urlscan.io logo urlscan.io
SecurityTrails logo

www.fortinet.com Open in urlscan Pro
2600:1f18:1492:1701:a964:c08d:f5eb:b0c  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Submission: On January 02 via api from DE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 74 IPs in 2 countries across 64 domains to perform 203 HTTP transactions. The main IP is 2600:1f18:1492:1701:a964:c08d:f5eb:b0c, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.fortinet.com. The Cisco Umbrella rank of the primary domain is 131506.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on July 16th 2024. Valid for: a year.
This is the only time www.fortinet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
22 2600:1f18:149... 14618 (AMAZON-AES)
10 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2602:816:5001... 54113 (FASTLY)
22 2600:1408:c40... 20940 (AKAMAI-AS...)
1 4 50.19.69.177 14618 (AMAZON-AES)
2 162.247.243.29 54113 (FASTLY)
1 52.5.74.153 14618 (AMAZON-AES)
1 1 34.216.201.179 16509 (AMAZON-02)
1 63.140.38.91 14618 (AMAZON-AES)
3 2600:9000:27c... 16509 (AMAZON-02)
3 2620:1ec:33:1... 8075 (MICROSOFT...)
9 2607:f8b0:400... 15169 (GOOGLE)
4 2600:9000:27c... 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
11 23.212.251.17 20940 (AKAMAI-AS...)
3 23.62.165.92 16625 (AKAMAI-AS)
2 35.245.15.98 396982 (GOOGLE-CL...)
2 70.42.32.159 22075 (AS-OUTBRAIN)
1 2600:1408:c40... 20940 (AKAMAI-AS...)
4 52.6.76.58 14618 (AMAZON-AES)
21 24 34.150.170.96 396982 (GOOGLE-CL...)
1 1 2600:9000:230... 16509 (AMAZON-02)
2 4 34.111.113.62 396982 (GOOGLE-CL...)
5 5 52.223.40.198 16509 (AMAZON-02)
1 69.194.240.13 26120 (RHYTHMONE)
1 2 35.71.139.29 16509 (AMAZON-02)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 1 3.167.112.115 16509 (AMAZON-02)
1 1 2600:9000:27c... 16509 (AMAZON-02)
1 2 2600:9000:247... 16509 (AMAZON-02)
1 8.28.7.83 62713 (AS-PUBMATIC)
1 63.251.28.210 26558 (FREEWHEEL)
2 3 2600:1901:0:8... 396982 (GOOGLE-CL...)
1 1 2001:4998:60:... 14196 (YAHOO-CHA)
2 3 2001:4998:60:... 14196 (YAHOO-CHA)
1 2 52.0.156.250 14618 (AMAZON-AES)
1 3.82.182.220 14618 (AMAZON-AES)
1 2 44.210.165.62 14618 (AMAZON-AES)
1 2 3.219.92.71 14618 (AMAZON-AES)
2 2 35.244.154.8 396982 (GOOGLE-CL...)
1 1 107.178.254.65 396982 (GOOGLE-CL...)
4 7 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 209.85.232.154 15169 (GOOGLE)
1 4 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
1 4 68.67.181.211 29990 (ASN-APPNEX)
1 69.173.151.100 26667 (RUBICONPR...)
1 2 35.244.159.8 396982 (GOOGLE-CL...)
3 3 172.217.222.156 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2400:52e0:1a0... 200325 (BunnyCDN ...)
4 2607:f8b0:400... 15169 (GOOGLE)
1 173.194.207.148 15169 (GOOGLE)
2 3.19.220.126 16509 (AMAZON-02)
2 99.83.231.3 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 52.32.164.86 16509 (AMAZON-02)
3 2620:1ec:bdf::40 8075 (MICROSOFT...)
1 216.200.232.253 30419 (PAEDAE-INC)
1 52.7.151.245 14618 (AMAZON-AES)
1 146.75.80.157 54113 (FASTLY)
2 2600:1408:c40... 20940 (AKAMAI-AS...)
6 3.224.175.245 14618 (AMAZON-AES)
1 2600:9000:219... 16509 (AMAZON-02)
1 2 209.85.201.148 15169 (GOOGLE)
2 2a03:2880:f00... 32934 (FACEBOOK)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 34.111.208.231 396982 (GOOGLE-CL...)
1 3.212.39.155 14618 (AMAZON-AES)
1 13.107.42.14 8068 (MICROSOFT...)
3 162.159.140.229 13335 (CLOUDFLAR...)
3 104.244.42.195 13414 (TWITTER)
1 63.140.39.35 14618 (AMAZON-AES)
1 3.232.142.145 14618 (AMAZON-AES)
2 2a03:2880:f10... 32934 (FACEBOOK)
1 2a04:4e42:400... 54113 (FASTLY)
2 44.226.187.177 16509 (AMAZON-02)
1 54.203.236.163 16509 (AMAZON-02)
2 52.32.231.34 16509 (AMAZON-02)
1 52.12.117.226 16509 (AMAZON-02)
1 52.10.121.135 16509 (AMAZON-02)
203 74
22    2600:1f18:1492:1701:a964:c08d:f5eb:b0c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
www.fortinet.com
10    2606:4700::6812:562a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
22    2600:1408:c400:195::1e80 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
assets.adobedtm.com
4    50.19.69.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-69-177.compute-1.amazonaws.com
dpm.demdex.net
2    162.247.243.29 (United States)

ASN54113 (FASTLY, US)
bam.nr-data.net
1    52.5.74.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-74-153.compute-1.amazonaws.com
fortinet.demdex.net
1    34.216.201.179 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-216-201-179.us-west-2.compute.amazonaws.com
cm.everesttech.net
1    63.140.38.91 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-91.data.adobedc.net
fortinet.tt.omtrdc.net
3    2600:9000:27c2:7000:a:6e64:b280:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.schemaapp.com
3    2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
9    2607:f8b0:400d:c09::61 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2600:9000:27c2:9800:1f:d9e6:d540:93a1 (United States)

ASN16509 (AMAZON-02, US)
data.schemaapp.com
4    2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
11    23.212.251.17 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-212-251-17.deploy.static.akamaitechnologies.com
j.6sc.co
c.6sc.co
b.6sc.co
3    23.62.165.92 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-165-92.deploy.static.akamaitechnologies.com
amplify.outbrain.com
wave.outbrain.com
2    35.245.15.98 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 98.15.245.35.bc.googleusercontent.com
tag.simpli.fi
i.simpli.fi
2    70.42.32.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
tr.outbrain.com
1    2600:1408:c400:d::17cd:6a49 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
ipv6.6sc.co
4    52.6.76.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-76-58.compute-1.amazonaws.com
api.schemaapp.com
24    34.150.170.96 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.170.150.34.bc.googleusercontent.com
um.simpli.fi
1    2600:9000:2305:5200:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
4    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
5    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
insight.adsrvr.org
1    69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
2    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
1    2600:1f18:612b:4280:9e87:de84:5a7a:fd90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
simplifi.partners.tremorhub.com
1    3.167.112.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-112-115.iad55.r.cloudfront.net
aa.agkn.com
1    2600:9000:27c5:be00:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)
d.agkn.com
2    2600:9000:2479:b200:1b:6b7d:2300:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync.intentiq.com
1    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    63.251.28.210 (Secaucus, United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
3    2600:1901:0:8eee:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
fei.pro-market.net
pbid.pro-market.net
1    2001:4998:60:807::2 (United States)

ASN14196 (YAHOO-CHA, US)
cms.analytics.yahoo.com
3    2001:4998:60:807::1 (United States)

ASN14196 (YAHOO-CHA, US)
ups.analytics.yahoo.com
2    52.0.156.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com
loadm.exelator.com
1    3.82.182.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-82-182-220.compute-1.amazonaws.com
sync.bfmio.com
2    44.210.165.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-210-165-62.compute-1.amazonaws.com
bcp.crwdcntrl.net
2    3.219.92.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-92-71.compute-1.amazonaws.com
ce.lijit.com
2    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
7    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    209.85.232.154 (United States)

ASN15169 (GOOGLE, US)
PTR: qt-in-f154.1e100.net
www.googleadservices.com
4    2607:f8b0:400d:c03::9a (Morganton, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
5    2607:f8b0:4004:c08::63 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google.com
4    68.67.181.211 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
3    172.217.222.156 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f156.1e100.net
cm.g.doubleclick.net
1    2607:f8b0:400d:c01::8b (Morganton, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2400:52e0:1a00::1207:2 (Chicago, United States)

ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI)
a.opmnstr.com
a.omappapi.com
4    2607:f8b0:4004:c1f::9d (Washington, United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
1    173.194.207.148 (United States)

ASN15169 (GOOGLE, US)
PTR: qk-in-f148.1e100.net
ad.doubleclick.net
2    3.19.220.126 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-19-220-126.us-east-2.compute.amazonaws.com
tracking.crazyegg.com
2    99.83.231.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: afe865822f884bb48.awsglobalaccelerator.com
epsilon.6sense.com
1    2606:4700::6812:209 (United States)

ASN13335 (CLOUDFLARENET, US)
api.omappapi.com
1    2606:4700::6812:1347 (United States)

ASN13335 (CLOUDFLARENET, US)
trk.techtarget.com
2    52.32.164.86 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-32-164-86.us-west-2.compute.amazonaws.com
abm-tracking.demandscience.com
3    2620:1ec:bdf::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
tmp.argusplatform.com
pixels.argusplatform.com
webtracker.argusplatform.com
1    216.200.232.253 (Frederick, United States)

ASN30419 (PAEDAE-INC, US)
pixel.mathtag.com
1    52.7.151.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-151-245.compute-1.amazonaws.com
dx.mountain.com
1    146.75.80.157 (United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    2600:1408:c400:5::17c7:3727 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
snap.licdn.com
6    3.224.175.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-175-245.compute-1.amazonaws.com
tags.srv.stackadapt.com
1    2600:9000:2191:6200:12:dfa9:e200:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.inzynk.io
2    209.85.201.148 (United States)

ASN15169 (GOOGLE, US)
PTR: qu-in-f148.1e100.net
10104846.fls.doubleclick.net
2    2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2606:4700:3030::ac43:a3ed (United States)

ASN13335 (CLOUDFLARENET, US)
siteimproveanalytics.com
2    34.111.208.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.208.111.34.bc.googleusercontent.com
ibc-flow.techtarget.com
1    3.212.39.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-39-155.compute-1.amazonaws.com
3.212.39.155
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
3    162.159.140.229 (None, )

