www.secureworks.com Open in urlscan Pro
2620:1ec:4e:1::44 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.secureworks.com/cyber-threat-intelligence/threats/cryptolocker-ransomware
Effective URL:
https://www.secureworks.com/research/cryptolocker-ransomware
Submission: On May 26 via api (May 26th 2023, 8:29:19 am UTC) from IT — Scanned from IT

Summary HTTP 67 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 67 HTTP transactions. The main IP is 2620:1ec:4e:1::44, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.secureworks.com. The Cisco Umbrella rank of the primary domain is 743740.
TLS certificate: Issued by Thawte RSA CA 2018 on January 20th 2023. Valid for: a year.

This is the only time www.secureworks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	2620:1ec:4e:1... 2620:1ec:4e:1::44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
43	2a02:26f0:170... 2a02:26f0:1700:d::1737:6e8f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	104.102.38.132 104.102.38.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
11	2606:4700::68... 2606:4700::6812:a972	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1	2606:4700::68... 2606:4700::6812:1c26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
67	9

7 2620:1ec:4e:1::44 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.secureworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2a02:26f0:1700:d::1737:6e8f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

content.secureworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.38.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-38-132.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6812:a972 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

725-smc-563.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1c26 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	secureworks.com 1 redirects www.secureworks.com — Cisco Umbrella Rank: 743740 content.secureworks.com	2 MB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 368	164 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3129	7 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 587	308 B
1	mktoresp.com 725-smc-563.mktoresp.com	318 B
1	gstatic.com fonts.gstatic.com	17 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	97 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
67	8

	Domain	Requested by
43	content.secureworks.com	www.secureworks.com content.secureworks.com
11	cdn.cookielaw.org	www.googletagmanager.com cdn.cookielaw.org www.secureworks.com
7	www.secureworks.com	1 redirects www.secureworks.com www.googletagmanager.com
2	munchkin.marketo.net	www.secureworks.com munchkin.marketo.net
1	geolocation.onetrust.com	cdn.cookielaw.org
1	725-smc-563.mktoresp.com	munchkin.marketo.net
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagmanager.com	www.secureworks.com
1	fonts.googleapis.com	www.secureworks.com
67	9

This site contains links to these domains. Also see Links.

Domain
portal.secureworks.com
twitter.com
www.linkedin.com
www.facebook.com
blog.dynamoo.com
docs.microsoft.com
en.wikipedia.org
www.moneypak.com
miki.it
www.secureworks.co.uk
www.secureworks.com.au
pages.secureworks.com
github.com
jobs.dell.com
investors.secureworks.com
content.secureworks.com
www.onetrust.com

Subject Issuer	Validity	Valid
www.secureworks.com Thawte RSA CA 2018	`2023-01-20` - `2024-01-19`	a year	crt.sh
cert00029-azurecdn.akamaized.net R3	`2023-05-23` - `2023-08-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-02-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-05` - `2023-11-05`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.secureworks.com/research/cryptolocker-ransomware
Frame ID: E2A33FCEC70CD5ECF13E8642DDD50CD2
Requests: 67 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CryptoLocker Ransomware Threat Analysis | SecureworksBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

http://www.secureworks.com/cyber-threat-intelligence/threats/cryptolocker-ransomware HTTP 307
https://www.secureworks.com/cyber-threat-intelligence/threats/cryptolocker-ransomware HTTP 301
https://www.secureworks.com/research/cryptolocker-ransomware Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

67
Requests

100 %
HTTPS

78 %
IPv6

8
Domains

9
Subdomains

9
IPs

2
Countries

2728 kB
Transfer

4781 kB
Size

6
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://portal.secureworks.com/portal/loginIDP
Title: Login

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.secureworks.com/research/cryptolocker-ransomware&text=CryptoLocker%20Ransomware&via=Secureworks

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.secureworks.com/research/cryptolocker-ransomware&source=Secureworks

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.secureworks.com/research/cryptolocker-ransomware

Search URL Search Domain Scan URL

URL: http://blog.dynamoo.com/2013/07/jolly-works-hosting-is-it-really-jolly.html
Title: Jolly Works Hosting

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/windows/win32/seccrypto/cryptography-portal
Title: CryptoAPI

Search URL Search Domain Scan URL

URL: http://en.wikipedia.org/wiki/CashU
Title: Wikipedia entry

Search URL Search Domain Scan URL

URL: https://www.moneypak.com/AboutMoneyPak.aspx
Title: MoneyPak website

Search URL Search Domain Scan URL

URL: http://miki.it/pdf/thesis.pdf
Title: thesis

Search URL Search Domain Scan URL

URL: http://miki.it/articles/papers/#bitiodine
Title: BitIodine

Search URL Search Domain Scan URL

URL: https://www.secureworks.co.uk/
Title: United Kingdom

Search URL Search Domain Scan URL

URL: https://www.secureworks.com.au/
Title: Australia

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/windows-server/identity/software-restriction-policies/software-restriction-policies
Title: Software Restriction Policies

Search URL Search Domain Scan URL

URL: https://pages.secureworks.com/email-subscription.html?_ga=2.98586582.992821853.1618841296-805368899.1615224462
Title: SEND ME UPDATES

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/secureworks

Search URL Search Domain Scan URL

URL: https://twitter.com/secureworks

Search URL Search Domain Scan URL

URL: https://www.facebook.com/secureworks

Search URL Search Domain Scan URL

URL: https://github.com/secureworks

Search URL Search Domain Scan URL

URL: https://pages.secureworks.com/email-subscription.html
Title: Subscribe Now

Search URL Search Domain Scan URL

URL: https://jobs.dell.com/secureworks-jobs
Title: Careers

Search URL Search Domain Scan URL

URL: https://investors.secureworks.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://content.secureworks.com/-/media/Files/Corporate/modernslaverystatement_22_v2.ashx?modified=20220621140318
Title: Supply Chain Transparency

Search URL Search Domain Scan URL

URL: https://pages.secureworks.com/UnsubscribePage.html?mkt_unsubscribe=1
Title: Unsubscribe

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.secureworks.com/cyber-threat-intelligence/threats/cryptolocker-ransomware HTTP 307
https://www.secureworks.com/cyber-threat-intelligence/threats/cryptolocker-ransomware HTTP 301
https://www.secureworks.com/research/cryptolocker-ransomware Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

67 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request cryptolocker-ransomware Show response
www.secureworks.com/research/
Redirect Chain

http://www.secureworks.com/cyber-threat-intelligence/threats/cryptolocker-ransomware
https://www.secureworks.com/cyber-threat-intelligence/threats/cryptolocker-ransomware
https://www.secureworks.com/research/cryptolocker-ransomware

234 KB
240 KB

1420ms
1420ms

Document
text/html

2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ea94254246a69ed243279680012e5904d1e31410a93b6369d038f311426d793d

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; script-src 'self' 'nonce-MGI3ZmMzNzEwNzUxNDc4ZmJhZTJjY2YwMzk1YjFjNzk=' 'sha256-wY8ZJu7Uu8c5AFYGRuoE7SNBraw8IAkl5Yz+glnnte8=' 'sha256-UGfgrQ+GKJogDAQthuGt5lpepOeF3ypbYTr2PPxcBdU=' 'sha256-hUiPqjPAx0BTYk+HP/Ohq7cZFW+CFLUDreW74sIBUJk=' 'sha256-MWnKpq2mO4B+C/F7fLTeifs05WkVCc8Hkl+SzXGUmtI=' 'sha256-QiHtJSgKkeO/qh+2A9GCUt3xk8ONLQAa6uua+j+nHLg=' 'sha256-7+1sMW/o6RcIncEOmuvZbRThB6NRZLwQjvsqQAGehKA=' 'sha256-tYinntSHdpRdg0LwZuBycjWqxaMdCzBdOnOGsSZH2Ho=' 'sha256-DP0AJIADL+tS8s/bg6t7xbMHunrd17JCuOgpyNjxt/M=' 'sha256-sqwbnK0D7p9u3WG0lgAYLYmp/byKS9zlT2eFORz1SDY=' 'sha256-L436NBsgbW4nnr2zz6geY9aouLDwQiH+458+ny7TeJ8=' 'sha256-t21JzuoP0AGVdHYfaGtWzFviQ1hj34OuECR3Ur2P1Dk=' 'sha256-kmGPVWtzfwq6b9fEOy1NmWxrKyxreHZU5tKvRxQpDMA=' 'sha256-SAqGhA/G1eraYlnHKoGwPlIvGfOo45eq5hoyKq2LnUY=' 'sha256-+08d4MzO/if2DlZslM+0a0gvpYaPHK7ilzV9yUXHxRo=' 'sha256-5RKybv4IYG3Rt1CcIXoS1OAD7D0vjWLop/a6KVpWxM0=' 'sha256-N/Mk5WIdXnJRlsc5rmMcLJsovC5ozGJ5BmVdRxKOeNc=' 'sha256-XJEfHQ97N7xwKM6MQXMpabeUHxVT647JYAYwrOX6sQQ=' 'sha256-sdKFLBOaDq01ySztbW/n0JnIwsMIlCr7AaMAznJOqA0=' 'sha256-7pyFNQ34QDbIyjfqF4dboUBH/FqtGtJgw7KPgC+aKY8=' 'sha256-yYGe3YxZ1stILsg6s+TKQ7ACovlrQ/V7H5hpGiko1EI=' 'sha256-JcTUCZru8bIzmyUfGjmyP1Nwn0ccUuwLyJA5/jgV2jI=' 'sha256-zEF/ALwwDYV2nZ+rdYGh2XpjU1lbO3oZ2osZayOlmpw=' 'sha256-ErdS+5vyua60ApoR4T4MK5hMhAxO8I75iqTuR4st0lk=' 'sha256-dgOinhXczUSm4ADnOKjecy4HqoIpihiWY1xMUGi3KiE=' 'sha256-bAZaADjFxXYURQUP9Z4p4eiIim+gCGst1ZWemjLGJxo=' 'sha256-x3E2vOOOHY24kNAmZOQxorAyW5o6cX3R7J5Jg+RTqZY=' 'sha256-WJHVKi7ReHnWJF4AUmd9vWDpqeX8GVtEsyAJP01M130=' 'sha256-mvYU2m+aQi6xWWVpxauZ/UaXg+HkwxCv4r/qVBDAm3A=' 'sha256-IgMQOOOedQeMPBl7lSreMVPmJvU62bc6l8HcsGXnbWc=' 'sha256-Ov0LRI92VqZTYbOhyIvK8iFCm9rBs/HXaYLwlDMrra0=' 'sha256-HjgaVwCCuGQHih00gvN/PUGZuGwVIWd/6sThgUEi83E=' 'sha256-7oEVqsTDSU0XTGoiH3B7bXM3sMDjv58JCTndWi8pUKw=' 'sha256-ZlXTkZmAmWswFmM/VCVi0DLagBh+F9JWQiK/yRsf7yc=' 'sha256-76Yt/S5cofMdn9d5/cJOU32zSvhw1A8QJDSgL1c0YRI=' 'sha256-z4pF+zMq94+GUUF273G0WvSAL91jUazcB1NOISkNlzk=' 'sha256-4OIRiOWgv2ak/dapUtCUuoqEUnVBrH8A9LJCp3dthUw=' 'sha256-ew0tynw+zAqBiv217Nj202XmktwGvkQU7jXqQMotiHg=' 'sha256-2mFyIAC6FjDBvAg15BPawsugazV1sKm4T9x09V76BK0=' 'sha256-kxoZz5p2Ko+K+FXi8lIZc2opwhJF9WD4/wy9+dLYHzY=' 'sha256-+ThII46Fk+h63393vJ+nvAEZnTSXIwpqVJDSklAo5eM=' 'sha256-hUowsewUBuLRjFz7Z3pohTKe/pX/uO7uKD1k25qHLQY=' 'sha256-pMZUEpT65ftOEzHdiYyq/2vt545RymVHJSh5H2y5BDk=' 'sha256-nGkmLI0CpGjUy6Gg2vRE6xAh+vU4jlNVmPB+55WJmn8=' 'sha256-j6LWS7Q+Wsyd91b6000yHCoIqUaJIJQq56Lw3XQPcHA=' 'sha256-XQ6pUmmjpjpunCfT67q0ACDA7NqxLJx1iJwCFhC73wo=' 'sha256-tCniuKIyeHpfi5vxJOgLkz0eRI+cerKWFRsy5hMt5V0=' 'sha256-EZaJwK6Bh4sdKWjgv6zhJUdT2ISL4NhEQSPYf++uAeU=' 'sha256-1T7dud0UtKJZdhJcgsp1gh8MZDyA3S8DIsOpB3+co4M=' 'sha256-g6A8gRllShDRUg9hmXQZ0ZvMQ35F4jsarESQIDJtpE4=' 'sha256-y6vRm9V8P08qfB27ukHo07LF4IM00RKuKNzQBfsBlgg=' 'sha256-1GbAOPSdN7GyL999DpkIzp8XYAH1OP43heqQi7uU3FQ=' 'sha256-1p8zU6DNbl/tn8sFUoVBsvAF+dwRMDHK3WXM4vqIhDc=' 'sha256-a/dU49b8+CePl3YeekAugUB79FoCfbN22DFVyavn9pM=' 'sha256-39FcaN3WyGnHnf2UX+fHrSBSJq4KI6BETrXNemtzDa8=' 'sha256-4N1dEVT13lNPCpxXX2XuIlfUBwZp3wNLb/hBbSKGESA=' 'sha256-hNSRZgUy89mPGFidDBRWC4Ed4jKTrCtZP2zeBPNbdeI=' 'sha256-CD2LEDjz/KtOaC5rzryax+qZEQVmnKcZAQsqnSqAIXw=' 'sha256-FKJXEsmjg1Bgqi33LGcZCFxDahpEPN6prnNBVDxvfhc=' 'sha256-GNXg66Qlqpdgh9Nsv/+xAVNgfxsTWLi+TUdpxamXMuU=' 'sha256-TKtnYUWk/B6gzo2immnWBOjewDye+cXQBoAlykzhX/s=' 'sha256-BMQXzfchDpNs+zYF2cO7o9iAJtoSq+2OX45TfNM/cdA=' 'sha256-IECBAorlkKUYQadvB50kjQC3oIqb9xKfOB+cVXdarE0=' 'sha256-c+xyt9U1PbPeI7Pot035l4MckCT6qHAzxiBA5t+7KPE=' 'sha256-bZ4r9bNMpnkokR0Gwp+X+Y0qYhZKQwglL8B9TAvMsrA=' 'sha256-GNsgzTmK93RFT4ppB/KnAwm9wVkth71ceJVqrzSGC6M=' 'sha256-NMtcHh/vZkcUq5lHSUz2dzv8n1jv1SFeNewgEGvik4k=' https://code.jquery.com https://pages.secureworks.com https://js-agent.newrelic.com https://bam.nr-data.net https://content.secureworks.com https://pcdnscwx001.azureedge.net https://munchkin.marketo.net https://app-ab44.marketo.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://ajax.googleapis.com https://tagmanager.google.com https://translate.google.com https://bat.bing.com https://connect.facebook.net https://ad.atdmt.com https://static.ads-twitter.com https://analytics.twitter.com https://www.linkedin.com https://px.ads.linkedin.com https://snap.licdn.com https://sjs.bizographics.com https://.vimeo.com https://.vimeocdn.com https://j.6sc.co https://b.6sc.co https://.6sc.co https://epsilon.6sense.com https://.rlcdn.com https://gateway.zscaler.net https://geolocation.onetrust.com https://optanon.blob.core.windows.net https://cdn.cookielaw.org https://trk.techtarget.com https://api.rollbar.com https://.drift.com https://.driftt.com https://.simplecast.com https://.crazyegg.com https://script.crazyegg.com https://widgets.ziftsolutions.com https://hammock.hotprofile.biz https://transfertool.hotprofile.biz/production/ https://m-store-hammock.hot-profile.com/hot-profile/ https://wa2.hot-profile.com https://.on24.com https://.ceros.com https://app-script.monsido.com https://monsido-consent.com https://tracking.monsido.com https://.redditstatic.com https://.ensighten.com https://.ml314.com https://.choozle.com https://.bluekai.com https://cdn.bizible.com https://cdn.bizibly.com https://ws-assets.zoominfo.com https://ws.zoominfo.com https://insight.adsrvr.org https://js.adsrvr.org https://.clarity.ms https://static.ads-twitter.com https://cdn.pdst.fm https://.cloudfunctions.net https://tag.demandbase.com https://.bidr.io https://.company-target.com https://www.teads.com https://p.teads.tv https://www.facebook.com connect.facebook.net; img-src 'self' https://.vimeo.com https://.vimeocdn.com content.secureworks.com .secureworks.com id.rlcdn.com .googletagmanager.com cdn.cookielaw.org .gstatic.com optanon.blob.core.windows.net web.secureworks.com bat.bing.com .google-analytics.com j.6sc.co b.6sc.co c.6sc.co epsilon.6sense.com www.google.com attr.ml-api.io s.ml-attr.com www.google.com.ua secure.adnxs.com apt.techtarget.com id.rlcdn.com px.ads.linkedin.com .adslinkedin.com p.adsymptotic.com www.linkedin.com static.ziftsolutions.com .crazyegg.com .redditstatic.com alb.reddit.com .ensighten.com ml314.com .choozle.com .bluekai.com cdn.bizible.com cdn.bizibly.com tracking.monsido.com .clarity.ms analytics.twitter.com t.co .bidr.io .company-target.com www.facebook.com t.teads.tv https://ssl.gstatic.com .secureworks.com https://www.gstatic.com blob: data:; frame-ancestors 'self' .folloze.com *.secureworks.com; worker-src 'self' blob: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

