AmazonS3
etag: W/"f4af7e5ec05ebb0f08d43e2384266abc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: wM_gbgCK65kmBy46giAbtZh1egi_zjA1buucegqDjdyFoVdzJ6mZAQ==

GET
H2 200 solid.min.css
arcticwolf.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 669 B
1 KB 176ms
146ms Stylesheet
text/css 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:11:01 GMT
x-amz-version-id: OVXwE7KnLnCeWFMkunVqukh2pYQh.Uq0
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 46b6cb3d5daab7defe28d3658c3a54fe.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36315
x-cache: Miss from cloudfront
content-length: 669
last-modified: Wed, 12 Jun 2024 21:28:45 GMT
server: AmazonS3
etag: "9eb2d3c87feb6bb2ffa63b70532b1477"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: xCabXd0p4D9y51_r4NChX5Re8oK2HqqMPWY4FSOoQBYqU-bOznqDGw==

GET
H2 200 script.min.js Show response
arcticwolf.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/ 409 B
956 B 179ms
149ms Script
application/javascript 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/script.min.js?ver=1

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f7bb442b06bfb13ecfee3c3ec2b6b19440a33e080ca9378f8d6f161281bd01ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:08:59 GMT
x-amz-version-id: sokL9p7_vaTJNsrqi8I7f6Fio5Lk5HmW
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 2e8126aebd83e92e3cf50c4f9c832912.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36437
x-cache: Miss from cloudfront
content-length: 409
last-modified: Wed, 12 Jun 2024 21:28:27 GMT
server: AmazonS3
etag: "b2cb713d9736e814a08353c2fedcb8e1"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: g1dHlaGHSSIyBVW3iebXg1DF22rquF8gektQGyrwmvMXF5qB_lcjJg==

GET
H2 200 jquery.min.js Show response
arcticwolf.com/wp-includes/js/jquery/ 86 KB
30 KB 162ms
132ms Script
application/javascript 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:09:00 GMT
x-amz-version-id: Nyoev2vFBcGl_no6fRrORsM6ShDLBQo2
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36436
via: 1.1 af1c2193a818b5824fd85ddd651620a8.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:47 GMT
server: AmazonS3
etag: W/"826eb77e86b02ab7724fe3d0141ff87c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: 67KFkaxJ3fs8ATU9l87CrLrVv1KPEoSRNZIukQUgwm8F1WiDWi_d3Q==

GET
H2 200 jquery-migrate.min.js Show response
arcticwolf.com/wp-includes/js/jquery/ 13 KB
5 KB 174ms
144ms Script
application/javascript 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:09:00 GMT
x-amz-version-id: GyREKwKOmtiMEr2gjKvNG5GL3T0F_LEg
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36436
via: 1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:42 GMT
server: AmazonS3
etag: W/"9ffeb32e2d9efbf8f70caabded242267"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: GEdfuUfglhb_z5YYuSa62ze4v0JrRNw0g2CSVQ0WUPvz1bAIxEZdQA==

GET
H2 200 v4-shims.min.js Show response
arcticwolf.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/ 15 KB
5 KB 174ms
145ms Script
application/javascript 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.21.8

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6f35273b8502706ee06854d797337ab40bc1b3a7421960a2ceb5392ac85a0f54

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:09:00 GMT
x-amz-version-id: iWXg0rkHtR.jsHlnoAtYBQMD.FJt2bFA
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36436
via: 1.1 78668cba389ee6455cf1c23180f33cf8.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:29 GMT
server: AmazonS3
etag: W/"ef17c8ffc514d7418b4bec001b8473fb"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: iQNsueIiL3TpyqlOwdMgNjELV73cCFiojHWW8gby_PVEGK0EXKTwBA==

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/db482b86-7cc0-40a4-94cb-f20d32869a3b/ 319 KB
38 KB 204ms
77ms Script
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/db482b86-7cc0-40a4-94cb-f20d32869a3b/OtAutoBlock.js

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31d95100c99a4bf5539f91f40bf5394d8655bd217c641ee8635f1c2ca355d1a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jun 2024 08:16:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 73907
content-md5: ShppntI2wKxzyM/oqaz6bQ==
content-length: 38410
x-ms-lease-status: unlocked
last-modified: Mon, 11 Mar 2024 12:45:42 GMT
server: cloudflare
etag: 0x8DC41C929A95F54
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 7ed4189f-201e-0028-4fb2-73582b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8930a333ff4b90da-FRA
expires: Fri, 14 Jun 2024 08:16:16 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 184ms
57ms Script
application/javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdfea52427fb822bebdd32b325768e73b40637bd203c100827d4dece88e431c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jun 2024 08:16:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: YmFgVUTeB0lXZXM9YgX19A==
age: 41770
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6882
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jun 2024 01:58:26 GMT
server: cloudflare
etag: 0x8DC8A83263D01F4
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 64ec951a-a01e-002f-35e3-bcc053000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8930a333ff4c90da-FRA
expires: Thu, 13 Jun 2024 20:40:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 203 KB
74 KB 205ms
78ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-11592367

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cd3423e8038ec78a904a26d42f0e454d1feacfd472491a873f41f6e104f7dd29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 08:16:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75637
x-xss-protection: 0
last-modified: Thu, 13 Jun 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 13 Jun 2024 08:16:16 GMT

GET
H2 200 pf_header_update.js Show response
arcticwolf.com/wp-content/ 10 KB
2 KB 164ms
136ms Script
application/javascript 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/pf_header_update.js?v=3

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0889148c4e8d0ad8ec55d4f344002d29e84aaed723c148d62695e91ee6e09082

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:09:00 GMT
x-amz-version-id: 2myDbjzCPKBkgr_XbdipZB9pIkfI4NGs
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36436
via: 1.1 51b32b366d2fc0baf4c02123f643c37c.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Fri, 31 May 2024 21:25:52 GMT
server: AmazonS3
etag: W/"55d88f613bdb84fba5b0e894c10e5c75"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: Zi7BJCWKxE6YPoNkbHtC3SYGcos86cRz9xQbKCot_JSM48rxMRh9MA==

GET
H2 200 overlay.js Show response
app.cdn.lookbookhq.com/libraries/overlay/ 5 KB
2 KB 59ms
51ms Script
application/javascript 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.cdn.lookbookhq.com/libraries/overlay/overlay.js
Requested by: Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-8.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1c48243f44eb861350f8e508ff3ac44b278f9fbb7837cc6f2c41df4a63526fa4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
date: Thu, 13 Jun 2024 02:43:26 GMT
last-modified: Wed, 28 Feb 2024 01:50:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 19977
x-amz-server-side-encryption: AES256
etag: W/"2faced081e38a470d996487bd9d7bd41"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: WubHanEy7B06L6JNEuPrz0DdQyLyLiRrkrXIyrU8vKrHTbsDDvOsxw==

GET
H2 200 overlay.css
app.cdn.lookbookhq.com/libraries/overlay/ 607 B
986 B 160ms
40ms Stylesheet
text/css 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.cdn.lookbookhq.com/libraries/overlay/overlay.css
Requested by: Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-8.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aee19ebf37943a35b04921e866bd00bd9fcb7e5390ef6d5304e798d1e22cf071

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: null
date: Thu, 13 Jun 2024 04:09:00 GMT
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
last-modified: Thu, 28 Mar 2024 01:22:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 14835
x-amz-server-side-encryption: AES256
etag: "ede2cc3c8993669aa165fb6d315f2b90"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 607
x-amz-cf-id: Fi-STGaOFo5mOYODL9XEx_KaJDProWUwCgs5mEJYJi9E89LV0D-1xQ==

GET
H2 200 css
fonts.googleapis.com/ 6 KB
989 B 174ms
49ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Encode+Sans:400,500,600,700,900&display=swap

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a8ec30237f2d598424049d254157e6dd437c2a0802ce1585ee4f14b7b4266f3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 13 Jun 2024 08:16:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 13 Jun 2024 08:14:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Jun 2024 08:16:16 GMT

GET
H2 200 AW_LOGO_REVERSE-334.png
arcticwolf.com/wp-content/uploads/2021/11/ 3 KB
3 KB 166ms
139ms Image
image/png 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arcticwolf.com/wp-content/uploads/2021/11/AW_LOGO_REVERSE-334.png

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7ecfc611250f635649bd323f82a093e8a08488f55474ad5c0399b5d9463b29f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:09:01 GMT
x-amz-version-id: dbQMXwpwiD3zBLuqWY_h3P0.ljl8H2mY
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 46b6cb3d5daab7defe28d3658c3a54fe.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36435
x-cache: Miss from cloudfront
content-length: 2678
last-modified: Thu, 29 Feb 2024 15:06:24 GMT
server: AmazonS3
etag: "8a9fcd218623caedf659e60d98f988b7"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-id: fcZC6ualvxQwi_8NLBLBeE0QNlzOS6hO5Ei_Z3R6qiukn8zU2hnSgA==

GET
H2 200 AW-mkto-floating-form-labels-styles-211027.css
cybersecurity.arcticwolf.com/rs/840-OSQ-661/images/ 16 KB
4 KB 259ms
95ms Stylesheet
text/css 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cybersecurity.arcticwolf.com/rs/840-OSQ-661/images/AW-mkto-floating-form-labels-styles-211027.css

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5573dbf95d1ec07dc22816f875719ef2d24534e633ddee21ee370eb4688fb967

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 08:16:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sat, 08 Jun 2024 01:38:09 GMT
server: cloudflare
age: 6
etag: "e60968-415e-61a56f7eb3fc6"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 8930a33438b0b620-WAW
content-length: 3668
expires: Thu, 13 Jun 2024 08:17:16 GMT

GET
H2 200 forms2.min.js Show response
cybersecurity.arcticwolf.com/js/forms2/js/ 199 KB
67 KB 105ms
99ms Script
application/x-javascript 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cybersecurity.arcticwolf.com/js/forms2/js/forms2.min.js

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0423f69dc0e5f863d923e48c8c61298979b1c3fbdacbf6976d2b36f160bdea88

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 08:16:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 30 May 2024 20:57:39 GMT
server: cloudflare
age: 4243
etag: "b01f5b-31b30-619b21e0856c0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 8930a33468efb620-WAW
expires: Thu, 13 Jun 2024 12:16:16 GMT

GET
H2 200 AW-mkto-form-style-attributes-210628.js Show response
cybersecurity.arcticwolf.com/rs/840-OSQ-661/images/ 2 KB
836 B 86ms
85ms Script
application/x-javascript 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cybersecurity.arcticwolf.com/rs/840-OSQ-661/images/AW-mkto-form-style-attributes-210628.js

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93782ddf0e56d9337912140c04414253fd17fac6ed1520ea517dfce09975f83c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 08:16:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sat, 08 Jun 2024 01:38:09 GMT
server: cloudflare
age: 6
etag: "e60969-7ad-61a56f7ecc27f"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 8930a334e9d9b620-WAW
content-length: 751
expires: Thu, 13 Jun 2024 08:17:16 GMT

GET
H2 200 jukebox.js Show response
cdn-app.pathfactory.com/production/jukebox/current/ 1 MB
314 KB 60ms
51ms Script
application/javascript 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-app.pathfactory.com/production/jukebox/current/jukebox.js
Requested by: Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-8.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c99fb06b5006e35ebf8bab7b894dff62f2966e1fcfe017fb2644e0af7fbe5eb4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
date: Thu, 13 Jun 2024 01:26:56 GMT
last-modified: Thu, 23 May 2024 00:55:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 24561
x-amz-server-side-encryption: AES256
etag: W/"f0c41bb3dbf1d65965e7fc3b2af3354d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=43200
x-amz-cf-id: u4YZIV7oXKUqHiDtcKVBnip_scAYiWKKSDXJxDnYQh7v-TWvI_B7rA==

GET
H2 200 regular.min.css
arcticwolf.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 677 B
1 KB 63ms
43ms Stylesheet
text/css 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

eea3d6ccda7f6503078cce9dc41176c1357af1c93a5b3625131ef7cf21c9d7c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:11:01 GMT
x-amz-version-id: Bn6wbU8EuZgZQP9AXUIrw430yJuetLKn
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 af1c2193a818b5824fd85ddd651620a8.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36315
x-cache: Miss from cloudfront
content-length: 677
last-modified: Wed, 12 Jun 2024 21:22:10 GMT
server: AmazonS3
etag: "3eef8c9e589a6fd58292e79bbac4ba5d"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: KqeklVYhDpyI2Il6AHQRUP4Lf71qd2JfWMb-iGwK-jyiNu_JOfwX1w==

GET
H2 200 brands.min.css
arcticwolf.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 675 B
1 KB 63ms
44ms Stylesheet
text/css 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9cd63b8cea25045c14623c538d26752518a58c0c682795ce6ad3078976c65a37

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:11:01 GMT
x-amz-version-id: kFQEyuYfX1MmgT4_dP8JiBC4smIT1uy1
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 27cdec4bbea3c020f504b2062d4e122c.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36316
x-cache: Miss from cloudfront
content-length: 675
last-modified: Wed, 12 Jun 2024 21:22:06 GMT
server: AmazonS3
etag: "144e43c3b3d8ea5b278c062c202c92f2"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: oeFXpaG24iZW8wF8ajhc_wkS-KdvBHQ7LvXuJog1u-lGD_ac_5NuOw==

GET
H2 200 animations.min.css
arcticwolf.com/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
3 KB 63ms
44ms Stylesheet
text/css 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.21.8

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:08:59 GMT
x-amz-version-id: rhC8VvsEl7vsTGUnWJn0_CWN5hylNUyP
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36438
via: 1.1 9b70adf7c49e859435e96eb0fc35c216.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:26 GMT
server: AmazonS3
etag: W/"4601ba55044413706c2022cb6c1c3d05"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: 0kmax4UOEPGC6ZSy6gzul2aFXNB8IVlO1_qey5D6P4DSQzjGu7AEmQ==

GET
H2 200 mustache.js Show response
arcticwolf.com/wp-content/plugins/strattic-search-extension/assets/ 2 KB
1 KB 64ms
45ms Script
application/javascript 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/strattic-search-extension/assets/mustache.js?ver=1.0

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a0013b499303da60cc6f7ae92351c6ce49a02ca2121992127d743b7610bed991

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:11:01 GMT
x-amz-version-id: 94.fLXm4kzlrifQxM6WejGcgPQtGuuHO
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36316
via: 1.1 78668cba389ee6455cf1c23180f33cf8.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:42 GMT
server: AmazonS3
etag: W/"97fbab873e96c04584127b5328c678a9"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: LRJpDXQPshuIamJvL4DI6fwzka7qMXXUGg4oJgU-eF_irJEyOBue_Q==

GET
H2 200 algolia.js Show response
arcticwolf.com/wp-content/plugins/strattic-search-extension/assets/ 32 KB
9 KB 64ms
46ms Script
application/javascript 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/strattic-search-extension/assets/algolia.js?ver=1.0

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5a84d09e92e25d2c3f4c66621d3ccc47b9ea6c943e83b8e283817a7920b45bab

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:11:01 GMT
x-amz-version-id: nfEcHsApi3Ndg.1vkhkMD377OwkY68gW
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36316
via: 1.1 46b6cb3d5daab7defe28d3658c3a54fe.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:30 GMT
server: AmazonS3
etag: W/"c152b0c8db7aa19fb668af4291bb8b2a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: 0EwuQyZQUdYYbofNfViTxB4pNIgp-C15HHH-p5XT1wEQ4WrEe3uYZg==

GET
H2 200 strattic-search.js Show response
arcticwolf.com/wp-content/plugins/strattic-search-extension/assets/ 5 KB
2 KB 65ms
47ms Script
application/javascript 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/strattic-search-extension/assets/strattic-search.js?ver=1.0

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2bd9df0ec0cb10f973c964c67a07e827482efd9c0a6c831d5ebfd7b2cc8d03c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:11:02 GMT
x-amz-version-id: SUN0cob8yJlwB1bX8SE7cbhXyXpex7UR
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36315
via: 1.1 6641a812839e5267ee0880e96b41efc4.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:45 GMT
server: AmazonS3
etag: W/"fa8d6bd068d09cb160f8fd11a683e3a1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: -LdICSKuSTaKe4L2AjVP_OjsbDQ3EIobih8F30C8vGORAYhS0pf-mw==

GET
H2 200 happy-addons.min.js Show response
arcticwolf.com/wp-content/plugins/happy-elementor-addons/assets/js/ 22 KB
7 KB 65ms
48ms Script
application/javascript 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/happy-elementor-addons/assets/js/happy-addons.min.js?ver=3.11.0

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7867c4f0355e55bc524ac86eb3b2237c6fb95a1b6e2b140f4f89d5007addce09

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:09:00 GMT
x-amz-version-id: FD4CPH3PnaxiAf6G_B9CF0aRljF3UnNM
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36437
via: 1.1 3677df2c828d68a6a84555cd8a40cf50.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:44 GMT
server: AmazonS3
etag: W/"ae7dfe3170d6ffaf8b2de1fd593003d7"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: GCd217ZckhRGVp-1b6izFOGipM6L5p4j5_RdpQnDqyZhcpleASLNpg==

GET
H2 200 smush-lazy-load.min.js Show response
arcticwolf.com/wp-content/plugins/wp-smush-pro/app/assets/js/ 8 KB
4 KB 66ms
49ms Script
application/javascript 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load.min.js?ver=3.16.4

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5bdcc9e3e427ad3a787ec7efe46d8c305e880eb44402c0000ff52f17ef6b0cdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:08:59 GMT
x-amz-version-id: QnhdhaIzauUfFwdeDrYA50DrEylfStcQ
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36438
via: 1.1 60dc145c687858f10bb3fe6251ad4ffe.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:39 GMT
server: AmazonS3
etag: W/"726ba3f0574433ae057e56711cb44971"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: 6t9jKzVGNDs6XODTpEtn0uRfWI2huaj2zVlrBMHATeLC3onx4BEM0g==

GET
H2 200 general.min.js Show response
arcticwolf.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/ 10 KB
4 KB 66ms
48ms Script
application/javascript 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.9.23

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

3c8654b979edf834bc0959a6738de068f5098fef9946017e6a7fcf25db34121a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:08:59 GMT
x-amz-version-id: 470Pq7PddFHT4iIn7fruBmgRYy0jgJbn
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36438
via: 1.1 840e16b680c94fee8c48b15e01dda782.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:48 GMT
server: AmazonS3
etag: W/"682208dcdc9171c2916e346a775c57a5"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: ou5Hp0eUIPTuPGyryzz8-_dLcYKbT5tUR5uTbFDJpfEzk1IFOngW1w==

GET
H2 200 hoverIntent.min.js Show response
arcticwolf.com/wp-includes/js/ 1 KB
1 KB 67ms
49ms Script
application/javascript 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:08:59 GMT
x-amz-version-id: jgAmKO22vhnWgEEZT_2KPgU9V8AbedOK
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36438
via: 1.1 2ad26f5878b778b17955978bf962dc9a.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:37 GMT
server: AmazonS3
etag: W/"8c0498e2f1f7a684a8d2a3feb934b64b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: kuFbmyvoo69OLBDh4GYJXzmk5dCg-NwkdT27CSck9-b7yVtAJOiY8w==

GET
H2 200 maxmegamenu.js Show response
arcticwolf.com/wp-content/plugins/megamenu/js/ 33 KB
6 KB 99ms
81ms Script
application/javascript 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=3.3.1

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a875e1d5f8cfe252cc8f5e04d750dd8c771fb8aceabd435d548425a445ab61d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:09:00 GMT
x-amz-version-id: JxM0Vc2kPSgtWyUjtR2A7G4aZEjTmtsL
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36437
via: 1.1 2e8126aebd83e92e3cf50c4f9c832912.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:41 GMT
server: AmazonS3
etag: W/"5480f11a9755afeba769fb68b05f0673"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: x4-UWmgX3DvB9XV80fZH1nioGSp046tCQ5qPdBuu88JiRrOuh1UkuQ==

GET
H2 200 public.js Show response
arcticwolf.com/wp-content/plugins/megamenu-pro/assets/ 26 KB
5 KB 100ms
83ms Script
application/javascript 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/megamenu-pro/assets/public.js?ver=2.4

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4ef271048d55bb5d2543f4dc66dd0eb95645b0e441be38f5e09237eb729761e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:08:59 GMT
x-amz-version-id: 8AbQiCoI8Chtsib95GQXLD41JEExpzdh
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36438
via: 1.1 af1c2193a818b5824fd85ddd651620a8.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:38 GMT
server: AmazonS3
etag: W/"1e4e7bd26c2d1b7ae7119b9d30255c46"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: nTO_0UdxJNm-Q3Vrgi7G7ybQ2__ZbuvLYPIY27ilp3Ksy35_tEsfXA==

GET
H2 200 imagesloaded.min.js Show response
arcticwolf.com/wp-includes/js/ 5 KB
2 KB 101ms
84ms Script
application/javascript 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-includes/js/imagesloaded.min.js?ver=5.0.0

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:08:58 GMT
x-amz-version-id: ZuP1Ves7blofRs6ZMJqD7tVUyfowcbfM
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36439
via: 1.1 32c1b1f3aed1f2411468b70713ad6556.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:44 GMT
server: AmazonS3
etag: W/"6823120876c9afc8929418c9a6f8e343"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: 5WXIHG6dXnQWAgEt4xBEf-47IteQ65VfF2VfJgH6kmszkszWydFrww==

GET
H2 200 webpack-pro.runtime.min.js Show response
arcticwolf.com/wp-content/plugins/elementor-pro/assets/js/ 6 KB
3 KB 101ms
85ms Script
application/javascript 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.21.3

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

70208adf6f66d47e2c620793900d2f60c79f2b90ab74eb2e2c3e8fbb086c3bc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:09:00 GMT
x-amz-version-id: Ts0GOI4mwZ3RKmPWsp_ySMvgltqgeMt5
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36437
via: 1.1 27cdec4bbea3c020f504b2062d4e122c.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:42 GMT
server: AmazonS3
etag: W/"433c6063ff1d1210765920d4bc953899"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: _IINa_maInyMrqfu61-BKKxqe3sFwLTNkTHblwG6ThcUqFQyZOD-9g==

GET
H2 200 webpack.runtime.min.js Show response
arcticwolf.com/wp-content/plugins/elementor/assets/js/ 5 KB
3 KB 102ms
86ms Script
application/javascript 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.21.8