ASN13335 (CLOUDFLARENET, US)
t.co
3    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    63.140.39.35 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-39-35.data.adobedc.net
metrics.fortinet.com
1    3.232.142.145 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-142-145.compute-1.amazonaws.com
6033413.global.siteimproveanalytics.io
2    2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    44.226.187.177 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-226-187-177.us-west-2.compute.amazonaws.com
intentstream.contanuity.com
1    54.203.236.163 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-203-236-163.us-west-2.compute.amazonaws.com
tracking.contanuity.com
2    52.32.231.34 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-32-231-34.us-west-2.compute.amazonaws.com
px.mountain.com
1    52.12.117.226 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-12-117-226.us-west-2.compute.amazonaws.com
gs.mountain.com
1    52.10.121.135 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-121-135.us-west-2.compute.amazonaws.com
px.steelhousemedia.com
Apex Domain
Subdomains		 Transfer
26 simpli.fi
tag.simpli.fi — Cisco Umbrella Rank: 5206
i.simpli.fi — Cisco Umbrella Rank: 4244
um.simpli.fi — Cisco Umbrella Rank: 878
15 KB
23 fortinet.com
www.fortinet.com — Cisco Umbrella Rank: 131506
metrics.fortinet.com — Cisco Umbrella Rank: 333438
1 MB
22 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 458
154 KB
14 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
cm.g.doubleclick.net — Cisco Umbrella Rank: 284
td.doubleclick.net — Cisco Umbrella Rank: 182
ad.doubleclick.net — Cisco Umbrella Rank: 145
10104846.fls.doubleclick.net — Cisco Umbrella Rank: 359212
9 KB
12 6sc.co
j.6sc.co — Cisco Umbrella Rank: 5557
c.6sc.co — Cisco Umbrella Rank: 6739
ipv6.6sc.co — Cisco Umbrella Rank: 5633
b.6sc.co — Cisco Umbrella Rank: 3603
22 KB
11 schemaapp.com
cdn.schemaapp.com — Cisco Umbrella Rank: 12171
data.schemaapp.com — Cisco Umbrella Rank: 17677
api.schemaapp.com — Cisco Umbrella Rank: 53746
30 KB
10 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 329
170 KB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
803 KB
8 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 333
www.linkedin.com — Cisco Umbrella Rank: 676
px4.ads.linkedin.com — Cisco Umbrella Rank: 7032
5 KB
6 stackadapt.com
tags.srv.stackadapt.com — Cisco Umbrella Rank: 2701
10 KB
6 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2604
tracking.crazyegg.com — Cisco Umbrella Rank: 4586
41 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 3
256 B
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 377
insight.adsrvr.org — Cisco Umbrella Rank: 960
3 KB
5 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 3405
wave.outbrain.com — Cisco Umbrella Rank: 4277
tr.outbrain.com — Cisco Umbrella Rank: 3357
10 KB
5 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 262
fortinet.demdex.net — Cisco Umbrella Rank: 372028
3 KB
4 mountain.com
dx.mountain.com — Cisco Umbrella Rank: 4508
px.mountain.com — Cisco Umbrella Rank: 4662
gs.mountain.com — Cisco Umbrella Rank: 9640
11 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 281
secure.adnxs.com — Cisco Umbrella Rank: 495
5 KB
4 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 2194
ups.analytics.yahoo.com — Cisco Umbrella Rank: 548
1 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 470
2 KB
3 contanuity.com
intentstream.contanuity.com — Cisco Umbrella Rank: 83039
tracking.contanuity.com — Cisco Umbrella Rank: 21082
1 KB
3 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 991
817 B
3 t.co
t.co — Cisco Umbrella Rank: 904
2 KB
3 argusplatform.com
tmp.argusplatform.com — Cisco Umbrella Rank: 354372
pixels.argusplatform.com — Cisco Umbrella Rank: 351979
webtracker.argusplatform.com — Cisco Umbrella Rank: 360991
4 KB
3 techtarget.com
trk.techtarget.com — Cisco Umbrella Rank: 27058
ibc-flow.techtarget.com — Cisco Umbrella Rank: 24542
2 KB
3 pro-market.net
fei.pro-market.net — Cisco Umbrella Rank: 2363
pbid.pro-market.net — Cisco Umbrella Rank: 9760
1 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 359
15 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
215 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
75 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 831
22 KB
2 demandscience.com
abm-tracking.demandscience.com — Cisco Umbrella Rank: 79324
3 KB
2 omappapi.com
a.omappapi.com — Cisco Umbrella Rank: 6331
api.omappapi.com — Cisco Umbrella Rank: 6333
3 KB
2 6sense.com
epsilon.6sense.com — Cisco Umbrella Rank: 29160
662 B
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 525
505 B
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 476
834 B
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 973
894 B
2 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1026
503 B
2 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 2185
2 KB
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1052
2 KB
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 550
d.agkn.com — Cisco Umbrella Rank: 758
1 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 429
970 B
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 265
966 B
1 steelhousemedia.com
px.steelhousemedia.com — Cisco Umbrella Rank: 13314
319 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
14 KB
1 siteimproveanalytics.io
6033413.global.siteimproveanalytics.io — Cisco Umbrella Rank: 344928
149 B
1 siteimproveanalytics.com
siteimproveanalytics.com — Cisco Umbrella Rank: 3815
12 KB
1 inzynk.io
tags.inzynk.io — Cisco Umbrella Rank: 217292
428 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 1016
16 KB
1 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 3693
712 B
1 opmnstr.com
a.opmnstr.com — Cisco Umbrella Rank: 31907
17 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 419
1 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 96
23 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 805
631 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1532
421 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 619
655 B
1 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 886
513 B
1 tremorhub.com
simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6784
175 B
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 513
99 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 574
528 B
1 omtrdc.net
fortinet.tt.omtrdc.net — Cisco Umbrella Rank: 346173
842 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1608
490 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 623
31 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 514
305 B
0 bluekai.com Failed
stags.bluekai.com Failed
203 64
Domain Requested by
24 um.simpli.fi 21 redirects
22 assets.adobedtm.com www.fortinet.com
22 www.fortinet.com www.fortinet.com
10 cdn.cookielaw.org www.fortinet.com
9 b.6sc.co
9 www.googletagmanager.com www.fortinet.com
www.googletagmanager.com
6 tags.srv.stackadapt.com www.fortinet.com
6 px.ads.linkedin.com 3 redirects www.fortinet.com
5 www.google.com www.googletagmanager.com
4 td.doubleclick.net www.fortinet.com
4 googleads.g.doubleclick.net 1 redirects www.fortinet.com
4 match.adsrvr.org 4 redirects
4 pixel.tapad.com 2 redirects
4 api.schemaapp.com www.fortinet.com
4 script.crazyegg.com www.fortinet.com
script.crazyegg.com
4 data.schemaapp.com www.fortinet.com
4 dpm.demdex.net 1 redirects www.fortinet.com
3 analytics.twitter.com
3 t.co
3 cm.g.doubleclick.net 3 redirects
3 ib.adnxs.com 1 redirects
3 ups.analytics.yahoo.com 2 redirects
3 bat.bing.com www.fortinet.com
3 cdn.schemaapp.com www.fortinet.com
2 px.mountain.com www.fortinet.com
2 intentstream.contanuity.com www.fortinet.com
2 www.facebook.com
2 ibc-flow.techtarget.com www.fortinet.com
2 connect.facebook.net www.fortinet.com
2 10104846.fls.doubleclick.net 1 redirects www.fortinet.com
2 snap.licdn.com www.fortinet.com
2 abm-tracking.demandscience.com www.fortinet.com
2 epsilon.6sense.com www.fortinet.com
2 tracking.crazyegg.com script.crazyegg.com
2 us-u.openx.net 1 redirects
2 idsync.rlcdn.com 2 redirects
2 ce.lijit.com 1 redirects
2 bcp.crwdcntrl.net 1 redirects
2 loadm.exelator.com 1 redirects
2 fei.pro-market.net 2 redirects
2 sync.intentiq.com 1 redirects
2 eb2.3lift.com 1 redirects
2 tr.outbrain.com www.fortinet.com
2 amplify.outbrain.com www.fortinet.com
2 bam.nr-data.net www.fortinet.com
1 insight.adsrvr.org 1 redirects
1 px.steelhousemedia.com
1 gs.mountain.com www.fortinet.com
1 webtracker.argusplatform.com www.fortinet.com
1 tracking.contanuity.com www.fortinet.com
1 cdn.jsdelivr.net www.fortinet.com
1 6033413.global.siteimproveanalytics.io
1 metrics.fortinet.com
1 pixels.argusplatform.com www.fortinet.com
1 px4.ads.linkedin.com
1 www.linkedin.com 1 redirects
1 siteimproveanalytics.com www.fortinet.com
1 secure.adnxs.com
1 tags.inzynk.io www.fortinet.com
1 static.ads-twitter.com www.fortinet.com
1 dx.mountain.com www.fortinet.com
1 pixel.mathtag.com www.fortinet.com
1 tmp.argusplatform.com www.fortinet.com
1 trk.techtarget.com www.fortinet.com
1 api.omappapi.com www.fortinet.com
1 a.omappapi.com www.fortinet.com
1 ad.doubleclick.net
1 a.opmnstr.com www.fortinet.com
1 www.google-analytics.com www.fortinet.com
1 pixel.rubiconproject.com
1 www.googleadservices.com 1 redirects
1 pippio.com 1 redirects
1 sync.bfmio.com
1 pbid.pro-market.net
1 cms.analytics.yahoo.com 1 redirects
1 ads.stickyadstv.com
1 image2.pubmatic.com
1 d.agkn.com 1 redirects
1 aa.agkn.com 1 redirects
1 simplifi.partners.tremorhub.com
1 sync.1rx.io
1 s.ad.smaato.net 1 redirects
1 ipv6.6sc.co www.fortinet.com
1 c.6sc.co www.fortinet.com
1 i.simpli.fi www.fortinet.com
1 wave.outbrain.com www.fortinet.com
1 tag.simpli.fi www.fortinet.com
1 j.6sc.co www.fortinet.com
1 fortinet.tt.omtrdc.net www.fortinet.com
1 cm.everesttech.net 1 redirects
1 fortinet.demdex.net www.fortinet.com
1 js-agent.newrelic.com www.fortinet.com
1 geolocation.onetrust.com www.fortinet.com
0 stags.bluekai.com Failed
203 94
Subject Issuer Validity Valid
*.fortinet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-16 -
2025-07-15		 a year crt.sh
cookielaw.org
WE1		 2024-12-09 -
2025-03-09		 3 months crt.sh
geolocation.onetrust.com
WE1		 2024-12-09 -
2025-03-09		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-03-21 -
2025-04-22		 a year crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-09 -
2025-08-09		 a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-25 -
2025-10-26		 a year crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-12 -
2025-08-12		 a year crt.sh
*.tt.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-26 -
2025-03-28		 a year crt.sh
cdn.schemaapp.com
Amazon RSA 2048 M03		 2024-11-27 -
2025-12-25		 a year crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 08		 2024-12-15 -
2025-06-13		 6 months crt.sh
*.google-analytics.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.schemaapp.com
Amazon RSA 2048 M02		 2024-08-20 -
2025-09-17		 a year crt.sh
script.crazyegg.com
E5		 2024-11-27 -
2025-02-25		 3 months crt.sh
6sc.co
R11		 2024-12-20 -
2025-03-20		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-12-09 -
2025-12-09		 a year crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-11-13 -
2025-12-14		 a year crt.sh
a.opmnstr.com
R10		 2024-12-19 -
2025-03-19		 3 months crt.sh
*.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.doubleclick.net
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
crazyegg.com
Amazon RSA 2048 M02		 2024-06-30 -
2025-07-30		 a year crt.sh
epsilon.6sense.com
Amazon RSA 2048 M02		 2024-10-02 -
2025-11-01		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
a.omappapi.com
R10		 2024-12-19 -
2025-03-19		 3 months crt.sh
omappapi.com
WE1		 2024-12-11 -
2025-03-11		 3 months crt.sh
trk.techtarget.com
WE1		 2024-11-18 -
2025-02-16		 3 months crt.sh
abm-tracking.demandscience.com
R11		 2024-12-12 -
2025-03-12		 3 months crt.sh
tmp.argusplatform.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-09-09 -
2025-03-09		 6 months crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-04-23 -
2025-04-30		 a year crt.sh
*.mountain.com
Go Daddy Secure Certificate Authority - G2		 2024-05-23 -
2025-06-24		 a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-25 -
2025-06-24		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2024-12-02 -
2025-12-01		 a year crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M03		 2024-08-09 -
2025-09-06		 a year crt.sh
*.inzynk.io
Amazon RSA 2048 M02		 2024-12-07 -
2026-01-05		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-10-11 -
2025-01-09		 3 months crt.sh
siteimproveanalytics.com
WE1		 2024-12-15 -
2025-03-15		 3 months crt.sh
ibc-flow.techtarget.com
WR3		 2024-12-20 -
2025-03-20		 3 months crt.sh
3.212.39.155
Sectigo RSA Domain Validation Secure Server CA		 2024-01-26 -
2025-02-15		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-10-14 -
2025-04-14		 6 months crt.sh
pixels.argusplatform.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-09-08 -
2025-03-08		 6 months crt.sh
t.co
E6		 2024-11-26 -
2025-02-24		 3 months crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-10-07 -
2025-10-06		 a year crt.sh
metrics.fortinet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-12-27 -
2026-01-27		 a year crt.sh
*.global.r1.siteimproveanalytics.io
Amazon RSA 2048 M02		 2024-09-02 -
2025-10-01		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
intentstream.contanuity.com
E5		 2024-12-15 -
2025-03-15		 3 months crt.sh
tracking.contanuity.com
R11		 2024-11-11 -
2025-02-09		 3 months crt.sh
webtracker.argusplatform.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-09-09 -
2025-03-09		 6 months crt.sh