cache-control: no-cache, no-store
content-length: 239679
content-security-policy: object-src 'none'; script-src 'self' 'nonce-MGI3ZmMzNzEwNzUxNDc4ZmJhZTJjY2YwMzk1YjFjNzk=' 'sha256-wY8ZJu7Uu8c5AFYGRuoE7SNBraw8IAkl5Yz+glnnte8=' 'sha256-UGfgrQ+GKJogDAQthuGt5lpepOeF3ypbYTr2PPxcBdU=' 'sha256-hUiPqjPAx0BTYk+HP/Ohq7cZFW+CFLUDreW74sIBUJk=' 'sha256-MWnKpq2mO4B+C/F7fLTeifs05WkVCc8Hkl+SzXGUmtI=' 'sha256-QiHtJSgKkeO/qh+2A9GCUt3xk8ONLQAa6uua+j+nHLg=' 'sha256-7+1sMW/o6RcIncEOmuvZbRThB6NRZLwQjvsqQAGehKA=' 'sha256-tYinntSHdpRdg0LwZuBycjWqxaMdCzBdOnOGsSZH2Ho=' 'sha256-DP0AJIADL+tS8s/bg6t7xbMHunrd17JCuOgpyNjxt/M=' 'sha256-sqwbnK0D7p9u3WG0lgAYLYmp/byKS9zlT2eFORz1SDY=' 'sha256-L436NBsgbW4nnr2zz6geY9aouLDwQiH+458+ny7TeJ8=' 'sha256-t21JzuoP0AGVdHYfaGtWzFviQ1hj34OuECR3Ur2P1Dk=' 'sha256-kmGPVWtzfwq6b9fEOy1NmWxrKyxreHZU5tKvRxQpDMA=' 'sha256-SAqGhA/G1eraYlnHKoGwPlIvGfOo45eq5hoyKq2LnUY=' 'sha256-+08d4MzO/if2DlZslM+0a0gvpYaPHK7ilzV9yUXHxRo=' 'sha256-5RKybv4IYG3Rt1CcIXoS1OAD7D0vjWLop/a6KVpWxM0=' 'sha256-N/Mk5WIdXnJRlsc5rmMcLJsovC5ozGJ5BmVdRxKOeNc=' 'sha256-XJEfHQ97N7xwKM6MQXMpabeUHxVT647JYAYwrOX6sQQ=' 'sha256-sdKFLBOaDq01ySztbW/n0JnIwsMIlCr7AaMAznJOqA0=' 'sha256-7pyFNQ34QDbIyjfqF4dboUBH/FqtGtJgw7KPgC+aKY8=' 'sha256-yYGe3YxZ1stILsg6s+TKQ7ACovlrQ/V7H5hpGiko1EI=' 'sha256-JcTUCZru8bIzmyUfGjmyP1Nwn0ccUuwLyJA5/jgV2jI=' 'sha256-zEF/ALwwDYV2nZ+rdYGh2XpjU1lbO3oZ2osZayOlmpw=' 'sha256-ErdS+5vyua60ApoR4T4MK5hMhAxO8I75iqTuR4st0lk=' 'sha256-dgOinhXczUSm4ADnOKjecy4HqoIpihiWY1xMUGi3KiE=' 'sha256-bAZaADjFxXYURQUP9Z4p4eiIim+gCGst1ZWemjLGJxo=' 'sha256-x3E2vOOOHY24kNAmZOQxorAyW5o6cX3R7J5Jg+RTqZY=' 'sha256-WJHVKi7ReHnWJF4AUmd9vWDpqeX8GVtEsyAJP01M130=' 'sha256-mvYU2m+aQi6xWWVpxauZ/UaXg+HkwxCv4r/qVBDAm3A=' 'sha256-IgMQOOOedQeMPBl7lSreMVPmJvU62bc6l8HcsGXnbWc=' 'sha256-Ov0LRI92VqZTYbOhyIvK8iFCm9rBs/HXaYLwlDMrra0=' 'sha256-HjgaVwCCuGQHih00gvN/PUGZuGwVIWd/6sThgUEi83E=' 'sha256-7oEVqsTDSU0XTGoiH3B7bXM3sMDjv58JCTndWi8pUKw=' 'sha256-ZlXTkZmAmWswFmM/VCVi0DLagBh+F9JWQiK/yRsf7yc=' 'sha256-76Yt/S5cofMdn9d5/cJOU32zSvhw1A8QJDSgL1c0YRI=' 'sha256-z4pF+zMq94+GUUF273G0WvSAL91jUazcB1NOISkNlzk=' 'sha256-4OIRiOWgv2ak/dapUtCUuoqEUnVBrH8A9LJCp3dthUw=' 'sha256-ew0tynw+zAqBiv217Nj202XmktwGvkQU7jXqQMotiHg=' 'sha256-2mFyIAC6FjDBvAg15BPawsugazV1sKm4T9x09V76BK0=' 'sha256-kxoZz5p2Ko+K+FXi8lIZc2opwhJF9WD4/wy9+dLYHzY=' 'sha256-+ThII46Fk+h63393vJ+nvAEZnTSXIwpqVJDSklAo5eM=' 'sha256-hUowsewUBuLRjFz7Z3pohTKe/pX/uO7uKD1k25qHLQY=' 'sha256-pMZUEpT65ftOEzHdiYyq/2vt545RymVHJSh5H2y5BDk=' 'sha256-nGkmLI0CpGjUy6Gg2vRE6xAh+vU4jlNVmPB+55WJmn8=' 'sha256-j6LWS7Q+Wsyd91b6000yHCoIqUaJIJQq56Lw3XQPcHA=' 'sha256-XQ6pUmmjpjpunCfT67q0ACDA7NqxLJx1iJwCFhC73wo=' 'sha256-tCniuKIyeHpfi5vxJOgLkz0eRI+cerKWFRsy5hMt5V0=' 'sha256-EZaJwK6Bh4sdKWjgv6zhJUdT2ISL4NhEQSPYf++uAeU=' 'sha256-1T7dud0UtKJZdhJcgsp1gh8MZDyA3S8DIsOpB3+co4M=' 'sha256-g6A8gRllShDRUg9hmXQZ0ZvMQ35F4jsarESQIDJtpE4=' 'sha256-y6vRm9V8P08qfB27ukHo07LF4IM00RKuKNzQBfsBlgg=' 'sha256-1GbAOPSdN7GyL999DpkIzp8XYAH1OP43heqQi7uU3FQ=' 'sha256-1p8zU6DNbl/tn8sFUoVBsvAF+dwRMDHK3WXM4vqIhDc=' 'sha256-a/dU49b8+CePl3YeekAugUB79FoCfbN22DFVyavn9pM=' 'sha256-39FcaN3WyGnHnf2UX+fHrSBSJq4KI6BETrXNemtzDa8=' 'sha256-4N1dEVT13lNPCpxXX2XuIlfUBwZp3wNLb/hBbSKGESA=' 'sha256-hNSRZgUy89mPGFidDBRWC4Ed4jKTrCtZP2zeBPNbdeI=' 'sha256-CD2LEDjz/KtOaC5rzryax+qZEQVmnKcZAQsqnSqAIXw=' 'sha256-FKJXEsmjg1Bgqi33LGcZCFxDahpEPN6prnNBVDxvfhc=' 'sha256-GNXg66Qlqpdgh9Nsv/+xAVNgfxsTWLi+TUdpxamXMuU=' 'sha256-TKtnYUWk/B6gzo2immnWBOjewDye+cXQBoAlykzhX/s=' 'sha256-BMQXzfchDpNs+zYF2cO7o9iAJtoSq+2OX45TfNM/cdA=' 'sha256-IECBAorlkKUYQadvB50kjQC3oIqb9xKfOB+cVXdarE0=' 'sha256-c+xyt9U1PbPeI7Pot035l4MckCT6qHAzxiBA5t+7KPE=' 'sha256-bZ4r9bNMpnkokR0Gwp+X+Y0qYhZKQwglL8B9TAvMsrA=' 'sha256-GNsgzTmK93RFT4ppB/KnAwm9wVkth71ceJVqrzSGC6M=' 'sha256-NMtcHh/vZkcUq5lHSUz2dzv8n1jv1SFeNewgEGvik4k=' https://code.jquery.com https://pages.secureworks.com https://js-agent.newrelic.com https://bam.nr-data.net https://content.secureworks.com https://pcdnscwx001.azureedge.net https://munchkin.marketo.net https://app-ab44.marketo.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://ajax.googleapis.com https://tagmanager.google.com https://translate.google.com https://bat.bing.com https://connect.facebook.net https://ad.atdmt.com https://static.ads-twitter.com https://analytics.twitter.com https://www.linkedin.com https://px.ads.linkedin.com https://snap.licdn.com https://sjs.bizographics.com https://*.vimeo.com https://*.vimeocdn.com https://j.6sc.co https://b.6sc.co https://*.6sc.co https://epsilon.6sense.com https://*.rlcdn.com https://gateway.zscaler.net https://geolocation.onetrust.com https://optanon.blob.core.windows.net https://cdn.cookielaw.org https://trk.techtarget.com https://api.rollbar.com https://*.drift.com https://*.driftt.com https://*.simplecast.com https://*.crazyegg.com https://script.crazyegg.com https://widgets.ziftsolutions.com https://hammock.hotprofile.biz https://transfertool.hotprofile.biz/production/ https://m-store-hammock.hot-profile.com/hot-profile/ https://wa2.hot-profile.com https://*.on24.com https://*.ceros.com https://app-script.monsido.com https://monsido-consent.com https://tracking.monsido.com https://*.redditstatic.com https://*.ensighten.com https://*.ml314.com https://*.choozle.com https://*.bluekai.com https://cdn.bizible.com https://cdn.bizibly.com https://ws-assets.zoominfo.com https://ws.zoominfo.com https://insight.adsrvr.org https://js.adsrvr.org https://*.clarity.ms https://static.ads-twitter.com https://cdn.pdst.fm https://*.cloudfunctions.net https://tag.demandbase.com https://*.bidr.io https://*.company-target.com https://www.teads.com https://p.teads.tv https://www.facebook.com connect.facebook.net; img-src 'self' https://*.vimeo.com https://*.vimeocdn.com content.secureworks.com *.secureworks.com id.rlcdn.com *.googletagmanager.com cdn.cookielaw.org *.gstatic.com optanon.blob.core.windows.net web.secureworks.com bat.bing.com *.google-analytics.com j.6sc.co b.6sc.co c.6sc.co epsilon.6sense.com www.google.com attr.ml-api.io s.ml-attr.com www.google.com.ua secure.adnxs.com apt.techtarget.com id.rlcdn.com px.ads.linkedin.com *.adslinkedin.com p.adsymptotic.com www.linkedin.com static.ziftsolutions.com *.crazyegg.com *.redditstatic.com alb.reddit.com *.ensighten.com ml314.com *.choozle.com *.bluekai.com cdn.bizible.com cdn.bizibly.com tracking.monsido.com *.clarity.ms analytics.twitter.com t.co *.bidr.io *.company-target.com www.facebook.com t.teads.tv https://ssl.gstatic.com *.secureworks.com https://www.gstatic.com blob: data:; frame-ancestors 'self' *.folloze.com *.secureworks.com; worker-src 'self' blob: data:;
content-type: text/html; charset=utf-8
date: Fri, 26 May 2023 08:29:12 GMT
expires: -1
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-azure-ref: 0121wZAAAAAAkbthVYLAlT6NFXVu0VqX2RlJBMzFFREdFMDQyMgAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
x-azure-ref-originshield: 0121wZAAAAAAIROhqSIs6S7Ftxa6fd1ZdRlJBMjMxMDUwNDE3MDM5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
x-cache: PRIVATE_NOSTORE
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