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ff8380deeec8242b5394f3a31c65131cbc93ab61c893b70fd7193ed3dcc5da49

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:09:00 GMT
x-amz-version-id: diGonl39T_bR6IT79GWUkgRutOS_7fXt
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36437
via: 1.1 60dc145c687858f10bb3fe6251ad4ffe.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:39 GMT
server: AmazonS3
etag: W/"7435722ed2bb1b1eb6702184d81a9da6"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: LiZ5ayE3QHPuIlEqNaKl9tZAvai9j0NgUAjv2HkFCRrnqppxu6j6Mw==

GET
H2 200 frontend-modules.min.js Show response
arcticwolf.com/wp-content/plugins/elementor/assets/js/ 62 KB
18 KB 102ms
87ms Script
application/javascript 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.21.8

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a1b55c60b2932718ecb30670a31fea070a799f8608a9977e0a01f46ba9cf4b38

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:09:00 GMT
x-amz-version-id: U.Bz7vEJRAHzxeksxPBmqitUc6_OWkfK
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36437
via: 1.1 9b70adf7c49e859435e96eb0fc35c216.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:29 GMT
server: AmazonS3
etag: W/"0f982d4f8c19fe12d0f7b2c4451706d4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: eO_SXs8X7-Csrv9CB51tbcSxdQN3TXUQsSS4K6dF-fcUPjuTMh5Qow==

GET
H2 200 wp-polyfill-inert.min.js Show response
arcticwolf.com/wp-includes/js/dist/vendor/ 8 KB
3 KB 103ms
88ms Script
application/javascript 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:09:00 GMT
x-amz-version-id: WC9tJwFHGo7DqcMdTEpKOBDYNPfbEY7p
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36437
via: 1.1 2ad26f5878b778b17955978bf962dc9a.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:41 GMT
server: AmazonS3
etag: W/"dda652db133fddb9b80a05c6d1b5c540"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: BeqKlcBL9n2MBo4mVWe8-o-BrRfARRYaa0ejxK1ymoj_nbJhmEteNQ==

GET
H2 200 regenerator-runtime.min.js Show response
arcticwolf.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 107ms
93ms Script
application/javascript 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:08:59 GMT
x-amz-version-id: 6ReJHURG_4cU9HGJzPSpTFDszb1OYSWK
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36438
via: 1.1 c8faaa7d637dd73af72e1355a476ffc2.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:41 GMT
server: AmazonS3
etag: W/"fd7ef2e4737acd74fd0dcdc3b515e304"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: FESX-1yZ8z9fYTZMrjFjBE1xdcJnaXHb2FDUWM1Eo9tu_ZiszrhuCA==

GET
H2 200 wp-polyfill.min.js Show response
arcticwolf.com/wp-includes/js/dist/vendor/ 38 KB
14 KB 107ms
94ms Script
application/javascript 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:08:58 GMT
x-amz-version-id: B2_9e1uSKEypYHWP1Fni2i2RTpOoNwew
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36439
via: 1.1 3677df2c828d68a6a84555cd8a40cf50.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:24 GMT
server: AmazonS3
etag: W/"92f8c01350c630f414f5d0b015ad6864"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: alFFRD55Flp4bBzkRFcCq1mBATWZNmoPuqIwpbtL4p_jPVl_mVS-2A==

GET
H2 200 hooks.min.js Show response
arcticwolf.com/wp-includes/js/dist/ 4 KB
2 KB 109ms
96ms Script
application/javascript 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:08:58 GMT
x-amz-version-id: fnZjhjgZUKE25FGq9rghpN.dVkM3BALq
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36439
via: 1.1 78668cba389ee6455cf1c23180f33cf8.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:31 GMT
server: AmazonS3
etag: W/"072d3f6e5c446f57d5c544f9931860e2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: 1-jctsA0hfScE_hPo8Nx7mxozXHafg3xtFqUlhNT_gkc2lJGmcsTGg==

GET
H2 200 i18n.min.js Show response
arcticwolf.com/wp-includes/js/dist/ 9 KB
4 KB 110ms
97ms Script
application/javascript 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:08:58 GMT
x-amz-version-id: Zdfywt_96vo9UwQAJgq45vjh3XcaYPMl
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36439
via: 1.1 51b32b366d2fc0baf4c02123f643c37c.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:25 GMT
server: AmazonS3
etag: W/"a8127c1a87bb4f99edbeec7c37311dcd"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: Ex10XdkNFiYsZYq6P_3nLVQinKQZz36SQVwFn1oHX_F1xsfReXOyIw==

GET
H2 200 frontend.min.js Show response
arcticwolf.com/wp-content/plugins/elementor-pro/assets/js/ 24 KB
7 KB 124ms
111ms Script
application/javascript 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.21.3

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

3bc6a0f70b8792cf5564c7d756264316f1dce7b89e09db51730c6e8563fe5ecb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:08:58 GMT
x-amz-version-id: jSE1_42uagYb8LLxRvWhfBhos7qe1L9e
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36439
via: 1.1 2e8126aebd83e92e3cf50c4f9c832912.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:47 GMT
server: AmazonS3
etag: W/"b33aae3ec2063fe0d08af8c7a0903b81"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: Wl3tDNvJQ5Ti7L7I-32hMtgdBU0gS2SzGtGS-rD1NjQUuiJNOOMHJw==

GET
H2 200 waypoints.min.js Show response
arcticwolf.com/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
4 KB 110ms
98ms Script
application/javascript 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:09:00 GMT
x-amz-version-id: EktLZNJxhHLmAkzJleiFvme7vdGKtr5M
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36437
via: 1.1 ad82d8a80f2c6497aad660c7722475c0.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:34 GMT
server: AmazonS3
etag: W/"3819c3569da71daec283a75483735f7e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: xMzsyhVg2fnvUPM28BNftnOPKl1QCYY96GdP_fpyGRh5z6sSyZ5OEg==

GET
H2 200 core.min.js Show response
arcticwolf.com/wp-includes/js/jquery/ui/ 21 KB
8 KB 115ms
104ms Script
application/javascript 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:09:00 GMT
x-amz-version-id: 03ZYsEb5bapILpPo6qOKt2ucTcLtWhXw
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36437
via: 1.1 46b6cb3d5daab7defe28d3658c3a54fe.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:34 GMT
server: AmazonS3
etag: W/"c4e68a0f3463c0bd3c39eab38815e881"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: QD6zjIEQFmYetwq3BRf7am6eY0V9u5nKKYwxg9okttNeIfbMFPFePg==

GET
H2 200 frontend.min.js Show response
arcticwolf.com/wp-content/plugins/elementor/assets/js/ 39 KB
13 KB 116ms
105ms Script
application/javascript 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.21.8

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

36d8ec85c22c81136c75a65428184e376ae4cf635cabaffac7b42b9c53e43322

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:08:59 GMT
x-amz-version-id: OByJugNfhVRG9qO8tBa_zrvVPan8TwhC
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36438
via: 1.1 dbddc07d9edf6f99394912c390c6ef32.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:26 GMT
server: AmazonS3
etag: W/"d11fa723a1b2814551ea86cd05018254"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: ly0ZJIHfdtlxQR__B11DDkLA1a7k0emUnba-6dju3Pi-xrpW3C9Iyw==

GET
H2 200 elements-handlers.min.js Show response
arcticwolf.com/wp-content/plugins/elementor-pro/assets/js/ 37 KB
10 KB 121ms
110ms Script
application/javascript 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.21.3

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a2a915b430d2ecabd493dab5cd1c465e2cfe2b1515e51417f836896ce7be84f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:09:00 GMT
x-amz-version-id: sJnTBFngi_M3rBS4okg8Ng5GQEJkbItH
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36437
via: 1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Wed, 12 Jun 2024 21:28:42 GMT
server: AmazonS3
etag: W/"327e23ba197ee19ab77b76946f9ff5b1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: z5drXptiwtLJ25n1zQN01CM5Zy3udkFo2LicxaVv6gHoOdFmYVOzPA==

GET
BLOB 200
OK 3f04ad3a-7f60-4206-af15-fbab00ec9ca7
https://arcticwolf.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://arcticwolf.com/3f04ad3a-7f60-4206-af15-fbab00ec9ca7
Requested by: Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H2 200 db482b86-7cc0-40a4-94cb-f20d32869a3b.json Show response
cdn.cookielaw.org/consent/db482b86-7cc0-40a4-94cb-f20d32869a3b/ 5 KB
2 KB 163ms
58ms XHR
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/db482b86-7cc0-40a4-94cb-f20d32869a3b/db482b86-7cc0-40a4-94cb-f20d32869a3b.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abfb1822ca408cb63bb0404e5c2d835d873893f4fb7cefebc3ae00f6d889cf9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jun 2024 08:16:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 5072
content-md5: RKQGWZnPJfqB4kgXlCqITw==
content-length: 1810
x-ms-lease-status: unlocked
last-modified: Mon, 11 Mar 2024 12:45:42 GMT
server: cloudflare
etag: 0x8DC41C92A12C01D
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4b42ac58-e01e-00a1-7972-79e2fe000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8930a335df5c35fa-FRA
expires: Fri, 14 Jun 2024 08:16:16 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 544 KB
146 KB 192ms
67ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PMV4652

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c12f7ec80e87854e1ca1f37f2f8708d2dd2b26041a70004505b602753b56fb7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 08:16:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148981
x-xss-protection: 0
last-modified: Thu, 13 Jun 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 13 Jun 2024 08:16:16 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 white-mag-icon.png
arcticwolf.com/wp-content/uploads/2020/03/ 286 B
826 B 57ms
46ms Image
image/png 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arcticwolf.com/wp-content/uploads/2020/03/white-mag-icon.png

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

70473bd0b0e7e7184f687732de1aecf333cd42fea1bd239d95d9319b3fe7cd7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:11:02 GMT
x-amz-version-id: vRpsNFPPi7mUSlbSrnV0otSRHfArAMFc
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 af1c2193a818b5824fd85ddd651620a8.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36315
x-cache: Miss from cloudfront
content-length: 286
last-modified: Wed, 15 Feb 2023 19:15:46 GMT
server: AmazonS3
etag: "08f8b78ae229b78ed0ed615a42f85c69"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-id: wRhXosCViUmuby4wYi8etpzCfbvqul-WoxApFpkRNEOFTUZhaWeXCw==

GET
H2 200 icon-white-AW-globe-fluent02.png
arcticwolf.com/wp-content/uploads/2021/05/ 635 B
1 KB 58ms
47ms Image
image/png 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arcticwolf.com/wp-content/uploads/2021/05/icon-white-AW-globe-fluent02.png

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/wp-content/themes/blankslate-child/style.css?ver=6.5.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9b67318a07044d2d04da90b3798128451cdab5dfe28416644dcfcc5660888f6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/wp-content/themes/blankslate-child/style.css?ver=6.5.4
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:09:01 GMT
x-amz-version-id: _kdnJHVY48Jjuar6G.JlJklLSSesy3vV
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 3677df2c828d68a6a84555cd8a40cf50.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36436
x-cache: Miss from cloudfront
content-length: 635
last-modified: Fri, 07 Jun 2024 15:58:17 GMT
server: AmazonS3
etag: "f2b36c57051e6ff543fab429bd139c18"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-id: JZ17e9x38-MVIEmuLfCPk0T1_0dO-8tcgIODWN1G5eA3UHOrmCytUg==

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 158ms
35ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.5.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://arcticwolf.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 05:05:37 GMT
x-content-type-options: nosniff
age: 11439
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Jun 2025 05:05:37 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 199ms
77ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://arcticwolf.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 17:54:00 GMT
x-content-type-options: nosniff
age: 138136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Jun 2025 17:54:00 GMT

GET
H2 200 fa-solid-900.woff2
arcticwolf.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 76 KB
77 KB 44ms
43ms Font
font/woff2 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=4.10.33

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=4.10.33
Origin: https://arcticwolf.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:23:32 GMT
x-amz-version-id: M7Uw7R2wWUGgQq2jg6fKgfMF0pq9DNJb
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 60dc145c687858f10bb3fe6251ad4ffe.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 35565
x-cache: Miss from cloudfront
content-length: 78196
last-modified: Fri, 31 May 2024 21:26:24 GMT
server: AmazonS3
etag: "e8a427e15cc502bef99cfd722b37ea98"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-max-age: 600
access-control-allow-methods: GET, POST, PUT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
x-frame-options: SAMEORIGIN
x-amz-cf-id: cXD05VOGRI2-uh5zhLnNH2-p60b_iv6Fxpxk61gfqWtQ4yjNQr87iw==

GET
DATA 200
OK truncated
/ 31 KB
31 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6db83b2803fed3f9b574567755102b18c401904a374c8acf4c9a2e9b0159cb4f

Request headers

Referer
Origin: https://arcticwolf.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 LDIhapOFNxEwR-Bd1O9uYNmnUQomAgE25imKSbHLSMA6.woff2
fonts.gstatic.com/s/encodesans/v19/ 27 KB
27 KB 210ms
91ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/encodesans/v19/LDIhapOFNxEwR-Bd1O9uYNmnUQomAgE25imKSbHLSMA6.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84d61e7247b5194fedf074ca201a7bbc68d3ee141236b4e7cb5030abf9ab58c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://arcticwolf.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 11:18:41 GMT
x-content-type-options: nosniff
age: 161855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27320
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 20:55:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Jun 2025 11:18:41 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 162ms
72ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
accept: application/json
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 08:16:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 8930a337bf2f9ba0-FRA
access-control-allow-headers: Content-Type

GET
H2 200 fa-brands-400.woff2
arcticwolf.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 80 KB
80 KB 42ms
41ms Font
font/woff2 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=4.10.33

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6b2680fab784d245cbb23d3b51e8d18740e8fc1c7c1c8eadcf0b2b7612125ff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=4.10.33
Origin: https://arcticwolf.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:23:35 GMT
x-amz-version-id: r7rBw2D390By7BQ8Xe9sBFGV6mm7YkiX
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 32c1b1f3aed1f2411468b70713ad6556.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 35562
x-cache: Miss from cloudfront
content-length: 81612
last-modified: Fri, 31 May 2024 21:25:56 GMT
server: AmazonS3
etag: "b4d6b90f14c0441aac364e194978408e"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-max-age: 600
access-control-allow-methods: GET, POST, PUT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
x-frame-options: SAMEORIGIN
x-amz-cf-id: bgsEK3kYSJaTtJN_Idkd7zdx9uKBIZEKbAdNoPBDblY3NviTqfR2sg==

GET
H2 200 getForm Show response
cybersecurity.arcticwolf.com/index.php/form/ 19 KB
5 KB 824ms
823ms Script
application/javascript 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cybersecurity.arcticwolf.com/index.php/form/getForm?munchkinId=840-OSQ-661&form=4815&url=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&callback=jQuery37104296055784108921_1718266576598&_=1718266576599
Requested by: Host: cybersecurity.arcticwolf.com
URL: https://cybersecurity.arcticwolf.com/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbd0f735e1a16561cea3d424fab2621f73289472fa62f279480071f973162bf9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 08:16:17 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-form-service-request-id: c102#19010ab404d
x-marketo-source: Form Service
cf-ray: 8930a3390a80b620-WAW
cached: false

GET
H2 200 init Show response
jukebox.pathfactory.com/api/public/v1/ 2 KB
1 KB 867ms
635ms XHR
application/json 52.200.144.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://jukebox.pathfactory.com/api/public/v1/init?image=&title=&url=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&clientId=LB-52456ADF-10926

Requested by

Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/production/jukebox/current/jukebox.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.200.144.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-200-144-213.compute-1.amazonaws.com

Software

Resource Hash

42a3d60397713245b81e7a9d44b3ab4be62c9ef8e98f91bdd6debbebf6002243

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://arcticwolf.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 08:16:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy
content-encoding: gzip
x-request-id: 43d1cf1f-0c4f-4f7b-be8a-45155f3b4522
x-runtime: 0.516175
referrer-policy: no-referrer-when-downgrade
etag: W/"42a3d60397713245b81e7a9d44b3ab4b"
access-control-max-age: 7200
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://arcticwolf.com
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate

OPTIONS
H2 200 init
jukebox.pathfactory.com/api/public/v1/ Frame 0
0 374ms
120ms Preflight 52.200.144.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jukebox.pathfactory.com/api/public/v1/init?image=&title=&url=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&clientId=LB-52456ADF-10926
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.200.144.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-200-144-213.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://arcticwolf.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://arcticwolf.com
access-control-expose-headers
access-control-max-age: 7200
date: Thu, 13 Jun 2024 08:16:17 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202307.1.0/ 405 KB
98 KB 55ms
54ms Script
application/javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202307.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71d07479f4b2b809e5769a352f4f55b84690289026ace7ed5395230002551a11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jun 2024 08:16:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: orDm7smwsr/pjTi/DOTSGQ==
age: 51283
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 99815
x-ms-lease-status: unlocked
last-modified: Wed, 02 Aug 2023 03:24:04 GMT
server: cloudflare
etag: 0x8DB9307EC3B2CDE
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1e317a27-c01e-0099-0a64-14463e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8930a339fd8690da-FRA

GET
H2 200 6si.min.js Show response
j.6sc.co/ 66 KB
18 KB 179ms
39ms Script
application/javascript 23.53.42.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.42.251 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-42-251.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dc93c5b3243e66c7b2e27c51b76fa6a11bd7a6d7546c5fa26bbffa001f885305

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 08:16:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 09 May 2024 06:01:25 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "663c66b5-106b3"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 18038
expires: Thu, 13 Jun 2024 08:16:17 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 237 KB
85 KB 69ms
68ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-943679881&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMV4652

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0f634bab728b33a789ccead1a752a764d1ba11f20e6bb9e9563c302cbbcc0651

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 08:16:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86580
x-xss-protection: 0
last-modified: Thu, 13 Jun 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 13 Jun 2024 08:16:17 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 156ms
41ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMV4652
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 08:16:17 GMT
content-encoding: gzip
last-modified: Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kiad7000168-IAD, cache-fra-etou8220077-FRA

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 47 KB
17 KB 155ms
42ms Script
application/javascript 2a02:26f0:480:15::213:7e63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMV4652

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:15::213:7e63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 08:16:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 20 May 2024 16:52:20 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=18403
accept-ranges: bytes
content-length: 16683

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 188ms
76ms Script
text/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

03b8970524212903ed5e8da72d99351e9ac4510cf8e898f94c8b8191a96014da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 08:16:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 13 Jun 2024 08:16:17 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 154ms
44ms Script
application/x-javascript 184.31.85.59
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.31.85.59 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-85-59.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 13 Jun 2024 08:16:17 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 233ms
77ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 13 Jun 2024 08:16:16 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B7395E5E5B7048C3899FD1BE9612C47C Ref B: FRA31EDGE0611 Ref C: 2024-06-13T08:16:17Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 139ms
40ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 13 Jun 2024 08:16:17 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58024
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=2772, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: xnHmLpw7T0HisJ23cKYLSqgRtmbMs8V4ufEiuBD3eCcIQO1glYYMII2w5tDCnitLYVBjZY4aYublrWN+v45R/w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 3545.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 2 KB
1 KB 191ms
82ms Script
text/javascript 2606:4700:4400::6812:2b1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/3545.js?p=https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/&e=

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2b1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9b022139925d7365e69b32549e0bcea6f18f43b5983c39f4d858d3d673023bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 08:16:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
content-disposition: inline
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: same-origin
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
origin-agent-cluster: ?1
cf-ray: 8930a33bcafa3641-FRA

GET
H3 200 uWhJBalAQeFpeNitJUHH Show response
ws.zoominfo.com/pixel/ 0
649 B 296ms
227ms Script
text/javascript 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/uWhJBalAQeFpeNitJUHH

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 08:16:17 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
content-length: 0
cf-ray: 8930a33b9fffb5fd-WAW
alt-svc: h3=":443"; ma=86400

GET
H2 200 zaxd53bdwtvy.js Show response
js.driftt.com/include/1718266800000/ 221 KB
62 KB 254ms
162ms Script
application/javascript 18.245.86.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1718266800000/zaxd53bdwtvy.js

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-14.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

24688043f67a45e79662f6fc9b64ddf8ddccafaf458458fe066db7a1be89d05d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: vYj2QwoXuDHoMr32TIXJRIEgPcZmsDr0
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Thu, 13 Jun 2024 08:16:17 GMT
via: 1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 41
last-modified: Thu, 30 May 2024 18:54:04 GMT
server: istio-envoy
etag: W/"ae4f24426ae40aec8481b3eedc7098e8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fHFRowwkhoLqw79ZBmmh1Ykt-usJbSXega1LtxomNPX-2pV6qS7zwA==

GET
H2 200 tracking.js Show response
trk.techtarget.com/ 3 KB
2 KB 209ms
75ms Script
text/javascript 2606:4700:4400::6812:24c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trk.techtarget.com/tracking.js

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 08:16:17 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 15:01:39 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
age: 59167
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1200
cf-ray: 8930a33cde71973d-FRA
expires: Thu, 13 Jun 2024 08:36:17 GMT

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 18 KB
18 KB 173ms
41ms Script
text/javascript 35.244.142.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 01a6571de875629cd204157ffb77bdf6787f80ecbafacae73c1cc4f893eb43a6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 07:52:32 GMT
age: 1425
x-guploader-uploadid: ABPtcPq9s9HR7iwUmtL7h14oulgUI-34KwP9izomK8trUw11LnQZOwQC3mc5F7DA0HgYTmWAhDE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17985
last-modified: Tue, 14 May 2024 14:35:47 GMT
server: UploadServer
etag: "d7cac522641241ca4e9ceac4f1b458e8"
x-goog-generation: 1715697347359123
x-goog-hash: crc32c=Q65p8w==, md5=18rFImQSQcpOnOrE8bRY6A==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 17985
accept-ranges: bytes
content-type: text/javascript
expires: Thu, 13 Jun 2024 08:52:32 GMT