This page contains 9 frames:

Primary Page: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Frame ID: 6B8272D964F67C7D91F38465069A74B9
Requests: 186 HTTP requests in this frame

Frame: https://fortinet.demdex.net/dest5.html?d_nsid=0
Frame ID: 8AB1F41C83D40BC50BC7EA8619B65CDF
Requests: 1 HTTP requests in this frame

Frame: https://script.crazyegg.com/pages/data-scripts/0117/0786/site/www.fortinet.com.json?t=1
Frame ID: 4F21347C1EE98617D945C5A2114F9C82
Requests: 3 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=10050195;npa=0;auiddc=603154757.1735806123;ps=1;pcor=2083632089;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1v9185241837za200zb893708426;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock
Frame ID: 1172EDA918363CBBC4A54E938778A705
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/609297413?random=1735806123222&cv=11&fst=1735806123222&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200zb893708426&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&hn=www.googleadservices.com&frm=0&tiba=Ransomware%20Roundup%20-%20Interlock%20%7C%20FortiGuard%20Labs&npa=0&pscdl=noapi&auid=603154757.1735806123&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view
Frame ID: 5CFAA5180B859CF09CFF04554B7D3502
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/662878185?random=1735806123286&cv=11&fst=1735806123286&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v887005625za200zb893708426&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&hn=www.googleadservices.com&frm=0&tiba=Ransomware%20Roundup%20-%20Interlock%20%7C%20FortiGuard%20Labs&npa=0&pscdl=noapi&auid=603154757.1735806123&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view
Frame ID: 197102200775519E75A6A908E6343C53
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/729495989?random=1735806123347&cv=11&fst=1735806123347&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200zb893708426&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&hn=www.googleadservices.com&frm=0&tiba=Ransomware%20Roundup%20-%20Interlock%20%7C%20FortiGuard%20Labs&npa=0&pscdl=noapi&auid=603154757.1735806123&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view
Frame ID: 9FC3C6EF1087F95DB304A5B9CDDF735E
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fwww.fortinet.com
Frame ID: 3E38683A2554DA0093A35A669B5628BE
Requests: 1 HTTP requests in this frame

Frame: https://10104846.fls.doubleclick.net/activityi;dc_pre=CMSPlNvN1ooDFaFlRwEdeZ8lew;src=10104846;type=sitew00;cat=sitew006;u3=https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6144490074789.548
Frame ID: ACBF5E02BE4EBD5EFACA5E3036609EEC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ransomware Roundup - Interlock | FortiGuard Labs

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc/designs/
  • /etc\.clientlibs/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • /fingerprintjs@(\d)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /(?:([\d.])+/)?highlight(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