Redirect headers

content-length: 150
content-type: text/html; charset=utf-8
date: Fri, 26 May 2023 08:29:11 GMT
location: /research/cryptolocker-ransomware
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-azure-ref: 01m1wZAAAAABDlwcGg2ZsRokEJF8tdDo8RlJBMzFFREdFMDQyMgAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
x-azure-ref-originshield: 01m1wZAAAAADybDbmTOHfTqXeCFyBvMDQRlJBMjMxMDUwNDE4MDA5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
x-cache: TCP_MISS
x-content-type-options: nosniff

GET
H2 200 html5reset-1.6.1.css
content.secureworks.com/content/app/css/ 1 KB
1023 B 356ms
31ms Stylesheet
text/css 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/app/css/html5reset-1.6.1.css?v=02-24-2023

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

db61679243f9f3b5a03de90b1ad228130ad3e87b79b9d153ce1ca6afbdf9a2b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/research/cryptolocker-ransomware
Origin: https://www.secureworks.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:38 GMT
x-azure-ref-originshield: 0r/5hZAAAAACOvpSGS6fjSIVO+4cpN8qjRlJBMjMxMDUwNDE4MDExADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
date: Fri, 26 May 2023 08:29:13 GMT
etag: "24ef2bc9da47d91:0"
x-azure-ref: 0r/5hZAAAAAAKTxmrpE/fS5m6se23FTpURlJBMzFFREdFMDkxNwAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=1645989
accept-ranges: bytes
content-length: 573

GET
H2 200 western-typographies.css
content.secureworks.com/content/app/css/ 2 KB
832 B 358ms
33ms Stylesheet
text/css 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/app/css/western-typographies.css?v=02-24-2023

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

fa85f97108080f24b26ca0450d471edf522d233337c1b73e41ab4a27d19ac94f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/research/cryptolocker-ransomware
Origin: https://www.secureworks.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 May 2023 08:29:13 GMT
x-azure-ref-originshield: 0cfT3YwAAAABOtcd/mBZdSpIr6lmIsREjRlJBMjMxMDUwNDE4MDUxADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
content-length: 365
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:38 GMT
server: Microsoft-IIS/10.0
etag: "5c8b48c9da47d91:0"
x-azure-ref: 0cfT3YwAAAAAVWJWkVR0QRLVG8w/j2a+7RlJBMzFFREdFMDMxMgAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=1362971
accept-ranges: bytes

GET
H2 200 main.css
content.secureworks.com/content/app/css/ 585 KB
83 KB 363ms
38ms Stylesheet
text/css 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/app/css/main.css?v=02-24-2023

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

deda0ecf832039099d8f8128be2c332dd0a6b86699f74eefaec26df8f8572f5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/research/cryptolocker-ransomware
Origin: https://www.secureworks.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:38 GMT
x-azure-ref-originshield: 0qQEbZAAAAAABx2699XGSTYIsP37H5nFIRlJBMjMxMDUwNDE4MDMzADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
date: Fri, 26 May 2023 08:29:13 GMT
etag: "623d3ac9da47d91:0"
x-azure-ref: 0gZAbZAAAAAD6GrvrVnIqQJEIaLgNJpiLRlJBMzFFREdFMDMxMQAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=1743655
accept-ranges: bytes
content-length: 84253

GET
H2 200 jquery-3.6.0.min.js Show response
content.secureworks.com/content/app/js/ 87 KB
31 KB 358ms
34ms Script
application/javascript 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/app/js/jquery-3.6.0.min.js?v=02-24-2023

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/research/cryptolocker-ransomware
Origin: https://www.secureworks.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 May 2023 08:29:13 GMT
x-azure-ref-originshield: 0cfT3YwAAAAA4kys3UmWpRpPGulYr4KoURlJBMjMxMDUwNDE3MDUzADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
content-length: 30954
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:33 GMT
server: Microsoft-IIS/10.0
etag: "d96adfc5da47d91:0"
x-azure-ref: 0cfT3YwAAAACCZ2lkLtSFT702a9LkNwtSRlJBMzFFREdFMDkxMgAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1140240
accept-ranges: bytes

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 111ms
50ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Saira+Condensed:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b817ddec3728ea011d21f345670ed6c213d08a71a15ade591680bfaba85960e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 May 2023 08:29:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 May 2023 08:29:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 May 2023 08:29:13 GMT

GET
H2 200 img001.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/000%20cryptolocker%20ransomware/ 24 KB
24 KB 268ms
172ms Image
image/png 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/000%20cryptolocker%20ransomware/img001.ashx?la=en&modified=20160216142923&hash=D915D9AA43C064CEDD85BB5C614AFBAB

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7e412c953172eedfcddef77c579de18b572856a33018a79f845c15d256b167e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 May 2023 08:29:13 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Feb 2016 14:29:23 GMT
x-azure-ref-originshield: 0ZtpoZAAAAAAFYbOtkAgzT4vGOxmob1foRlJBMjMxMDUwNDE3MDA5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: 96f633643acd4c48827ef9fb0c58a20b
x-azure-ref: 02W1wZAAAAAB+Uc9sxOzcSK1d2eBzfPUIRlJBMzFFREdFMDMxNAAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=2592000
content-disposition: inline; filename="img001.png"
accept-ranges: bytes
content-length: 24431
expires: Sun, 25 Jun 2023 08:29:13 GMT

GET
H2 200 img002.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/000%20cryptolocker%20ransomware/ 5 KB
5 KB 657ms
561ms Image
image/png 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/000%20cryptolocker%20ransomware/img002.ashx?la=en&modified=20160216142907&hash=C833B449B0197A55229B995A4B35FE3F

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

96e69ee14275243615d617108157e71b75f550c9f644430ec6ab36e6e589f487

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 May 2023 08:29:14 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Feb 2016 14:29:07 GMT
x-azure-ref-originshield: 02m1wZAAAAACs48GcERbaT5yrcGaC/MCIRlJBMjMxMDUwNDE3MDI5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: eb73ad712cbb409e9619f7825ae4ab2d
x-azure-ref: 02m1wZAAAAAAgLZS1ietlS5ASHeLwGr/YRlJBMzFFREdFMDQwNwAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=2592000
content-disposition: inline; filename="img002.png"
accept-ranges: bytes
content-length: 5009
expires: Sun, 25 Jun 2023 08:29:14 GMT

GET
H2 200 img003.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/000%20cryptolocker%20ransomware/ 2 KB
3 KB 271ms
175ms Image
image/png 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/000%20cryptolocker%20ransomware/img003.ashx?la=en&modified=20160216142937&hash=62B486D099E00A4442CE0A096E7215B9

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

db982215dc9857a5cf2123d944a148a8bd7f9ec1f8bf9052075869e63697ea8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 May 2023 08:29:13 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Feb 2016 14:29:37 GMT
x-azure-ref-originshield: 0FnlrZAAAAADnC4C2EUsGTZfbWHQ/FxivRlJBMjMxMDUwNDE4MDI1ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: e353cb81b8564626ae4edef176841286
x-azure-ref: 02W1wZAAAAAAsRPrKyxheTYZdslV+J0OCRlJBMzFFREdFMDkxOAAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=2591956
content-disposition: inline; filename="img003.png"
accept-ranges: bytes
content-length: 2191
expires: Sun, 25 Jun 2023 08:28:29 GMT

GET
H2 200 img004.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/000%20cryptolocker%20ransomware/ 120 KB
121 KB 1664ms
1568ms Image
image/png 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/000%20cryptolocker%20ransomware/img004.ashx?la=en&modified=20160216142956&hash=5D38AA863EE4D1051BE01F0CEF6BC725

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ddbe4971cd5e256472a2547a0c469323f5238387bba35345e8d71b48ee6f86af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 May 2023 08:29:15 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Feb 2016 14:29:56 GMT
etag: 34be74e6ab8146059cd91580c2586ea7
x-azure-ref: 20230526T082914Z-pnqe7u584h3u79518saxfuzz10000000073000000000t8sh
content-type: image/png
cache-control: public, max-age=2591943
content-disposition: inline; filename="img004.png"
accept-ranges: bytes
content-length: 123259
expires: Sun, 25 Jun 2023 08:28:18 GMT

GET
H2 200 img005.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/000%20cryptolocker%20ransomware/ 115 KB
116 KB 886ms
791ms Image
image/png 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/000%20cryptolocker%20ransomware/img005.ashx?la=en&modified=20160216143016&hash=1D02EBE545901F59B66983784488D3E0

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b7b666baaa535231a25eb6b9ba61df1c041dd6017a6bc1a5d6d06cba4df3b12f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 May 2023 08:29:14 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Feb 2016 14:30:16 GMT
x-azure-ref-originshield: 0ZtpoZAAAAAAnMY3gdNgKQItEI3rCKqW8RlJBMjMxMDUwNDE3MDE3ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: 4336b36fb7264cbda8a54a7453f23fda
x-azure-ref: 02m1wZAAAAABddV6GVaaSRYnNvWZkVj5eRlJBMzFFREdFMDMxNQAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=2591951
content-disposition: inline; filename="img005.png"
accept-ranges: bytes
content-length: 117974
expires: Sun, 25 Jun 2023 08:28:25 GMT

GET
H2 200 img006.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/000%20cryptolocker%20ransomware/ 118 KB
118 KB 689ms
593ms Image
image/png 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/000%20cryptolocker%20ransomware/img006.ashx?la=en&modified=20160216143035&hash=0A4F07F2085AD92B56D6EA37D360449B

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

316df25690cbd0b839b3e7f9d56351489d2470f279c8734769117f144375d50b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 May 2023 08:29:14 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Feb 2016 14:30:35 GMT
x-azure-ref-originshield: 0ZtpoZAAAAABGNXin7TMHSLA/YCWvoqe8RlJBMjMxMDUwNDE3MDM5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: 1329e2f1f3934e6fb7a3285c5b97e789
x-azure-ref: 02m1wZAAAAADtB9EV6Yb+S6XivfBargZlRlJBMzFFREdFMDMxOQAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=2592000
content-disposition: inline; filename="img006.png"
accept-ranges: bytes
content-length: 120435
expires: Sun, 25 Jun 2023 08:29:14 GMT