GET
H3 200 siteanalyze_6145655.js Show response
siteimproveanalytics.com/js/ 64 KB
16 KB 120ms
61ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_6145655.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMV4652
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8cc26f74fecef92fefa117830f8f30af73389e86abcb75fb026f7d2a52d8f9a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 08:16:17 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: GQ6W26ZJQ7C48PW7
age: 223
alt-svc: h3=":443"; ma=86400
content-length: 16029
x-amz-id-2: KrOxDmoGoS56mfNzNk3iutuED759FfHVZNbq8EMB0spNrThs6ZoTy2nngdxfoIWcUWrnD9rTqpe/ogrLzKQ2eg==
last-modified: Tue, 11 Jun 2024 14:14:36 GMT
server: cloudflare
etag: "5f1995ababef709e4e9dd00405d7d8af"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y%2Fm8TlXX4W9EdBrM1mLhKX0p%2BAi7%2FRL3FGYzEZSVlhV8S50GLCOyXD33XcRX0fClR%2FLt6g83y0YLxJfOdHsnbVTBB9pdsRZZi9IAUJZyXMUjWRlDaC2qDAyYmFBiULEMhX%2Bx33PX5Ted%2FQE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, no-transform
accept-ranges: bytes
cf-ray: 8930a33c78f11999-FRA

GET
H2 200 st.js Show response
s.swiftypecdn.com/install/v2/ 416 KB
110 KB 168ms
40ms Script
text/javascript 151.101.65.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.swiftypecdn.com/install/v2/st.js
Requested by: Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.167 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2d7c7930eb39d59cd8c2dc00652977da3ed72347e7cd465f7b540e10e2121c22

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220111-FRA
date: Thu, 13 Jun 2024 08:16:17 GMT
content-encoding: gzip
via: 1.1 varnish
age: 127
x-timer: S1718266577.455714,VS0,VE0
etag: "644bc37e-1b6c6"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=300, public, max-age=300, public
accept-ranges: bytes
content-length: 112326
x-cache-hits: 4

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 203 KB
74 KB 71ms
70ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-11592367&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMV4652

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1293ad5193e9e5a872d9d0f6bedd8e34c59489e7ef2f48d67ebbcb8020e5a0e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 08:16:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75684
x-xss-protection: 0
last-modified: Thu, 13 Jun 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 13 Jun 2024 08:16:17 GMT

GET
H2 200 fa-brands-400.woff2
arcticwolf.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 80 KB
0 0ms
0ms Font
font/woff2 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6b2680fab784d245cbb23d3b51e8d18740e8fc1c7c1c8eadcf0b2b7612125ff8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
Origin: https://arcticwolf.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:23:35 GMT
x-amz-version-id: r7rBw2D390By7BQ8Xe9sBFGV6mm7YkiX
x-content-type-options: nosniff
via: 1.1 32c1b1f3aed1f2411468b70713ad6556.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 35562
x-cache: Miss from cloudfront
content-length: 81612
last-modified: Fri, 31 May 2024 21:25:56 GMT
server: AmazonS3
etag: "b4d6b90f14c0441aac364e194978408e"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-max-age: 600
access-control-allow-methods: GET, POST, PUT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
x-frame-options: SAMEORIGIN
x-amz-cf-id: bgsEK3kYSJaTtJN_Idkd7zdx9uKBIZEKbAdNoPBDblY3NviTqfR2sg==

GET
H2 200 de.json Show response
cdn.cookielaw.org/consent/db482b86-7cc0-40a4-94cb-f20d32869a3b/77bec06f-5a0f-402f-bf2b-1f770ac2ff6d/ 174 KB
34 KB 66ms
65ms Fetch
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/db482b86-7cc0-40a4-94cb-f20d32869a3b/77bec06f-5a0f-402f-bf2b-1f770ac2ff6d/de.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202307.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

916baea92eb9094e106e44c8d6de06469c6f446ae5ff8550767587489b80304c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jun 2024 08:16:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 84832
content-md5: DQM9zXYP6kichaAAfgdR7w==
content-length: 34154
x-ms-lease-status: unlocked
last-modified: Mon, 11 Mar 2024 12:45:40 GMT
server: cloudflare
etag: 0x8DC41C928B44DBE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5ae32fdc-301e-0034-4540-740a4b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8930a33cef9d35fa-FRA
expires: Fri, 14 Jun 2024 08:16:17 GMT

GET
H2 200 adsct
t.co/i/ 43 B
377 B 392ms
233ms Image
image/gif 93.184.221.165
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=bf412362-3356-4786-a483-bd175a670180&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d16e7dce-16d8-48d2-a11e-4c6d91f9160c&tw_document_href=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxet7&type=javascript&version=2.3.30

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 191
date: Thu, 13 Jun 2024 08:16:17 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 4fd1637f4b4a779e
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 99efdee974078b85cb309a2cfbe8687d1313bdab145351dd75e3f263a1a9b4d2
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
392 B 301ms
156ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=bf412362-3356-4786-a483-bd175a670180&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d16e7dce-16d8-48d2-a11e-4c6d91f9160c&tw_document_href=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxet7&type=javascript&version=2.3.30

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 116
date: Thu, 13 Jun 2024 08:16:17 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: f5dfe58e8e724cad
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 9f47ecc17a6ace5ade0b1ca839eb5e9ef53c0cdb6d74ba28a250a57087f606f3
content-length: 43

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
816 B 407ms
252ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=50605&time=1718266577515&url=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: *
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 08:16:17 GMT
content-encoding: gzip
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 43730448D2A84841B4678C97110B8DD8 Ref B: DUS30EDGE0917 Ref C: 2024-06-13T08:16:17Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lor1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYawRz/gHqbc8Ff7Yy7ZA==
x-fs-uuid: 00061ac11cff807a9b73c15fed8cbb64

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50605&time=1718266577515&url=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50605&time=1718266577515&url=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D50605%26time%3D1718266577515%26url%3Dhttps%253A%252F%252Farcticwolf.com%252Fresou...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50605&time=1718266577515&url=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&cookiesTest=true&liSync=...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50605&time=1718266577515&url=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&cookiesTest=true&liSync...

0
264 B

411ms
169ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50605&time=1718266577515&url=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&cookiesTest=true&liSync=true&e_ipv6=AQIVClfeh6lRnQAAAZAQq0ZHkOkpBKw0jPzXu821pStEi24NmbRL5fTPRQsS28nBLgZQuIU
Requested by: Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://arcticwolf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 13 Jun 2024 08:16:18 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: A248B03029284955A7386A688048307F Ref B: FRAEDGE1513 Ref C: 2024-06-13T08:16:18Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYawR0QZ4JAUnKT61J7Aw==

Redirect headers

date: Thu, 13 Jun 2024 08:16:18 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: B3B074D08DD2459E932E5A5D67DF7F5B Ref B: DUS30EDGE0407 Ref C: 2024-06-13T08:16:18Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50605&time=1718266577515&url=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&cookiesTest=true&liSync=true&e_ipv6=AQIVClfeh6lRnQAAAZAQq0ZHkOkpBKw0jPzXu821pStEi24NmbRL5fTPRQsS28nBLgZQuIU
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYawR0KZfDYVb3cq2/W8w==

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 47ms
46ms Script
application/x-javascript 184.31.85.59
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.31.85.59 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-85-59.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 13 Jun 2024 08:16:17 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Sat, 21 Sep 2024 08:16:17 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/f9c66401/www-widgetapi.vflset/ 37 KB
13 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f9c66401/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0bf2e9f81fa82f306a38ab2b997ecdbe3e44d8e9468c10b7b5473486a8e4c81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 06:34:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6135
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12617
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 04:28:30 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Jun 2025 06:34:02 GMT

POST
H2 200 assign
tracking.g2crowd.com/attribution_tracking/conversions/ 0
0 160ms
159ms Ping
text/html 2606:4700:4400::6812:2b1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.g2crowd.com/attribution_tracking/conversions/assign
Requested by: Host: tracking.g2crowd.com
URL: https://tracking.g2crowd.com/attribution_tracking/conversions/3545.js?p=https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/&e=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2b1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryQGP8im9WVewn4sLz

Response headers

GET
H2 200 480386592743035 Show response
connect.facebook.net/signals/config/ 60 KB
12 KB 43ms
41ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/480386592743035?v=2.9.158&r=stable&domain=arcticwolf.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c297e86e2b8fe6aa55ac7b71d568dee7f2c195d514a0d521b968b19e92d3bfff

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 13 Jun 2024 08:16:17 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12449
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=63, mss=1297, tbw=63532, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: lnCxvL+2Zr1kbcn9N0ZEAiETPf/Z58I1xT7TZMI1XS3+u7kSF1/4AKV28DHva24Gs0Vznc29Sbkx3RaHBVlyZg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 26066703.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 63ms
62ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/26066703.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

040e7b516a60105fbbd09dfba5e37c49539ce6b22b78aab284468c1185530f3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Thu, 13 Jun 2024 08:16:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EB656B8C532543D9ACF038D18FDD8562 Ref B: FRA31EDGE0611 Ref C: 2024-06-13T08:16:17Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 200 otFloatingFlat.json Show response
cdn.cookielaw.org/scripttemplates/202307.1.0/assets/ 10 KB
3 KB 59ms
58ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202307.1.0/assets/otFloatingFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202307.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3321757433351762495ef3452adf0fcefa179583f4409dd04815c710c5e45f6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jun 2024 08:16:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: FMq1aROKTLEntOEKFY9rXQ==
age: 77213
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2707
x-ms-lease-status: unlocked
last-modified: Wed, 02 Aug 2023 03:23:58 GMT
server: cloudflare
etag: 0x8DB9307E920F4DA
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 8cb44f9f-701e-00ae-62e8-b26204000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8930a33ec9ca35fa-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202307.1.0/assets/v2/ 61 KB
12 KB 64ms
63ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202307.1.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202307.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jun 2024 08:16:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: lrjqvumkzLVMxa35AVJR4w==
age: 4287
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12544
x-ms-lease-status: unlocked
last-modified: Wed, 02 Aug 2023 03:24:00 GMT
server: cloudflare
etag: 0x8DB9307EA0A6EFC
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: c37002da-401e-0001-68b1-73665f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8930a33ec9cd35fa-FRA

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/202307.1.0/assets/ 5 KB
2 KB 55ms
54ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202307.1.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202307.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

509f2e49500fbaeb5d7e1959071f2922b693d0135080e2871e124ec8bdd08bb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jun 2024 08:16:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: J/OXP0fdvy1F2I+bffRnrw==
age: 80001
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1766
x-ms-lease-status: unlocked
last-modified: Wed, 02 Aug 2023 03:23:59 GMT
server: cloudflare
etag: 0x8DB9307E9C4BDC1
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 84dff703-101e-009a-750e-73a75a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8930a33ec9d035fa-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202307.1.0/assets/ 21 KB
4 KB 56ms
56ms Fetch
text/css 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202307.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202307.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ed6388d56fc9f2044791e0559ab4a283381791e359dc2981449955e702de56d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jun 2024 08:16:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: /b68gAlvQhCuyX9fCPcDyg==
age: 25732
x-ms-lease-status: unlocked
last-modified: Wed, 02 Aug 2023 03:24:08 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 3edc2066-401e-00a8-2db1-73a72d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8930a33ec9d135fa-FRA

OPTIONS
H2 200 gif.gif
ibc-flow.techtarget.com/a/ Frame 0
0 233ms
143ms Preflight
text/html 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=2977641&r=1718266577704&ref=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&version=2.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ibc_rate_tier
Access-Control-Request-Method: GET
Origin: https://arcticwolf.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 13 Jun 2024 08:16:17 GMT
expires: Thu, 13 Jun 2024 08:16:17 GMT
server: nginx/1.20.2
vary: Origin
via: 1.1 google
x-guploader-uploadid: ABPtcPr3yVWkdwH9cmYF4NdAaxFipMGjddEnPAGopAnNBF8UECE9JGIihwEWQcbCjo0qf4evP2I

GET
H2 200 gif.gif Show response
ibc-flow.techtarget.com/a/ 43 B
451 B 147ms
145ms XHR
image/gif 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=2977641&r=1718266577704&ref=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&version=2.4
Requested by: Host: trk.techtarget.com
URL: https://trk.techtarget.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

ibc_rate_tier: 2977641
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 08:16:18 GMT
via: 1.1 google
x-guploader-uploadid: ABPtcPrY73cIvIrB8e9UkEYXNeJPGzvqB8BvI__V051pnMN83fIUWTbxnXQHyM_OSEtzJe9OrXs
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
last-modified: Thu, 08 Dec 2022 21:19:29 GMT
server: nginx/1.20.2
etag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
vary: Origin
x-goog-generation: 1670534369365034
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=7uenZA==, md5=/JT7DD7YqPkJ28djCgmH/w==
cache-control: public, max-age=3600
access-control-allow-methods: GET, POST, OPTIONS
x-goog-stored-content-length: 43
accept-ranges: bytes
access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
expires: Thu, 13 Jun 2024 09:16:18 GMT

GET
H2 200 cHbmD8PvdxJ6x71LmMbA.json Show response
s.swiftypecdn.com/install/v2/config/ 19 KB
5 KB 119ms
39ms XHR
application/json 151.101.65.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://s.swiftypecdn.com/install/v2/config/cHbmD8PvdxJ6x71LmMbA.json

Requested by

Host: s.swiftypecdn.com
URL: https://s.swiftypecdn.com/install/v2/st.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.167 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9b73c58f0c3bc0310051845a92ba4d7dca2d77b697d029764336ddb55eb38379

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: */*
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 08:16:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish
x-permitted-cross-domain-policies: none
age: 258
x-cache: HIT
content-length: 4212
x-xss-protection: 1; mode=block
x-request-id: e5b2b0afa2a08c627654e7064040380f
x-served-by: cache-fra-etou8220059-FRA
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Jan 2024 19:24:27 GMT
x-timer: S1718266578.845095,VS0,VE0
etag: W/"4afe5518a208f9fd852e520af65f06be"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-cache-hits: 5

POST
H2 200 pdst-events-prod-sink Show response
us-central1-adaptive-growth.cloudfunctions.net/ 2 B
122 B 207ms
205ms Fetch
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: cdn.pdst.fm
URL: https://cdn.pdst.fm/ping.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://arcticwolf.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 08:16:18 GMT
content-encoding: gzip
server: Google Frontend
access-control-allow-methods: GET, POST
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: e1c2c4bd0beffcf335f8df1481de1610
cache-control: private
function-execution-id: 2wu1fmcrdlm5
access-control-allow-headers: Content-Type, Accept
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 292ms
159ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://arcticwolf.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: gzip
content-length: 22
content-type: text/html; charset=utf-8
date: Thu, 13 Jun 2024 08:16:17 GMT
function-execution-id: 8crvfbcmajiw
server: Google Frontend
x-cloud-trace-context: fd4febfd2ddbc0851b6644dfb4a3c566

GET
H2 200 forms2.css
cybersecurity.arcticwolf.com/js/forms2/css/ 13 KB
3 KB 88ms
87ms Stylesheet
text/css 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cybersecurity.arcticwolf.com/js/forms2/css/forms2.css

Requested by

Host: cybersecurity.arcticwolf.com
URL: https://cybersecurity.arcticwolf.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 08:16:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 30 May 2024 20:57:39 GMT
server: cloudflare
age: 4243
etag: "2401572-3437-619b21e0856c0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8930a33f3e87b620-WAW
content-length: 2623
expires: Thu, 13 Jun 2024 12:16:17 GMT

GET
H2 200 forms2-theme-plain.css
cybersecurity.arcticwolf.com/js/forms2/css/ 828 B
335 B 89ms
89ms Stylesheet
text/css 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cybersecurity.arcticwolf.com/js/forms2/css/forms2-theme-plain.css

Requested by

Host: cybersecurity.arcticwolf.com
URL: https://cybersecurity.arcticwolf.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 08:16:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 30 May 2024 20:57:39 GMT
server: cloudflare
age: 3856
etag: "2401575-33c-619b21e0856c0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8930a33f3e8ab620-WAW
content-length: 246
expires: Thu, 13 Jun 2024 12:16:17 GMT

GET
H2 200 css
fonts.googleapis.com/ 717 B
466 B 50ms
48ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Host: cybersecurity.arcticwolf.com
URL: https://cybersecurity.arcticwolf.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

77d9907ca853ab885fd7a35a29faaf4206b8fe47347cd9c12391d64451ad6f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 13 Jun 2024 08:16:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 13 Jun 2024 07:11:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Jun 2024 08:16:17 GMT

GET
H2 200 wp-emoji-release.min.js Show response
arcticwolf.com/wp-includes/js/ 18 KB
6 KB 51ms
50ms Script
application/javascript 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.4

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:11:03 GMT
x-amz-version-id: 0BamQkEpAvIRSMEF8IuAXkHZ0wr9qYIp
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36315
via: 1.1 2ad26f5878b778b17955978bf962dc9a.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Fri, 05 Apr 2024 21:13:04 GMT
server: AmazonS3
etag: W/"b976b651932bfd25b9ddb5b7693d88a7"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: QQhw6jxqwdv0YcO_AzolJm0JdMOETd0bpp2d60eaM98KbZx7Xa755A==

GET
H2 200 9decd3b0fe5c0841dd43a5375baa5a71.js Show response
ob.robotflowermobile.com/i/ 102 KB
38 KB 144ms
46ms Script
text/javascript 2600:9000:2057:3c00:1c:f10a:ad80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.robotflowermobile.com/i/9decd3b0fe5c0841dd43a5375baa5a71.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMV4652
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3c00:1c:f10a:ad80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: e7cf34e04e55f68fbd2ee9f6b2648fe01feffae757a1e27d6c651bf3a1a2ef60

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 06:56:48 GMT
content-encoding: gzip
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: FRA6-C1
age: 4775
etag: "198fc-FfF0hKOOngyi2rhJ8b8Fw6SQNAM"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 38277
x-amz-cf-id: ZSXxYd91_LbNMWsQNfnrSpXJ2atMyy30YZaArzwlmEu8g1QZ1fZJIg==
expires: Thu, 13 Jun 2024 18:56:42 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
0 2ms
2ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://arcticwolf.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 05:05:37 GMT
x-content-type-options: nosniff
age: 11439
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Jun 2025 05:05:37 GMT

GET
H2 200 / Show response
arcticwolf.com/resources/tag/security-bulletins/feed/ 13 KB
4 KB 41ms
40ms XHR
text/plain 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/resources/tag/security-bulletins/feed/

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7f4b01414c2ad7c4822e345d90850154da7f507f9ab4a2505f84c6d67839b56a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/xml, text/xml, */*; q=0.01
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 21:30:49 GMT
x-amz-version-id: bLvudL1D0xUegRfJ3tS64QShnXiilzy2
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 38730
via: 1.1 6641a812839e5267ee0880e96b41efc4.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Mon, 10 Jun 2024 20:57:50 GMT
server: AmazonS3
etag: W/"5808f5509ba525e6e8155654f6b13b18"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/rss+xml; charset=UTF-8
cache-control: must-revalidate, max-age=0, s-maxage=86400
x-amz-cf-id: NBZeAps48bHvfl8iMLsRxVERpQjSGKWoAxs698zP2ebDo6duoRiSjg==

GET
H2 200 image.aspx
6145655.global.siteimproveanalytics.io/ 34 B
149 B 213ms
41ms Image
image/gif 3.126.143.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6145655.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&title=Lost%20in%20the%20Fog%3A%20A%20New%20Ransomware%20Threat%20-%20Arctic%20Wolf&res=1600x1200&accountid=6145655&rt=2664&prev=038bafd8-a9ae-5d20-4e9f-bbf3d0eddb88&luid=3c03fd58-d330-37e0-b73d-24d758858ebf&rnd=34615
Requested by: Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.143.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-143-238.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/gif
date: Thu, 13 Jun 2024 08:16:18 GMT
cache-control: max-age=0
content-length: 34
expires: Thu, 13 Jun 2024 08:16:18 UTC

POST
H/1.1 200
OK visitWebPage
840-osq-661.mktoresp.com/webevents/ 2 B
318 B 1011ms
179ms Ping
text/plain 192.28.147.68
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://840-osq-661.mktoresp.com/webevents/visitWebPage?_mchNc=1718266578131&_mchCn=&_mchId=840-OSQ-661&_mchTk=_mch-arcticwolf.com-1718266578127-36601&_mchHo=arcticwolf.com&_mchPo=&_mchRu=%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 13 Jun 2024 08:16:19 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 7c0a63d6-38b8-4652-91a7-7980fba99636

GET
H2 200 26066703 Show response
www.clarity.ms/tag/uet/ 979 B
1 KB 288ms
127ms Script
application/x-javascript 2620:1ec:29:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/26066703
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/26066703.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7df3b7947b0a67013213f68f5390483d28132ae641c4cf16656eeb39c2f49c99

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Thu, 13 Jun 2024 08:16:18 GMT
x-azure-ref: 20240613T081618Z-15f57b858d4l4h46rbxgdbrrkn0000000g6000000000f67b
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 979
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 169ms
38ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=480386592743035&ev=PageView&dl=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&rl=&if=false&ts=1718266578152&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718266578150.615182463925184508&ler=empty&cdl=API_unavailable&it=1718266577544&coo=false&rqm=GET

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1297, tbw=2822, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 13 Jun 2024 08:16:18 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 346ms
215ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=480386592743035&ev=PageView&dl=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&rl=&if=false&ts=1718266578152&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718266578150.615182463925184508&ler=empty&cdl=API_unavailable&it=1718266577544&coo=false&rqm=FGET

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x206c252660aa3be9","source_keys":["1","2"]},{"key_piece":"0x5b2f9cd20b0f9570","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Thu, 13 Jun 2024 08:16:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7379898759070002857", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=44, rtx=0, c=16, mss=1297, tbw=3140, tp=-1, tpl=-1, uplat=174, ullat=0
pragma: no-cache
x-fb-debug: qxNlPjz2s4XQM9fJxsFH6Vl8bJcW82wLR8+QdunoOfU7TzT1XgvtfTzbnfo4zMEuB4G+g4EF38KqEqSQp41YEQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7379898759070002857"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
538 B 59ms
56ms Fetch
image/svg+xml 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202307.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jun 2024 08:16:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 44086
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jun 2024 01:58:28 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 9079af98-801e-0011-41e5-bc7672000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8930a342eeef35fa-FRA

GET
H2 200 AW_LOGO-sm.png
cdn.cookielaw.org/logos/1a8208da-88f2-4102-bad8-e9cf7a89fe0a/9150a14e-93e2-498c-8817-005365b2b599/9f8c16e2-6b59-4db4-9486-30a9363b3cd5/ 46 KB
47 KB 78ms
59ms Image
image/png 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/1a8208da-88f2-4102-bad8-e9cf7a89fe0a/9150a14e-93e2-498c-8817-005365b2b599/9f8c16e2-6b59-4db4-9486-30a9363b3cd5/AW_LOGO-sm.png