203
Requests

86 %
HTTPS

40 %
IPv6

64
Domains

94
Subdomains

74
IPs

2
Countries

2930 kB
Transfer

6941 kB
Size

117
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39
  • https://cm.everesttech.net/cm/dd?d_uuid=19924528742698380773934052682728532721 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z3ZMqgAAAF05bAOF
Request Chain 96
  • https://um.simpli.fi/smaato HTTP 302
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=72DA43C5F49A43AAA30B11F1478DBA9E HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3372&partner_device_id=a06bf76061 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=e6e5e5e3-028b-4aef-9b59-a8816d1b0acc%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=e6e5e5e3-028b-4aef-9b59-a8816d1b0acc%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=544cab45-6d92-41cc-bdd8-9dc0b0aadec1&ttd_puid=e6e5e5e3-028b-4aef-9b59-a8816d1b0acc%2C%2C
Request Chain 97
  • https://um.simpli.fi/nexxen HTTP 302
  • https://sync.1rx.io/usersync/simplifi/72DA43C5F49A43AAA30B11F1478DBA9E
Request Chain 98
  • https://um.simpli.fi/triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7969&xuid=72DA43C5F49A43AAA30B11F1478DBA9E&dongle=yf3 HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=72DA43C5F49A43AAA30B11F1478DBA9E&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
Request Chain 99
  • https://um.simpli.fi/telaria_p HTTP 302
  • https://simplifi.partners.tremorhub.com/sync?UISF=72DA43C5F49A43AAA30B11F1478DBA9E
Request Chain 100
  • https://um.simpli.fi/tapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=72DA43C5F49A43AAA30B11F1478DBA9E HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=72DA43C5F49A43AAA30B11F1478DBA9E
Request Chain 101
  • https://um.simpli.fi/ad_advisor HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=72DA43C5F49A43AAA30B11F1478DBA9E HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1735806123235&ip=5.181.234.134&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D213180605115006894158 HTTP 302
  • https://um.simpli.fi/aa_px?sk=213180605115006894158 HTTP 302
  • https://um.simpli.fi/empty.gif
Request Chain 102
  • https://um.simpli.fi/intentiq HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=72DA43C5F49A43AAA30B11F1478DBA9E HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=72DA43C5F49A43AAA30B11F1478DBA9E&ckls=true&ci=q3LG07Lce7&nc=false&trid=-1208926803
Request Chain 103
  • https://um.simpli.fi/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:72DA43C5F49A43AAA30B11F1478DBA9E
Request Chain 104
  • https://um.simpli.fi/freewheel HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=72DA43C5F49A43AAA30B11F1478DBA9E
Request Chain 105
  • https://um.simpli.fi/dtnx HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=72DA43C5F49A43AAA30B11F1478DBA9E;mimetype=img; HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=72DA43C5F49A43AAA30B11F1478DBA9E;mimetype=img;sr HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=DATCS HTTP 302
  • https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS HTTP 302
  • https://pbid.pro-market.net/engine?du=81&mimetype=img&csync=y-50v70mVE2pRQofB8FpK1HnXZ1vAJitA25fA-~A
Request Chain 106
  • https://um.simpli.fi/exelatem HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=72DA43C5F49A43AAA30B11F1478DBA9E&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=72DA43C5F49A43AAA30B11F1478DBA9E&j=0&xl8blockcheck=1
Request Chain 107
  • https://um.simpli.fi/yahoo HTTP 302
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=72DA43C5F49A43AAA30B11F1478DBA9E HTTP 302
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=72DA43C5F49A43AAA30B11F1478DBA9E&verify=true
Request Chain 108
  • https://um.simpli.fi/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=141&uid=72DA43C5F49A43AAA30B11F1478DBA9E
Request Chain 109
  • https://um.simpli.fi/bluekai HTTP 302
  • https://stags.bluekai.com/site/29931?id=72DA43C5F49A43AAA30B11F1478DBA9E
Request Chain 110
  • https://um.simpli.fi/crwdcntrl HTTP 302
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=72DA43C5F49A43AAA30B11F1478DBA9E HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=72DA43C5F49A43AAA30B11F1478DBA9E
Request Chain 111
  • https://um.simpli.fi/lj_match HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=72DA43C5F49A43AAA30B11F1478DBA9E HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=72DA43C5F49A43AAA30B11F1478DBA9E&dnr=1
Request Chain 112
  • https://um.simpli.fi/liveramp_match HTTP 302
  • https://idsync.rlcdn.com/419566.gif?partner_uid=72DA43C5F49A43AAA30B11F1478DBA9E HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogNzJEQTQzQzVGNDlBNDNBQUEzMEIxMUYxNDc4REJBOUUQABoNCKuZ2bsGEgUI6AcQAEIASgA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=ff3a1eece8ef709ea65221ca05948be918162b56e99a9c7ec7a7ff0fe6c7e6ff791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=ff3a1eece8ef709ea65221ca05948be918162b56e99a9c7ec7a7ff0fe6c7e6ff791426b5417dce21&rand=08807367 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=ff3a1eece8ef709ea65221ca05948be918162b56e99a9c7ec7a7ff0fe6c7e6ff791426b5417dce21&rand=08807367&expected_cookie=9bdf403a-0664-403a-ab1c-dc800bd5b01b
Request Chain 113
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1735806122942&cv=7&fst=1735806122942&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1533130008&cv=7&fst=1735806122942&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkMmxAgjTxbEC&pscrd=IhMI6MX02s3WigMVkmFHAR2ssiLDMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhlodHRwczovL3d3dy5mb3J0aW5ldC5jb20v HTTP 302
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=1533130008&cv=7&fst=1735806122942&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkMmxAgjTxbEC&pscrd=IhMI6MX02s3WigMVkmFHAR2ssiLDMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhlodHRwczovL3d3dy5mb3J0aW5ldC5jb20v&is_vtc=1&cid=CAQSGwCa7L7dkWKiYjBkPAG_IrZwozeUaXJYaDaCWw&random=2679992745
Request Chain 115
  • https://um.simpli.fi/an HTTP 302
  • https://ib.adnxs.com/setuid?entity=66&code=72DA43C5F49A43AAA30B11F1478DBA9E HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D72DA43C5F49A43AAA30B11F1478DBA9E
Request Chain 116
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=72DA43C5F49A43AAA30B11F1478DBA9E&expires=365
Request Chain 117
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=72DA43C5F49A43AAA30B11F1478DBA9E HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=72DA43C5F49A43AAA30B11F1478DBA9E&cc=1
Request Chain 118
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP 302
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEE9XqtjsR7v4ZmDUryv8aKs&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=72DA43C5F49A43AAA30B11F1478DBA9E HTTP 302
  • https://um.simpli.fi/g_match?id=
Request Chain 154
  • https://10104846.fls.doubleclick.net/activityi;src=10104846;type=sitew00;cat=sitew006;u3=https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6144490074789.548 HTTP 302
  • https://10104846.fls.doubleclick.net/activityi;dc_pre=CMSPlNvN1ooDFaFlRwEdeZ8lew;src=10104846;type=sitew00;cat=sitew006;u3=https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6144490074789.548
Request Chain 165
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=7120%2C2159050%2C4628290%2C6313418&time=1735806123564&li_adsId=86366531-ceb5-4cdc-b9d1-f02f3964f5b9&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D7120%252C2159050%252C4628290%252C6313418%26time%3D1735806123564%26li_adsId%3D86366531-ceb5-4cdc-b9d1-f02f3964f5b9%26url%3Dhttps%253A%252F%252Fwww.fortinet.com%252Fblog%252Fthreat-research%252Fransomware-roundup-interlock%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=7120%2C2159050%2C4628290%2C6313418&time=1735806123564&li_adsId=86366531-ceb5-4cdc-b9d1-f02f3964f5b9&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=7120%2C2159050%2C4628290%2C6313418&time=1735806123564&li_adsId=86366531-ceb5-4cdc-b9d1-f02f3964f5b9&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&liSync=true&e_ipv6=AQID17C9Vb1EjgAAAZQmG39nRWsApSzxMWX0g6V3qdVqt28MKcbKGD1V-o9f33OZMl6wZ6TyhEtzApZaWzXMmOjimDQZvqw
Request Chain 190
  • https://match.prod.bidr.io/cookie-sync/contanuity?buyer_user_id=d6537317bffb3b903736e7239c156559_1735806123915 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/contanuity?buyer_user_id=d6537317bffb3b903736e7239c156559_1735806123915&_bee_ppp=1 HTTP 303
  • https://tracking.contanuity.com/usersync?bwcookie=AAN2JU7O7JkAABYVNwQl4w
Request Chain 197
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=a6d2c72d-c8e2-11ef-be12-d73037b54172&gdpr=&gdpr_consent= HTTP 302
  • https://px.steelhousemedia.com/tdsync?tdid=544cab45-6d92-41cc-bdd8-9dc0b0aadec1&shguid=a6d2c72d-c8e2-11ef-be12-d73037b54172
Request Chain 198
  • https://insight.adsrvr.org/track/evnt/?adv=6s0zaeu&ct=0:0bi0elf&fmt=3 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=544cab45-6d92-41cc-bdd8-9dc0b0aadec1&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=544cab45-6d92-41cc-bdd8-9dc0b0aadec1

203 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ransomware-roundup-interlock
www.fortinet.com/blog/threat-research/ 		118 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1701:a964:c08d:f5eb:b0c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
316dc0dd1bc490af87ed65b708d9db3ed050a99b787d8b53d52d5a044c35982f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Age
231064
Cache-Control
max-age=600, public, s-maxage=10800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
47196
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Content-Type
text/html;charset=utf-8
Date
Thu, 02 Jan 2025 08:18:54 GMT
ETag
"1d80c-62a7f0ed6379b-gzip"
Last-Modified
Mon, 30 Dec 2024 16:10:58 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
Via
1.1 b116c81094ffed72adb1e3039bf29020.cloudfront.net (CloudFront)
X-Amz-Cf-Id
3pSFlmAmnUPSPdn0KPcv6VvG1wKkANt31rXxKOjMLVnocdLNxyx3rA==
X-Amz-Cf-Pop
IAD61-P4
X-Cache
Hit from cloudfront
X-Content-Type-Options
nosniff
X-Dispatcher
dispatcher2uswest1-28559771
X-Frame-Options
SAMEORIGIN
X-Vhost
publish
X-XSS-Protection
1; mode=block
visitorapi.min.js
www.fortinet.com/etc/designs/fortinet/adb-target/ 		64 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fortinet.com/etc/designs/fortinet/adb-target/visitorapi.min.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1701:a964:c08d:f5eb:b0c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
0f03d4ff929986a3cde83681fd2560eae544f7138f59945ec6ec32c17800ca91
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock

Response headers

X-Vhost
publish
Content-Encoding
gzip
ETag
"fe2d-6117284c96900-gzip"
Age
397558
X-Content-Type-Options
nosniff
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
Nlnfvwk7EXDcMxCt0XFk0xvEtt_eXtWK7deLWW1mdv1AuX-ZXNWmww==
Date
Sat, 28 Dec 2024 17:56:04 GMT
Content-Type
application/javascript
Vary
Accept-Encoding
Last-Modified
Thu, 15 Feb 2024 21:43:32 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher2uswest1-28559771
Connection
keep-alive
Via
1.1 b116c81094ffed72adb1e3039bf29020.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
29532
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
at.js
www.fortinet.com/etc/designs/fortinet/adb-target/ 		104 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fortinet.com/etc/designs/fortinet/adb-target/at.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1701:a964:c08d:f5eb:b0c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
db058d72d7ba8ff6ed7209af23a4458c373cc78f72c81ec1df88bb5de72a0b0b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock

Response headers

X-Vhost
publish
Content-Encoding
gzip
ETag
"19e83-61431fc4b24c0-gzip"
Age
681669
X-Content-Type-Options
nosniff
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
7FkPzflNZUXQRxq3h2i_YaCL9zNhJEUI2AtK5YJ6Ktf0f26xFGNWrQ==
Date
Wed, 25 Dec 2024 11:00:53 GMT
Content-Type
application/javascript
Vary
Accept-Encoding
Last-Modified
Thu, 21 Mar 2024 20:59:39 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher1uswest1-28559594
Connection
keep-alive
Via
1.1 b116c81094ffed72adb1e3039bf29020.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
47782
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
clientlib-base.min.d0b2291cd651edeaadf8951c058d60ee.css
www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/ 		540 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/clientlib-base.min.d0b2291cd651edeaadf8951c058d60ee.css
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1701:a964:c08d:f5eb:b0c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
4c6cebf9cc5e5728a34cee8db8ea092a04a3cad1524fa006ec778b389e68ac11
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock

Response headers

X-Vhost
publish
Content-Encoding
gzip
ETag
"86e7d-62919e0efd840-gzip"
Age
1761565
X-Content-Type-Options
nosniff
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
sygRwcc-7OVLDY4oKtr9tfc5ZqVrvNMgsQl_NcnovOoSl8nfpZ9Reg==
Date
Thu, 02 Jan 2025 08:18:54 GMT
Content-Type
text/css;charset=utf-8
Last-Modified
Thu, 12 Dec 2024 22:03:05 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher2uswest1-28559771
Connection
keep-alive
Via
1.1 b116c81094ffed72adb1e3039bf29020.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
27503
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50d93a2c186cbd1032ed973e133713a6dfbbd5f7fba4fb89069350f228ce4d81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

content-md5
UzmBk0Ra4K9he+CwjGKb/g==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DD1DE4B7A34202
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
77888
x-content-type-options
nosniff
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/javascript
last-modified
Mon, 16 Dec 2024 15:17:12 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
1138e44e-a01e-0067-6135-50202d000000
cf-ray
8fb956c7ae6142e4-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
7211
x-ms-blob-type
BlockBlob
server
cloudflare
fortinet-logo-white.svg
www.fortinet.com/content/dam/fortinet-blog/ 		32 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fortinet.com/content/dam/fortinet-blog/fortinet-logo-white.svg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1701:a964:c08d:f5eb:b0c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
d2afd46ac58cd7e89b3fdfd790300d69034e94151ed45acf83d7b6d5dccfdb17
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock

