www.documentcloud.org
Open in
urlscan Pro
104.22.59.213
Public Scan
Submission: On March 08 via manual from IT — Scanned from IT
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 30th 2021. Valid for: a year.
This is the only time www.documentcloud.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
17 | 104.22.59.213 104.22.59.213 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 216.58.212.170 216.58.212.170 | 15169 (GOOGLE) (GOOGLE) | |
2 | 142.250.186.163 142.250.186.163 | 15169 (GOOGLE) (GOOGLE) | |
2 | 172.67.12.145 172.67.12.145 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
22 | 5 |
ASN13335 (CLOUDFLARENET, US)
www.documentcloud.org | |
api.www.documentcloud.org | |
s3.documentcloud.org |
ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f10.1e100.net
fonts.googleapis.com |
ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net
fonts.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
documentcloud.org
www.documentcloud.org — Cisco Umbrella Rank: 117308 api.www.documentcloud.org — Cisco Umbrella Rank: 151007 s3.documentcloud.org — Cisco Umbrella Rank: 122067 |
749 KB |
2 |
gstatic.com
fonts.gstatic.com |
26 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35 |
1 KB |
22 | 3 |
Domain | Requested by | |
---|---|---|
12 | www.documentcloud.org |
www.documentcloud.org
|
6 | s3.documentcloud.org |
www.documentcloud.org
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | api.www.documentcloud.org |
www.documentcloud.org
|
1 | fonts.googleapis.com |
www.documentcloud.org
|
22 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
s3.documentcloud.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
documentcloud.org Cloudflare Inc ECC CA-3 |
2021-05-30 - 2022-05-29 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-02-17 - 2022-05-12 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-02-17 - 2022-05-12 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.documentcloud.org/documents/21397387-ragnarlocker-ransomware-indicators-of-compromise
Frame ID: BC026FB63FB7CC3E424E6301FF4BA260
Requests: 23 HTTP requests in this frame
Screenshot
Page Title
RagnarLocker Ransomware Indicators of Compromise - DocumentCloudDetected technologies
Svelte (JavaScript frameworks) ExpandDetected patterns
- <[^>]+class=\"[^\"]+\ssvelte-[\w]*\"
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Original Document (PDF) ยป
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
21397387-ragnarlocker-ransomware-indicators-of-compromise
www.documentcloud.org/documents/ |
505 B 660 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
9 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
global.css
www.documentcloud.org/ |
141 B 320 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.66e952d6a9c350d98128.css
www.documentcloud.org/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.88eb1a4a2303da521ef2.js
www.documentcloud.org/ |
362 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
24.a5e37069ccf7b5a8a71c.js
www.documentcloud.org/ |
29 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
19.5331c51a564c0b894f6e.js
www.documentcloud.org/ |
35 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0.fbbfe9910218178ad0c4.css
www.documentcloud.org/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0.107ddcdd50819bb04310.js
www.documentcloud.org/ |
34 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.4930e1cc1479d6bd0083.css
www.documentcloud.org/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.0a404221808dccb498e7.js
www.documentcloud.org/ |
59 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6.b511598d28be63de062e.css
www.documentcloud.org/ |
29 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6.dd93cb7cd1b573747827.js
www.documentcloud.org/ |
346 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
api.www.documentcloud.org/api/documents/21397387/ |
2 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
123 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ragnarlocker-ransomware-indicators-of-compromise-p1-thumbnail.gif
s3.documentcloud.org/documents/21397387/pages/ |
4 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ragnarlocker-ransomware-indicators-of-compromise-p2-thumbnail.gif
s3.documentcloud.org/documents/21397387/pages/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ragnarlocker-ransomware-indicators-of-compromise-p1-normal.gif
s3.documentcloud.org/documents/21397387/pages/ |
321 KB 322 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ragnarlocker-ransomware-indicators-of-compromise-p2-normal.gif
s3.documentcloud.org/documents/21397387/pages/ |
227 KB 227 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ragnarlocker-ransomware-indicators-of-compromise-p1.position.json
s3.documentcloud.org/documents/21397387/pages/ |
40 KB 6 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ragnarlocker-ransomware-indicators-of-compromise-p2.position.json
s3.documentcloud.org/documents/21397387/pages/ |
50 KB 7 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored object| webpackJsonp object| app0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.www.documentcloud.org
fonts.googleapis.com
fonts.gstatic.com
s3.documentcloud.org
www.documentcloud.org
104.22.59.213
142.250.186.163
172.67.12.145
216.58.212.170
010ad13911bf890d31e8b10d477e7b1e39e8b279f6f50f70a17a328f4f7d172c
030b4ce51d224fbaa9b497aa6dfed078bba06b9bf7b542b3c5986b9425031501
2363775ae69c16cf10895c1f0ac1dc974e059403abd16796b9c63bd32bc0988d
345652d04b0cd81944366f23b5453c4e20ec6c9d4149ecd2d4f8a30072f2bbc5
3bb379fdcf4c98fef6f481c94200073325f3e0683903ef8dd97d9333ac71a2cd
4ca506e5801f97c3b387193f6091157b7c0b2a5d5509fc895f2281dad993bb0c
56c42e5445b8f4ef8f7876035a8a89fe89b199f3f9de3d7c78c38b655be56794
5a5a81752dd3fbc6e8b11b952274c15d6d717a8eec5b1e3141ec3b42caa36aef
5fb7559c328b3a8c24c24d98163c286052aafaea71120e54be7bc038fbd584ec
60f844258ce7a59f299ffa725a03f7867c9a59284169b69222e8b75537e655bb
6b59b5488ff9b6aee82915d273075c9300c31883fa811b1a6e35e636cbdcf922
7107b8b429062e910a69b194e7a38a196ccc1117282f8dc03333e22035e014f0
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
73777ca4890801aa9d1eb67e022c978be2332c5770151e69767f23423a83a8c6
7cf024a6ff4f21d09880a4fe1625ed53f65ea319bf0c5c934c8b916b8036b419
81e4bd6996ea6acb5014f13aaded14044284eaf5fca05ce749104f0248ac8fb2
84f8e9a668535fa4a77a84d9905392b3e4f874b780d4be84bc6399cc837d216c
964f619d79d4ebc1522aa1780158dfe8457d5db1cef4dcc8d3aa25a254b381ad
a7f40dc2f665e05b63e6f72452b2505df8acd101af44bdb94924c0c9c5884b05
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
d3818bcf5d2f5ca2249715a6354a878e8ca3bc008adb9b9bcd23faad82070982
dd982db1d3fe150b191ba7732d0555afc2d3687361903314e73168660607a769
f8ab490ec63c0809c2f95df93937fd393ea407afeef4b12b441dfdeec56a7cf3