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

979b259f51a813a55f6d14beb947480da427c8d7ac1a3c0b0ef79a14a17ebeb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jun 2024 08:16:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: czpOrd+TuEmrkUWMrxQLrg==
age: 68167
content-length: 47531
x-ms-lease-status: unlocked
last-modified: Fri, 07 Oct 2022 19:47:59 GMT
server: cloudflare
etag: 0x8DAA89CD6874D80
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 853266d6-c01e-0030-4756-61874c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8930a3434ef990da-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 76ms
58ms Image
image/svg+xml 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jun 2024 08:16:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 28674
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jun 2024 01:58:29 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: d102b06e-001e-0000-1afb-bc4169000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8930a3435efb90da-FRA

GET
H2 200 new_embed-2552d8d62d9c60f59b3b11a5d083d1ebd090c72de809fc7c76fb339825302241.css
s.swiftypecdn.com/assets/ 89 KB
33 KB 56ms
54ms Stylesheet
text/css 151.101.65.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.swiftypecdn.com/assets/new_embed-2552d8d62d9c60f59b3b11a5d083d1ebd090c72de809fc7c76fb339825302241.css
Requested by: Host: s.swiftypecdn.com
URL: https://s.swiftypecdn.com/install/v2/st.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.167 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2552d8d62d9c60f59b3b11a5d083d1ebd090c72de809fc7c76fb339825302241

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 530
date: Thu, 13 Jun 2024 08:16:18 GMT
content-encoding: gzip
via: 1.1 varnish
age: 118234
x-cache: HIT
content-length: 33983
x-served-by: cache-fra-etou8220111-FRA
x-timer: S1718266578.454492,VS0,VE0
etag: "62b9d075-84bf"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Wed, 11 Jun 2025 23:25:44 GMT

GET
H2 200 share-buttons.08f4daf4a4285a8632b8.bundle.min.js Show response
arcticwolf.com/wp-content/plugins/elementor-pro/assets/js/ 2 KB
1 KB 45ms
44ms Script
application/javascript 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/elementor-pro/assets/js/share-buttons.08f4daf4a4285a8632b8.bundle.min.js

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.21.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

cb2f02d0ab6bea09b12bdddedaf9677b4bea9e1a390fd86b9e6328a09393051b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:11:03 GMT
x-amz-version-id: WpZh6WIeXtSxjkoxhF79JfCBGzseC8Xq
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36316
via: 1.1 2e8126aebd83e92e3cf50c4f9c832912.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Fri, 24 May 2024 23:41:15 GMT
server: AmazonS3
etag: W/"0fa5ec5de5cf082e097d9941e8c08ead"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: Gr2xDkuxMFczEL0qi4P2V-w_WJcfO0gSBz_cw5IAeqaqxIZ2BXxZrw==

GET
H2 200 60745ddf42fde6647dbc.bundle.min.js Show response
arcticwolf.com/wp-content/plugins/elementor-pro/assets/js/ 21 KB
9 KB 48ms
41ms Script
application/javascript 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/elementor-pro/assets/js/60745ddf42fde6647dbc.bundle.min.js

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.21.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

817ed52d30fc35db1227aaed57de4f6af12f580cd0f7de68d58a0731f0295491

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:11:03 GMT
x-amz-version-id: 6nzZsuogiXrKitzxmbV_E0.BCoKHB6yn
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36316
via: 1.1 840e16b680c94fee8c48b15e01dda782.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Fri, 24 May 2024 23:40:49 GMT
server: AmazonS3
etag: W/"2a3454db1c3949e8493b5588d4ac464c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: 7CkxPapItJzb1xJW0S-oFkX8GjTWs-SewHDHpGeqOEqiotnIadEFeQ==

GET
H2 200 table-of-contents.82ad797536446d523057.bundle.min.js Show response
arcticwolf.com/wp-content/plugins/elementor-pro/assets/js/ 8 KB
3 KB 49ms
42ms Script
application/javascript 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/elementor-pro/assets/js/table-of-contents.82ad797536446d523057.bundle.min.js

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.21.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1595fb9eb01ba4336679ab459b415f48a9fc1fcd3c457a4083848ca2d504b590

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:11:03 GMT
x-amz-version-id: wsvBvdzxh5Zq12n68AiuWBUL96Vq8z2x
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36316
via: 1.1 60dc145c687858f10bb3fe6251ad4ffe.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Fri, 24 May 2024 23:41:41 GMT
server: AmazonS3
etag: W/"6268cc565104c97916fc78cd39d4fecc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: uYZ0iDj0dAErZ4we4MX-4tfUhelXNut-csVG1L6rP-PgtBHnCqks-g==

GET
H2 200 load-more.bc9573b5d1f73abd80b9.bundle.min.js Show response
arcticwolf.com/wp-content/plugins/elementor-pro/assets/js/ 5 KB
2 KB 45ms
42ms Script
application/javascript 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/elementor-pro/assets/js/load-more.bc9573b5d1f73abd80b9.bundle.min.js

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.21.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

86ab8ed42661c0f23333349e97a16a31a141e7008fdd5d89caac5617e4e09c2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:09:02 GMT
x-amz-version-id: 3ihupI3_lCT6t0UhqilbkQxT.db9B2ub
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36437
via: 1.1 c8faaa7d637dd73af72e1355a476ffc2.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Fri, 24 May 2024 23:41:06 GMT
server: AmazonS3
etag: W/"eeb7407f485763ef790a6c79a75f5a29"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: 2gfQfqt-Le4Z-kIQvoyt288Pi2xog-N1EOFlnAlqBzaJqjakgWpniQ==

GET
H2 200 posts.caaf3e27e57db8207afc.bundle.min.js Show response
arcticwolf.com/wp-content/plugins/elementor-pro/assets/js/ 3 KB
2 KB 46ms
43ms Script
application/javascript 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/elementor-pro/assets/js/posts.caaf3e27e57db8207afc.bundle.min.js

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.21.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f97f10d92e036abfa77d3051f903c5c494d9e6b2c1ae9ae4c8086af58dd07a1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:09:02 GMT
x-amz-version-id: 5rig8eM6O8uc1_k1LOz6PZkwmI922Mkw
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36437
via: 1.1 af1c2193a818b5824fd85ddd651620a8.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Fri, 24 May 2024 23:41:18 GMT
server: AmazonS3
etag: W/"bd0d4ab7128078224749803a9564ca1a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: ZwIbPmBM6Tlrkhi7PuYjeMxU56KXJEUx9N36UDn1TtIue6Cd7NiHvA==

GET
H2 200 font-awesome.min.css
cdn-app.pathfactory.com/web-fonts/font-awesome/ 28 KB
7 KB 42ms
40ms Stylesheet
text/css 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-app.pathfactory.com/web-fonts/font-awesome/font-awesome.min.css
Requested by: Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/production/jukebox/current/jukebox.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-8.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 14b6cfd9b2a41bf5ee498086b1fbe2e8a31b1f99d5e040d55bdbe2d95702b6ac

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
date: Thu, 13 Jun 2024 01:33:28 GMT
last-modified: Mon, 27 Mar 2023 14:54:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 24188
x-amz-server-side-encryption: AES256
etag: W/"d96f1330ac4b04ce0b20d2206236e62c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: mzHTLIYjma88kutPmxbvFXmQJwuYIjwOgNDGjdSVfzlDDZjojZPJuQ==

GET
H2 200 roboto_lato.css
cdn-app.pathfactory.com/web-fonts/roboto_lato/ 5 KB
1 KB 43ms
41ms Stylesheet
text/css 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-app.pathfactory.com/web-fonts/roboto_lato/roboto_lato.css
Requested by: Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/production/jukebox/current/jukebox.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-8.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a3e647bd139028a8b14cd0c42545d61fe316a4a42436a5602b44df99d8d416f3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
date: Thu, 13 Jun 2024 02:03:45 GMT
last-modified: Mon, 27 Mar 2023 14:55:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 22363
x-amz-server-side-encryption: AES256
etag: W/"6339b6205ef670ae453a1fa9e8740fd8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: tIOWMZsvAOdWlrOU6hb2rC_PMblqKyT0L1Gg4zWGTfGKGwh2t61N5Q==

HEAD
H/1.1 200
OK tp2
spcollector.pathfactory.com/com.snowplowanalytics.snowplow/ 0
0 559ms
115ms Fetch
image/gif 35.173.88.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://spcollector.pathfactory.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/production/jukebox/current/jukebox.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.88.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-88-167.compute-1.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 13 Jun 2024 08:16:19 GMT
Server: akka-http/10.0.9
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43

GET
H2 204 website_forms Show response
jukebox.pathfactory.com/api/public/v1/ 0
408 B 135ms
134ms XHR
text/plain 52.200.144.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://jukebox.pathfactory.com/api/public/v1/website_forms?pfVisitorUuid=&url=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&clientId=LB-52456ADF-10926

Requested by

Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/production/jukebox/current/jukebox.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.200.144.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-200-144-213.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://arcticwolf.com/
sec-ch-ua-platform: "Win32"

Response headers

x-runtime: 0.013705
date: Thu, 13 Jun 2024 08:16:18 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
access-control-max-age: 7200
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://arcticwolf.com
access-control-expose-headers
cache-control: no-cache
access-control-allow-credentials: true
vary: Origin
x-request-id: 86f94e7f-1643-42af-9307-05bb43d8da32

OPTIONS
H2 200 website_forms
jukebox.pathfactory.com/api/public/v1/ Frame 0
0 118ms
118ms Preflight 52.200.144.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jukebox.pathfactory.com/api/public/v1/website_forms?pfVisitorUuid=&url=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&clientId=LB-52456ADF-10926
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.200.144.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-200-144-213.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://arcticwolf.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://arcticwolf.com
access-control-expose-headers
access-control-max-age: 7200
date: Thu, 13 Jun 2024 08:16:18 GMT

GET
H2 200 XDFrame Show response
cybersecurity.arcticwolf.com/index.php/form/ Frame 7EF9 2 KB
766 B 279ms
277ms Document
text/html 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cybersecurity.arcticwolf.com/index.php/form/XDFrame

Requested by

Host: cybersecurity.arcticwolf.com
URL: https://cybersecurity.arcticwolf.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c375e284cb478a8f21e391c99fb79c9174682d0c21e13a3ed69aa0afa6fa073b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://arcticwolf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 8930a3460bafb620-WAW
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 13 Jun 2024 08:16:19 GMT
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 fontawesome-webfont.woff2
cdn-app.pathfactory.com/web-fonts/font-awesome/ 69 KB
70 KB 189ms
45ms Font
binary/octet-stream 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-app.pathfactory.com/web-fonts/font-awesome/fontawesome-webfont.woff2?v=4.6.1
Requested by: Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/web-fonts/font-awesome/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-8.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn-app.pathfactory.com/web-fonts/font-awesome/font-awesome.min.css
Origin: https://arcticwolf.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: null
date: Thu, 13 Jun 2024 07:54:20 GMT
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 1320
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 70728
last-modified: Mon, 27 Mar 2023 14:54:50 GMT
server: AmazonS3
etag: "926c93d201fe51c8f351e858468980c3"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Accept-Encoding,Origin
accept-ranges: bytes
x-amz-cf-id: m4j5OjEeGQb-8aSpCaQxkHjpT9DfaUYL7l9AywzVQ1yJSL0DaZS8jw==

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
cdn-app.pathfactory.com/web-fonts/roboto_lato/ 14 KB
14 KB 171ms
116ms Font
binary/octet-stream 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-app.pathfactory.com/web-fonts/roboto_lato/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by: Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/web-fonts/roboto_lato/roboto_lato.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-8.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b8e094ad64704c2e4836153e641e432b22159b03d5b240b6dd303461be83f542

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn-app.pathfactory.com/web-fonts/roboto_lato/roboto_lato.css
Origin: https://arcticwolf.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: null
date: Thu, 13 Jun 2024 06:33:50 GMT
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 6149
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 14148
last-modified: Mon, 27 Mar 2023 14:55:28 GMT
server: AmazonS3
etag: "69b28056044be6438ce7e5214c66ba82"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Accept-Encoding,Origin
accept-ranges: bytes
x-amz-cf-id: OEFu9F_FNpzz_2sYg4YZXOifLVVdYycGx1iVM1veeruIE92P6_17Vg==

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
cdn-app.pathfactory.com/web-fonts/roboto_lato/ 14 KB
14 KB 152ms
97ms Font
binary/octet-stream 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-app.pathfactory.com/web-fonts/roboto_lato/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by: Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/web-fonts/roboto_lato/roboto_lato.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-8.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn-app.pathfactory.com/web-fonts/roboto_lato/roboto_lato.css
Origin: https://arcticwolf.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: null
date: Thu, 13 Jun 2024 07:47:45 GMT
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 1714
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 13976
last-modified: Mon, 27 Mar 2023 14:55:27 GMT
server: AmazonS3
etag: "e7e52c955aa33e618baf437a16539524"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Accept-Encoding,Origin
accept-ranges: bytes
x-amz-cf-id: 82gxh9sHmWzQwJezK8DBQQtrBOYQQheert5ySQISTQHjf2RQiHUAEg==

GET
BLOB 200
OK 5d75d31d-646a-4511-91b9-0313f9b698b6
https://arcticwolf.com/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://arcticwolf.com/5d75d31d-646a-4511-91b9-0313f9b698b6
Requested by: Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK cc.js
cc.swiftype.com/ 43 B
279 B 701ms
164ms Image
image/gif 169.63.31.200
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.swiftype.com/cc.js?engine_key=p9y2cdQdUK929yNzgbyH&url=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F
Requested by: Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 169.63.31.200 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: c8.1f.3fa9.ip4.static.sl-reverse.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Type: image/gif
Date: Thu, 13 Jun 2024 08:16:19 GMT
Cache-Control: no-cache
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive
Content-Length: 43
Expires: Thu, 13 Jun 2024 08:16:18 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
195 B 139ms
138ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: *
Referer: https://arcticwolf.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 08:16:18 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 7DED8432F35A49E79C279E8AC725F9E7 Ref B: DUS30EDGE0407 Ref C: 2024-06-13T08:16:19Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
access-control-allow-origin: https://arcticwolf.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYawR0WgD4sCzyD9vsbMA==

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.32/ 61 KB
26 KB 97ms
97ms Script
application/javascript 2620:1ec:29:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.32/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/26066703
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 08:16:19 GMT
content-encoding: br
last-modified: Fri, 10 May 2024 17:30:20 GMT
etag: W/"0x8DC7116DE09E645"
vary: Accept-Encoding
x-azure-ref: 20240613T081619Z-15f57b858d4l4h46rbxgdbrrkn0000000g6000000000f6bd
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 6c728f9f-801e-0015-2192-b53968000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2 200 share-link.min.js Show response
arcticwolf.com/wp-content/plugins/elementor/assets/lib/share-link/ 3 KB
2 KB 42ms
41ms Script
application/javascript 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.21.8

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.21.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1030dee6b293cd2f1331f5355130a5db48929f961ba7409a4d4ce83c73caefdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:11:04 GMT
x-amz-version-id: yS_zuRC0zarLFJxuyghokFSiQ2c.Nx_1
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36316
via: 1.1 3677df2c828d68a6a84555cd8a40cf50.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Fri, 31 May 2024 21:26:34 GMT
server: AmazonS3
etag: W/"531a4c05fa30060b0f4ccc8cc0378af6"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: 5PVWrEIJrCNCZ5PSFxSZxrLPbmuFkGeulaAbEy--n1Y00VA8U2p7Og==