Response headers

X-Vhost
publish
Content-Encoding
gzip
ETag
"7ebb-565d53a1d6e40-gzip"
Age
43010441
X-Content-Type-Options
nosniff
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
5kNWGNOnJTBnQIHuIRSUEQABziPSTC_LFuI_fb4KJHg1kV31WMrt-A==
Date
Thu, 02 Jan 2025 08:18:54 GMT
Content-Type
image/svg+xml
Content-Disposition
attachment; filename="fortinet-logo-white.svg"
Vary
Accept-Encoding
Last-Modified
Thu, 22 Feb 2018 23:16:01 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher2uswest1-28559771
Connection
keep-alive
Via
1.1 d0c7523233c2ce4a1a420cfda612235a.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
1998
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
toc-icon.jpg
www.fortinet.com/content/dam/fortinet/images/ 		1 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fortinet.com/content/dam/fortinet/images/toc-icon.jpg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1701:a964:c08d:f5eb:b0c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
370df1cc8999c1e03fc1c5f7ced35334513d19233d1fc79d2c1c7f711361565d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock

Response headers

X-Vhost
publish
ETag
"4fd-60a2031eb4f40"
Age
35822858
X-Content-Type-Options
nosniff
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
AE_XRlJIimRZWcuRrj4QpV3oOdETaiC7iS1pi1gJ0UtRTARGUzRYMA==
Date
Thu, 02 Jan 2025 08:18:54 GMT
Content-Type
image/jpeg
Last-Modified
Tue, 14 Nov 2023 17:34:13 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher2uswest1-28559771
Connection
keep-alive
Via
1.1 b116c81094ffed72adb1e3039bf29020.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
1277
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
clientlib-base.min.ba4f082a77dabb2c6baf715d9eb61c22.js
www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/ 		160 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/clientlib-base.min.ba4f082a77dabb2c6baf715d9eb61c22.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1701:a964:c08d:f5eb:b0c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
7b1e74dd6970b56853dfd79e59ba73315051b0c59a69c6a9fd87e515650fdc80
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock

Response headers

X-Vhost
publish
Content-Encoding
gzip
ETag
"28100-61cff12ce1d80-gzip"
Age
5388299
X-Content-Type-Options
nosniff
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
krL7PeG2CLIdhHpGc_geKL8wRWJ55jPJ7-0hQFnfJmiGQadyVVVvTw==
Date
Thu, 02 Jan 2025 08:18:54 GMT
Content-Type
application/javascript;charset=utf-8
Vary
Accept-Encoding
Last-Modified
Thu, 11 Jul 2024 21:01:58 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher2uswest1-28559771
Connection
keep-alive
Via
1.1 b116c81094ffed72adb1e3039bf29020.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
74768
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
f85f39fc-d7aa-467a-b762-fbb722748016.json
cdn.cookielaw.org/consent/f85f39fc-d7aa-467a-b762-fbb722748016/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/f85f39fc-d7aa-467a-b762-fbb722748016/f85f39fc-d7aa-467a-b762-fbb722748016.json
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21994b28ae9425b76c8a8dec4ad36df0a0f603c9a53db34dc74e59cf9a0639b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

content-md5
zdgH+rK6XGzrBwTKi8eOeA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DD1BA4717C9D65
age
48975
x-ms-lease-status
unlocked
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Fri, 03 Jan 2025 08:22:02 GMT
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/json
last-modified
Fri, 13 Dec 2024 18:32:04 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
acb53048-701e-0021-698d-4dfebb000000
cf-ray
8fb956c83c724398-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
1821
x-ms-blob-type
BlockBlob
server
cloudflare
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b4c9abcf01dcf74e0adf075ff4d47464c62c84307ae5ebd115d45da70e6443d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
rrinterlock-hero.jpg
www.fortinet.com/content/dam/fortinet-blog/article-heros/ 		98 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fortinet.com/content/dam/fortinet-blog/article-heros/rrinterlock-hero.jpg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1701:a964:c08d:f5eb:b0c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
256d602c23fe14a0d4a16dee290057bd3c857ebb06bf59f6c465135c0a6bcf38
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock

Response headers

X-Vhost
publish
ETag
"18898-627d988eec5c0"
Age
2917189
X-Content-Type-Options
nosniff
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
sYlNKb-krkolZMVPJW2rWsyZiBwHlWwa_A-iJtsq6UK2fxjhDFiahA==
Date
Thu, 02 Jan 2025 08:18:54 GMT
Content-Type
image/jpeg
Last-Modified
Tue, 26 Nov 2024 23:51:59 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher2uswest1-28559771
Connection
keep-alive
Via
1.1 b116c81094ffed72adb1e3039bf29020.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
100504
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
kaganohitobito-thumbnail.png.thumb.319.319.png
www.fortinet.com/content/dam/fortinet-blog/article-heros/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fortinet.com/content/dam/fortinet-blog/article-heros/kaganohitobito-thumbnail.png.thumb.319.319.png
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1701:a964:c08d:f5eb:b0c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
65ddeaaa804b7e4d0a498ff9172dbc340cd3c9a12ac190090e2a1d018e545d98
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock

Response headers

X-Vhost
publish
ETag
"ca51-616cb3190a880"
Age
119725
X-Content-Type-Options
nosniff
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
FpxJwGWsI7r8_er3xAc0jUkIHc7H23HMkPkXfXLCtgFcs4jUzcwqLw==
Date
Tue, 31 Dec 2024 23:06:37 GMT
Content-Type
image/png
Last-Modified
Tue, 23 Apr 2024 22:37:06 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher1uswest1-28559594
Connection
keep-alive
Via
1.1 b116c81094ffed72adb1e3039bf29020.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
51793
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
rr-world-thumbnail.png.thumb.319.319.png
www.fortinet.com/content/dam/fortinet-blog/article-heros/ 		44 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fortinet.com/content/dam/fortinet-blog/article-heros/rr-world-thumbnail.png.thumb.319.319.png
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1701:a964:c08d:f5eb:b0c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
8087b5e7ba1613a35364e63a6458e840fc5ab7f30afd7d2e3026724d15b02a5a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock

Response headers

X-Vhost
publish
ETag
"b15c-61381879a28c0"
Age
17627196
X-Content-Type-Options
nosniff
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
eAV45yjfbMMGOKHUH5I_BWb2p1gexzZjZakeayrbD533rErtBmGWDA==
Date
Thu, 02 Jan 2025 08:18:54 GMT
Content-Type
image/png
Last-Modified
Wed, 13 Mar 2024 02:28:27 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher2uswest1-28559771
Connection
keep-alive
Via
1.1 b116c81094ffed72adb1e3039bf29020.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
45404
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
ransomware-roundup-thumb.jpg.thumb.319.319.png
www.fortinet.com/content/dam/fortinet-blog/article-images/ 		142 KB
144 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fortinet.com/content/dam/fortinet-blog/article-images/ransomware-roundup-thumb.jpg.thumb.319.319.png
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1701:a964:c08d:f5eb:b0c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
727d19bf895438013bb188825e546dd6e61f80c2a4ea8e7b6e978b96bab546f4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock

Response headers

X-Vhost
publish
ETag
"23995-5e41c8188d9c0"
Age
119725
X-Content-Type-Options
nosniff
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
zYCibyhmrcyuDTeEQAZ9o0evwgN2DqsUrxqDQZroRVEFxxvYTdUlnw==
Date
Tue, 31 Dec 2024 23:06:37 GMT
Content-Type
image/png
Last-Modified
Mon, 18 Jul 2022 23:12:47 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher1uswest1-28559594
Connection
keep-alive
Via
1.1 d0c7523233c2ce4a1a420cfda612235a.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
145813
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
www.fortinet.com/etc/designs/fortinet/gfonts/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.fortinet.com/etc/designs/fortinet/gfonts/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/clientlib-base.min.d0b2291cd651edeaadf8951c058d60ee.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1701:a964:c08d:f5eb:b0c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.fortinet.com
Referer
https://www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/clientlib-base.min.d0b2291cd651edeaadf8951c058d60ee.css

Response headers

X-Vhost
publish
ETag
"9354-5df4fa74ff980"
Age
1910890
X-Content-Type-Options
nosniff
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
IsArGbXiu5KBMm7RqRqRRqwv416RHns9G_ivB8nIY1onJgfbNe8j6g==
Date
Wed, 11 Dec 2024 05:33:52 GMT
Content-Type
application/octet-stream
Last-Modified
Wed, 18 May 2022 21:08:06 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=2000000, public
X-Dispatcher
dispatcher2uswest1-28559771
Connection
keep-alive
Via
1.1 b116c81094ffed72adb1e3039bf29020.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
37716
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		69 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59e58524340cd7ad353be010374b124c242fdde10a0ed41047fe2fd4bb9e5a2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json
Referer
https://www.fortinet.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
access-control-allow-methods
GET, OPTIONS
cf-ray
8fb956c8ecad4340-EWR
access-control-allow-origin
*
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Content-Type
fig01-interlock-ransomware.jpeg
www.fortinet.com/blog/threat-research/ransomware-roundup-interlock/_jcr_content/root/responsivegrid/table_content/par/image.img.jpeg/1732664066821/ 		67 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock/_jcr_content/root/responsivegrid/table_content/par/image.img.jpeg/1732664066821/fig01-interlock-ransomware.jpeg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1701:a964:c08d:f5eb:b0c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
02ba77fbd3f91a30e62fed244be29b9c0b317e82d227e95d62146d6efd7d7031
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock

Response headers

X-Vhost
publish
ETag
"10dd7-627d94a2b4480"
Age
2917186
X-Content-Type-Options
nosniff
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
MWviXe6gKIBXFWMcWfL7bwMzCwQleoCxry8aCpYIT9gUgKa3bhPxHQ==
Date
Thu, 02 Jan 2025 08:18:54 GMT
Content-Type
image/jpeg
Last-Modified
Tue, 26 Nov 2024 23:34:26 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher2uswest1-28559771
Connection
keep-alive
Via
1.1 b116c81094ffed72adb1e3039bf29020.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
69079
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
fig02-interlock-ransomware.jpeg
www.fortinet.com/blog/threat-research/ransomware-roundup-interlock/_jcr_content/root/responsivegrid/table_content/par/image_2022467962.img.jpeg/1732664092965/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock/_jcr_content/root/responsivegrid/table_content/par/image_2022467962.img.jpeg/1732664092965/fig02-interlock-ransomware.jpeg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1701:a964:c08d:f5eb:b0c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
66c08f23be2d3db3fd0c11954ec4fea3aef2e94c93078ce9c09cad2880092667
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock

Response headers

X-Vhost
publish
ETag
"9a8d-627d94bb7ff00"
Age
2917186
X-Content-Type-Options
nosniff
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
bAiSKmlONXBn2LzB-lEVddJYVyZruYfq2su_2L8TQjhEgovhNBWAmQ==
Date
Thu, 02 Jan 2025 08:18:54 GMT
Content-Type
image/jpeg
Last-Modified
Tue, 26 Nov 2024 23:34:52 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher2uswest1-28559771
Connection
keep-alive
Via
1.1 b116c81094ffed72adb1e3039bf29020.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
39565
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202312.1.0/ 		428 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202312.1.0/otBannerSdk.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df54c069da584ec929d42161c8fd19e74c7f408d70e6e7e0f8d27cc9c02a0ad9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

content-md5
omr+ywUvfLiKRTWN9kGq4A==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCA5D5D2845E0F
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
71602
x-content-type-options
nosniff
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/javascript
last-modified
Tue, 16 Jul 2024 20:28:15 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
20233e17-b01e-0096-619d-43f1be000000
cf-ray
8fb956c95f9242e4-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
106367
x-ms-blob-type
BlockBlob
server
cloudflare
fig03-interlock-ransomware.jpeg
www.fortinet.com/blog/threat-research/ransomware-roundup-interlock/_jcr_content/root/responsivegrid/table_content/par/image_1481663971.img.jpeg/1732664188833/ 		181 KB
182 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock/_jcr_content/root/responsivegrid/table_content/par/image_1481663971.img.jpeg/1732664188833/fig03-interlock-ransomware.jpeg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1701:a964:c08d:f5eb:b0c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
487d6df3d178ff5ddbfffb18459379f3e9453b005b55f5541dcac359a1f10a77
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock

Response headers

X-Vhost
publish
ETag
"2d3f2-627d95170d700"
Age
2917186
X-Content-Type-Options
nosniff
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
GM-mznT_rW0SaTH012vX15N2PDVbx-j0znQzpwEemCX2VApv552cIg==
Date
Thu, 02 Jan 2025 08:18:54 GMT
Content-Type
image/jpeg
Last-Modified
Tue, 26 Nov 2024 23:36:28 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher2uswest1-28559771
Connection
keep-alive
Via
1.1 b116c81094ffed72adb1e3039bf29020.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
185330
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
fig04-interlock-ransomware.jpeg
www.fortinet.com/blog/threat-research/ransomware-roundup-interlock/_jcr_content/root/responsivegrid/table_content/par/image_1853034052.img.jpeg/1732664257546/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock/_jcr_content/root/responsivegrid/table_content/par/image_1853034052.img.jpeg/1732664257546/fig04-interlock-ransomware.jpeg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1701:a964:c08d:f5eb:b0c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
880631c2114729d56e5ea5eb3a35b85b47cecfbca7f63bf0d88ab9d68563ccc8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock

Response headers

X-Vhost
publish
ETag
"3eef-627d9558db240"
Age
2917187
X-Content-Type-Options
nosniff
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
7yu07fvSj7tiG3KAmOMmgGawy0-disuajTXelJU_Z3JrsYvuYSKEBQ==
Date
Thu, 02 Jan 2025 08:18:55 GMT
Content-Type
image/jpeg
Last-Modified
Tue, 26 Nov 2024 23:37:37 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher2uswest1-28559771
Connection
keep-alive
Via
1.1 b116c81094ffed72adb1e3039bf29020.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
16111
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
fig05-interlock-ransomware.jpeg
www.fortinet.com/blog/threat-research/ransomware-roundup-interlock/_jcr_content/root/responsivegrid/table_content/par/image_149681983.img.jpeg/1732664443312/ 		77 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock/_jcr_content/root/responsivegrid/table_content/par/image_149681983.img.jpeg/1732664443312/fig05-interlock-ransomware.jpeg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1701:a964:c08d:f5eb:b0c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
4daecf9b36d5b73e88b2bc1b591f04c02430d16fd4b413304cf4b4fb4e158438
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock

Response headers

X-Vhost
publish
ETag
"134d8-627d960a3d4c0"
Age
2917187
X-Content-Type-Options
nosniff
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
-5e3jpI77LMc-WjOX4VxL07GfF-Mgan4rcCpCpqXHEdBzebG1PJUsg==
Date
Thu, 02 Jan 2025 08:18:55 GMT
Content-Type
image/jpeg
Last-Modified
Tue, 26 Nov 2024 23:40:43 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher2uswest1-28559771
Connection
keep-alive
Via
1.1 82caf3289f68886de3a67a0f5dcf96c8.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
79064
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
fig06-interlock-ransomware.jpeg
www.fortinet.com/blog/threat-research/ransomware-roundup-interlock/_jcr_content/root/responsivegrid/table_content/par/image_480883156.img.jpeg/1732664492802/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock/_jcr_content/root/responsivegrid/table_content/par/image_480883156.img.jpeg/1732664492802/fig06-interlock-ransomware.jpeg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1701:a964:c08d:f5eb:b0c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
7fea0baaa04828601665ffcf851fa847b33b7d49378c20df51fd23d1f89c671e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock

Response headers

X-Vhost
publish
ETag
"10f1b-627d9638f8300"
Age
2917186
X-Content-Type-Options
nosniff
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
4c6mzy1tQNvUtA7cV2UCGH0bOCywir8eDSJfJxSD6uid8rKbU0XkHA==
Date
Thu, 02 Jan 2025 08:18:55 GMT
Content-Type
image/jpeg
Last-Modified
Tue, 26 Nov 2024 23:41:32 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher2uswest1-28559771
Connection
keep-alive
Via
1.1 b116c81094ffed72adb1e3039bf29020.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
69403
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
fig07-interlock-ransomware.jpeg
www.fortinet.com/blog/threat-research/ransomware-roundup-interlock/_jcr_content/root/responsivegrid/table_content/par/image_1049324648.img.jpeg/1732664542434/ 		158 KB
160 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock/_jcr_content/root/responsivegrid/table_content/par/image_1049324648.img.jpeg/1732664542434/fig07-interlock-ransomware.jpeg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1701:a964:c08d:f5eb:b0c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
9d31c8a9367636b711bf869cfb8ee766822b554e4775ae12ca36437e93948e70
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock

Response headers

X-Vhost
publish
ETag
"278c0-627d9668a7380"
Age
2917187
X-Content-Type-Options
nosniff
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
LjWJjyFFrdhqIJdHC90-c9g82F2V9wCIcEsSsKvr1RY0838dyVeMJg==
Date
Thu, 02 Jan 2025 08:18:55 GMT
Content-Type
image/jpeg
Last-Modified
Tue, 26 Nov 2024 23:42:22 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher2uswest1-28559771
Connection
keep-alive
Via
1.1 b116c81094ffed72adb1e3039bf29020.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
161984
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
fig08-interlock-ransomware.jpeg
www.fortinet.com/blog/threat-research/ransomware-roundup-interlock/_jcr_content/root/responsivegrid/table_content/par/image_90586925.img.jpeg/1732664570682/ 		143 KB
144 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock/_jcr_content/root/responsivegrid/table_content/par/image_90586925.img.jpeg/1732664570682/fig08-interlock-ransomware.jpeg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1701:a964:c08d:f5eb:b0c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
df090cf74fc9677a1c0cae85bbcfc53ede82c4376ff47ed9f99bb76618471854
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock

Response headers

X-Vhost
publish
ETag
"23ae7-627d96835b280"
Age
2917187
X-Content-Type-Options
nosniff
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
qnPne1j64HPUJTHYo7mlaHalZaJqmjOgatr355Qy4dSi5p6gm3mArA==
Date
Thu, 02 Jan 2025 08:18:55 GMT
Content-Type
image/jpeg
Last-Modified
Tue, 26 Nov 2024 23:42:50 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher2uswest1-28559771
Connection
keep-alive
Via
1.1 49f314378e697e1d81814f43e4cc289a.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
146151
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
fig09-interlock-ransonware.jpeg
www.fortinet.com/blog/threat-research/ransomware-roundup-interlock/_jcr_content/root/responsivegrid/table_content/par/image_1963339114.img.jpeg/1732664603776/ 		55 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock/_jcr_content/root/responsivegrid/table_content/par/image_1963339114.img.jpeg/1732664603776/fig09-interlock-ransonware.jpeg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1701:a964:c08d:f5eb:b0c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
5f2dcdfbbf1fd969347ff61e05292ef288acfa7ee5ddc9a26365a6ec290f0783
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock

Response headers

X-Vhost
publish
ETag
"dcb6-627d96a2d3cc0"
Age
2917187
X-Content-Type-Options
nosniff
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
n9FpZexk9JXnsXT_CCiVI6oI_5EiBe06DOLwh7OdntqMIYtkMoXTJg==
Date
Thu, 02 Jan 2025 08:18:55 GMT
Content-Type
image/jpeg
Last-Modified
Tue, 26 Nov 2024 23:43:23 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=684000, public
X-Dispatcher
dispatcher2uswest1-28559771
Connection
keep-alive
Via
1.1 b116c81094ffed72adb1e3039bf29020.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
56502
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
en.json
cdn.cookielaw.org/consent/f85f39fc-d7aa-467a-b762-fbb722748016/0193b7e6-a712-7044-8e61-d32cfc1db10d/ 		167 KB
30 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/f85f39fc-d7aa-467a-b762-fbb722748016/0193b7e6-a712-7044-8e61-d32cfc1db10d/en.json
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bf087f4d45f3e41ae521bb801a9bd6d7da99f9038483ac6e5fbb7f5936c6f2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

content-md5
RGSrSsNRxkgLSkJv4FFdiQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DD1BA47448EF1F
age
48972
x-ms-lease-status
unlocked
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Fri, 03 Jan 2025 08:22:02 GMT
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/json
last-modified
Fri, 13 Dec 2024 18:32:09 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
19033b0c-601e-001c-578d-4d4b9d000000
cf-ray
8fb956c9ad5a4398-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
30240
x-ms-blob-type
BlockBlob
server
cloudflare
otFlat.json
cdn.cookielaw.org/scripttemplates/202312.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202312.1.0/assets/otFlat.json
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

content-md5
ARQEKEIm6vQ/N3KyvZ+N6w==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCA5D5CD8448A5
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
48972
x-content-type-options
nosniff
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/json
last-modified
Tue, 16 Jul 2024 20:28:07 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
2cfd7bcf-e01e-00ac-798d-4db21d000000
cf-ray
8fb956ca1db24398-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
3017
x-ms-blob-type
BlockBlob
server
cloudflare
otPcTab.json
cdn.cookielaw.org/scripttemplates/202312.1.0/assets/v2/ 		63 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202312.1.0/assets/v2/otPcTab.json
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bc6a125d698416498cdf5ef60cd959aef01db95a6e3e0d74a95f9b6d3d78feb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

content-md5
d/OMDt25lBl+23GhDCHwSg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCA5D5CF00B170
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
70898
x-content-type-options
nosniff
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/json
last-modified
Tue, 16 Jul 2024 20:28:09 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
ea7be340-801e-003f-4160-572456000000
cf-ray
8fb956ca1db54398-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
13588
x-ms-blob-type
BlockBlob
server
cloudflare
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202312.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202312.1.0/assets/otCommonStyles.css
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

content-md5
c7xAZ9MSGAobGaTYg/Qtag==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
48972
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
text/css
last-modified
Tue, 16 Jul 2024 20:28:20 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
2b3253c6-601e-00f2-608d-4d411e000000
cf-ray
8fb956ca1db84398-EWR
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
nr-spa-1.266.0.min.js
js-agent.newrelic.com/ 		108 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1.266.0.min.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2602:816:5001::39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2466cad59509908859124f92c1d9a358117a2e9231859ab82c854d986af17510
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.fortinet.com
Referer
https://www.fortinet.com/