GET
H2 200 img007.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/000%20cryptolocker%20ransomware/ 116 KB
117 KB 1913ms
1818ms Image
image/png 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/000%20cryptolocker%20ransomware/img007.ashx?la=en&modified=20160216143059&hash=53737593E75926008906BD092B6BC112

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

57dfb90294167b847e4568c03bb120f061a883d4d07b9cd1bd0bc09b07553f39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 May 2023 08:29:15 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Feb 2016 14:30:59 GMT
x-azure-ref-originshield: 02m1wZAAAAAANTXuyiG1LQoCrMXsx0ZwzRlJBMjMxMDUwNDE3MDI5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: ad38809461c146c99ea495aa34490a8d
x-azure-ref: 02m1wZAAAAAAeOj86pghKSZaurgWsvlTYRlJBMzFFREdFMDMxNgAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=2591967
content-disposition: inline; filename="img007.png"
accept-ranges: bytes
content-length: 119151
expires: Sun, 25 Jun 2023 08:28:42 GMT

GET
H2 200 img008.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/000%20cryptolocker%20ransomware/ 116 KB
116 KB 240ms
145ms Image
image/png 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/000%20cryptolocker%20ransomware/img008.ashx?la=en&modified=20160216143120&hash=4416E400427C4508AE0B094452228CD0

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

444302d06daf859b05d7c69a39336d96aa461b8dc4941b83f0eaa1bc5106fe32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 May 2023 08:29:13 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Feb 2016 14:31:20 GMT
x-azure-ref-originshield: 0FnlrZAAAAADppzdMWGH1RqmLDejcEjcWRlJBMjMxMDUwNDE4MDE3ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: 40b90dc29234491691e40273d82fb0f7
x-azure-ref: 02W1wZAAAAAAwlcxdAFU0R7Xs4tWKBQIoRlJBMzFFREdFMDkxMgAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=2591951
content-disposition: inline; filename="img008.png"
accept-ranges: bytes
content-length: 118533
expires: Sun, 25 Jun 2023 08:28:24 GMT

GET
H2 200 img009.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/000%20cryptolocker%20ransomware/ 122 KB
123 KB 1282ms
1186ms Image
image/png 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/000%20cryptolocker%20ransomware/img009.ashx?la=en&modified=20160216143141&hash=D4546CC56762A43898CFF9D537211E8F

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

95d8a59b90b224d810da25849d3fb1fe3292c5bc5a3241dd1567587b3ee02f54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 May 2023 08:29:14 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Feb 2016 14:31:41 GMT
x-azure-ref-originshield: 02W1wZAAAAAAtnRtpOpyiS7CwU4Shac53RlJBMjMxMDUwNDE3MDQ5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: 4db419dd34a4481ead740c36da5db759
x-azure-ref: 02W1wZAAAAABsurPIZAadTKKzAH6hDcTSRlJBMzFFREdFMDkxNgAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=2591992
content-disposition: inline; filename="img009.png"
accept-ranges: bytes
content-length: 125017
expires: Sun, 25 Jun 2023 08:29:06 GMT

GET
H2 200 img010.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/000%20cryptolocker%20ransomware/ 14 KB
14 KB 976ms
880ms Image
image/png 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/000%20cryptolocker%20ransomware/img010.ashx?la=en&modified=20160216143156&hash=EC4F83B00E6CEF8D26677F10065E9CCC

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c63dc4055c04564b4fbcb05ba82ff62271a69feada8ec3fcc2959403c1b2d4e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 May 2023 08:29:14 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Feb 2016 14:31:56 GMT
x-azure-ref-originshield: 02W1wZAAAAACmWRrPrubDQ7V2R28Ye4wzRlJBMjMxMDUwNDE4MDIzADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: 3c0b54f359384910b48f58a8b4cf17b7
x-azure-ref: 02W1wZAAAAAAN7ohHbxmRRJ072VFwJIXuRlJBMzFFREdFMDQyMQAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=2591943
content-disposition: inline; filename="img010.png"
accept-ranges: bytes
content-length: 14319
expires: Sun, 25 Jun 2023 08:28:17 GMT

GET
H2 200 img011.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/000%20cryptolocker%20ransomware/ 23 KB
23 KB 956ms
861ms Image
image/png 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/000%20cryptolocker%20ransomware/img011.ashx?la=en&modified=20160216143211&hash=004DEE9A338F628FA60772C95D3157BE

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

eaeebdaf32731f88a96edcbd057001832dba6a524c41f90b61a264d6529d2b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 May 2023 08:29:14 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Feb 2016 14:32:11 GMT
x-azure-ref-originshield: 02W1wZAAAAADztxyuMz7OSaNaNfxSPwzXRlJBMjMxMDUwNDE4MDA5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: 37442f675f8d404794dd403bccbfa242
x-azure-ref: 02W1wZAAAAAB+hr2ih0mUT5v0pWrhKCkvRlJBMzFFREdFMDQxNgAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=2591972
content-disposition: inline; filename="img011.png"
accept-ranges: bytes
content-length: 23212
expires: Sun, 25 Jun 2023 08:28:46 GMT

GET
H2 200 img012.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/000%20cryptolocker%20ransomware/ 27 KB
28 KB 1007ms
912ms Image
image/png 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/000%20cryptolocker%20ransomware/img012.ashx?la=en&modified=20160216143226&hash=6D19AACFB9E65F7F7E02AAAC4D0F3768

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

397fb53917784ee6ebd48a9b8a72205f094121f9f5fd63c62863345194fa6e4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 May 2023 08:29:14 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Feb 2016 14:32:26 GMT
x-azure-ref-originshield: 02W1wZAAAAABN46QeQ/7HQbxyD8f93poURlJBMjMxMDUwNDE4MDMxADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: 6b711ec4a8534d4ca0a65fa66e002520
x-azure-ref: 02W1wZAAAAADm+ScqnY8ySY4H1oY6WbNaRlJBMzFFREdFMDQyMAAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=2591980
content-disposition: inline; filename="img012.png"
accept-ranges: bytes
content-length: 27933
expires: Sun, 25 Jun 2023 08:28:54 GMT

GET
H2 200 img013.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/000%20cryptolocker%20ransomware/ 12 KB
12 KB 386ms
291ms Image
image/png 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/000%20cryptolocker%20ransomware/img013.ashx?la=en&modified=20160216143241&hash=6799114528D234C12E6D2D5A24B4B014

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ced29ab2d3e3e9372e7b2eb542e1a61d0b676c531045ab2b59780c6326321ca7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 May 2023 08:29:13 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Feb 2016 14:32:41 GMT
x-azure-ref-originshield: 0p7JtZAAAAADxNNDqxM9zQL9gYgrRjLX4RlJBMjMxMDUwNDE3MDUxADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: ac215f0d28424d779056143dea975908
x-azure-ref: 02W1wZAAAAACy2JccPlO0S5+8JnB6Ko/VRlJBMzFFREdFMDQyMgAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=2591984
content-disposition: inline; filename="img013.png"
accept-ranges: bytes
content-length: 12033
expires: Sun, 25 Jun 2023 08:28:57 GMT

GET
H2 200 img014.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/000%20cryptolocker%20ransomware/ 28 KB
28 KB 976ms
882ms Image
image/png 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/000%20cryptolocker%20ransomware/img014.ashx?la=en&modified=20160216143258&hash=E59B62CC568ED01C2D8A351608BD7505

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c162b1c44f74acb328515220cc73efa1fff02ef4de10b5aaffabbff0dfc18980

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 May 2023 08:29:14 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Feb 2016 14:32:58 GMT
x-azure-ref-originshield: 02W1wZAAAAAA7SAT7RPb8SoZfb0w148yDRlJBMjMxMDUwNDE4MDUzADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: 41d74083cddb467ca632e1c5f43054e8
x-azure-ref: 02W1wZAAAAABss0gnmekiTLwgdsLSj34LRlJBMzFFREdFMDQxNAAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=2592000
content-disposition: inline; filename="img014.png"
accept-ranges: bytes
content-length: 28332
expires: Sun, 25 Jun 2023 08:29:14 GMT

GET
H2 200 img015.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/000%20cryptolocker%20ransomware/ 27 KB
28 KB 634ms
539ms Image
image/png 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/000%20cryptolocker%20ransomware/img015.ashx?la=en&modified=20160216143314&hash=9EAEE21FF145B9DE4B83473E262C0C4B

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

52ac7ab6126b877846971bb6637dabe137c162f50cc7318c5c89c2432cacaebe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 May 2023 08:29:14 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Feb 2016 14:33:14 GMT
x-azure-ref-originshield: 07yxmZAAAAABm3qLR43gwTp4kqAN7GmAaRlJBMjMxMDUwNDE4MDQ5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: f415933a81244ec2b7e26aac929ae83e
x-azure-ref: 02m1wZAAAAACzRdK3SUYURZ4mERyrqzAdRlJBMzFFREdFMDMxNAAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=2592000
content-disposition: inline; filename="img015.png"
accept-ranges: bytes
content-length: 28010
expires: Sun, 25 Jun 2023 08:29:14 GMT

GET
H2 200 002-background-treated_360x190.ashx
content.secureworks.com/-/media/Images/Insights/2022/abstract%20approved/002-purple-black-faded-screen/ 30 KB
30 KB 163ms
69ms Image
image/png 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/2022/abstract%20approved/002-purple-black-faded-screen/002-background-treated_360x190.ashx?modified=20220621213741

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

d06f16436de248c88426110742cf0fa0e9fe7a2707399ecb2f27b3425a6b6162

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 May 2023 08:29:13 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Jun 2022 21:37:41 GMT
x-azure-ref-originshield: 0TUM1ZAAAAAC/+9coE/8aR6CEssAmS6qZRlJBMjMxMDUwNDE4MDQ5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
server: Microsoft-IIS/10.0
etag: 02b515b1c4464caaa68045744107a917
x-azure-ref: 07rw3ZAAAAAAwhW3pKxdeR4kC2IzLCy8RRlJBMzFFREdFMDMxOAAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=1066450
content-disposition: inline; filename="002-background-treated_360x190.png"
accept-ranges: bytes
content-length: 30267
expires: Wed, 07 Jun 2023 16:43:23 GMT

GET
H2 200 blog-right-sidebar-ad.ashx
content.secureworks.com/-/media/Images/Insights/Blog/2022%20right%20sidebar%20ads/ 21 KB
21 KB 156ms
62ms Image
image/png 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Blog/2022%20right%20sidebar%20ads/blog-right-sidebar-ad.ashx?modified=20221102152447

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

62e55cc7119c6aae1e7aaac1870c9796ccc25fccdd4937f126f6114e66fd3b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 May 2023 08:29:13 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 02 Nov 2022 15:24:47 GMT
etag: 9a6cd664e4ae440c96fa0d2bacbcb2db
x-azure-ref: 20230517T140316Z-v6x3z8va4h0pmcv2pbd7z9n2d800000000g0000000010dq1
content-type: image/png
cache-control: public, max-age=1834275
content-disposition: inline; filename="blog-right-sidebar-ad.png"
accept-ranges: bytes
content-length: 21359
expires: Fri, 16 Jun 2023 14:00:28 GMT

GET
H2 200 state-of-the-threat-2022_500x300.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Reports/state%20of%20the%20threat%202022/ 156 KB
157 KB 165ms
71ms Image
image/png 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Reports/state%20of%20the%20threat%202022/state-of-the-threat-2022_500x300.ashx?modified=20220930143542

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

baa55d1d4627050073e047eb2f9dbe86720736f51f37a116602e5705c3966b33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 May 2023 08:29:13 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 30 Sep 2022 14:35:42 GMT
x-azure-ref-originshield: 0CV1bZAAAAAA5cKi+q0FaS4ORh5H1oNIBRlJBMjMxMDUwNDE4MDQ1ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: dca4e3938b8e4a69a36ea6fa76e12158
x-azure-ref: 0e65bZAAAAADn7RR86NmHTZNrFyXifQO0RlJBMzFFREdFMDMwNwAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=1232276
content-disposition: inline; filename="state-of-the-threat-2022_500x300.png"
accept-ranges: bytes
content-length: 160244
expires: Fri, 09 Jun 2023 14:47:09 GMT

GET
H2 200 human_0010_taking-notes_360x190.ashx
content.secureworks.com/-/media/Images/Insights/2019/human_0010_taking-notes/ 33 KB
33 KB 238ms
144ms Image
image/png 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/2019/human_0010_taking-notes/human_0010_taking-notes_360x190.ashx?modified=20190219165722

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9c6da1b506d37a9065ddd8efb0a6f5c2e7fc25b5d8c5a27ff8a714f82ee6ca89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 May 2023 08:29:13 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Feb 2019 16:57:22 GMT
x-azure-ref-originshield: 0T3dkZAAAAAB1M95enEcaTLe4nb8cR6DvRlJBMjMxMDUwNDE3MDMzADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: b869cb3b18e94e8dad4369e9b966623f
x-azure-ref: 0sV9sZAAAAAB5yLlp5dS2SaYBs+dH2huARlJBMzFFREdFMDQwNwAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=2326130
content-disposition: inline; filename="human_0010_taking-notes_360x190.png"
accept-ranges: bytes
content-length: 33438
expires: Thu, 22 Jun 2023 06:38:03 GMT