GET
H2 200 ct Show response
obs.robotflowermobile.com/ 5 KB
2 KB 412ms
142ms Script
text/javascript 2600:1f18:e8a:cd08:3437:aff5:50c:d298
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.robotflowermobile.com/ct?id=13034&url=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1718266579538&hl=2&op=0&ag=3514327459&rand=942801156166117209015797117109018319123166065819012611180299045069220068719080167222&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDczMjddLFsiYWJuY2giLDQwXSxbLTIsIjksZUFIV1gxL2YzcXpDdmJrdXltUXdnbElhRjNwRXNSRUVUcG9WZEZWQlFRcFJjUkJGU0tJSWdpUklyMEtoSlJxcFNBdENBa1FIcEl6eWJiWHBtWnIvNS9kOTZiemN1U0FQSi9HdCJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiXSJdLFstNCwiPGh0bWwgbGFuZz1cImVuLVVTXCIgY2xhc3M9XCJjaHJvbWVcIj48aGVhZD5cbjxtZXRhIGNoYXJzZXQ9XCJVVEYtOFwiPlxuPG1ldGEgbmFtZT1cInZpZXdwb3J0XCIgY29udGVudD1cIndpZHRoPWRldmljZS13aWR0aFwiPlxuPHNjcmlwdCBhc3luYz1cIlwiIHNyYz1cImh0dHBzOi8vd3d3LmNsYXJpdHkubXMvcy8wLjcuMzIvY2xhcml0eS5qc1wiPjwvc2NyaXB0PjxzY3JpcHQgYXN5bmM9XCJcIiBzcmM9XCJodHRwczovL3d3dy5jbGFyaXR5Lm1zL3RhZy91ZXQvMjYwNjY3MDNcIiBjbGFzcz1cIm9wdGFub24tY2F0ZWdvcnktQzAwMDQgXCIgdHlwZT1cInRleHQvcGxhaW5cIj48L3NjcmlwdD48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBpZD1cInd3dy13aWRnZXRhcGktc2NyaXB0XCIgc3JjPVwiaHR0cHM6Ly93d3cueW91dHViZS5jb20vcy9wbGF5ZXIvZjljNjY0MDEvd3d3LXdpZGdldGFwaS52ZmxzZXQvd3d3LXdpZGdldGFwaS5qc1wiIGFzeW5jPVwiXCI%2BPC9zY3JpcHQ%2BPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgYXN5bmM9XCJcIiBzcmM9XCIvL211bmNoa2luLm1hcmtldG8ubmV0LzE2My9tdW5jaGtpbi5qc1wiPjwvc2NyaXB0PjxzY3JpcHQgdHlwZT1cInRleHQvcGxhaW5cIiBhc3luYz1cIlwiIHNyYz1cImh0dHBzOi8vd3d3Lmdvb2dsZXRhZ21hbmFnZXIuY29tL2d0YWcvanM%2FaWQ9REMtMTE1OTIzNjcmYW1wO2w9ZGF0YUxheWVyJmFtcDtjeD1jXCIgY2xhc3M9XCJvcHRhbm9uLWNhdGVnb3J5LUMwMDAyIFwiPjwvc2NyaXB0PjxzY3JpcHQgYXN5bmM9XCJcIiBzcmM9XCIvL3Muc3dpZnR5cGVjZG4uY29tL2luc3RhbGwvdjIvc3QuanNcIj48L3NjcmlwdD48c2NyaXB0IGlkPVwicGRzdC1jYXB0dXJlXCIgYXN5bmM9XCJcIiBzcmM9XCJodHRwczovL2Nkbi5wZHN0LmZtL3BpbmcubWluLmpzXCIgY2xhc3M9XCJvcHRhbm9uLWNhdGVnb3J5LUMwMDA0IFwiIHR5cGU9XCJ0ZXh0L3BsYWluXCI%2BPC9zY3JpcHQ%2BPHNjcmlwdCB0eXBlPVwidGV4dC9wbGFpblwiIGFzeW5jPVwiXCIgc3JjPVwiaHR0cHM6Ly90cmsudGVjaHRhcmdldC5jb20vdHJhY2tpbmcuanNcIiBjbGFzcz1cIm9wdGFub24tY2F0ZWdvcnktQzAwMDMgXCI%2BPC9zY3JpcHQ%2BPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgYXN5bmM9XCJcIiBzcmM9XCJodHRwczovL2pzLmRyaWZ0dC5jb20vaW5jbHVkZS8xNzE4MjY2ODAwMDAwL3pheGQ1M2Jkd3R2eS5qc1wiPjwvc2NyaXB0PjxzY3JpcHQgdHlwZT1cInRleHQvcGxhaW5cIiBhc3luYz1cIlwiIHNyYz1cImh0dHBzOi8vd3Muem9vbWluZm8uY29tL3BpeGVsL3VXaEpCYWxBUWVGcGVOaXRKVUhIXCIgY2xhc3M9XCJvcHRhbm9uLWNhdGVnb3J5LUMwMDAzLUMwMDA0IFwiPjwvc2NyaXB0PjxzY3JpcHQgc3JjPVwiaHR0cHM6Ly9jb25uZWN0LmZhY2Vib29rLm5ldC9zaWduYWxzL2NvbmZpZy80ODAzODY1OTI3NDMwMzU%2Fdj0yLjkuMTU4JmFtcDtyPXN0YWJsZSZhbXA7ZG9tYWluPWFyY3RpY3dvbGYuY29tJmFtcDtobWU9NDQ2ZmI5ODFjOGMzYmFlYjAzNzMwZmUzY2JkNDA0ZjdmMTVmNjRjNjkzZjI0YzdmZTc1ZGE0OThiYzJjOTVkOCZhbXA7ZXhfbT02NyUyQzExMyUyQzEwMCUyQzEwNCUyQzU4JTJDMyUyQzkzJTJDNjYlMkMxNSUyQzkxJTJDODQlMkM0OSUyQzUxJTJDMTYwJTJDMTYzJTJDMTc0JTJDMTcwJTJDMTcxJTJDMTczJTJDMjglMkM5NCUyQzUwJTJDNzMlMkMxNzIlMkMxNTUlMkMxNTglMkMxNjclMkMxNjglMkMxNzUlMkMxMjIlMkMxNCUyQzQ4JTJDMTgwJTJDMTc5JTJDMTI0JTJDMTclMkMzMyUyQzM4JTJDMSUyQzQxJTJDNjIlMkM2MyUyQzY0JTJDNjglMkM4OCUyQzE2JTJDMTMlMkM5MCUyQzg3JTJDODYlMkMxMDElMkMxMDMlMkMzNyUyQzEwMiUyQzI5JTJDMjUlMkMxNTYlMkMxNTklMkMxMzElMkMyNyUyQzEwJTJDMTElMkMxMiUyQzUlMkM2JTJDMjQlMkMyMSUyQzIyJTJDNTQlMkM1OSUyQzYxJTJDNzElMkM5NSUyQzI2JTJDNzIlMkM4JTJDNyUyQzc2JTJDNDYlMkMyMCUyQzk3JTJDOTYlMkM5OCUyQzklMkMxOSUyQzE4JTJDODElMkM1MyUyQzc5JTJDMzIlMkM3MCUyQzAlMkM4OSUyQzMxJTJDNzglMkM4MyUyQzQ1JTJDNDQlMkM4MiUyQzM2JTJDNCUyQzg1JTJDNzclMkM0MiUyQzMiXSxbLTQwLCIzMyJdLFstNDYsIjAiXSxbLTUwLCItIl0sWy01MywiMTAwIl0sWy01OCwiLSJdLFstMTYsIjAiXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTM0LCItIl0sWy0zOCwiaSwtMSwtMSwxLDAsMTAsMCwwLDE4MSwyMjgsLTEsMCw5NzMsOTczLDM4NDIsMzg0MyJdLFstNjQsIlswLFwiV2luMzJcIixbe1wiYlwiOlwiR29vZ2xlIENocm9tZVwiLFwidlwiOlwiMTI2XCJ9LHtcImJcIjpcIk5vdDpBLUJyYW5kXCIsXCJ2XCI6XCI4XCJ9LHtcImJcIjpcIkNocm9taXVtXCIsXCJ2XCI6XCIxMjZcIn1dXSJdLFszNywiWzMzMTYyMjQwNDksZnVuY3Rpb24obmV3VmFsdWUpIHtcbiAgICAgICAgICAgICAgYWRkQ29udGVudFdpbmRvd1Byb3h5KHRoaXMpXG4gICAgICAgICAgICAgIC8vIFJlc2V0IHByb3BlcnR5LCB0aGUgaG9vayBpcyBvbmx5IG5lZWRlZCBvbmNlXG4gICAgICAgICAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShpZnJhbWUsICdzcmNkb2MnLCB7XG4gICAgICAgICAgICAgICAgY29uZmlndXJhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB3cml0YWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgdmFsdWU6IF9zcmNkb2NcbiAgICAgICAgICAgICAgfSlcbiAgICAgICAgICAgICAgX2lmcmFtZS5zcmNkb2MgPSBuZXdWYWx1ZVxuICAgICAgICAgICAgfV0iXSxbLTE1LCItIl0sWy0yMCwiLSJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTMyLCItIl0sWy00MSwiLSJdLFstNjgsIi0iXSxbLTEzLCItIl0sWy0zMSwiZmFsc2UiXSxbLTM2LCJbXCI0LzNcIixcIjQvM1wiXSJdLFstNTcsIldFMFpWMXhPY1ZoWFhWVmNTeGNGV2xaVVNVeE5YRjBIR1dKWVNobFlTVWxWUUdRWkVWeFBXRlVaV0UwWkJWaFhWbGRBVkZaTVNnY1pFUU1PQXdnTUNRb0pBUkFWR1FWWVYxWlhRRlJXVEVvSEF3Z0JBd29KRUJWWVRSbDRTMHRZUUJkZlhCa1JVVTFOU1VvREZoWldXeGRMVmx0V1RWOVZWazVjUzFSV1cxQlZYQmRhVmxRV1VCWUFYVnhhWFFwYkNWOWNERm9KQVEwSVhWME5DbGdNQ2c0TVcxaFlERmdPQ0JkVFNnTUlBdzhPRFFvTEVCVllUUmxMR1JGUlRVMUpTZ01XRmxaYkYwdFdXMVpOWDFWV1RseExWRlpiVUZWY0YxcFdWQlpRRmdCZFhGcGRDbHNKWDF3TVdna0JEUWhkWFEwS1dBd0tEZ3hiV0ZnTVdBNElGdz09Il0sWy02NiwiZ2VvbG9jYXRpb24sc3RvcmFnZWFjY2VzcyxnYW1lcGFkLGNoZWN0LG1pZGksZGlzcGxheWNhcHR1cmUsdXNiLGJyb3dzaW5ndG9waWNzLHBpY3R1cmVpbnBpY3R1cmUscHVibGlja2V5Y3JlZGVudGlhbHNnZXQsbG9jYWxmb250cyxvdHBjcmVkZW50aWFscyxlbmNyeXB0ZWRtZWRpYSxjaHNhdmVkYXRhLGNodWFmdWxsdmVyc2lvbmxpc3QsY2h1YXdvdzY0LHNoYXJlZHN0b3JhZ2UsY2hkb3dubGluayxjaHByZWZlcnNjb2xvcnNjaGVtZSxzeW5jeGhyLGNodWFtb2RlbCxjaHByZWZlcnNyZWR1Y2VkdHJhbnNwYXJlbmN5LHNlcmlhbCxjYW1lcmEsY2hwcmVmZXJzcmVkdWNlZG1vdGlvbixwcml2YXRlc3RhdGV0b2tlbmlzc3VhbmNlLGlkZW50aXR5Y3JlZGVudGlhbHNnZXQsY2h1YWZ1bGx2ZXJzaW9uLGZ1bGxzY3JlZW4sY2hkcHIsdW5sb2FkLGtleWJvYXJkbWFwLGNodWFwbGF0Zm9ybSxzaGFyZWRzdG9yYWdlc2VsZWN0dXJsLGd5cm9zY29wZSxpbnRlcmVzdGNvaG9ydCxjaHVhbW9iaWxlLHdpbmRvd21hbmFnZW1lbnQsY2h1YSxwdWJsaWNrZXljcmVkZW50aWFsc2NyZWF0ZSxtYWduZXRvbWV0ZXIsYWNjZWxlcm9tZXRlcixwcml2YXRlc3RhdGV0b2tlbnJlZGVtcHRpb24sY2h1YWFyY2gseHJzcGF0aWFsdHJhY2tpbmcsY2h1YWZvcm1mYWN0b3JzLGlkbGVkZXRlY3Rpb24sY2h1YXBsYXRmb3JtdmVyc2lvbixjaHdpZHRoLGNsaXBib2FyZHJlYWQsY2h2aWV3cG9ydHdpZHRoLGNvbXB1dGVwcmVzc3VyZSxwYXltZW50LGNodmlld3BvcnRoZWlnaHQsY2hydHQsYXV0b3BsYXksY3Jvc3NvcmlnaW5pc29sYXRlZCxoaWQsY2h1YWJpdG5lc3Msc2NyZWVud2FrZWxvY2sscHJpdmF0ZWFnZ3JlZ2F0aW9uLGNsaXBib2FyZHdyaXRlLGF0dHJpYnV0aW9ucmVwb3J0aW5nLGNoZGV2aWNlbWVtb3J5LG1pY3JvcGhvbmUiXSxbLTEsIi0iXSxbLTYsIi0iXSxbLTMzLCItIl0sWy00OCwiMCwwIl0sWy01MSwiLSJdLFstNjIsIjgwIl0sWy0xNywiOCJdLFstMjMsIisiXSxbLTI3LCJbMTAwLDEwLDAsXCI0Z1wiLG51bGxdIl0sWy02NSwiLSJdLFstMTAsIi0iXSxbLTI2LCJ7XCJ0amhzXCI6NDEzOTgxNzYsXCJ1amhzXCI6MzU1NTUzNTYsXCJqaHNsXCI6NDI5NDcwNTE1Mn0iXSxbLTQzLCIwMDAwMDAwMTAxMDAwMDAxMDAxMTEwMTEwMDEwMTEwMTAwMDAwMSJdLFstNDUsIi0iXSxbLTQ3LCJFdXJvcGUvQmVybGluLGRlLURFLGxhdG4sZ3JlZ29yeSJdLFstNTksImRlZmF1bHQiXSxbLTksIisiXSxbLTE0LCItIl0sWy0xOCwiWzAsMCwwLDFdIl0sWy0yMSwiLSJdLFstMjQsIltcInNheXN3aG9cIiwwLDEsMSwxXSJdLFstMjksIi0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy00NCwiMCwwLDAsNSJdLFstNjAsMTU2XSxbMTIsIntcImN0eFwiOlwid2ViZ2xcIixcInZcIjpcImludGVsIGluYy5cIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNsIGVzIDEuMCAob3BlbmdsIGVzIGdsc2wgZXMgMS4wIGNocm9taXVtKVwiLFwiZ3ZlclwiOlwid2ViZ2wgMS4wIChvcGVuZ2wgZXMgMi4wIGNocm9taXVtKVwiLFwiZ3ZlblwiOlwid2Via2l0XCIsXCJiZW5cIjoxOSxcIndnbFwiOjEsXCJncmVuXCI6XCJ3ZWJraXQgd2ViZ2xcIixcInNlZlwiOjE5MzA4MjAyNzksXCJzZWNcIjpcIlwifSJdLFstMTksIlsxMTcwLDE1NzAsMTE3MCwxNTcwLDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwwLDAsMCwwLFwiLVwiLFwiLVwiLDE2MDAsMTIwMF0iXSxbLTI1LCItIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTUyLCItIl0sWy01NCwie1wiaFwiOltcIl8zXCIsXCIzMjk5OTEzNjlcIixcIl8xXCIsXCI0MTg4MDU1MDcxXCJdLFwiZFwiOltdLFwiYlwiOltcIjI3NzIxNDMzNjhcIixcIjI5NTYyOTMyOTdcIl0sXCJzXCI6MX0iXSxbLTYzLCIxIl0sWy02NywiMjUzMjMxMjg4ODozOSJdLFstNywiLSJdLFstMzksIltcIjIwMDMwMTA3XCIsMixcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCw1LHRydWUsdHJ1ZSxudWxsLDAsdHJ1ZSx0cnVlXSJdLFstNDksIi0iXSxbImJuY2giLDQ5Ml0sWy01LCItIl0sWy04LCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIixcIm9nOnRpdGxlXCIsXCJvZzpkZXNjcmlwdGlvblwiLFwiZGVzY3JpcHRpb25cIl19Il0sWy0xMiwibnVsbCJdLFstMzUsIlsxNzE4MjY2NTc5NTM2LC0yXSJdLFstMzcsIi0xNDQtNjYtMTgwLSJdLFstNTUsIjEiXSxbLTU2LCJsYW5kc2NhcGUtcHJpbWFyeSJdLFstNjEsIntcIndnc2xcIjpcIjQ7cmVhZG9ubHlfYW5kX3JlYWR3cml0ZV9zdG9yYWdlX3RleHR1cmVzO3BhY2tlZF80eDhfaW50ZWdlcl9kb3RfcHJvZHVjdDt1bnJlc3RyaWN0ZWRfcG9pbnRlcl9wYXJhbWV0ZXJzO3BvaW50ZXJfY29tcG9zaXRlX2FjY2VzcztcIixcInBjZlwiOlwiYmdyYTh1bm9ybVwifSJdLFsiZGRiIiwiMCwxMCwwLDQsMCwwLDAsMSwwLDEsMCwwLDAsMCwyLDAsMCwwLDEsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwxLDEsMCwxLDAsMCwwLDEsNSwwLDAsMjYsMCwwLDAsMCwwLDAsMSwwLDAsMSwzLDAsOSwwLDAsMCwwLDAsMSw0MCwwIl0sWyJjYiIsIjAsMCwwLDAsMCwwLDAsMCwxLDMsMCwwLDIyLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDYsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDEsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMTQsMSwwLDAsMCwwLDAsMCwxLDAiXV0%3D&dep=0&pre=0&sdd=%7B%7D&cri=WZs4bq0Ado&pto=4099&ver=61&gac=-&mei=&ap=&fe=1&duid=1.1718266579.DsBoplqvItGbGe0y&suid=1.1718266579.CwPGWonkVce1V7Io&tuid=1.1718266579.7O4aThQiRaoYwsl2&fbc=1.1718266578150.615182463925184508&gtm=WyJPbmVUcnVzdExvYWRlZCIsIk9wdGFub25Mb2FkZWQiLCJPbmVUcnVzdEdyb3Vwc1VwZGF0ZWQiXQ%3D%3D&it=161%2C2404%2C186&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=35aba630295d11ef849dff1e6d99c8d8&spa=1&urid=0&ab=inp.1.0%3B&sck=-
Requested by: Host: ob.robotflowermobile.com
URL: https://ob.robotflowermobile.com/i/9decd3b0fe5c0841dd43a5375baa5a71.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: d23480eb52e494595dc495d77a7aac7d22b39f39d84b2f83e72ed3914b012da4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: text/javascript
pragma: no-cache
date: Thu, 13 Jun 2024 08:16:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 2076
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 forms2.min.js Show response
cybersecurity.arcticwolf.com/js/forms2/js/ Frame 7EF9 199 KB
0 1ms
0ms Script
application/x-javascript 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cybersecurity.arcticwolf.com/js/forms2/js/forms2.min.js

Requested by

Host: cybersecurity.arcticwolf.com
URL: https://cybersecurity.arcticwolf.com/index.php/form/XDFrame

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0423f69dc0e5f863d923e48c8c61298979b1c3fbdacbf6976d2b36f160bdea88

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cybersecurity.arcticwolf.com/index.php/form/XDFrame
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 08:16:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 30 May 2024 20:57:39 GMT
server: cloudflare
age: 4243
etag: "b01f5b-31b30-619b21e0856c0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 8930a33468efb620-WAW
expires: Thu, 13 Jun 2024 12:16:16 GMT

GET
H2 200 sp.lite.js Show response
cdn-app.pathfactory.com/libraries/tracker/3.19.0/ 43 KB
16 KB 44ms
41ms Script
application/javascript 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-app.pathfactory.com/libraries/tracker/3.19.0/sp.lite.js
Requested by: Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-8.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 25462e537585513efd706d55cf4cd890b30f382ab96c0f6df75c41c1095d58ed

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
date: Thu, 13 Jun 2024 03:30:56 GMT
last-modified: Wed, 03 Jan 2024 16:25:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 17236
x-amz-server-side-encryption: AES256
etag: W/"1aed05295e6c59943103b6fa7150f848"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: yaU0QBxnTWkaFlIR18fO8Pp1Xq4RR4gEpdAnWhTEO3-WgQK7pxTxbg==

GET
H2 200 AW-Labs-Thumbnail-1500-2.jpg
arcticwolf.com/wp-content/uploads/2023/02/ 56 KB
57 KB 65ms
54ms Image
image/jpeg 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arcticwolf.com/wp-content/uploads/2023/02/AW-Labs-Thumbnail-1500-2.jpg

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c1b3d34ca72c193c48d562353c7b8f3f3385a802b61cf731a55b176913b8065d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 04:28:03 GMT
x-amz-version-id: tOsZe4FK7sgHF3WgOrVBxrj_UWcXX1x5
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 46b6cb3d5daab7defe28d3658c3a54fe.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 13697
x-cache: Miss from cloudfront
content-length: 57501
last-modified: Wed, 12 Jun 2024 21:28:33 GMT
server: AmazonS3
etag: "94772b4c0f03ea6678b77da52860861f"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-id: x5gVupwnNjkshOyM8H_11-K-m-o5b3Rfk4Bxa5thUpUBL2Fc9g2aTA==

GET
H2 200 Angledlinepattern-light-bg-gray.png
arcticwolf.com/wp-content/uploads/2021/02/ 22 KB
23 KB 68ms
58ms Image
image/png 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arcticwolf.com/wp-content/uploads/2021/02/Angledlinepattern-light-bg-gray.png

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d3bd8154749dc0e70db8e898e6ef47e32f3d65d55947096cbd2ca4d50dd47b53

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:11:03 GMT
x-amz-version-id: nm6QFuY.3xgT6toC0YV1BXA1gQpXsE2B
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 46b6cb3d5daab7defe28d3658c3a54fe.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36317
x-cache: Miss from cloudfront
content-length: 22607
last-modified: Wed, 12 Jun 2024 21:28:30 GMT
server: AmazonS3
etag: "097fc18c81bac70cf89e0bb17efccf3e"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-id: E8s1PDlupJpgGY6qPMmcm1YEW6kM7SgQMXwiynRywptedp0UoGJ96w==

GET
H2 200 fog_ransomware.jpg
arcticwolf.com/wp-content/uploads/2024/06/ 85 KB
85 KB 71ms
62ms Image
image/jpeg 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arcticwolf.com/wp-content/uploads/2024/06/fog_ransomware.jpg

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

be2a7efedb81513e82a03c2f46e34ee5fdb70224f936fbb21ec8ed30feb6fa4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 07:01:06 GMT
x-amz-version-id: _.3uGeONdlrUHDw2qLx1v5tnuavzFS8P
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 2e8126aebd83e92e3cf50c4f9c832912.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 4514
x-cache: Miss from cloudfront
content-length: 86711
last-modified: Mon, 10 Jun 2024 20:55:03 GMT
server: AmazonS3
etag: "f66ebbdc31c8a9c516325a6e771204a3"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-id: hJfqZMTr3VvyloQzBA3KCECB_W5t7bUWP2r-6S5kYgVA-FRdU3-4_g==

GET
H2 200 link-click.js Show response
cdn-app.pathfactory.com/libraries/tracker/3.19.0/plugin/ 6 KB
3 KB 45ms
40ms Script
application/javascript 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-app.pathfactory.com/libraries/tracker/3.19.0/plugin/link-click.js
Requested by: Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/libraries/tracker/3.19.0/sp.lite.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-8.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0927046a7f82a1f6e6e48d1115be04d8e053922775f03d0fdecef3b60e92f8cb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
date: Thu, 13 Jun 2024 00:41:03 GMT
last-modified: Wed, 03 Jan 2024 16:25:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 27317
x-amz-server-side-encryption: AES256
etag: W/"312554e163da7d1fad8823ce4ad2d17c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 4DAJ3p0HjcrDC6szdoD5NSCU8YOtbiMv7WK_HS3hH0ppZEjca78i2g==

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
278 B 522ms
139ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://arcticwolf.com
Date: Thu, 13 Jun 2024 08:16:20 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

OPTIONS
H/1.1 200
OK tp2
spcollector.pathfactory.com/com.snowplowanalytics.snowplow/ Frame 0
0 153ms
152ms Preflight 35.173.88.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://spcollector.pathfactory.com/com.snowplowanalytics.snowplow/tp2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.88.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-88-167.compute-1.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://arcticwolf.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://arcticwolf.com
Access-Control-Max-Age: 5
Connection: keep-alive
Content-Length: 0
Date: Thu, 13 Jun 2024 08:16:20 GMT
Server: akka-http/10.0.9

OPTIONS
H2 200 tp2
jukebox.pathfactory.com/com.snowplowanalytics.snowplow/ Frame 0
0 156ms
155ms Preflight 52.200.144.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jukebox.pathfactory.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.200.144.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-200-144-213.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://arcticwolf.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://arcticwolf.com
access-control-expose-headers
access-control-max-age: 7200
date: Thu, 13 Jun 2024 08:16:20 GMT

POST
H/1.1 200
OK tp2
spcollector.pathfactory.com/com.snowplowanalytics.snowplow/ 2 B
459 B 492ms
115ms Ping
text/plain 35.173.88.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://spcollector.pathfactory.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/libraries/tracker/3.19.0/sp.lite.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.88.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-88-167.compute-1.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 13 Jun 2024 08:16:20 GMT
Server: akka-http/10.0.9
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: https://arcticwolf.com
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2

POST
H2 200 tp2
jukebox.pathfactory.com/com.snowplowanalytics.snowplow/ 0
509 B 141ms
135ms Ping
text/html 52.200.144.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://jukebox.pathfactory.com/com.snowplowanalytics.snowplow/tp2

Requested by

Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/libraries/tracker/3.19.0/sp.lite.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.200.144.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-200-144-213.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-runtime: 0.015657
date: Thu, 13 Jun 2024 08:16:20 GMT
content-security-policy
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
access-control-max-age: 7200
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
content-type: text/html
access-control-allow-origin: https://arcticwolf.com
access-control-expose-headers
cache-control: no-cache
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
x-request-id: 182a1772-ffe3-4310-99dc-99be043a90ed

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 342 KB
106 KB 195ms
75ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-33RYRGB9LX

Requested by

Host: ob.robotflowermobile.com
URL: https://ob.robotflowermobile.com/i/9decd3b0fe5c0841dd43a5375baa5a71.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a24168a806e10da0989b5b1fe33eaaaaaa151df8ffde066a290fb85a2a8e10e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 08:16:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 108487
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 13 Jun 2024 08:16:20 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 342 KB
106 KB 202ms
68ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-33RYRGB9LX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMV4652

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4639b6d2620f504f3a268d7721debfa68f5de696acf93d9e5ec62011568a442e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 08:16:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 108608
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 13 Jun 2024 08:16:20 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 237 KB
84 KB 337ms
219ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-410966486&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMV4652

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

488a292949dfe7e2ac3e8d738fddc8b3f2f3131e3194df0ba6a15d265e129203

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 08:16:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86429
x-xss-protection: 0
last-modified: Thu, 13 Jun 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 13 Jun 2024 08:16:20 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/410966486/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/410966486/?label=lzDbCJmv1ocYENaz-8MB&guid=ON&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/410966486/?label=lzDbCJmv1ocYENaz-8MB&guid=ON&script=0&ct_cookie_present=false&random=996448952&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnB...
https://www.google.com/pagead/1p-conversion/410966486/?label=lzDbCJmv1ocYENaz-8MB&guid=ON&script=0&ct_cookie_present=false&random=996448952&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIw8uX6ZH...
https://www.google.de/pagead/1p-conversion/410966486/?label=lzDbCJmv1ocYENaz-8MB&guid=ON&script=0&ct_cookie_present=false&random=996448952&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIw8uX6ZHY...