Response headers

strict-transport-security
max-age=300
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding
br
etag
"ad3dba456087d08c6f96b0af1901f44c"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
31930
date
Thu, 02 Jan 2025 08:22:02 GMT
last-modified
Tue, 17 Sep 2024 14:19:27 GMT
content-type
application/javascript
x-served-by
cache-lga21969-LGA
x-cache-hits
63
vary
Accept-Encoding
favicon.ico
www.fortinet.com/etc/designs/fortinet-blog/ 		318 B
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.fortinet.com/etc/designs/fortinet-blog/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:1492:1701:a964:c08d:f5eb:b0c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
d18b3c9feb76c3c1cfdcc51c732f113327e3c33fb3f63b479951f7da6ed1216f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock

Response headers

X-Vhost
publish
Content-Encoding
gzip
ETag
"13e-565c628eb6a00-gzip"
Age
532138
X-Content-Type-Options
nosniff
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
uFrKsEalyWi-ZMYqYWX2vAEjs1Q7Acm3HzVFdapVl6dLGlXgwq34sg==
Date
Fri, 27 Dec 2024 04:33:04 GMT
Content-Type
image/vnd.microsoft.icon
Last-Modified
Thu, 22 Feb 2018 05:17:28 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' https://www.fortinet.com
Cache-Control
max-age=2000000, public
X-Dispatcher
dispatcher2uswest1-28559771
Connection
keep-alive
Via
1.1 49f314378e697e1d81814f43e4cc289a.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
133
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
IAD61-P4
Server
Apache
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
495 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

content-md5
tXyZydHjxQshFMbbBT1/8A==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
48966
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
image/svg+xml
last-modified
Mon, 16 Dec 2024 15:17:14 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
19e3bfb7-d01e-0101-1ae8-4fd422000000
cf-ray
8fb956ca6dfc4398-EWR
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
assets.adobedtm.com/ 		510 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:195::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
83907c62882697715ee37010dfdbba0d612b17e9ce5291b87785b2ea6fd9bb2c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
max-age=3600
timing-allow-origin
*
content-encoding
gzip
etag
"ba5f8b7b94dc36430764ed4136164147:1735691336.864648"
x-content-type-options
nosniff
expires
Thu, 02 Jan 2025 09:22:02 GMT
accept-ranges
bytes
access-control-allow-origin
https://www.fortinet.com
content-length
125959
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/x-javascript
last-modified
Wed, 01 Jan 2025 00:28:57 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
ftnt_logo.png
cdn.cookielaw.org/logos/40ea360a-b28c-4701-978f-f497ebbef386/8f15a333-e829-4652-85c8-1bcbed52f0ab/9c802c60-54df-494f-a9dc-b58b77bfe9c0/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/40ea360a-b28c-4701-978f-f497ebbef386/8f15a333-e829-4652-85c8-1bcbed52f0ab/9c802c60-54df-494f-a9dc-b58b77bfe9c0/ftnt_logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b0a6a5f0ee45c837fcd1a12a51effd4d94cacc135ce756d51a5709d9ca6ec78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

content-md5
nqrv9bIB1vDFQ7wAsIm2RA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8D8A2C002351218
age
22870
cf-cache-status
HIT
x-content-type-options
nosniff
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
image/png
last-modified
Thu, 17 Dec 2020 19:14:42 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
eaf69bb8-801e-0088-4873-79dc8a000000
cf-ray
8fb956ca785e42e4-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
2306
x-ms-blob-type
BlockBlob
server
cloudflare
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

content-md5
Y+c301RBZNK39PvKQWrIBw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
85156
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
image/svg+xml
last-modified
Mon, 16 Dec 2024 15:17:15 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
c4daff21-f01e-003b-2210-57d1d4000000
cf-ray
8fb956ca785f42e4-EWR
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
id
dpm.demdex.net/ 		367 B
915 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=ED8739F75677FE917F000101%40AdobeOrg&d_nsid=0&ts=1735806122640
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.19.69.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-69-177.compute-1.amazonaws.com
Software
/
Resource Hash
e45ed0724a5542eadff09cd5c34bf407f60e160c97cb86a7e635495a7cfaf5ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.fortinet.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs
dcs-prod-va6-1-v068-0d904ff50.edge-va6.demdex.com 3 ms
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
x-tid
KvsYsTdjShk=
expires
Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin
https://www.fortinet.com
content-length
310
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/json;charset=utf-8
vary
Origin
NRJS-5566e73879405a23f6d
bam.nr-data.net/1/ 		188 B
630 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/NRJS-5566e73879405a23f6d?a=1386204789&sa=1&v=1.266.0&t=Unnamed%20Transaction&rst=662&ck=0&s=f454af5a8d179db5&ref=https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock&ptid=82f0cad3b9938668&af=err,spa,xhr,stn,ins&be=55&fe=516&dc=371&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1735806122018,%22n%22:0,%22f%22:1,%22dn%22:2,%22dne%22:2,%22c%22:2,%22s%22:10,%22ce%22:32,%22rq%22:32,%22rp%22:55,%22rpe%22:82,%22di%22:421,%22ds%22:421,%22de%22:426,%22dc%22:569,%22l%22:569,%22le%22:571%7D,%22navigation%22:%7B%7D%7D
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f71b582cc6fac6e9e34fd669570bac2013e64779441c651b94d20fdabed8f120

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.fortinet.com/

Response headers

access-control-expose-headers
Date
timing-allow-origin
https://www.fortinet.com
Connection
keep-alive
cross-origin-resource-policy
cross-origin
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials
true
access-control-allow-origin
https://www.fortinet.com
Content-Length
188
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
text/plain
x-served-by
cache-lga21983-LGA
dest5.html
fortinet.demdex.net/ Frame 8AB1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://fortinet.demdex.net/dest5.html?d_nsid=0
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.5.74.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-74-153.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.fortinet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 02 Jan 2025 08:22:02 GMT
dcs
dcs-prod-va6-1-v068-0ba552db2.edge-va6.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Mon, 11 Nov 2024 10:06:47 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
4kB7las4SWE=
ibs:dpid=411&dpuuid=Z3ZMqgAAAF05bAOF
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=19924528742698380773934052682728532721
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z3ZMqgAAAF05bAOF
42 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z3ZMqgAAAF05bAOF
Protocol
H2
Server
50.19.69.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-69-177.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs
dcs-prod-va6-2-v068-0b1ebe68a.edge-va6.demdex.com 2 ms
content-encoding
gzip
pragma
no-cache
x-content-type-options
nosniff
x-tid
W+e6V4j9QR4=
expires
Thu, 01 Jan 1970 00:00:00 UTC
content-length
59
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
image/gif

Redirect headers

Cache-Control
no-cache
Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z3ZMqgAAAF05bAOF
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Length
0
Date
Thu, 02 Jan 2025 08:22:02 GMT
Connection
keep-alive
Server
AMO-cookiemap/1.1
delivery
fortinet.tt.omtrdc.net/rest/v1/ 		351 B
842 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fortinet.tt.omtrdc.net/rest/v1/delivery?client=fortinet&sessionId=de1f0da2077540fc818111e197721634&version=2.10.0
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.38.91 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-38-91.data.adobedc.net
Software
jag /
Resource Hash
e9e8cc1be4e4dc657d0a17dfb2b1dfadc46c73360b7c33d4b0356923b14ac08b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.fortinet.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
1b50ac21-f375-45e1-97cf-a9324c851e65
cache-control
no-cache, no-store, max-age=0, no-transform, private
timing-allow-origin
*
content-encoding
gzip
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
access-control-allow-origin
https://www.fortinet.com
date
Thu, 02 Jan 2025 08:22:02 GMT
x-xss-protection
1; mode=block
content-type
application/json;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
server
jag
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP31dbb9c60e404ba1aa6e746d49be6f29/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP31dbb9c60e404ba1aa6e746d49be6f29/AppMeasurement.min.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:195::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
7db8d077fc21c20f1449a2603d524e423cfa25d7df6d5fd845a8e5e883aa227e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
no-cache
timing-allow-origin
*
content-encoding
gzip
etag
"66aabcd8a7ba429711eebdad8acc3dd6:1729811534.672229"
x-content-type-options
nosniff
expires
Thu, 02 Jan 2025 09:22:02 GMT
accept-ranges
bytes
access-control-allow-origin
https://www.fortinet.com
content-length
13011
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/x-javascript
last-modified
Thu, 24 Oct 2024 23:12:14 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EP31dbb9c60e404ba1aa6e746d49be6f29/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP31dbb9c60e404ba1aa6e746d49be6f29/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:195::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2a250e2f225e48cf583d54a0a42d623c700847de17323bf23ea372e5d9e89cb2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
no-cache
timing-allow-origin
*
content-encoding
gzip
etag
"ddda3fb3f27121fcba6a33a82f32d57c:1729811534.987187"
x-content-type-options
nosniff
expires
Thu, 02 Jan 2025 09:22:02 GMT
accept-ranges
bytes
access-control-allow-origin
https://www.fortinet.com
content-length
1598
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/x-javascript
last-modified
Thu, 24 Oct 2024 23:12:14 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
highlight.js
cdn.schemaapp.com/javascript/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.schemaapp.com/javascript/highlight.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:27c2:7000:a:6e64:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
804d2ba5b5b1dc948f7a41078c7c493bca3fabd3ccf66b40e9d2cfe1e47319ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