GET
H2 200 0005_human_man-laptop-car_360x190.ashx
content.secureworks.com/-/media/Images/Insights/2020/lifestyle-0005_man-laptop-car/ 10 KB
10 KB 238ms
144ms Image
image/jpeg 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/2020/lifestyle-0005_man-laptop-car/0005_human_man-laptop-car_360x190.ashx?modified=20191220134740

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

37ae7d5c59b40e1e1e0ca3466ce5636f5e416fc226b45136f2548557c6ee5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 May 2023 08:29:13 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 20 Dec 2019 13:47:40 GMT
etag: 1363494125be4f98974784681b82997b
x-azure-ref: 20230517T130223Z-w5eg6wrfch1mda644a40ff53tw00000000f000000001rhnb
content-type: image/jpeg
cache-control: public, max-age=1830777
content-disposition: inline; filename="0005_human_man-laptop-car_360x190.jpg"
accept-ranges: bytes
content-length: 9833
expires: Fri, 16 Jun 2023 13:02:10 GMT

GET
H2 200 abstracts_0047_dotted_blue_column_cylinder_360x190.ashx
content.secureworks.com/-/media/Images/Insights/Abstracts/0047%20dotted%20blue%20column%20cylinder/ 16 KB
16 KB 238ms
145ms Image
image/jpeg 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Abstracts/0047%20dotted%20blue%20column%20cylinder/abstracts_0047_dotted_blue_column_cylinder_360x190.ashx?modified=20161003143018

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

33f6054e84d435235a017b3042942bf2f448ab89b568f66a721e9680ea8cc4f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 May 2023 08:29:13 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 Oct 2016 14:30:18 GMT
x-azure-ref-originshield: 02sVvZAAAAABbha7Fw83pQJpoKSl22OrQRlJBMjMxMDUwNDE3MDA5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: 08c193300a8341959dfb49c3f2716208
x-azure-ref: 02sVvZAAAAACo7cHtnbDgR4jO/UBqb/bZRlJBMzFFREdFMDkxNQAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/jpeg
cache-control: public, max-age=2549023
content-disposition: inline; filename="abstracts_0047_dotted_blue_column_cylinder_360x190.jpg"
accept-ranges: bytes
content-length: 16146
expires: Sat, 24 Jun 2023 20:32:56 GMT

GET
H2 200 close.svg
www.secureworks.com/content/rc/images/ 850 B
1 KB 108ms
107ms Image
image/svg+xml 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secureworks.com/content/rc/images/close.svg

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0049c42b57e92164c558905bff7c17441afe55dc569f0062162e77a532964b80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 May 2023 08:29:13 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:40 GMT
x-azure-ref-originshield: 02W1wZAAAAABWZ5jaVOq/TYOkyvqA9z2vRlJBMjMxMDUwNDE4MDI1ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: "6de322cada47d91:0"
x-azure-ref: 02W1wZAAAAADFH7Gg2XDSTLPajxwdPkg3RlJBMzFFREdFMDQyMgAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
x-cache: TCP_REMOTE_HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public,max-age=2592000
accept-ranges: bytes
content-length: 850

GET
H2 200 libs.min.js Show response
content.secureworks.com/content/app/js/ 257 KB
70 KB 47ms
47ms Script
application/javascript 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/app/js/libs.min.js?v=02-24-2023

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

08681ba3da35c665e877f6f9a6e158ff94b4d96c363610cdb061ebb79a718c35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/research/cryptolocker-ransomware
Origin: https://www.secureworks.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 May 2023 08:29:13 GMT
x-azure-ref-originshield: 0cvT3YwAAAAAyPRdxtcw5TIYm36e6YcrGRlJBMjMxMDUwNDE4MDM3ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
content-length: 70793
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:02:01 GMT
server: Microsoft-IIS/10.0
etag: "777c5d6da47d91:0"
x-azure-ref: 0cvT3YwAAAAB2TdRXY2JQSKNJwmNkL1rqRlJBMzFFREdFMDkxMgAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1467312
accept-ranges: bytes

GET
H2 200 main.js Show response
content.secureworks.com/content/app/js/ 73 KB
20 KB 32ms
32ms Script
application/javascript 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/app/js/main.js?v=02-24-2023

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

c2f15609bdc44ef0009fda7902639ed493b8a26a00a58b905e0768f67c93b2ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/research/cryptolocker-ransomware
Origin: https://www.secureworks.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 May 2023 08:29:13 GMT
x-azure-ref-originshield: 0//b3YwAAAABpjPCHgxUgQZ0OgZdhJIEQRlJBMjMxMDUwNDE4MDQ3ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
content-length: 19484
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:02:01 GMT
server: Microsoft-IIS/10.0
etag: "339eccd6da47d91:0"
x-azure-ref: 0//b3YwAAAAAffPrT0EeRSLxtmnbOuE8KRlJBMzFFREdFMDkxMQAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1628374
accept-ranges: bytes

GET
H2 200 products.js Show response
content.secureworks.com/content/rc/js/ 44 KB
14 KB 31ms
31ms Script
application/javascript 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/rc/js/products.js?v=02-24-2023

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

9eb064a8d93265a1b1bb725f0db9c1d209a4efdae9eca7ddc67a094755c64b4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/research/cryptolocker-ransomware
Origin: https://www.secureworks.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 May 2023 08:29:13 GMT
x-azure-ref-originshield: 0cvT3YwAAAABmijalzXsbTa7gWeB95BdNRlJBMjMxMDUwNDE4MDExADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
content-length: 13755
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:02:20 GMT
server: Microsoft-IIS/10.0
etag: "4eb3ae2da47d91:0"
x-azure-ref: 0cvT3YwAAAAAG+ks8WYtcTKksrjz827GLRlJBMzFFREdFMDMxMgAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1569080
accept-ranges: bytes

GET
H2 200 default.css
content.secureworks.com/content/app/css/highlighter/ 1 KB
1 KB 38ms
33ms Stylesheet
text/css 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/app/css/highlighter/default.css?v=02-24-2023

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

22494645cd5c6508829ef760cfafdf7292ddfbb824f23a323b6d3f3bd10a2538

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/research/cryptolocker-ransomware
Origin: https://www.secureworks.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:41 GMT
x-azure-ref-originshield: 0hdQ+ZAAAAABnEn7ilwmUQ7PDs5B04jbSRlJBMjMxMDUwNDE4MDQ1ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
date: Fri, 26 May 2023 08:29:13 GMT
etag: "65618bcada47d91:0"
x-azure-ref: 0IeA+ZAAAAABFKh79xyWHQqqb3PjKDhr9RlJBMzFFREdFMDMxMgAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=1642297
accept-ranges: bytes
content-length: 580

GET
H2 200 highlight.pack.js Show response
content.secureworks.com/content/app/js/libs/ 50 KB
20 KB 39ms
34ms Script
application/javascript 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/app/js/libs/highlight.pack.js?v=02-24-2023

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

154248124c7d6ba28a3d741311104b4d4a503dad23095470f663f2613532c733

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/research/cryptolocker-ransomware
Origin: https://www.secureworks.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 May 2023 08:29:13 GMT
x-azure-ref-originshield: 0cvT3YwAAAAAvdJI3nSvMTYSea+muU1MjRlJBMjMxMDUwNDE3MDQ5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
content-length: 20267
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:34 GMT
server: Microsoft-IIS/10.0
etag: "2c1d72c6da47d91:0"
x-azure-ref: 0cvT3YwAAAAAE0y+R+8kST6Lc5eFY5gBORlJBMzFFREdFMDkxNgAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1264071
accept-ranges: bytes

GET
H2 200 bundle.js Show response
content.secureworks.com/content/micro/ 730 KB
213 KB 41ms
37ms Script
application/javascript 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/micro/bundle.js?v=02-24-2023

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

fbb0995554fef3d2e17767e42318987a6b0196ec4572d2c61da94534e8698848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/research/cryptolocker-ransomware
Origin: https://www.secureworks.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 May 2023 08:29:13 GMT
x-azure-ref-originshield: 0cvT3YwAAAABAFkHiguIWSLHb2DJ/Am5/RlJBMjMxMDUwNDE3MDI1ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
content-length: 217228
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:35 GMT
server: Microsoft-IIS/10.0
etag: "a68022c7da47d91:0"
x-azure-ref: 0cvT3YwAAAABpGwI15002SqPCAcsRllAtRlJBMzFFREdFMDkwNgAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1575190
accept-ranges: bytes

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
2 KB 104ms
30ms Script
application/x-javascript 104.102.38.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.38.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-38-132.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 08:29:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 314 KB
97 KB 124ms
62ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ee879839ce091313e6f39b2a6e937d747a0b86c0b783ae25978370050b351341

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 08:29:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 99049
x-xss-protection: 0
last-modified: Fri, 26 May 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 May 2023 08:29:13 GMT

GET
H2 200 visuelt-regular.woff
content.secureworks.com/content/app/fonts/visuelt/ 34 KB
34 KB 55ms
54ms Font
application/font-woff 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/app/fonts/visuelt/visuelt-regular.woff

Requested by

Host: content.secureworks.com
URL: https://content.secureworks.com/content/app/css/main.css?v=02-24-2023

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

01922d641b94002b4861c92b1462f8e9008baaa53707603d64a5b97fee783b03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://content.secureworks.com/content/app/css/main.css?v=02-24-2023
Origin: https://www.secureworks.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 May 2023 08:29:13 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Feb 2023 22:04:45 GMT
server: Microsoft-IIS/10.0
x-azure-ref-originshield: 0qN3jYwAAAABU2YakViKeRJM1d72HCVlGRlJBMjMxMDUwNDE3MDM5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: "e33fe85773ad91:0"
x-azure-ref: 0qN3jYwAAAABanEPIF5JKQaW3nVMq8BzoRlJBMjMxMDUwNDE5MDI1ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=2490110
accept-ranges: bytes
content-length: 34560

GET
H2 200 icomoon.ttf
content.secureworks.com/content/app/fonts/icomoon-new/ 3 KB
3 KB 56ms
55ms Font
application/font-ttf 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/app/fonts/icomoon-new/icomoon.ttf?8und5p

Requested by

Host: content.secureworks.com
URL: https://content.secureworks.com/content/app/css/main.css?v=02-24-2023

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c97d6fa5b4ad8db4c6110b5e4a13eb698c381f580cb44440813c04f369df0a56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://content.secureworks.com/content/app/css/main.css?v=02-24-2023
Origin: https://www.secureworks.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 May 2023 08:29:13 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:49 GMT
x-azure-ref-originshield: 0nkxaZAAAAACv748uXE73S4TxTaYICxxVRlJBMjMxMDUwNDE3MDA5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: "ea28cacfda47d91:0"
x-azure-ref: 0nkxaZAAAAAAhW2XtlUWTR6QYo2GUrE5KRlJBMjMxMDUwNDIwMDIxADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
content-type: application/font-ttf
access-control-allow-origin: *
cache-control: public, max-age=1141701
accept-ranges: bytes
content-length: 2904

GET
H2 200 visuelt-medium.woff
content.secureworks.com/content/app/fonts/visuelt/ 36 KB
36 KB 57ms
56ms Font
application/font-woff 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/app/fonts/visuelt/visuelt-medium.woff

Requested by

Host: content.secureworks.com
URL: https://content.secureworks.com/content/app/css/main.css?v=02-24-2023

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

30a584b184cc0bffda4f65106a5440dd18027f5d832d74b56ee5d219b3b48cd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://content.secureworks.com/content/app/css/main.css?v=02-24-2023
Origin: https://www.secureworks.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 May 2023 08:29:13 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:54 GMT
x-azure-ref-originshield: 0LL07ZAAAAADnS1hiNjePR7X0vLvWwoPVRlJBMjMxMDUwNDE3MDE5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: "3f67b4d2da47d91:0"
x-azure-ref: 0MmI9ZAAAAAB9GS0guJw8RKNG/4WNlHLkRlJBMzFFREdFMDkwOAAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=1402355
accept-ranges: bytes
content-length: 36448

GET
H2 200 visuelt-black.woff
content.secureworks.com/content/app/fonts/visuelt/ 34 KB
35 KB 60ms
59ms Font
application/font-woff 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/app/fonts/visuelt/visuelt-black.woff

Requested by

Host: content.secureworks.com
URL: https://content.secureworks.com/content/app/css/main.css?v=02-24-2023

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

baacf8d144dbd8a579bde4d8221f515052f5eeb8a3a81cb6415cea17b4e30f9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://content.secureworks.com/content/app/css/main.css?v=02-24-2023
Origin: https://www.secureworks.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 May 2023 08:29:13 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:28 GMT
x-azure-ref-originshield: 0mforZAAAAADljs2svTPFTr/RwNnsISVBRlJBMjMxMDUwNDE3MDM5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: "7a14d8c2da47d91:0"
x-azure-ref: 0mforZAAAAAAvVdodG1QNQ5ltXUazv3a+RlJBMzFFREdFMDQxMgAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=439005
accept-ranges: bytes
content-length: 35128