42 B
64 B

116ms
56ms

Image
image/gif

142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/410966486/?label=lzDbCJmv1ocYENaz-8MB&guid=ON&script=0&ct_cookie_present=false&random=996448952&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIw8uX6ZHYhgMVQkD2CB1WHAb1MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vYXJjdGljd29sZi5jb20v&is_vtc=1&cid=CAQSGwDaQooLQiu7sgmfqBiOa2kfzDy7vCJc-aQvfw&random=2276890842&ipr=y

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://arcticwolf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 08:16:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Jun 2024 08:16:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/410966486/?label=lzDbCJmv1ocYENaz-8MB&guid=ON&script=0&ct_cookie_present=false&random=996448952&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIw8uX6ZHYhgMVQkD2CB1WHAb1MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vYXJjdGljd29sZi5jb20v&is_vtc=1&cid=CAQSGwDaQooLQiu7sgmfqBiOa2kfzDy7vCJc-aQvfw&random=2276890842&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tc_imp.gif
obs.robotflowermobile.com/tracker/ 43 B
102 B 139ms
127ms Image
image/gif 2600:1f18:e8a:cd08:3437:aff5:50c:d298
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.robotflowermobile.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126be6c533ec428d949225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5f128d6e2317071a10acf9f29f671c8381dc547d3e1faa2b715787688a67c4013756209556095831065eceeb6f4977be26bb25cb43e2916af05365ac097c7a1bdb50ef4ef497d7d63ebb2807ff7ecaa8556d8e0e3143714493d60264fc60b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a7928677a0ddc05afb35cd0e6f2094f79fb6f12a93daf07785715b90ebc33e4e14a56769a8944536bf8dfb75dc00f813bb84109049c39d7bc73f3c949173db778cc0b6a69de5e1182cf633a4feb875433eae8b27d4f401b95a5950950e1edc8396c5cff8c931c5259d8eb29975f96c7a3395352b9a99940329ddf965e40aebdc5b9c70e0794f4e1bcf79b30ac988be7cb49635c809e49fdb94718449436eeb13541d3e4f7987f430fa05c4cb8435a89225a5c17d81cca9ff3dd7f0c1782630c8e91e1c88f9494d01b4b4b47ab678cfbc09ada27bf06eaa23874fc6478fba36d5497fb1ef96267f6c721f38550d51f3b6dd288b5de957445177eaa85d88c96b50a7ed81fec538d0e7f6e194e4bda7193c60a212d8f2203a9149771ac9625a7064f47da9731ecaeac4639466d6208aa32ec9be0e90790a202806791394d2f8c97e274790734696dac5b8b2cc4f0c9eb0bc619fcf7378c4db123c6be590d95621b73b845f9f1ae0239a12dbc815e4bb32e29b8fce994762efe827628276a58dacaa169c6f350a0494684052ada25f8fe812d6989bc850ca9b86330e3247a23eb718a95db19d7495354a3d5c3b7e7bfd478d873349a468c1a6e928dfcf4c906975af1511308dbc94530efc7be78f0edb00300848ba3d2985a6c91c882561dad952e7a69988d2358f5d1c3009e034600bc882064ebb22e6f9c0258dd5ea0b5a75bc19676873a8480ebdffbd4d10f665088c859b538d91e39b4b28a831a5066d57c44c2579d0d70d5f8ca9e78786ea72b858f731bc6282d300d6f1ea6977b9944aa9f3a2a086b78fdf3e4390f47104df6eee55ce0fa5bd74f6ad988228edd8c7f2fa5a69c0b4a4ec49c257814e04224f39d89a382ace25b70897983cae1421fe7f1e9372a1847f68b7383342148efed93197841d712c053edadcdeb38e3ac956e8ee2034969e04594853633b3fe223b2fa6745a7e4a98596faf9ffe79676b5e780497b21043738&cri=WZs4bq0Ado&ts=532&cb=1718266580070
Requested by: Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Thu, 13 Jun 2024 08:16:20 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
BLOB 200
OK fb8bc649-a847-4c82-8761-f07dcd62ff5d
https://arcticwolf.com/ 261 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://arcticwolf.com/fb8bc649-a847-4c82-8761-f07dcd62ff5d
Requested by: Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90061950cbcce59024176fdde13531e2dac117bb8639a30b5e4410d5a77c5c6a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 261
Content-Type

GET
BLOB 200
OK 0890a69e-735f-412e-ae8f-591046d3c4e3
https://arcticwolf.com/ 529 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://arcticwolf.com/0890a69e-735f-412e-ae8f-591046d3c4e3
Requested by: Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: afb5c660c3b2a94615199ac765cb7b708d3abadf38bde847191b70e4b1427cca

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 529
Content-Type

POST
H2 204 collect
region1.analytics.google.com/g/ 0
244 B 189ms
49ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-33RYRGB9LX&gtm=45je46c0v882658109za200zb78485517&_p=1718266576179&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=975463637.1718266581&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1718266580&sct=1&seg=0&dl=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&dt=Lost%20in%20the%20Fog%3A%20A%20New%20Ransomware%20Threat%20-%20Arctic%20Wolf&en=CQ&_fv=1&_nsi=1&_ss=1&_ee=1&up.cq_category=bots&tfd=5394
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-33RYRGB9LX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 08:16:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://arcticwolf.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
253 B 197ms
44ms Ping
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-33RYRGB9LX&cid=975463637.1718266581&gtm=45je46c0v882658109za200zb78485517&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-33RYRGB9LX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 08:16:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://arcticwolf.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 135ms
65ms Image
image/gif 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-33RYRGB9LX&cid=975463637.1718266581&gtm=45je46c0v882658109za200zb78485517&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=342904606

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 08:16:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/410966486/ 3 KB
2 KB 61ms
60ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/410966486/?random=1718266580925&cv=11&fst=1718266580925&bg=ffffff&guid=ON&async=1&gtm=45be46c0v896750397za200zb78485517&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&label=lzDbCJmv1ocYENaz-8MB&hn=www.googleadservices.com&frm=0&tiba=Lost%20in%20the%20Fog%3A%20A%20New%20Ransomware%20Threat%20-%20Arctic%20Wolf&gtm_ee=1&npa=1&pscdl=noapi&auid=1872408152.1718266577&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-410966486&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

edffe3f132fa95e9e083efef21b47bf3e1bb9e544b3809ca0240ccf684e2d850

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 08:16:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1705
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 mon Show response
obs.robotflowermobile.com/ 0
146 B 130ms
129ms XHR
application/json 2600:1f18:e8a:cd08:3437:aff5:50c:d298
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.robotflowermobile.com/mon
Requested by: Host: ob.robotflowermobile.com
URL: https://ob.robotflowermobile.com/i/9decd3b0fe5c0841dd43a5375baa5a71.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://arcticwolf.com
date: Thu, 13 Jun 2024 08:16:21 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H3

200

/
www.google.de/pagead/1p-conversion/410966486/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/410966486/?random=2082058555&cv=11&fst=1718266580925&bg=ffffff&guid=ON&async=1&gtm=45be46c0v896750397za200zb78485517&gcd=13l3l3l2l1&...
https://www.google.com/pagead/1p-conversion/410966486/?random=2082058555&cv=11&fst=1718266580925&bg=ffffff&guid=ON&async=1&gtm=45be46c0v896750397za200zb78485517&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&...
https://www.google.de/pagead/1p-conversion/410966486/?random=2082058555&cv=11&fst=1718266580925&bg=ffffff&guid=ON&async=1&gtm=45be46c0v896750397za200zb78485517&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&t...

42 B
64 B

54ms
54ms

Image
image/gif

142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/410966486/?random=2082058555&cv=11&fst=1718266580925&bg=ffffff&guid=ON&async=1&gtm=45be46c0v896750397za200zb78485517&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&label=lzDbCJmv1ocYENaz-8MB&hn=www.googleadservices.com&frm=0&tiba=Lost%20in%20the%20Fog%3A%20A%20New%20Ransomware%20Threat%20-%20Arctic%20Wolf&gtm_ee=1&npa=1&pscdl=noapi&auid=1872408152.1718266577&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ3RyaWdnZXI7bmF2aWdhdGlvbi1zb3VyY2UsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMImuW_6ZHYhgMVwFj2CB06vwgBMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vYXJjdGljd29sZi5jb20v&is_vtc=1&cid=CAQSKQDaQooLYu47gL98fn2BQ2DsYyZaKQj4hzyHZLOr5Jv7N7Khvk00bxx_&random=3049013986&ipr=y

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://arcticwolf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 08:16:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Jun 2024 08:16:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/410966486/?random=2082058555&cv=11&fst=1718266580925&bg=ffffff&guid=ON&async=1&gtm=45be46c0v896750397za200zb78485517&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&label=lzDbCJmv1ocYENaz-8MB&hn=www.googleadservices.com&frm=0&tiba=Lost%20in%20the%20Fog%3A%20A%20New%20Ransomware%20Threat%20-%20Arctic%20Wolf&gtm_ee=1&npa=1&pscdl=noapi&auid=1872408152.1718266577&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ3RyaWdnZXI7bmF2aWdhdGlvbi1zb3VyY2UsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMImuW_6ZHYhgMVwFj2CB06vwgBMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vYXJjdGljd29sZi5jb20v&is_vtc=1&cid=CAQSKQDaQooLYu47gL98fn2BQ2DsYyZaKQj4hzyHZLOr5Jv7N7Khvk00bxx_&random=3049013986&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 mon Show response
obs.robotflowermobile.com/ 0
16 B 127ms
126ms XHR
application/json 2600:1f18:e8a:cd08:3437:aff5:50c:d298
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.robotflowermobile.com/mon
Requested by: Host: ob.robotflowermobile.com
URL: https://ob.robotflowermobile.com/i/9decd3b0fe5c0841dd43a5375baa5a71.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://arcticwolf.com
date: Thu, 13 Jun 2024 08:16:21 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 200 / Show response
c.6sc.co/ 7 B
192 B 43ms
39ms XHR
text/html 23.53.42.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.42.251 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-42-251.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 08:16:21 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://arcticwolf.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 19 B
306 B 171ms
40ms XHR
text/html 2a02:26f0:ab00::214:8e70
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ab00::214:8e70 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 62516811c6008085ace987cb50e5c2a0001106ffcdda59a4c2e73436af93582d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 08:16:21 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://arcticwolf.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a01:4a0:1338:93::9
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1718266581287_34901612_881108893_24_942_39_81_219";dur=1
content-length: 19
expires: Thu, 13 Jun 2024 08:16:21 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 144ms
140ms Image
image/gif 23.53.42.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=468ce208ecea2d45efbf04ec75c998b4&svisitor=null&visitor=9263cf65-6b39-401a-8544-1f81728e10ed&session=b69e83eb-874b-4af5-8b9b-383fd3c6dd7a&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Thu%2C%2013%20Jun%202024%2008%3A16%3A17%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Arctic%20Wolf%20Labs%20has%20observed%20Fog%20ransomware%20being%20deployed%20against%20US%20organizations%20in%20the%20education%20and%20recreation%20sectors.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Lost%20in%20the%20Fog%3A%20A%20New%20Ransomware%20Threat%20-%20Arctic%20Wolf%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&pageViewId=9b61cfca-c2a9-4809-822b-c983179a2730&v=1.1.20

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.42.251 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-42-251.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 08:16:21 GMT
x-content-type-options: nosniff
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 13 Jun 2024 08:16:21 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 138ms
136ms Image
image/gif 23.53.42.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=468ce208ecea2d45efbf04ec75c998b4&svisitor=null&visitor=9263cf65-6b39-401a-8544-1f81728e10ed&session=b69e83eb-874b-4af5-8b9b-383fd3c6dd7a&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2013%20Jun%202024%2008%3A16%3A17%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22468ce208ecea2d45efbf04ec75c998b4%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2013%20Jun%202024%2008%3A16%3A17%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2013%20Jun%202024%2008%3A16%3A17%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%2293d84380defe58ab6807a488e1f54b53e6882408%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2013%20Jun%202024%2008%3A16%3A17%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Arctic%20Wolf%20Labs%20has%20observed%20Fog%20ransomware%20being%20deployed%20against%20US%20organizations%20in%20the%20education%20and%20recreation%20sectors.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Lost%20in%20the%20Fog%3A%20A%20New%20Ransomware%20Threat%20-%20Arctic%20Wolf%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&pageViewId=9b61cfca-c2a9-4809-822b-c983179a2730&v=1.1.20

Requested by

Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.42.251 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-42-251.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 08:16:21 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 13 Jun 2024 08:16:21 GMT

GET
H2 200 core
js.driftt.com/ Frame 69C6 0
0 494ms
413ms Document
text/html 18.245.86.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?d=1&embedId=zaxd53bdwtvy&eId=zaxd53bdwtvy&region=US&forceShow=false&skipCampaigns=false&sessionId=4cb12385-d8a2-4020-abd6-f42affd553df&sessionStarted=1718266581.233&campaignRefreshToken=64f432a6-e536-4242-b2b1-6843e66dd993&hideController=false&pageLoadStartTime=1718266575862&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1718266800000/zaxd53bdwtvy.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-14.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://arcticwolf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 13 Jun 2024 08:16:21 GMT
etag: W/"5bb8e97d035f5bbf7dbcf6acec56024f"
last-modified: Thu, 30 May 2024 18:53:57 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 d2d6641f7f4e620ab86172e07bc2a884.cloudfront.net (CloudFront)
x-amz-cf-id: kcoOmsTPPYDnNKomEuX6k62i-DLx8UfnM_PqGBTouotoGXl1q4rl2w==
x-amz-cf-pop: FRA60-P6
x-amz-server-side-encryption: AES256
x-amz-version-id: ZQPLXKU2LF9qHSvtQBhI5fOuyTbAKL0d
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 23

GET
H2 200 chat
js.driftt.com/core/ Frame E1C2 0
0 222ms
144ms Document
text/html 18.245.86.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1718266575862

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1718266800000/zaxd53bdwtvy.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-14.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://arcticwolf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 13 Jun 2024 08:16:21 GMT
etag: W/"5bb8e97d035f5bbf7dbcf6acec56024f"
last-modified: Thu, 30 May 2024 18:53:57 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 d2d6641f7f4e620ab86172e07bc2a884.cloudfront.net (CloudFront)
x-amz-cf-id: 1TfpEGpBySJBEvA6Xk8ncs0_zY8tnEpVW1mjjWqpeVueKVaB8IGIrA==
x-amz-cf-pop: FRA60-P6
x-amz-server-side-encryption: AES256
x-amz-version-id: ZQPLXKU2LF9qHSvtQBhI5fOuyTbAKL0d
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 19

GET
H3 200 zi-tag.js Show response
js.zi-scripts.com/ 9 KB
3 KB 159ms
91ms Script
application/javascript 104.18.37.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/zi-tag.js
Requested by: Host: arcticwolf.com
URL: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3ea3a972768896d2a84d6eb36d3f5919478ad9c091477c22a5362eb6d53aee4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 08:16:21 GMT
x-amz-version-id: 4TVPkf0eH3kVl0Vjj3KPZI_FUiecs6et
content-encoding: gzip
cf-cache-status: DYNAMIC
via: 1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 51361
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 15 May 2024 06:37:27 GMT
server: cloudflare
etag: W/"5c7228fc2640a4dfce48217428980fe3"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 8930a355cfe1bf20-WAW
x-amz-cf-id: XxEjnemFdHgh1NuUkyiAFDKUYTJN3jiaEbKfAD2HYVv4BVP3RrF5yA==

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=720441CBEDE140C58F70F73A7BE72140&RedC=c.clarity.ms&MXFR=33FF6666212D6233276772FB252D6C63
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=720441CBEDE140C58F70F73A7BE72140&MUID=2E93954D1F7F65432AAD81D01EF4642A

42 B
465 B

73ms
56ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=720441CBEDE140C58F70F73A7BE72140&MUID=2E93954D1F7F65432AAD81D01EF4642A
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://arcticwolf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 08:16:21 GMT
last-modified: Fri, 01 Mar 2024 22:54:48 GMT
server: Microsoft-IIS/10.0
etag: "3e26b762b6cda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 13 Jun 2024 08:16:20 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 856538ACBDE74C8EA0A54A788EF1CD3E Ref B: FRA31EDGE0611 Ref C: 2024-06-13T08:16:21Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=720441CBEDE140C58F70F73A7BE72140&MUID=2E93954D1F7F65432AAD81D01EF4642A
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 128ms
39ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMV4652

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 07:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2118
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 13 Jun 2024 09:41:03 GMT

GET
H2 200 industry-analysis-icon-lt-blue-150-150x150.png
arcticwolf.com/wp-content/uploads/2021/12/ 1 KB
2 KB 43ms
40ms Image
image/png 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arcticwolf.com/wp-content/uploads/2021/12/industry-analysis-icon-lt-blue-150-150x150.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4e8b5974ff1c24244628f779dd7f26cd27933292d0c9c824d715e646f005a131

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:23:39 GMT
x-amz-version-id: Vf.nnk.UVGnvMW1AVfFlQDwn65y1bQy4
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 46b6cb3d5daab7defe28d3658c3a54fe.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 35563
x-cache: Miss from cloudfront
content-length: 1342
last-modified: Wed, 12 Jun 2024 21:28:49 GMT
server: AmazonS3
etag: "31a89cc4fa5fc29aafaef794104f02c9"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-id: HvRpE0hwEH0FmICFcm67xsmon2Qc_PpOeiOQf6oKGs0QNs05FZgbig==

GET
H2 200 award-icon-lt-blue-2.png
arcticwolf.com/wp-content/uploads/2021/12/ 1004 B
2 KB 43ms
41ms Image
image/png 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arcticwolf.com/wp-content/uploads/2021/12/award-icon-lt-blue-2.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

bb12f0c98d0608e36b4913f8546f6e73b0ac5b9adc656175e7a064aaa15bcc67

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:23:39 GMT
x-amz-version-id: rzj9WlFwTvebNSg5GlWRzPMm8dxVWaCU
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 2ad26f5878b778b17955978bf962dc9a.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 35562
x-cache: Miss from cloudfront
content-length: 1004
last-modified: Wed, 12 Jun 2024 21:28:47 GMT
server: AmazonS3
etag: "147143886d181fbb4f44964e96ee2d48"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-id: Y8OOQlfKIrH6D_EwwvVq3N351GkvOIhvIYOntWQtAXEbxVUCtn9zMA==

GET
H2 200 AW-Security-Teams-Menu-bg.jpg
arcticwolf.com/wp-content/uploads/2023/10/ 38 KB
39 KB 43ms
42ms Image
image/jpeg 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arcticwolf.com/wp-content/uploads/2023/10/AW-Security-Teams-Menu-bg.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

09acf67d86167c13f2d192a0f0fddafa744676c797a87a16f861dfbd794feb63

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:11:04 GMT
x-amz-version-id: rPPO_4RwS3rs4j8Yvo9h0amYLx1oLww.
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 2e8126aebd83e92e3cf50c4f9c832912.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36317
x-cache: Miss from cloudfront
content-length: 39058
last-modified: Thu, 29 Feb 2024 15:10:46 GMT
server: AmazonS3
etag: "684b9b6423426d197521b893e6c8290f"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-id: yRti9wy6FWXoyBQzUyULRz-fiMVuiowoQNy93ykbWOrOKhtrQME-6g==

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 725 B
706 B 155ms
73ms XHR
application/json 13.248.142.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.142.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software: nginx /
Resource Hash: d454566fbbab8fcbc70a1c3139be25be5205712442564fe24a5e0258e3337a98

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Token 93d84380defe58ab6807a488e1f54b53e6882408
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
X-6s-CustomID: WebTag1.0 468ce208ecea2d45efbf04ec75c998b4
Referer: https://arcticwolf.com/
sec-ch-ua-platform: "Win32"

Response headers

x-trace-id: 4797843849577707860
date: Thu, 13 Jun 2024 08:16:21 GMT
content-encoding: gzip
server: nginx
vary: Origin, Accept-Encoding
content-type: application/json
x-6si-region: eu-central-1a
access-control-allow-origin: https://arcticwolf.com
access-control-expose-headers: X-6si-Region
access-control-allow-credentials: true
timing-allow-origin: https://6sense.com, https://www.ssga.com
content-length: 387

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 122ms
42ms Preflight 13.248.142.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.142.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-6s-customid
Access-Control-Request-Method: GET
Origin: https://arcticwolf.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,x-6s-customid
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://arcticwolf.com
access-control-expose-headers: X-6si-Region
access-control-max-age: 1800
date: Thu, 13 Jun 2024 08:16:21 GMT
server: nginx
timing-allow-origin: https://6sense.com, https://www.ssga.com
x-6si-region: eu-central-1a
x-trace-id: 7927141910496463536

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 134ms
134ms Image
image/gif 23.53.42.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=468ce208ecea2d45efbf04ec75c998b4&svisitor=null&visitor=9263cf65-6b39-401a-8544-1f81728e10ed&session=b69e83eb-874b-4af5-8b9b-383fd3c6dd7a&event=ipv6&q=%7B%22address%22%3A%222a01%3A4a0%3A1338%3A93%3A%3A9%22%7D&isIframe=false&m=%7B%22description%22%3A%22Arctic%20Wolf%20Labs%20has%20observed%20Fog%20ransomware%20being%20deployed%20against%20US%20organizations%20in%20the%20education%20and%20recreation%20sectors.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Lost%20in%20the%20Fog%3A%20A%20New%20Ransomware%20Threat%20-%20Arctic%20Wolf%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&pageViewId=9b61cfca-c2a9-4809-822b-c983179a2730&v=1.1.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.42.251 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-42-251.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 08:16:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 13 Jun 2024 08:16:21 GMT

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
278 B 403ms
280ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://arcticwolf.com
Date: Thu, 13 Jun 2024 08:16:21 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H3 200 getSubscriptions Show response
js.zi-scripts.com/unified/v1/master/ 195 B
558 B 521ms
505ms Fetch
application/json 104.18.37.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 56baa0103566bd838e77b10254ab739b8c46d9d6855c922c9f0481605bcbad4d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Bearer 66a7a829411679931395
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://arcticwolf.com/
visited_url: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/

Response headers

date: Thu, 13 Jun 2024 08:16:22 GMT
via: 1.1 7a65f4d2ee5d57076ba751b6931848de.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amz-cf-pop: TXL50-P5
x-powered-by: Express
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
apigw-requestid: ZS-hjiRwvHcEPdA=
server: cloudflare
etag: W/"c3-VA9mOpAn5l9y2HUV8tOXL4vOYIA"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cf-ray: 8930a359daa24510-TXL
x-amz-cf-id: zPgZiHQh43JaYs_3suouUN5jTnLi5nLU7J2uzg7ZqCPYE7iquKmIug==

OPTIONS
H3 204 getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame 0
0 542ms
497ms Preflight 104.18.37.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,visited_url
Access-Control-Request-Method: GET
Origin: https://arcticwolf.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400
apigw-requestid: ZS-hejaivHcEMcQ=
cf-cache-status: DYNAMIC
cf-ray: 8930a3569aa44510-TXL
date: Thu, 13 Jun 2024 08:16:21 GMT
server: cloudflare
vary: Access-Control-Request-Headers
via: 1.1 be10e6b765bbef9faac0617fa874014e.cloudfront.net (CloudFront)
x-amz-cf-id: hHDbJFtG4lAhji-EXQ39eBcM9HULf5Kx70TnX7JiFrQCvldk9xFe0A==
x-amz-cf-pop: TXL50-P5
x-cache: Miss from cloudfront
x-powered-by: Express

GET
H2 200 Case-study-icon-lt-blue.png
arcticwolf.com/wp-content/uploads/2021/12/ 625 B
1 KB 48ms
41ms Image
image/png 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arcticwolf.com/wp-content/uploads/2021/12/Case-study-icon-lt-blue.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5df2ce7f2422dadb520fd6d371f78d24f4c034caa67e3afb75d7260fa4a102c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:23:39 GMT
x-amz-version-id: o285y4Fc5wJ8Ho4MmaJ.Tf9_AiepfYbi
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 32c1b1f3aed1f2411468b70713ad6556.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 35563
x-cache: Miss from cloudfront
content-length: 625
last-modified: Wed, 12 Jun 2024 21:28:31 GMT
server: AmazonS3
etag: "4e7aa3fec594c74b2861b90fd8916979"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-id: e9YWyKKhzSiIwvFLzC9wwhFmoPwY0E_C2Q8TiGAlWXcoUiB6TjkhiQ==

GET
H2 200 AW-service-assurance-logo-lt-blue-279x300.png
arcticwolf.com/wp-content/uploads/2021/12/ 4 KB
4 KB 46ms
42ms Image
image/png 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arcticwolf.com/wp-content/uploads/2021/12/AW-service-assurance-logo-lt-blue-279x300.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c3dab27fadfa60dc432f4a55d14ef6164ca486e0bdbad9a292ed87c551cc800a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:23:40 GMT
x-amz-version-id: 4X0Bb5IobNXmcLdGPbWh1RyiZNo.6xOO
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 2e8126aebd83e92e3cf50c4f9c832912.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 35562
x-cache: Miss from cloudfront
content-length: 3752
last-modified: Wed, 12 Jun 2024 21:28:48 GMT
server: AmazonS3
etag: "8925727c83dc377592270ed22b13bb1d"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-id: miyH5qcMys-kJZu8C9WmC7acdK2AXkEDKR-sZS4TRdxFg3qsVZk0wg==

GET
H2 200 AW_Arctic_Labs_logo_icon_skyblue-150x150.png
arcticwolf.com/wp-content/uploads/2022/09/ 1 KB
2 KB 47ms
43ms Image
image/png 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arcticwolf.com/wp-content/uploads/2022/09/AW_Arctic_Labs_logo_icon_skyblue-150x150.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ff3188f56b7523ccfed5696d67c4af1df67100e2fbd4793e6c01312b7adf5519

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:23:40 GMT
x-amz-version-id: NEv2_aVs910fhiKcGm..fitEFjRH99i5
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 c8faaa7d637dd73af72e1355a476ffc2.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 35561
x-cache: Miss from cloudfront
content-length: 1245
last-modified: Wed, 12 Jun 2024 21:28:34 GMT
server: AmazonS3
etag: "592a108786ec47a11fe07a2af04abe43"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-id: i6cJ67kXLu6bI5JcnFYD-2lNh8dQFLsxpKbv7e64YrNGxCvk-nXxWw==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 57ms
46ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1886096755&t=pageview&_s=1&dl=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&ul=de-de&de=UTF-8&dt=Lost%20in%20the%20Fog%3A%20A%20New%20Ransomware%20Threat%20-%20Arctic%20Wolf&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=1201386114&gjid=556958765&cid=975463637.1718266581&tid=UA-67837305-1&_gid=1726266338.1718266582&_r=1&_slc=1&gtm=45He46c0n81PMV4652v78485517za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&npa=1&z=628038776

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 08:16:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://arcticwolf.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 77ms
74ms XHR
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-67837305-1&cid=975463637.1718266581&jid=1201386114&gjid=556958765&_gid=1726266338.1718266582&npa=1&_u=YCDACEAABAAAACAAI~&z=698291102

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 13 Jun 2024 08:16:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://arcticwolf.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 79ms
65ms Image
image/gif 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-67837305-1&cid=975463637.1718266581&jid=1201386114&npa=1&_u=YCDACEAABAAAACAAI~&z=28195858

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 08:16:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 80ms
64ms Image
image/gif 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-67837305-1&cid=975463637.1718266581&jid=1201386114&npa=1&_u=YCDACEAABAAAACAAI~&z=28195858

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 08:16:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aw-favicon-rebrand-32x32.png
arcticwolf.com/wp-content/uploads/2019/11/ 614 B
1 KB 67ms
42ms Other
image/png 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arcticwolf.com/wp-content/uploads/2019/11/aw-favicon-rebrand-32x32.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-102.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

87eb63cbd74c4f4114bd3d66e02a11791c300c4a73cf402e06bdcfb9cdf9f0e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:00:45 GMT
x-amz-version-id: tDaxU6Xgchbp6fLuzVpr_QZj0XUC9uXE
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 60dc145c687858f10bb3fe6251ad4ffe.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9, FRA2-C1
age: 36937
x-cache: Miss from cloudfront
content-length: 614
last-modified: Wed, 12 Jun 2024 21:28:46 GMT
server: AmazonS3
etag: "e853cfd524ee756b3318580a943cb9fe"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-id: XWwWyrqjIIB5GEDD7ZI-UMlDl5GjcLR_8niS9v97n-ZWXeBvQ0Trxw==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 135ms
134ms Image
image/gif 23.53.42.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=468ce208ecea2d45efbf04ec75c998b4&svisitor=null&visitor=9263cf65-6b39-401a-8544-1f81728e10ed&session=b69e83eb-874b-4af5-8b9b-383fd3c6dd7a&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2013%20Jun%202024%2008%3A16%3A22%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2013%20Jun%202024%2008%3A16%3A17%20GMT%22%2C%22timeSpent%22%3A%224699%22%2C%22totalTimeSpent%22%3A%224699%22%7D&isIframe=false&m=%7B%22description%22%3A%22Arctic%20Wolf%20Labs%20has%20observed%20Fog%20ransomware%20being%20deployed%20against%20US%20organizations%20in%20the%20education%20and%20recreation%20sectors.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Lost%20in%20the%20Fog%3A%20A%20New%20Ransomware%20Threat%20-%20Arctic%20Wolf%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&pageViewId=9b61cfca-c2a9-4809-822b-c983179a2730&v=1.1.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.42.251 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-42-251.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 08:16:22 GMT
x-content-type-options: nosniff
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 13 Jun 2024 08:16:22 GMT

OPTIONS
H3 200 /
ws.zoominfo.com/pixel/uWhJBalAQeFpeNitJUHH/ Frame 0
0 313ms
255ms Preflight
text/html 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/uWhJBalAQeFpeNitJUHH/?iszitag=true

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: _vtok,_zitok,content-type,visited-url
Access-Control-Request-Method: GET
Origin: https://arcticwolf.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
access-control-allow-origin: https://arcticwolf.com
allow: GET,HEAD
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8930a35d6cc3bf32-WAW
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 13 Jun 2024 08:16:22 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
x-robots-tag: noindex, nofollow

GET
H3 200 formcomplete.js Show response
ws-assets.zoominfo.com/ 90 KB
27 KB 93ms
92ms Script
application/javascript 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-assets.zoominfo.com/formcomplete.js
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b1a4915e59e76e65870b9b2fe38250746fd0eaa301b836516e71bc7c6dd8ae4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 08:16:22 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 181
x-guploader-uploadid: ABPtcPrgjtOsKOkvLtM4El_xzvSr9ytPkZXxIBm3ynwFotUV5yLcDePStCDNNTljqxIALpJdnPs
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 16 May 2024 10:14:37 GMT
server: cloudflare
etag: W/"006455bd44ed289ddcc403d0ecd96ab0"
x-goog-hash: crc32c=p5SAHw==, md5=AGRVvUTtKJ3cxAPQ7NlqsA==
x-goog-generation: 1715854477710382
content-type: application/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 91778
cf-ray: 8930a35d194fb5fd-WAW
expires: Thu, 13 Jun 2024 09:13:21 GMT

GET
H3 200 / Show response
ws.zoominfo.com/pixel/uWhJBalAQeFpeNitJUHH/ 3 KB
2 KB 316ms
315ms Fetch
text/javascript 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/uWhJBalAQeFpeNitJUHH/?iszitag=true

Requested by

Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

1bf69c84f9147f3e70791d4bed3874a5ea5903759d46d01bb1e29d3d14b3fec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/javascript
visited-url: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
Referer: https://arcticwolf.com/resources/blog/lost-in-the-fog-a-new-ransomware-threat/
_vtok: ODAuMjU1LjcuMTIy
_zitok: 552d306e4f656cab54881718266582
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 08:16:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://arcticwolf.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc: h3=":443"; ma=86400
cf-ray: 8930a35f0cd1b5fd-WAW

POST
H3 200 forms Show response
ws.zoominfo.com/formcomplete-v2/ 2 KB
879 B 220ms
219ms Fetch
application/json 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/formcomplete-v2/forms

Requested by

Host: ws-assets.zoominfo.com
URL: https://ws-assets.zoominfo.com/formcomplete.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

dbbe588c78ffb98db87c5eb7b9248e9b1d607402b614d2d80e4fe7becf33c09e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: bearer 0a190541422eb542fed35325908f47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://arcticwolf.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 08:16:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"685-sdoJPazRGKj+92qmsJeD1DuLq4Q"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://arcticwolf.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
cf-ray: 8930a35f7da7b5fd-WAW

OPTIONS
H3 200 forms
ws.zoominfo.com/formcomplete-v2/ Frame 0
0 225ms
223ms Preflight
text/html 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/formcomplete-v2/forms

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://arcticwolf.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok
access-control-allow-origin: https://arcticwolf.com
allow: POST
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8930a35e1e12bf32-WAW
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 13 Jun 2024 08:16:22 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
x-robots-tag: noindex, nofollow

GET
BLOB 200
OK 8ecb0e66-b758-4511-9fa9-fa37877a1983 Show response
https://arcticwolf.com/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://arcticwolf.com/8ecb0e66-b758-4511-9fa9-fa37877a1983
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1bf69c84f9147f3e70791d4bed3874a5ea5903759d46d01bb1e29d3d14b3fec1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 2928
Content-Type: text/javascript

POST
H2 200 mon Show response
obs.robotflowermobile.com/ 0
39 B 119ms
118ms XHR
application/json 2600:1f18:e8a:cd08:3437:aff5:50c:d298
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.robotflowermobile.com/mon
Requested by: Host: ob.robotflowermobile.com
URL: https://ob.robotflowermobile.com/i/9decd3b0fe5c0841dd43a5375baa5a71.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://arcticwolf.com
date: Thu, 13 Jun 2024 08:16:23 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 154ms
154ms Image
image/gif 23.53.42.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=468ce208ecea2d45efbf04ec75c998b4&svisitor=null&visitor=9263cf65-6b39-401a-8544-1f81728e10ed&session=b69e83eb-874b-4af5-8b9b-383fd3c6dd7a&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2013%20Jun%202024%2008%3A16%3A23%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2013%20Jun%202024%2008%3A16%3A22%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%225699%22%7D&isIframe=false&m=%7B%22description%22%3A%22Arctic%20Wolf%20Labs%20has%20observed%20Fog%20ransomware%20being%20deployed%20against%20US%20organizations%20in%20the%20education%20and%20recreation%20sectors.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Lost%20in%20the%20Fog%3A%20A%20New%20Ransomware%20Threat%20-%20Arctic%20Wolf%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&pageViewId=9b61cfca-c2a9-4809-822b-c983179a2730&v=1.1.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.42.251 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-42-251.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 08:16:23 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 13 Jun 2024 08:16:23 GMT

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
278 B 124ms
124ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://arcticwolf.com
Date: Thu, 13 Jun 2024 08:16:23 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 139ms
138ms Image
image/gif 23.53.42.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=468ce208ecea2d45efbf04ec75c998b4&svisitor=null&visitor=9263cf65-6b39-401a-8544-1f81728e10ed&session=b69e83eb-874b-4af5-8b9b-383fd3c6dd7a&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2013%20Jun%202024%2008%3A16%3A24%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2013%20Jun%202024%2008%3A16%3A23%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%226701%22%7D&isIframe=false&m=%7B%22description%22%3A%22Arctic%20Wolf%20Labs%20has%20observed%20Fog%20ransomware%20being%20deployed%20against%20US%20organizations%20in%20the%20education%20and%20recreation%20sectors.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Lost%20in%20the%20Fog%3A%20A%20New%20Ransomware%20Threat%20-%20Arctic%20Wolf%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&pageViewId=9b61cfca-c2a9-4809-822b-c983179a2730&v=1.1.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.42.251 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-42-251.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 08:16:24 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 13 Jun 2024 08:16:24 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 49ms
44ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-33RYRGB9LX&gtm=45je46c0v882658109z878485517za200zb78485517&_p=1718266576179&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=975463637.1718266581&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=2&sid=1718266580&sct=1&seg=1&dl=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&dt=Lost%20in%20the%20Fog%3A%20A%20New%20Ransomware%20Threat%20-%20Arctic%20Wolf&en=page_view&_et=935&tfd=9553
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-33RYRGB9LX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 08:16:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://arcticwolf.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 mon Show response
obs.robotflowermobile.com/ 0
39 B 125ms
124ms XHR
application/json 2600:1f18:e8a:cd08:3437:aff5:50c:d298
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.robotflowermobile.com/mon
Requested by: Host: ob.robotflowermobile.com
URL: https://ob.robotflowermobile.com/i/9decd3b0fe5c0841dd43a5375baa5a71.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://arcticwolf.com
date: Thu, 13 Jun 2024 08:16:25 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 mon Show response
obs.robotflowermobile.com/ 0
16 B 127ms
126ms XHR
application/json 2600:1f18:e8a:cd08:3437:aff5:50c:d298
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.robotflowermobile.com/mon
Requested by: Host: ob.robotflowermobile.com
URL: https://ob.robotflowermobile.com/i/9decd3b0fe5c0841dd43a5375baa5a71.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://arcticwolf.com
date: Thu, 13 Jun 2024 08:16:25 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 143ms
143ms Image
image/gif 23.53.42.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=468ce208ecea2d45efbf04ec75c998b4&svisitor=null&visitor=9263cf65-6b39-401a-8544-1f81728e10ed&session=b69e83eb-874b-4af5-8b9b-383fd3c6dd7a&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2013%20Jun%202024%2008%3A16%3A25%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2013%20Jun%202024%2008%3A16%3A24%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%227702%22%7D&isIframe=false&m=%7B%22description%22%3A%22Arctic%20Wolf%20Labs%20has%20observed%20Fog%20ransomware%20being%20deployed%20against%20US%20organizations%20in%20the%20education%20and%20recreation%20sectors.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Lost%20in%20the%20Fog%3A%20A%20New%20Ransomware%20Threat%20-%20Arctic%20Wolf%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&pageViewId=9b61cfca-c2a9-4809-822b-c983179a2730&v=1.1.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.42.251 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-42-251.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 08:16:25 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 13 Jun 2024 08:16:25 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 145ms
143ms Image
image/gif 23.53.42.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=468ce208ecea2d45efbf04ec75c998b4&svisitor=null&visitor=9263cf65-6b39-401a-8544-1f81728e10ed&session=b69e83eb-874b-4af5-8b9b-383fd3c6dd7a&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2013%20Jun%202024%2008%3A16%3A26%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2013%20Jun%202024%2008%3A16%3A25%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%228703%22%7D&isIframe=false&m=%7B%22description%22%3A%22Arctic%20Wolf%20Labs%20has%20observed%20Fog%20ransomware%20being%20deployed%20against%20US%20organizations%20in%20the%20education%20and%20recreation%20sectors.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Lost%20in%20the%20Fog%3A%20A%20New%20Ransomware%20Threat%20-%20Arctic%20Wolf%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&pageViewId=9b61cfca-c2a9-4809-822b-c983179a2730&v=1.1.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.42.251 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-42-251.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 08:16:26 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 13 Jun 2024 08:16:26 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 137ms
136ms Image
image/gif 23.53.42.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=468ce208ecea2d45efbf04ec75c998b4&svisitor=null&visitor=9263cf65-6b39-401a-8544-1f81728e10ed&session=b69e83eb-874b-4af5-8b9b-383fd3c6dd7a&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2013%20Jun%202024%2008%3A16%3A27%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2013%20Jun%202024%2008%3A16%3A26%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%229704%22%7D&isIframe=false&m=%7B%22description%22%3A%22Arctic%20Wolf%20Labs%20has%20observed%20Fog%20ransomware%20being%20deployed%20against%20US%20organizations%20in%20the%20education%20and%20recreation%20sectors.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Lost%20in%20the%20Fog%3A%20A%20New%20Ransomware%20Threat%20-%20Arctic%20Wolf%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&pageViewId=9b61cfca-c2a9-4809-822b-c983179a2730&v=1.1.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.42.251 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-42-251.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 08:16:27 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 13 Jun 2024 08:16:27 GMT

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
278 B 124ms
123ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://arcticwolf.com
Date: Thu, 13 Jun 2024 08:16:28 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 140ms
139ms Image
image/gif 23.53.42.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=468ce208ecea2d45efbf04ec75c998b4&svisitor=null&visitor=9263cf65-6b39-401a-8544-1f81728e10ed&session=b69e83eb-874b-4af5-8b9b-383fd3c6dd7a&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2013%20Jun%202024%2008%3A16%3A28%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2013%20Jun%202024%2008%3A16%3A27%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%2210705%22%7D&isIframe=false&m=%7B%22description%22%3A%22Arctic%20Wolf%20Labs%20has%20observed%20Fog%20ransomware%20being%20deployed%20against%20US%20organizations%20in%20the%20education%20and%20recreation%20sectors.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Lost%20in%20the%20Fog%3A%20A%20New%20Ransomware%20Threat%20-%20Arctic%20Wolf%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&pageViewId=9b61cfca-c2a9-4809-822b-c983179a2730&v=1.1.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.42.251 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-42-251.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://arcticwolf.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 08:16:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 13 Jun 2024 08:16:28 GMT