GET
H2 200 Visuelt-Light.ttf
www.secureworks.com/content/assets/fonts/ 139 KB
140 KB 50ms
49ms Font
application/font-ttf 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureworks.com/content/assets/fonts/Visuelt-Light.ttf

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7863ca6b764cf33a59a47bd455e1ef2713b5599e78e8d5b1803c0e8844186b70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/research/cryptolocker-ransomware
Origin: https://www.secureworks.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 May 2023 08:29:13 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:34 GMT
x-azure-ref-originshield: 0WENsZAAAAADLyJMM8NURTK9nKxI39ZgORlJBMjMxMDUwNDE3MDQ1ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: "9872a7c6da47d91:0"
x-azure-ref: 02W1wZAAAAAA5KYdp1sKxSIvS0giyQuCPRlJBMzFFREdFMDQyMgAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
x-cache: TCP_HIT
content-type: application/font-ttf
access-control-allow-origin: *
cache-control: public,max-age=2592000
accept-ranges: bytes
content-length: 142684

GET
H2 200 Visuelt-Bold.ttf
www.secureworks.com/content/assets/fonts/ 170 KB
171 KB 94ms
93ms Font
application/font-ttf 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureworks.com/content/assets/fonts/Visuelt-Bold.ttf

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

64ba221769f51fcba3ae03ff9ebccac7cc1017e5f10900475b871ecfe7bda514

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/research/cryptolocker-ransomware
Origin: https://www.secureworks.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 May 2023 08:29:13 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:02:03 GMT
x-azure-ref-originshield: 0YltsZAAAAADh7AVcRfcYS6h7VDYiSA/dRlJBMjMxMDUwNDE3MDIxADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: "11fc9d7da47d91:0"
x-azure-ref: 02W1wZAAAAAB8TjpQTLjpSrP9CwgrlF1uRlJBMzFFREdFMDQyMgAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
x-cache: TCP_HIT
content-type: application/font-ttf
access-control-allow-origin: *
cache-control: public,max-age=2592000
accept-ranges: bytes
content-length: 174376

GET
H2 200 arrow.svg
content.secureworks.com/content/app/img/svg/ 2 KB
1 KB 136ms
135ms Image
image/svg+xml 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/content/app/img/svg/arrow.svg

Requested by

Host: content.secureworks.com
URL: https://content.secureworks.com/content/app/css/main.css?v=02-24-2023

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c414c4b0d50c45bc35cd0beae9dd6e255bc68bb44b7f2298f55ad4e1ba9efec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://content.secureworks.com/content/app/css/main.css?v=02-24-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:57 GMT
x-azure-ref-originshield: 0HwxRZAAAAAB1PDeaorVZQo/OspQ8mfJfRlJBMjMxMDUwNDE3MDIzADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
date: Fri, 26 May 2023 08:29:13 GMT
etag: "c5a74cd4da47d91:0"
x-azure-ref: 0MoVVZAAAAABXrudwCb/ETLb/WdYEuW3iRlJBMzFFREdFMDkxMgAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=828616
accept-ranges: bytes
content-length: 905

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 26ms
26ms Script
application/x-javascript 104.102.38.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.38.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-38-132.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 08:29:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Sun, 03 Sep 2023 08:29:13 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 63ms
26ms Script
application/javascript 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c535c494eb4dbfb732fb09f9716097de5e1c84f1d841a5c98eb14903c1376270

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 26 May 2023 08:29:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ThapKUuw9e9x4Kb6BZJd6A==
age: 51550
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6767
x-ms-lease-status: unlocked
last-modified: Thu, 25 May 2023 07:01:17 GMT
server: cloudflare
etag: 0x8DB5CEDD61F0177
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7bc6b06c-101e-012b-7e2e-8fea0b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7cd4a632792f0e7b-MXP

GET
H2 200 EJRLQgErUN8XuHNEtX81i9TmEkrnfc9Q962f.woff2
fonts.gstatic.com/s/sairacondensed/v11/ 16 KB
17 KB 96ms
31ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sairacondensed/v11/EJRLQgErUN8XuHNEtX81i9TmEkrnfc9Q962f.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Saira+Condensed:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba24f9ef72f1973e4b0b7b2a2302836376fe6e2f533eaee680ee711d835827d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.secureworks.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 07:59:25 GMT
x-content-type-options: nosniff
age: 174589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16832
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:12:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 May 2024 07:59:25 GMT

GET
H2 200 Visuelt.ttf
www.secureworks.com/content/assets/fonts/ 167 KB
168 KB 51ms
51ms Font
application/font-ttf 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureworks.com/content/assets/fonts/Visuelt.ttf

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

98842c0f43a891b9264682dda87aab221bbe5aabfc08cb44f6785df5cf595326

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/research/cryptolocker-ransomware
Origin: https://www.secureworks.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 May 2023 08:29:13 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:02:03 GMT
x-azure-ref-originshield: 0dDtwZAAAAABixQh3QpAmTYCmY4P+ndaGRlJBMjMxMDUwNDE3MDIzADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: "f7febcd7da47d91:0"
x-azure-ref: 02m1wZAAAAADU+HbxF1JbT6CpMN4FiClhRlJBMzFFREdFMDQyMgAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
x-cache: TCP_HIT
content-type: application/font-ttf
access-control-allow-origin: *
cache-control: public,max-age=2592000
accept-ranges: bytes
content-length: 171496

GET
H2 200 warning.ashx
content.secureworks.com/-/media/Images/shared/icons/buttons/utility/ 244 B
755 B 39ms
37ms Image
image/svg+xml 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/shared/icons/buttons/utility/warning.ashx?modified=20221020215207

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

5f2d6e604ad2bafcb500a244f270fa557c8275586dc31c9058a1cfa4f46d125f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 May 2023 08:29:14 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 20 Oct 2022 21:52:07 GMT
server: Microsoft-IIS/10.0
x-azure-ref-originshield: 08JdjYwAAAACOUQneTfsYTZiK++9M2CDfRlJBMjMxMDUwNDE4MDM3ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: b370dd3d1a404660b8227483d8eb6fff
x-azure-ref: 075djYwAAAAA/noYLOgi6TZZzds87KTDoRlJBMjMxMDUwNDIwMDMxADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
content-type: image/svg+xml
cache-control: public, max-age=1128182
content-disposition: inline; filename="warning.svg"
accept-ranges: bytes
content-length: 244
expires: Thu, 08 Jun 2023 09:52:16 GMT

GET
H2 200 globe.ashx
content.secureworks.com/-/media/Images/shared/icons/buttons/utility/ 2 KB
1 KB 38ms
36ms Image
image/svg+xml 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/shared/icons/buttons/utility/globe.ashx?modified=20221020215152

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

d774717dcbf112735e877fa11abd3b7a3e9ce75c82935d0a78724132c8ca1fe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 May 2023 08:29:14 GMT
x-azure-ref-originshield: 08ZdjYwAAAADunGBjO3LeQ7B1Yq+0gnDORlJBMjMxMDUwNDE3MDE3ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
content-disposition: inline; filename="globe.svg"
content-length: 749
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 20 Oct 2022 21:51:52 GMT
server: Microsoft-IIS/10.0
etag: 7d221ab6182243ebb9f626238749ba99
x-azure-ref: 08ZdjYwAAAABnnxwWogsrQaq1+HUNar2rRlJBMjMxMDUwNDIwMDIzADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1172703
accept-ranges: bytes
expires: Thu, 08 Jun 2023 22:14:17 GMT

GET
H2 200 in.ashx
content.secureworks.com/-/media/Images/shared/icons/social/ 768 B
1 KB 37ms
35ms Image
image/svg+xml 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/shared/icons/social/in.ashx?modified=20221031144532

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

3931826d11b4250a6e4d10a8249417bbdf73eb1a03f95f124b790b5c8a576bab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 May 2023 08:29:14 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 31 Oct 2022 14:45:32 GMT
server: Microsoft-IIS/10.0
x-azure-ref-originshield: 0CZhjYwAAAAAfze26sv3fQq7hGmN52up1QU1TMDRFREdFMTkxMQAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
etag: e3eaed4027ef45f381a9ca6767b60f64
x-azure-ref: 0CZhjYwAAAABKugTjQloKSKJAs6AO8llvQlJVMzBFREdFMDQwNwAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/svg+xml
cache-control: public, max-age=1026835
content-disposition: inline; filename="in.svg"
accept-ranges: bytes
content-length: 768
expires: Wed, 07 Jun 2023 05:43:09 GMT

GET
H2 200 tw.ashx
content.secureworks.com/-/media/Images/shared/icons/social/ 1 KB
1 KB 39ms
38ms Image
image/svg+xml 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/shared/icons/social/tw.ashx?modified=20221031144531

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

318f094b79b56bc57c182543d28cffa228816b3d53a1361ad21d9830cfc4f55b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 May 2023 08:29:14 GMT
x-azure-ref-originshield: 09JdjYwAAAACjWL4py2iZTJsk7Amd2x+6RlJBMjMxMDUwNDE4MDMxADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
content-disposition: inline; filename="tw.svg"
content-length: 689
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 31 Oct 2022 14:45:31 GMT
server: Microsoft-IIS/10.0
etag: 1cfd65ea761243428664256ff1a11d92
x-azure-ref: 09JdjYwAAAAA5i67rqYxcRpgEo+Z1Km0PRlJBMjMxMDUwNDIwMDM1ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1076557
accept-ranges: bytes
expires: Wed, 07 Jun 2023 19:31:51 GMT

GET
H2 200 fb.ashx
content.secureworks.com/-/media/Images/shared/icons/social/ 403 B
803 B 42ms
41ms Image
image/svg+xml 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/shared/icons/social/fb.ashx?modified=20221031144532

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

c14c30ca00b3badf163de6dc6d1ee20208fc164bacc5b2dd5bee60d13a80cda0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 May 2023 08:29:14 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 31 Oct 2022 14:45:32 GMT
server: Microsoft-IIS/10.0
etag: 2972ab029c2e47d18428a81633dd48a5
x-azure-ref: 09JdjYwAAAACk9Auu+MxtRq/xFs4nNWf6RlJBMjMxMDUwNDE4MDM5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
content-type: image/svg+xml
cache-control: public, max-age=974049
content-disposition: inline; filename="fb.svg"
accept-ranges: bytes
content-length: 403
expires: Tue, 06 Jun 2023 15:03:23 GMT

GET
H2 200 gb.ashx
content.secureworks.com/-/media/Images/shared/icons/social/ 2 KB
2 KB 40ms
39ms Image
image/svg+xml 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/shared/icons/social/gb.ashx?modified=20221031144532

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

3c7024701a817fee5de0e62bb8d83edb43e08a9be594dde00fd2d2fcf5a20fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 May 2023 08:29:14 GMT
x-azure-ref-originshield: 03p5jYwAAAADr6BX8e13JT4wDaagS6aJLRlJBMjMxMDUwNDE4MDMxADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
content-disposition: inline; filename="gb.svg"
content-length: 1230
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 31 Oct 2022 14:45:32 GMT
server: Microsoft-IIS/10.0
etag: e9232effb940416d99f84a976e984c00
x-azure-ref: 03Z5jYwAAAADHrp7V4xfMQoCarBImJGSmRlJBMjMxMDUwNDE5MDMxADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1230875
accept-ranges: bytes
expires: Fri, 09 Jun 2023 14:23:49 GMT

GET
H2 200 right-arrow.ashx
content.secureworks.com/-/media/Images/shared/icons/buttons/ 270 B
783 B 41ms
40ms Image
image/svg+xml 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/shared/icons/buttons/right-arrow.ashx?modified=20221020215130

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

ca6538789c7267c0fd372b35a2de78fe51227c09651cc785afeae0b485913548

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 May 2023 08:29:14 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 20 Oct 2022 21:51:30 GMT
server: Microsoft-IIS/10.0
x-azure-ref-originshield: 0EJpjYwAAAABAhKOhyuGER7RR9EloOHJ1RlJBMjMxMDUwNDE4MDQ3ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: b074483aa26d4f8ebd6e202c749c1289
x-azure-ref: 0EJpjYwAAAAAkwBLcSYOGQJazZi4g5muNRlJBMjMxMDUwNDIwMDM1ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
content-type: image/svg+xml
cache-control: public, max-age=961638
content-disposition: inline; filename="right-arrow.svg"
accept-ranges: bytes
content-length: 270
expires: Tue, 06 Jun 2023 11:36:32 GMT

POST
H/1.1 200
OK visitWebPage
725-smc-563.mktoresp.com/webevents/ 2 B
318 B 605ms
113ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://725-smc-563.mktoresp.com/webevents/visitWebPage?_mchNc=1685089754072&_mchCn=&_mchId=725-SMC-563&_mchTk=_mch-secureworks.com-1685089754071-76254&_mchHo=www.secureworks.com&_mchPo=&_mchRu=%2Fresearch%2Fcryptolocker-ransomware&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 08:29:14 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 3ed3c22e-0b2e-457b-a26f-a461483b1d6d

GET
H2 200 1bdee92e-dd5f-49d1-9ccb-9a788319e959.json Show response
cdn.cookielaw.org/consent/1bdee92e-dd5f-49d1-9ccb-9a788319e959/ 4 KB
2 KB 61ms
26ms XHR
application/x-javascript 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/1bdee92e-dd5f-49d1-9ccb-9a788319e959/1bdee92e-dd5f-49d1-9ccb-9a788319e959.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

781dc9c95c41aa6fd5e82cc92fd2387a7ec63fe7c87d2fff40139723a0429052

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 26 May 2023 08:29:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: biKqC3j7c5ZnW5KBlHEFzA==
age: 4168
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1616
x-ms-lease-status: unlocked
last-modified: Tue, 23 May 2023 22:09:27 GMT
server: cloudflare
etag: 0x8DB5BDA5FBB98A4
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: ba4f6856-c01e-0004-56c3-8d2d64000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7cd4a6333ff40d66-MXP
expires: Sat, 27 May 2023 08:29:14 GMT

GET
H2 200 nanoTrackerv3-0-2.ashx Show response
www.secureworks.com/-/media/Assets/js/shared/ 16 KB
5 KB 48ms
48ms Script
application/x-javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureworks.com/-/media/Assets/js/shared/nanoTrackerv3-0-2.ashx

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e7a55959687a0af1b5080fd3ed56094717857d6dd023dd577619c0f0879b1af2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 26 May 2023 08:29:13 GMT
x-azure-ref-originshield: 0oThsZAAAAAAtBjVz3crsRqHLSKWmrV+vRlJBMjMxMDUwNDE4MDE5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
x-cache: TCP_HIT
content-disposition: inline; filename="nanoTrackerv3-0-2.js"
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Feb 2023 20:30:41 GMT
etag: 9adb77ae344748cd8afceba540f40c4c
x-azure-ref: 02m1wZAAAAACTNEZjd8WmSJv3PkqhGWzFRlJBMzFFREdFMDQyMgAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=2536983
accept-ranges: bytes
expires: Sat, 27 May 2023 22:42:52 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 69 B
308 B 70ms
30ms XHR
application/json 2606:4700::6812:1c26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6964d03a8ab5896300c3dd5cb3fc6fa302ef3d1b5453d2021282038af12e5679

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 08:29:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7cd4a633aa2e0e43-MXP
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202304.1.0/ 401 KB
97 KB 25ms
25ms Script
application/javascript 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1114132a79b42ce8e5064f57a1560a3b3f0e1659afc33e4698bab53e1301fbfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 26 May 2023 08:29:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: f9AvZgohx9TU9t078cCRXA==
age: 72287
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 99020
x-ms-lease-status: unlocked
last-modified: Thu, 11 May 2023 06:31:14 GMT
server: cloudflare
etag: 0x8DB51E951BA9202
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c1394cd4-d01e-015b-13d8-8399cf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7cd4a633eb060e7b-MXP

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/1bdee92e-dd5f-49d1-9ccb-9a788319e959/6100965c-dab8-4356-a34f-a357e219a4fa/ 73 KB
14 KB 30ms
30ms Fetch
application/x-javascript 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/1bdee92e-dd5f-49d1-9ccb-9a788319e959/6100965c-dab8-4356-a34f-a357e219a4fa/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2aec55108d757697d2ac5b2893ec4f60377b5415cf8afe029c21d8b2c46d5b37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 26 May 2023 08:29:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: dqk87geaqPhhEGDVgkgrVA==
age: 81692
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 14124
x-ms-lease-status: unlocked
last-modified: Tue, 23 May 2023 22:09:31 GMT
server: cloudflare
etag: 0x8DB5BDA62220740
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: ba6cf668-401e-009d-1dc3-8da2a6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7cd4a6350ace0d66-MXP
expires: Sat, 27 May 2023 08:29:14 GMT

GET
H2 200 otFloatingFlat.json Show response
cdn.cookielaw.org/scripttemplates/202304.1.0/assets/ 10 KB
3 KB 27ms
27ms Fetch
application/json 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202304.1.0/assets/otFloatingFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d6a316993e74e58abc10e08adf78c437a8a6b4681bdc08b3dde0587a0eb3176

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 26 May 2023 08:29:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 0n+3VGdW2op3e0CnKIlgXA==
age: 4168
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2700
x-ms-lease-status: unlocked
last-modified: Thu, 11 May 2023 06:31:09 GMT
server: cloudflare
etag: 0x8DB51E94E9A8614
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 3b123ec8-201e-0128-12c3-8de90c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7cd4a6356b630d66-MXP

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202304.1.0/assets/v2/ 61 KB
12 KB 28ms
27ms Fetch
application/json 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202304.1.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 26 May 2023 08:29:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: U0I+ien3T2GIYJcFxPdemQ==
age: 4168
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12544
x-ms-lease-status: unlocked
last-modified: Thu, 11 May 2023 06:31:10 GMT
server: cloudflare
etag: 0x8DB51E94F811CDE
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 2b4bff26-801e-0047-04c3-8d078d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7cd4a6356b640d66-MXP

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202304.1.0/assets/ 21 KB
4 KB 31ms
31ms Fetch
text/css 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202304.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 26 May 2023 08:29:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: oWkBTLgDDXvrUsd93y/Zxg==
age: 4168
x-ms-lease-status: unlocked
last-modified: Thu, 11 May 2023 06:31:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 71cb85d7-901e-001c-13c3-8d00f1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7cd4a6356b650d66-MXP

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
600 B 33ms
33ms Image
image/svg+xml 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 26 May 2023 08:29:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 56661
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 20:01:23 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 58824462-a01e-0154-3bc3-8e7439000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7cd4a635ce040e7b-MXP

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
494 B 27ms
27ms Fetch
image/svg+xml 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 26 May 2023 08:29:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 81691
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 02:27:52 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: d382deb4-201e-004a-7d26-8ee881000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7cd4a635dc350d66-MXP

GET
H2 200 SW_logo_black_print.png
cdn.cookielaw.org/logos/7465cc90-ea12-4f33-80a4-557abead3b10/1bdee92e-dd5f-49d1-9ccb-9a788319e959/4cc354d6-2763-454f-a29d-f10f1788b6aa/ 22 KB
22 KB 27ms
27ms Image
image/png 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/7465cc90-ea12-4f33-80a4-557abead3b10/1bdee92e-dd5f-49d1-9ccb-9a788319e959/4cc354d6-2763-454f-a29d-f10f1788b6aa/SW_logo_black_print.png

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b96ae3ad93fc2ec81fe1f623ba74a9f3f607f2ea79c7b741e55b73366b41cf73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 26 May 2023 08:29:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 2qjIoAdJjqAKBeXNXVdNEg==
age: 51907
content-length: 22030
x-ms-lease-status: unlocked
last-modified: Tue, 22 Mar 2022 06:08:54 GMT
server: cloudflare
etag: 0x8DA0BCA71F312CB
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: b37aa1b8-f01e-00c0-19e1-5a52a2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7cd4a635ee380e7b-MXP

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 26ms
26ms Image
image/svg+xml 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/cryptolocker-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.secureworks.com/research/cryptolocker-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 26 May 2023 08:29:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 42847
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 20:01:24 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 546202f3-901e-0017-2785-8e1885000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7cd4a635ee3a0e7b-MXP

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.secureworks.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinityCORS Value: fe782f07a4a30b728296a249197117bf
www.secureworks.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinity Value: fe782f07a4a30b728296a249197117bf
www.secureworks.com/	1969-12-31 23:59:59	Name: ASLBSA Value: 000324501d25b26c9ef74498b383832cf14f430493e57754c5a6d7b2ba2406e6f0a5
www.secureworks.com/	1969-12-31 23:59:59	Name: ASLBSACORS Value: 000324501d25b26c9ef74498b383832cf14f430493e57754c5a6d7b2ba2406e6f0a5
.secureworks.com/	1970-01-20 21:40:49	Name: _mkto_trk Value: id:725-SMC-563&token:_mch-secureworks.com-1685089754071-76254
.secureworks.com/	1970-01-20 20:50:25	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Fri+May+26+2023+08%3A29%3A14+GMT%2B0000+(GMT)&version=202304.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.secureworks.com%2Fresearch%2Fcryptolocker-ransomware&groups=C0002%3A0%2CC0004%3A0%2CC0003%3A0%2CC0001%3A1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	object-src 'none'; script-src 'self' 'nonce-MGI3ZmMzNzEwNzUxNDc4ZmJhZTJjY2YwMzk1YjFjNzk=' 'sha256-wY8ZJu7Uu8c5AFYGRuoE7SNBraw8IAkl5Yz+glnnte8=' 'sha256-UGfgrQ+GKJogDAQthuGt5lpepOeF3ypbYTr2PPxcBdU=' 'sha256-hUiPqjPAx0BTYk+HP/Ohq7cZFW+CFLUDreW74sIBUJk=' 'sha256-MWnKpq2mO4B+C/F7fLTeifs05WkVCc8Hkl+SzXGUmtI=' 'sha256-QiHtJSgKkeO/qh+2A9GCUt3xk8ONLQAa6uua+j+nHLg=' 'sha256-7+1sMW/o6RcIncEOmuvZbRThB6NRZLwQjvsqQAGehKA=' 'sha256-tYinntSHdpRdg0LwZuBycjWqxaMdCzBdOnOGsSZH2Ho=' 'sha256-DP0AJIADL+tS8s/bg6t7xbMHunrd17JCuOgpyNjxt/M=' 'sha256-sqwbnK0D7p9u3WG0lgAYLYmp/byKS9zlT2eFORz1SDY=' 'sha256-L436NBsgbW4nnr2zz6geY9aouLDwQiH+458+ny7TeJ8=' 'sha256-t21JzuoP0AGVdHYfaGtWzFviQ1hj34OuECR3Ur2P1Dk=' 'sha256-kmGPVWtzfwq6b9fEOy1NmWxrKyxreHZU5tKvRxQpDMA=' 'sha256-SAqGhA/G1eraYlnHKoGwPlIvGfOo45eq5hoyKq2LnUY=' 'sha256-+08d4MzO/if2DlZslM+0a0gvpYaPHK7ilzV9yUXHxRo=' 'sha256-5RKybv4IYG3Rt1CcIXoS1OAD7D0vjWLop/a6KVpWxM0=' 'sha256-N/Mk5WIdXnJRlsc5rmMcLJsovC5ozGJ5BmVdRxKOeNc=' 'sha256-XJEfHQ97N7xwKM6MQXMpabeUHxVT647JYAYwrOX6sQQ=' 'sha256-sdKFLBOaDq01ySztbW/n0JnIwsMIlCr7AaMAznJOqA0=' 'sha256-7pyFNQ34QDbIyjfqF4dboUBH/FqtGtJgw7KPgC+aKY8=' 'sha256-yYGe3YxZ1stILsg6s+TKQ7ACovlrQ/V7H5hpGiko1EI=' 'sha256-JcTUCZru8bIzmyUfGjmyP1Nwn0ccUuwLyJA5/jgV2jI=' 'sha256-zEF/ALwwDYV2nZ+rdYGh2XpjU1lbO3oZ2osZayOlmpw=' 'sha256-ErdS+5vyua60ApoR4T4MK5hMhAxO8I75iqTuR4st0lk=' 'sha256-dgOinhXczUSm4ADnOKjecy4HqoIpihiWY1xMUGi3KiE=' 'sha256-bAZaADjFxXYURQUP9Z4p4eiIim+gCGst1ZWemjLGJxo=' 'sha256-x3E2vOOOHY24kNAmZOQxorAyW5o6cX3R7J5Jg+RTqZY=' 'sha256-WJHVKi7ReHnWJF4AUmd9vWDpqeX8GVtEsyAJP01M130=' 'sha256-mvYU2m+aQi6xWWVpxauZ/UaXg+HkwxCv4r/qVBDAm3A=' 'sha256-IgMQOOOedQeMPBl7lSreMVPmJvU62bc6l8HcsGXnbWc=' 'sha256-Ov0LRI92VqZTYbOhyIvK8iFCm9rBs/HXaYLwlDMrra0=' 'sha256-HjgaVwCCuGQHih00gvN/PUGZuGwVIWd/6sThgUEi83E=' 'sha256-7oEVqsTDSU0XTGoiH3B7bXM3sMDjv58JCTndWi8pUKw=' 'sha256-ZlXTkZmAmWswFmM/VCVi0DLagBh+F9JWQiK/yRsf7yc=' 'sha256-76Yt/S5cofMdn9d5/cJOU32zSvhw1A8QJDSgL1c0YRI=' 'sha256-z4pF+zMq94+GUUF273G0WvSAL91jUazcB1NOISkNlzk=' 'sha256-4OIRiOWgv2ak/dapUtCUuoqEUnVBrH8A9LJCp3dthUw=' 'sha256-ew0tynw+zAqBiv217Nj202XmktwGvkQU7jXqQMotiHg=' 'sha256-2mFyIAC6FjDBvAg15BPawsugazV1sKm4T9x09V76BK0=' 'sha256-kxoZz5p2Ko+K+FXi8lIZc2opwhJF9WD4/wy9+dLYHzY=' 'sha256-+ThII46Fk+h63393vJ+nvAEZnTSXIwpqVJDSklAo5eM=' 'sha256-hUowsewUBuLRjFz7Z3pohTKe/pX/uO7uKD1k25qHLQY=' 'sha256-pMZUEpT65ftOEzHdiYyq/2vt545RymVHJSh5H2y5BDk=' 'sha256-nGkmLI0CpGjUy6Gg2vRE6xAh+vU4jlNVmPB+55WJmn8=' 'sha256-j6LWS7Q+Wsyd91b6000yHCoIqUaJIJQq56Lw3XQPcHA=' 'sha256-XQ6pUmmjpjpunCfT67q0ACDA7NqxLJx1iJwCFhC73wo=' 'sha256-tCniuKIyeHpfi5vxJOgLkz0eRI+cerKWFRsy5hMt5V0=' 'sha256-EZaJwK6Bh4sdKWjgv6zhJUdT2ISL4NhEQSPYf++uAeU=' 'sha256-1T7dud0UtKJZdhJcgsp1gh8MZDyA3S8DIsOpB3+co4M=' 'sha256-g6A8gRllShDRUg9hmXQZ0ZvMQ35F4jsarESQIDJtpE4=' 'sha256-y6vRm9V8P08qfB27ukHo07LF4IM00RKuKNzQBfsBlgg=' 'sha256-1GbAOPSdN7GyL999DpkIzp8XYAH1OP43heqQi7uU3FQ=' 'sha256-1p8zU6DNbl/tn8sFUoVBsvAF+dwRMDHK3WXM4vqIhDc=' 'sha256-a/dU49b8+CePl3YeekAugUB79FoCfbN22DFVyavn9pM=' 'sha256-39FcaN3WyGnHnf2UX+fHrSBSJq4KI6BETrXNemtzDa8=' 'sha256-4N1dEVT13lNPCpxXX2XuIlfUBwZp3wNLb/hBbSKGESA=' 'sha256-hNSRZgUy89mPGFidDBRWC4Ed4jKTrCtZP2zeBPNbdeI=' 'sha256-CD2LEDjz/KtOaC5rzryax+qZEQVmnKcZAQsqnSqAIXw=' 'sha256-FKJXEsmjg1Bgqi33LGcZCFxDahpEPN6prnNBVDxvfhc=' 'sha256-GNXg66Qlqpdgh9Nsv/+xAVNgfxsTWLi+TUdpxamXMuU=' 'sha256-TKtnYUWk/B6gzo2immnWBOjewDye+cXQBoAlykzhX/s=' 'sha256-BMQXzfchDpNs+zYF2cO7o9iAJtoSq+2OX45TfNM/cdA=' 'sha256-IECBAorlkKUYQadvB50kjQC3oIqb9xKfOB+cVXdarE0=' 'sha256-c+xyt9U1PbPeI7Pot035l4MckCT6qHAzxiBA5t+7KPE=' 'sha256-bZ4r9bNMpnkokR0Gwp+X+Y0qYhZKQwglL8B9TAvMsrA=' 'sha256-GNsgzTmK93RFT4ppB/KnAwm9wVkth71ceJVqrzSGC6M=' 'sha256-NMtcHh/vZkcUq5lHSUz2dzv8n1jv1SFeNewgEGvik4k=' https://code.jquery.com https://pages.secureworks.com https://js-agent.newrelic.com https://bam.nr-data.net https://content.secureworks.com https://pcdnscwx001.azureedge.net https://munchkin.marketo.net https://app-ab44.marketo.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://ajax.googleapis.com https://tagmanager.google.com https://translate.google.com https://bat.bing.com https://connect.facebook.net https://ad.atdmt.com https://static.ads-twitter.com https://analytics.twitter.com https://www.linkedin.com https://px.ads.linkedin.com https://snap.licdn.com https://sjs.bizographics.com https://.vimeo.com https://.vimeocdn.com https://j.6sc.co https://b.6sc.co https://.6sc.co https://epsilon.6sense.com https://.rlcdn.com https://gateway.zscaler.net https://geolocation.onetrust.com https://optanon.blob.core.windows.net https://cdn.cookielaw.org https://trk.techtarget.com https://api.rollbar.com https://.drift.com https://.driftt.com https://.simplecast.com https://.crazyegg.com https://script.crazyegg.com https://widgets.ziftsolutions.com https://hammock.hotprofile.biz https://transfertool.hotprofile.biz/production/ https://m-store-hammock.hot-profile.com/hot-profile/ https://wa2.hot-profile.com https://.on24.com https://.ceros.com https://app-script.monsido.com https://monsido-consent.com https://tracking.monsido.com https://.redditstatic.com https://.ensighten.com https://.ml314.com https://.choozle.com https://.bluekai.com https://cdn.bizible.com https://cdn.bizibly.com https://ws-assets.zoominfo.com https://ws.zoominfo.com https://insight.adsrvr.org https://js.adsrvr.org https://.clarity.ms https://static.ads-twitter.com https://cdn.pdst.fm https://.cloudfunctions.net https://tag.demandbase.com https://.bidr.io https://.company-target.com https://www.teads.com https://p.teads.tv https://www.facebook.com connect.facebook.net; img-src 'self' https://.vimeo.com https://.vimeocdn.com content.secureworks.com .secureworks.com id.rlcdn.com .googletagmanager.com cdn.cookielaw.org .gstatic.com optanon.blob.core.windows.net web.secureworks.com bat.bing.com .google-analytics.com j.6sc.co b.6sc.co c.6sc.co epsilon.6sense.com www.google.com attr.ml-api.io s.ml-attr.com www.google.com.ua secure.adnxs.com apt.techtarget.com id.rlcdn.com px.ads.linkedin.com .adslinkedin.com p.adsymptotic.com www.linkedin.com static.ziftsolutions.com .crazyegg.com .redditstatic.com alb.reddit.com .ensighten.com ml314.com .choozle.com .bluekai.com cdn.bizible.com cdn.bizibly.com tracking.monsido.com .clarity.ms analytics.twitter.com t.co .bidr.io .company-target.com www.facebook.com t.teads.tv https://ssl.gstatic.com .secureworks.com https://www.gstatic.com blob: data:; frame-ancestors 'self' .folloze.com *.secureworks.com; worker-src 'self' blob: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