Verdicts & Comments Add Verdict or Comment

156 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

55 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cybersecurity.arcticwolf.com/	1970-01-20 21:17:48	Name: __cf_bm Value: OrNsbgziTFmeuygBDcfZ6OufV4ZKp_xO2bxmp4rZGrE-1718266576-1.0.1.1-ZHTkety68KkxKyI6j0Tt5CgkJIL0v0xmvKEnUygmRqGrPpm4FDFxK37h091hCXLRm3KyIH90SkRMeMSgJwYBog
.arcticwolf.com/	1970-01-20 23:27:22	Name: _gcl_au Value: 1.1.1872408152.1718266577
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: XAxZouLb6ns
.youtube.com/	1970-01-21 01:36:58	Name: VISITOR_INFO1_LIVE Value: hA9XZfKS2Z4
.youtube.com/	1970-01-21 01:36:58	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgRA%3D%3D
.g2crowd.com/	1970-01-20 21:17:48	Name: __cf_bm Value: 8samHtM_a2f8Z9mzjZJzi1Unt8cVufCdKM1NI4GgBPs-1718266577-1.0.1.1-jOX1TSTL7lArxGlRwQW6UHO.bIZolpZiezyWexPcGR7Ig5UFpA_3HehYnMo.ciDq2puVuxWT7TCm9lim0_CdFA
.zoominfo.com/	1970-01-20 21:17:48	Name: __cf_bm Value: rn26mCEVvT_V3meNzDZWHXJj0dGE2D5QDPy3peZzWXQ-1718266577-1.0.1.1-B.M8CCA9XDEsU6PH1fSoiTktC6plUcO.fksEAmA8aA0vA.XNkLhxPm9hqIYZkcPi50eLl8ThkYhRtgRsTiukPA
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 2t6Rz9n8KrjNmBa.yRazYh.sURUrYIHdGnZ4i8ZTrb4-1718266577389-0.0.1.1-604800000
.techtarget.com/	1970-01-20 21:17:48	Name: __cf_bm Value: 53C6J3VNPoRL_cRvJY1QWt_HBnaKbo5w8iJU_NgrWd0-1718266577-1.0.1.1-DHWBXMvO3obVZsqTvONkpFtmcAKTeuDwIcNBTl4pt0vsb0zBq7w6QO7PYTqBXU606IYl6NHsHHWvk0PQvjU.fQ
cybersecurity.arcticwolf.com/	1969-12-31 23:59:59	Name: BIGipServersj21web-nginx-app_https Value: !ZSRGCKiOBVNgSOwRgS7A5F9dNDOAZNeuGu2r4MclOfWMwJI2iPtjCos4k7APFQe+yhQVFzEqShzSBW4=
arcticwolf.com/	1970-01-21 06:03:22	Name: __pdst Value: 0be7222b5d7248bdb6ef2e6af11d9d8e
.linkedin.com/	1970-01-20 23:27:22	Name: li_sugr Value: 475594a0-2512-4df6-b69e-9a07eb312fe0
.linkedin.com/	1970-01-21 06:03:22	Name: bcookie Value: "v=2&3cb20cd3-1762-414c-8d98-e7e738d84080"
.linkedin.com/	1970-01-20 21:19:12	Name: lidc Value: "b=VGST01:s=V:r=V:a=V:p=V:g=3276:u=1:x=1:i=1718266577:t=1718352977:v=2:sig=AQEgIjSRhk4ly5pKPGtv_wtu4SIAIFlg"
.arcticwolf.com/	1970-01-21 01:36:58	Name: dpi_utmOrigVals Value: %7B%22utm_orig_medium__c%22%3A%22none%22%2C%22utm_orig_source__c%22%3A%22none%22%7D
.twitter.com/	1970-01-21 06:53:46	Name: personalization_id Value: "v1_Tgp2V/nQrQ7rCLm1g46o/A=="
.t.co/	1970-01-21 06:53:46	Name: muc_ads Value: 183bd77f-dfe6-4297-bd13-cee6659f8bb3
.linkedin.com/	1970-01-20 22:00:58	Name: UserMatchHistory Value: AQKWXhnauQPUiQAAAZAQq0Pod60RLRxVgXWbW9tuh-tiXE50z3F541B61ID8nT-9yyyib3q-F3LabA
.linkedin.com/	1970-01-20 22:00:58	Name: AnalyticsSyncHistory Value: AQJ2HAqmwZjtMAAAAZAQq0PodN2zePAiYWqlMuK9wItj603NCZs-YSv_pbTUJy0iuOjNti0Pm6gt2qG8hR1viA
.arcticwolf.com/	1970-01-20 21:19:12	Name: _uetsid Value: 35ab5460295d11ef9b4a13ebc67e3589
.arcticwolf.com/	1970-01-21 06:39:22	Name: _uetvid Value: 35aba630295d11ef849dff1e6d99c8d8
.arcticwolf.com/	1970-01-21 06:53:46	Name: nmstat Value: 038bafd8-a9ae-5d20-4e9f-bbf3d0eddb88
.arcticwolf.com/	1970-01-21 06:53:46	Name: _mkto_trk Value: id:840-OSQ-661&token:_mch-arcticwolf.com-1718266578127-36601
.arcticwolf.com/	1970-01-20 23:27:22	Name: _fbp Value: fb.1.1718266578150.615182463925184508
.www.linkedin.com/	1970-01-21 06:03:22	Name: bscookie Value: "v=1&20240613081618e6bfe890-e8f6-4168-8d18-02a3af3a0397AQFQ3WIcAvLB6FaO0LCIVRJbpHgRsmSB"
.linkedin.com/	1970-01-21 01:36:58	Name: li_gc Value: MTswOzE3MTgyNjY1Nzg7MjswMjF07hbjxCtbiTng2ZXi0tN6LmHl8FzU9uMuV3rqWMAohQ==
.linkedin.com/	1970-01-20 21:17:48	Name: __cf_bm Value: D1O6xNtXcYx0XHhoEsivjOWtBRUHRgKAvyg9NMSMU2Q-1718266578-1.0.1.1-bj0pJ6ERuzqW9LMgb6Xnka_nVUpuAR4iZz6b_.eWlPMEI3DGNtufkh1iIX4KDkESZ1VgsUAU1XDCBFZl2kk8aQ
.arcticwolf.com/	1970-01-21 06:03:22	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Jun+13+2024+10%3A16%3A18+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202307.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=2f64a0f9-38d8-4339-a21f-2112fe1116a0&interactionCount=0&landingPath=https%3A%2F%2Farcticwolf.com%2Fresources%2Fblog%2Flost-in-the-fog-a-new-ransomware-threat%2F&groups=C0005%3A0%2CC0001%3A1%2CC0002%3A0%2CC0004%3A0%2CC0003%3A0
www.clarity.ms/	1970-01-21 06:03:22	Name: CLID Value: 862a2490c7b84f91be59cd90ae223a9f.20240613.20250613
.arcticwolf.com/	1970-01-20 23:29:10	Name: _cq_duid Value: 1.1718266579.DsBoplqvItGbGe0y
.arcticwolf.com/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1718266579.CwPGWonkVce1V7Io
.arcticwolf.com/	1970-01-20 21:17:48	Name: vid Value: 876124cd-ffe4-4ec1-aca7-699c2f86ba72
.arcticwolf.com/	1970-01-21 06:03:22	Name: _clck Value: 1fd10xi%7C2%7Cfml%7C0%7C1625
.arcticwolf.com/	1970-01-20 21:17:48	Name: _pf_ses.2b27 Value: *
obs.robotflowermobile.com/	1970-01-21 05:21:36	Name: cg_uuid Value: e12eca14dc6c0ce5357c364974218e46
.arcticwolf.com/	1970-01-20 21:17:48	Name: _pf_id.2b27 Value: 876124cd-ffe4-4ec1-aca7-699c2f86ba72.1718266580.1.1718266580..4a6218e8-e554-4acd-9703-6323fc3334e1..07be7b92-4ce7-4b0e-a778-3e4b6159ad69.1718266579952.2
.arcticwolf.com/	1970-01-20 21:19:12	Name: _clsk Value: gctidk%7C1718266580453%7C1%7C1%7Cx.clarity.ms%2Fcollect
.doubleclick.net/	1970-01-21 06:39:22	Name: IDE Value: AHWqTUkoPNNGh2hHAa_KnOnyuT6NKFztjxbjfhGEyOtoDKznV19umh5E1hA8I08h
arcticwolf.com/	1970-01-21 06:53:46	Name: _gd_visitor Value: 9263cf65-6b39-401a-8544-1f81728e10ed
arcticwolf.com/	1970-01-20 21:18:00	Name: _gd_session Value: b69e83eb-874b-4af5-8b9b-383fd3c6dd7a
arcticwolf.com/	1970-01-20 21:17:48	Name: drift_campaign_refresh Value: 64f432a6-e536-4242-b2b1-6843e66dd993
.arcticwolf.com/	1970-01-21 06:53:46	Name: _ga Value: GA1.2.975463637.1718266581
.arcticwolf.com/	1970-01-20 21:19:12	Name: _gid Value: GA1.2.1726266338.1718266582
.arcticwolf.com/	1970-01-20 21:17:46	Name: _gat_UA-67837305-1 Value: 1
.bing.com/	1970-01-21 06:39:22	Name: MUID Value: 2E93954D1F7F65432AAD81D01EF4642A
.c.bing.com/	1970-01-20 21:27:51	Name: MR Value: 0
.c.bing.com/	1970-01-21 06:39:22	Name: SRM_B Value: 2E93954D1F7F65432AAD81D01EF4642A
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 06:39:22	Name: MUID Value: 2E93954D1F7F65432AAD81D01EF4642A
.c.clarity.ms/	1970-01-20 21:27:51	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 21:17:47	Name: ANONCHK Value: 0
arcticwolf.com/	1970-01-21 06:53:46	Name: drift_aid Value: 714e24e9-9556-43e9-ba98-93e70811e390
arcticwolf.com/	1970-01-21 06:53:46	Name: driftt_aid Value: 714e24e9-9556-43e9-ba98-93e70811e390
.arcticwolf.com/	1970-01-21 06:03:22	Name: _zitok Value: 552d306e4f656cab54881718266582
.arcticwolf.com/	1970-01-21 06:53:46	Name: _ga_33RYRGB9LX Value: GS1.1.1718266580.1.1.1718266584.56.0.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
worker	verbose	URL: blob:https://arcticwolf.com/fb8bc649-a847-4c82-8761-f07dcd62ff5d(Line 1) Message: Error
other	warning	URL: https://js.driftt.com/include/1718266800000/zaxd53bdwtvy.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6145655.global.siteimproveanalytics.io
840-osq-661.mktoresp.com
analytics.twitter.com
app.cdn.lookbookhq.com
arcticwolf.com
b.6sc.co
bat.bing.com
c.6sc.co
c.bing.com
c.clarity.ms
cc.swiftype.com
cdn-app.pathfactory.com
cdn.cookielaw.org
cdn.pdst.fm
connect.facebook.net
cybersecurity.arcticwolf.com
epsilon.6sense.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
ibc-flow.techtarget.com
ipv6.6sc.co
j.6sc.co
js.driftt.com
js.zi-scripts.com
jukebox.pathfactory.com
munchkin.marketo.net
ob.robotflowermobile.com
obs.robotflowermobile.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
s.swiftypecdn.com
siteimproveanalytics.com
snap.licdn.com
spcollector.pathfactory.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tracking.g2crowd.com
trk.techtarget.com
us-central1-adaptive-growth.cloudfunctions.net
ws-assets.zoominfo.com
ws.zoominfo.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.youtube.com
x.clarity.ms
104.16.117.43
104.17.74.206
104.18.37.212
104.244.42.195
13.107.42.14
13.224.189.102
13.248.142.121
13.32.99.8
142.250.185.66
142.250.186.36
142.250.186.40
142.250.186.66
142.250.186.67
146.75.120.157
151.101.65.167
169.63.31.200
18.245.86.14
184.31.85.59
188.114.96.3
192.28.147.68
20.114.190.119
2001:4860:4802:32::36
2001:4860:4802:36::36
23.53.42.251
2600:1f18:e8a:cd08:3437:aff5:50c:d298
2600:9000:2057:3c00:1c:f10a:ad80:93a1
2606:4700:4400::6812:2089
2606:4700:4400::6812:24c4
2606:4700:4400::6812:2b1f
2606:4700:4400::ac40:92d7
2606:4700::6813:b234
2620:1ec:21::14
2620:1ec:29:1::45
2620:1ec:c11::237
2a00:1450:4001:80f::200a
2a00:1450:4001:811::200e
2a00:1450:4001:81d::200e
2a00:1450:4001:828::2008
2a00:1450:4001:830::2003
2a00:1450:400c:c0b::9c
2a02:26f0:480:15::213:7e63
2a02:26f0:ab00::214:8e70
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.126.143.238
34.111.208.231
35.173.88.167
35.244.142.80
52.200.144.213
68.219.88.97
93.184.221.165
01a6571de875629cd204157ffb77bdf6787f80ecbafacae73c1cc4f893eb43a6
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
03b8970524212903ed5e8da72d99351e9ac4510cf8e898f94c8b8191a96014da
040e7b516a60105fbbd09dfba5e37c49539ce6b22b78aab284468c1185530f3d
0423f69dc0e5f863d923e48c8c61298979b1c3fbdacbf6976d2b36f160bdea88
07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988
0889148c4e8d0ad8ec55d4f344002d29e84aaed723c148d62695e91ee6e09082
0927046a7f82a1f6e6e48d1115be04d8e053922775f03d0fdecef3b60e92f8cb
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
09acf67d86167c13f2d192a0f0fddafa744676c797a87a16f861dfbd794feb63
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e
0f634bab728b33a789ccead1a752a764d1ba11f20e6bb9e9563c302cbbcc0651
1030dee6b293cd2f1331f5355130a5db48929f961ba7409a4d4ce83c73caefdd
105383052b2beb806be6d2fb6834ea85569020ef1d3d3f8bfd97335b91b9b153
1293ad5193e9e5a872d9d0f6bedd8e34c59489e7ef2f48d67ebbcb8020e5a0e8
14b6cfd9b2a41bf5ee498086b1fbe2e8a31b1f99d5e040d55bdbe2d95702b6ac
1595fb9eb01ba4336679ab459b415f48a9fc1fcd3c457a4083848ca2d504b590
17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937
1aeb9107928bb523947c28e17358efb50a07b942e15ed0a72259a5794ea2ca96
1bf69c84f9147f3e70791d4bed3874a5ea5903759d46d01bb1e29d3d14b3fec1
1c48243f44eb861350f8e508ff3ac44b278f9fbb7837cc6f2c41df4a63526fa4
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
2383376c60a4522bc9eabb992249aeb31ce74f05295fca5cca18c4fde10f5bbd
24688043f67a45e79662f6fc9b64ddf8ddccafaf458458fe066db7a1be89d05d
25462e537585513efd706d55cf4cd890b30f382ab96c0f6df75c41c1095d58ed
2552d8d62d9c60f59b3b11a5d083d1ebd090c72de809fc7c76fb339825302241
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b1a4915e59e76e65870b9b2fe38250746fd0eaa301b836516e71bc7c6dd8ae4
2bd9df0ec0cb10f973c964c67a07e827482efd9c0a6c831d5ebfd7b2cc8d03c5
2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045
2d7c7930eb39d59cd8c2dc00652977da3ed72347e7cd465f7b540e10e2121c22
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31d95100c99a4bf5539f91f40bf5394d8655bd217c641ee8635f1c2ca355d1a8
3321757433351762495ef3452adf0fcefa179583f4409dd04815c710c5e45f6f
36d8ec85c22c81136c75a65428184e376ae4cf635cabaffac7b42b9c53e43322
37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2
3bc6a0f70b8792cf5564c7d756264316f1dce7b89e09db51730c6e8563fe5ecb
3c8654b979edf834bc0959a6738de068f5098fef9946017e6a7fcf25db34121a
3d0a742c9613bf7bb6797f4cf0568f031c40de94b40a3ba2b6df5938a76aa5c0
42a3d60397713245b81e7a9d44b3ab4be62c9ef8e98f91bdd6debbebf6002243
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4639b6d2620f504f3a268d7721debfa68f5de696acf93d9e5ec62011568a442e
488a292949dfe7e2ac3e8d738fddc8b3f2f3131e3194df0ba6a15d265e129203
4c6e205e2b8e47a51b55161d9560461314bd820ec2f2658acf313ccf125ced1c
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4e8b5974ff1c24244628f779dd7f26cd27933292d0c9c824d715e646f005a131
4ef271048d55bb5d2543f4dc66dd0eb95645b0e441be38f5e09237eb729761e1
509f2e49500fbaeb5d7e1959071f2922b693d0135080e2871e124ec8bdd08bb2
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5573dbf95d1ec07dc22816f875719ef2d24534e633ddee21ee370eb4688fb967
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56baa0103566bd838e77b10254ab739b8c46d9d6855c922c9f0481605bcbad4d
57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa
58c855e7eb9b917e71e6b733e73c542c25bacb986f3ba7df2be1570200312135
5a84d09e92e25d2c3f4c66621d3ccc47b9ea6c943e83b8e283817a7920b45bab
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
5bdcc9e3e427ad3a787ec7efe46d8c305e880eb44402c0000ff52f17ef6b0cdb
5df2ce7f2422dadb520fd6d371f78d24f4c034caa67e3afb75d7260fa4a102c0
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
62516811c6008085ace987cb50e5c2a0001106ffcdda59a4c2e73436af93582d
67984cd94304cb2f8823adb06162520d35adb6cd2bbefc9e4dcbd01a759fec0c
67ac597bed179b5842d996fad80472c6b9514edde408ade8b892161bcf9e9c88
683e7dd72e8bf31eaddb50de149bd4a87d9ed27541b29711a5cbcb1ea3262a45
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6b2680fab784d245cbb23d3b51e8d18740e8fc1c7c1c8eadcf0b2b7612125ff8
6db83b2803fed3f9b574567755102b18c401904a374c8acf4c9a2e9b0159cb4f
6f35273b8502706ee06854d797337ab40bc1b3a7421960a2ceb5392ac85a0f54
70208adf6f66d47e2c620793900d2f60c79f2b90ab74eb2e2c3e8fbb086c3bc3
70473bd0b0e7e7184f687732de1aecf333cd42fea1bd239d95d9319b3fe7cd7c
71d07479f4b2b809e5769a352f4f55b84690289026ace7ed5395230002551a11
77d9907ca853ab885fd7a35a29faaf4206b8fe47347cd9c12391d64451ad6f37
7867c4f0355e55bc524ac86eb3b2237c6fb95a1b6e2b140f4f89d5007addce09
7df3b7947b0a67013213f68f5390483d28132ae641c4cf16656eeb39c2f49c99
7ecfc611250f635649bd323f82a093e8a08488f55474ad5c0399b5d9463b29f2
7f4b01414c2ad7c4822e345d90850154da7f507f9ab4a2505f84c6d67839b56a
817ed52d30fc35db1227aaed57de4f6af12f580cd0f7de68d58a0731f0295491
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
84d61e7247b5194fedf074ca201a7bbc68d3ee141236b4e7cb5030abf9ab58c5
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86ab8ed42661c0f23333349e97a16a31a141e7008fdd5d89caac5617e4e09c2d
87eb63cbd74c4f4114bd3d66e02a11791c300c4a73cf402e06bdcfb9cdf9f0e0
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
90061950cbcce59024176fdde13531e2dac117bb8639a30b5e4410d5a77c5c6a
916baea92eb9094e106e44c8d6de06469c6f446ae5ff8550767587489b80304c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
93782ddf0e56d9337912140c04414253fd17fac6ed1520ea517dfce09975f83c
962d26a95d58634e18e845e01daed9fd1c5924b1545d7d51e7be4dc1c6689161
979b259f51a813a55f6d14beb947480da427c8d7ac1a3c0b0ef79a14a17ebeb0
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b67318a07044d2d04da90b3798128451cdab5dfe28416644dcfcc5660888f6f
9b73c58f0c3bc0310051845a92ba4d7dca2d77b697d029764336ddb55eb38379
9c637b699240b1c90cdfc30198a397159051cb59db4ab6e49f9d231992824b93
9cd63b8cea25045c14623c538d26752518a58c0c682795ce6ad3078976c65a37
9ed6388d56fc9f2044791e0559ab4a283381791e359dc2981449955e702de56d
a0013b499303da60cc6f7ae92351c6ce49a02ca2121992127d743b7610bed991
a0bf2e9f81fa82f306a38ab2b997ecdbe3e44d8e9468c10b7b5473486a8e4c81
a1b55c60b2932718ecb30670a31fea070a799f8608a9977e0a01f46ba9cf4b38
a24168a806e10da0989b5b1fe33eaaaaaa151df8ffde066a290fb85a2a8e10e4
a2a915b430d2ecabd493dab5cd1c465e2cfe2b1515e51417f836896ce7be84f8
a30d86c107b41090101e0109182ca76dd20bc31efd366ce4d144e74f319e2b44
a3e647bd139028a8b14cd0c42545d61fe316a4a42436a5602b44df99d8d416f3
a526f7e1a82516f99f2639fc48cd8033545c9d1ddae99c01942dede8116d4ee5
a875e1d5f8cfe252cc8f5e04d750dd8c771fb8aceabd435d548425a445ab61d3
a8ec30237f2d598424049d254157e6dd437c2a0802ce1585ee4f14b7b4266f3a
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abfb1822ca408cb63bb0404e5c2d835d873893f4fb7cefebc3ae00f6d889cf9c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee19ebf37943a35b04921e866bd00bd9fcb7e5390ef6d5304e798d1e22cf071
afb5c660c3b2a94615199ac765cb7b708d3abadf38bde847191b70e4b1427cca
afce4a48ff6cd57b37739a40bdd95f78cafecebfb4d7e616d2c4173a57ae3c66
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
b6efe2fcec52552ef0ce7ab748e10d5887bf7e8fdf884bbcdcd876911cfb652d
b8e094ad64704c2e4836153e641e432b22159b03d5b240b6dd303461be83f542
bb12f0c98d0608e36b4913f8546f6e73b0ac5b9adc656175e7a064aaa15bcc67
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbd0f735e1a16561cea3d424fab2621f73289472fa62f279480071f973162bf9
be2a7efedb81513e82a03c2f46e34ee5fdb70224f936fbb21ec8ed30feb6fa4f
c12f7ec80e87854e1ca1f37f2f8708d2dd2b26041a70004505b602753b56fb7b
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c1b3d34ca72c193c48d562353c7b8f3f3385a802b61cf731a55b176913b8065d
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c297e86e2b8fe6aa55ac7b71d568dee7f2c195d514a0d521b968b19e92d3bfff
c375e284cb478a8f21e391c99fb79c9174682d0c21e13a3ed69aa0afa6fa073b
c3dab27fadfa60dc432f4a55d14ef6164ca486e0bdbad9a292ed87c551cc800a
c3ea3a972768896d2a84d6eb36d3f5919478ad9c091477c22a5362eb6d53aee4
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c55902832fb84522d02ea1a60a30747403a140d8651fa748f13ba398b0c0df3a
c57e64fcb72bddafa9c38de574441c3e69ac6c961df96b0cad34da83658bd196
c99fb06b5006e35ebf8bab7b894dff62f2966e1fcfe017fb2644e0af7fbe5eb4
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cb2f02d0ab6bea09b12bdddedaf9677b4bea9e1a390fd86b9e6328a09393051b
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd3423e8038ec78a904a26d42f0e454d1feacfd472491a873f41f6e104f7dd29
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d23480eb52e494595dc495d77a7aac7d22b39f39d84b2f83e72ed3914b012da4
d3bd8154749dc0e70db8e898e6ef47e32f3d65d55947096cbd2ca4d50dd47b53
d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d
d454566fbbab8fcbc70a1c3139be25be5205712442564fe24a5e0258e3337a98
d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
dbbe588c78ffb98db87c5eb7b9248e9b1d607402b614d2d80e4fe7becf33c09e
dc93c5b3243e66c7b2e27c51b76fa6a11bd7a6d7546c5fa26bbffa001f885305
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd78479933b8a4cc0484ab876cec63c96efd77d042d7d80215cd83e363d095f8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7cf34e04e55f68fbd2ee9f6b2648fe01feffae757a1e27d6c651bf3a1a2ef60
e9b022139925d7365e69b32549e0bcea6f18f43b5983c39f4d858d3d673023bf
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
edffe3f132fa95e9e083efef21b47bf3e1bb9e544b3809ca0240ccf684e2d850
eea3d6ccda7f6503078cce9dc41176c1357af1c93a5b3625131ef7cf21c9d7c4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f181c751a918d86f11858c2f9f4f8dec570c845c8a02f81bc9ee1241655100fa
f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc
f7bb442b06bfb13ecfee3c3ec2b6b19440a33e080ca9378f8d6f161281bd01ed
f8cc26f74fecef92fefa117830f8f30af73389e86abcb75fb026f7d2a52d8f9a
f97f10d92e036abfa77d3051f903c5c494d9e6b2c1ae9ae4c8086af58dd07a1e
fafc4160788beca657ec3e3041976281fb6d54a0e82bb4d22a433f7c6bb8b1d6
fdfea52427fb822bebdd32b325768e73b40637bd203c100827d4dece88e431c3
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
ff3188f56b7523ccfed5696d67c4af1df67100e2fbd4793e6c01312b7adf5519
ff8380deeec8242b5394f3a31c65131cbc93ab61c893b70fd7193ed3dcc5da49

arcticwolf.com Open in urlscan Pro 13.224.189.102 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

224 Requests

96 %HTTPS

43 %IPv6

39 Domains

55 Subdomains

50 IPs

7 Countries

3052 kBTransfer

11020 kBSize

55 Cookies

8 Outgoing links

Redirected requests

224 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

arcticwolf.com Open in urlscan Pro
13.224.189.102 Public Scan

Screenshot
Live screenshot

Full Image

224
Requests

96 %
HTTPS

43 %
IPv6

39
Domains

55
Subdomains

50
IPs

7
Countries

3052 kB
Transfer

11020 kB
Size

55
Cookies

224 HTTP transactions
2 data transactions