725-smc-563.mktoresp.com
cdn.cookielaw.org
content.secureworks.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
munchkin.marketo.net
www.googletagmanager.com
www.secureworks.com
104.102.38.132
192.28.144.124
2606:4700::6812:1c26
2606:4700::6812:a972
2620:1ec:4e:1::44
2a00:1450:4001:803::200a
2a00:1450:4001:809::2008
2a00:1450:4001:810::2003
2a02:26f0:1700:d::1737:6e8f
0049c42b57e92164c558905bff7c17441afe55dc569f0062162e77a532964b80
01922d641b94002b4861c92b1462f8e9008baaa53707603d64a5b97fee783b03
08681ba3da35c665e877f6f9a6e158ff94b4d96c363610cdb061ebb79a718c35
0b817ddec3728ea011d21f345670ed6c213d08a71a15ade591680bfaba85960e
0d6a316993e74e58abc10e08adf78c437a8a6b4681bdc08b3dde0587a0eb3176
1114132a79b42ce8e5064f57a1560a3b3f0e1659afc33e4698bab53e1301fbfd
154248124c7d6ba28a3d741311104b4d4a503dad23095470f663f2613532c733
22494645cd5c6508829ef760cfafdf7292ddfbb824f23a323b6d3f3bd10a2538
2aec55108d757697d2ac5b2893ec4f60377b5415cf8afe029c21d8b2c46d5b37
30a584b184cc0bffda4f65106a5440dd18027f5d832d74b56ee5d219b3b48cd6
316df25690cbd0b839b3e7f9d56351489d2470f279c8734769117f144375d50b
318f094b79b56bc57c182543d28cffa228816b3d53a1361ad21d9830cfc4f55b
33f6054e84d435235a017b3042942bf2f448ab89b568f66a721e9680ea8cc4f7
37ae7d5c59b40e1e1e0ca3466ce5636f5e416fc226b45136f2548557c6ee5c37
3931826d11b4250a6e4d10a8249417bbdf73eb1a03f95f124b790b5c8a576bab
397fb53917784ee6ebd48a9b8a72205f094121f9f5fd63c62863345194fa6e4e
3c7024701a817fee5de0e62bb8d83edb43e08a9be594dde00fd2d2fcf5a20fd0
444302d06daf859b05d7c69a39336d96aa461b8dc4941b83f0eaa1bc5106fe32
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
52ac7ab6126b877846971bb6637dabe137c162f50cc7318c5c89c2432cacaebe
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57dfb90294167b847e4568c03bb120f061a883d4d07b9cd1bd0bc09b07553f39
5f2d6e604ad2bafcb500a244f270fa557c8275586dc31c9058a1cfa4f46d125f
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
62e55cc7119c6aae1e7aaac1870c9796ccc25fccdd4937f126f6114e66fd3b5a
64ba221769f51fcba3ae03ff9ebccac7cc1017e5f10900475b871ecfe7bda514
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6964d03a8ab5896300c3dd5cb3fc6fa302ef3d1b5453d2021282038af12e5679
781dc9c95c41aa6fd5e82cc92fd2387a7ec63fe7c87d2fff40139723a0429052
7863ca6b764cf33a59a47bd455e1ef2713b5599e78e8d5b1803c0e8844186b70
7e412c953172eedfcddef77c579de18b572856a33018a79f845c15d256b167e5
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
95d8a59b90b224d810da25849d3fb1fe3292c5bc5a3241dd1567587b3ee02f54
96e69ee14275243615d617108157e71b75f550c9f644430ec6ab36e6e589f487
98842c0f43a891b9264682dda87aab221bbe5aabfc08cb44f6785df5cf595326
9c6da1b506d37a9065ddd8efb0a6f5c2e7fc25b5d8c5a27ff8a714f82ee6ca89
9eb064a8d93265a1b1bb725f0db9c1d209a4efdae9eca7ddc67a094755c64b4f
b7b666baaa535231a25eb6b9ba61df1c041dd6017a6bc1a5d6d06cba4df3b12f
b96ae3ad93fc2ec81fe1f623ba74a9f3f607f2ea79c7b741e55b73366b41cf73
ba24f9ef72f1973e4b0b7b2a2302836376fe6e2f533eaee680ee711d835827d9
baa55d1d4627050073e047eb2f9dbe86720736f51f37a116602e5705c3966b33
baacf8d144dbd8a579bde4d8221f515052f5eeb8a3a81cb6415cea17b4e30f9f
c14c30ca00b3badf163de6dc6d1ee20208fc164bacc5b2dd5bee60d13a80cda0
c162b1c44f74acb328515220cc73efa1fff02ef4de10b5aaffabbff0dfc18980
c2f15609bdc44ef0009fda7902639ed493b8a26a00a58b905e0768f67c93b2ad
c414c4b0d50c45bc35cd0beae9dd6e255bc68bb44b7f2298f55ad4e1ba9efec0
c535c494eb4dbfb732fb09f9716097de5e1c84f1d841a5c98eb14903c1376270
c63dc4055c04564b4fbcb05ba82ff62271a69feada8ec3fcc2959403c1b2d4e1
c97d6fa5b4ad8db4c6110b5e4a13eb698c381f580cb44440813c04f369df0a56
ca6538789c7267c0fd372b35a2de78fe51227c09651cc785afeae0b485913548
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b
ced29ab2d3e3e9372e7b2eb542e1a61d0b676c531045ab2b59780c6326321ca7
d06f16436de248c88426110742cf0fa0e9fe7a2707399ecb2f27b3425a6b6162
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e
d774717dcbf112735e877fa11abd3b7a3e9ce75c82935d0a78724132c8ca1fe3
db61679243f9f3b5a03de90b1ad228130ad3e87b79b9d153ce1ca6afbdf9a2b0
db982215dc9857a5cf2123d944a148a8bd7f9ec1f8bf9052075869e63697ea8c
ddbe4971cd5e256472a2547a0c469323f5238387bba35345e8d71b48ee6f86af
deda0ecf832039099d8f8128be2c332dd0a6b86699f74eefaec26df8f8572f5b
e7a55959687a0af1b5080fd3ed56094717857d6dd023dd577619c0f0879b1af2
ea94254246a69ed243279680012e5904d1e31410a93b6369d038f311426d793d
eaeebdaf32731f88a96edcbd057001832dba6a524c41f90b61a264d6529d2b08
ee879839ce091313e6f39b2a6e937d747a0b86c0b783ae25978370050b351341
fa85f97108080f24b26ca0450d471edf522d233337c1b73e41ab4a27d19ac94f
fbb0995554fef3d2e17767e42318987a6b0196ec4572d2c61da94534e8698848

www.secureworks.com Open in urlscan Pro 2620:1ec:4e:1::44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

67 Requests

100 %HTTPS

78 %IPv6

8 Domains

9 Subdomains

9 IPs

2 Countries

2728 kBTransfer

4781 kBSize

6 Cookies

24 Outgoing links

Page URL History

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.secureworks.com Open in urlscan Pro
2620:1ec:4e:1::44 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

100 %
HTTPS

78 %
IPv6

8
Domains

9
Subdomains

9
IPs

2
Countries

2728 kB
Transfer

4781 kB
Size

6
Cookies

67 HTTP transactions
0 data transactions