content-encoding
br
x-amz-meta-version
1.74.0
x-amz-version-id
pPy0TTL.HrvVLmp.iLg_RK560dI7NXB6
etag
W/"16f63fe8de1178e25219a6a86dfec9ee"
age
10824
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
gQoYZsPsFDvV5bQWLENS07kpABHuMcqYaMzYW_njcpnE1VPB7vszug==
date
Thu, 02 Jan 2025 05:21:39 GMT
content-type
application/javascript
vary
accept-encoding, Origin
last-modified
Wed, 01 Jan 2025 22:38:53 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-replication-status
COMPLETED
referrer-policy
strict-origin-when-cross-origin
via
1.1 87231a08ea3c7f15402d76db2a29d98c.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD61-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
bat.js
bat.bing.com/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"028e0691d20db1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5B345886A31946098FABBF251DB9C448 Ref B: EWR30EDGE1020 Ref C: 2025-01-02T08:22:02Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14570
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 22:47:44 GMT
vary
Accept-Encoding
RC41e16e9b16d1408cbf43b5b2e7378738-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/RC41e16e9b16d1408cbf43b5b2e7378738-source.min.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:195::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
bf7373288351e862e2ae59ff88b276613e7a55c31235ff278045cabfae02d106
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
max-age=3600
timing-allow-origin
*
content-encoding
gzip
etag
"c12da556e26f9f041b5d7e3098bdad09:1735691338.103454"
x-content-type-options
nosniff
expires
Thu, 02 Jan 2025 09:22:02 GMT
accept-ranges
bytes
access-control-allow-origin
https://www.fortinet.com
content-length
1844
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/x-javascript
last-modified
Wed, 01 Jan 2025 00:28:58 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
RC448863e9e05a4b4880daa4a5fb7da328-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/ 		358 B
508 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/RC448863e9e05a4b4880daa4a5fb7da328-source.min.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:195::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d274d5471e57edba11e6dca2df73ff967545a3f45eed029f8fc37a15025aca09
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
max-age=3600
timing-allow-origin
*
content-encoding
gzip
etag
"c12da556e26f9f041b5d7e3098bdad09:1735691338.103454"
x-content-type-options
nosniff
expires
Thu, 02 Jan 2025 09:22:02 GMT
accept-ranges
bytes
access-control-allow-origin
https://www.fortinet.com
content-length
227
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/x-javascript
last-modified
Wed, 01 Jan 2025 00:28:58 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
RCa4add8b607f6404fbd2aba7ee4b9abad-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/ 		703 B
708 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/RCa4add8b607f6404fbd2aba7ee4b9abad-source.min.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:195::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1817562821d9834bf6ee21f3359a0dfe837fba42b69b02aead82799821883cb2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
max-age=3600
timing-allow-origin
*
content-encoding
gzip
etag
"c12da556e26f9f041b5d7e3098bdad09:1735691338.103454"
x-content-type-options
nosniff
expires
Thu, 02 Jan 2025 09:22:02 GMT
accept-ranges
bytes
access-control-allow-origin
https://www.fortinet.com
content-length
426
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/x-javascript
last-modified
Wed, 01 Jan 2025 00:28:58 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ 		409 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JH142QCQCJ&l=dataLayer
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ef31fe45238b5ddc6d5a8285c6af094bfe2b67af3b8c9dec7b1bd8a39597bf1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 02 Jan 2025 08:22:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
134452
x-xss-protection
0
server
Google Tag Manager
RC0f37d244d9ce4f30a5cae18379878eaa-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/ 		635 B
665 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/RC0f37d244d9ce4f30a5cae18379878eaa-source.min.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:195::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
7ac8b6ed773e6750e6f6507433211abe9598e3d059e78184e0fc0c48dd7fd51e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
max-age=3600
timing-allow-origin
*
content-encoding
gzip
etag
"c12da556e26f9f041b5d7e3098bdad09:1735691338.103454"
x-content-type-options
nosniff
expires
Thu, 02 Jan 2025 09:22:02 GMT
accept-ranges
bytes
access-control-allow-origin
https://www.fortinet.com
content-length
383
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/x-javascript
last-modified
Wed, 01 Jan 2025 00:28:58 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
RC190d282f2b9c4848b2ea08ca5751fa40-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/RC190d282f2b9c4848b2ea08ca5751fa40-source.min.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:195::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
61d1e0c234f322cf8deefe4cd7b6e53d82a2add960896fb5f83c888c77eaf224
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
max-age=3600
timing-allow-origin
*
content-encoding
gzip
etag
"c12da556e26f9f041b5d7e3098bdad09:1735691338.103454"
x-content-type-options
nosniff
expires
Thu, 02 Jan 2025 09:22:02 GMT
accept-ranges
bytes
access-control-allow-origin
https://www.fortinet.com
content-length
754
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/x-javascript
last-modified
Wed, 01 Jan 2025 00:28:58 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
RC7be3d22b2fd6487ca9390477738587fe-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/ 		819 B
782 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/RC7be3d22b2fd6487ca9390477738587fe-source.min.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:195::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
96d6d86b8ccc57eb33440658f9fe0177bbdbc92bff2607af7b051dd55e5dcbef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
max-age=3600
timing-allow-origin
*
content-encoding
gzip
etag
"c12da556e26f9f041b5d7e3098bdad09:1735691338.103454"
x-content-type-options
nosniff
expires
Thu, 02 Jan 2025 09:22:02 GMT
accept-ranges
bytes
access-control-allow-origin
https://www.fortinet.com
content-length
501
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/x-javascript
last-modified
Wed, 01 Jan 2025 00:28:58 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
RC407b573180554ea6b11eecdc31ecbd3f-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/ 		819 B
781 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/RC407b573180554ea6b11eecdc31ecbd3f-source.min.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:195::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
11ed479adfd43d0a82a83570ce52ff6d9bee959fa3d3ba976153ea1bd436ee73
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
max-age=3600
timing-allow-origin
*
content-encoding
gzip
etag
"c12da556e26f9f041b5d7e3098bdad09:1735691338.103454"
x-content-type-options
nosniff
expires
Thu, 02 Jan 2025 09:22:02 GMT
accept-ranges
bytes
access-control-allow-origin
https://www.fortinet.com
content-length
499
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/x-javascript
last-modified
Wed, 01 Jan 2025 00:28:58 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
RC8c594cd344f84ab89afc779d8f53fff4-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/ 		1 KB
836 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/RC8c594cd344f84ab89afc779d8f53fff4-source.min.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:195::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
21ffa63cdad7e4ace0d3f02b9dc9cb4881aa1838c9cf9e7723777060cb3aad02
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
max-age=3600
timing-allow-origin
*
content-encoding
gzip
etag
"c12da556e26f9f041b5d7e3098bdad09:1735691338.103454"
x-content-type-options
nosniff
expires
Thu, 02 Jan 2025 09:22:02 GMT
accept-ranges
bytes
access-control-allow-origin
https://www.fortinet.com
content-length
554
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/x-javascript
last-modified
Wed, 01 Jan 2025 00:28:58 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
RC5915f5d7e33546579cd5fd510349ed90-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/ 		722 B
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/RC5915f5d7e33546579cd5fd510349ed90-source.min.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:195::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
fe1a16df6a437b7f4f8599599595fab4d321b32504b198c95486d6c78ee4c018
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
max-age=3600
timing-allow-origin
*
content-encoding
gzip
etag
"c12da556e26f9f041b5d7e3098bdad09:1735691338.103454"
x-content-type-options
nosniff
expires
Thu, 02 Jan 2025 09:22:02 GMT
accept-ranges
bytes
access-control-allow-origin
https://www.fortinet.com
content-length
457
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/x-javascript
last-modified
Wed, 01 Jan 2025 00:28:58 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
RC1d92f04752ae42a38e54de48cb85adf4-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/ 		661 B
673 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/RC1d92f04752ae42a38e54de48cb85adf4-source.min.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:195::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4397954d28816e7138d4f467de4c7d16eb5f2a0243ed06e7ea3b9c9424c7a6e4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
max-age=3600
timing-allow-origin
*
content-encoding
gzip
etag
"c12da556e26f9f041b5d7e3098bdad09:1735691338.103454"
x-content-type-options
nosniff
expires
Thu, 02 Jan 2025 09:22:02 GMT
accept-ranges
bytes
access-control-allow-origin
https://www.fortinet.com
content-length
391
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/x-javascript
last-modified
Wed, 01 Jan 2025 00:28:58 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
RCf940460311f349b5af69d075bdef61d4-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/ 		368 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/RCf940460311f349b5af69d075bdef61d4-source.min.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:195::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c7c40fd217db29491549f02e29a3cde9a2f248c79b6eceb468ec1e326a23c8ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
max-age=3600
timing-allow-origin
*
content-encoding
gzip
etag
"c12da556e26f9f041b5d7e3098bdad09:1735691338.103454"
x-content-type-options
nosniff
expires
Thu, 02 Jan 2025 09:22:02 GMT
accept-ranges
bytes
access-control-allow-origin
https://www.fortinet.com
content-length
234
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/x-javascript
last-modified
Wed, 01 Jan 2025 00:28:58 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
RCcb6e8e438d1741e6854bf3a039a2565a-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/ 		754 B
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/RCcb6e8e438d1741e6854bf3a039a2565a-source.min.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:195::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
175ddc72d9185916d41bad941ca32a931e30248420ba2e37b24b34470dbd1ba3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
max-age=3600
timing-allow-origin
*
content-encoding
gzip
etag
"c12da556e26f9f041b5d7e3098bdad09:1735691338.103454"
x-content-type-options
nosniff
expires
Thu, 02 Jan 2025 09:22:02 GMT
accept-ranges
bytes
access-control-allow-origin
https://www.fortinet.com
content-length
447
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/x-javascript
last-modified
Wed, 01 Jan 2025 00:28:58 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
RCbbd24be21a0f4115a18f29bb3fee2a7a-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/ 		2 KB
995 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/RCbbd24be21a0f4115a18f29bb3fee2a7a-source.min.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:195::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
f1a9a37d87047aaacd18adb303378deca049de084696c0af3bb0725d30e93eab
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
max-age=3600
timing-allow-origin
*
content-encoding
gzip
etag
"c12da556e26f9f041b5d7e3098bdad09:1735691338.103454"
x-content-type-options
nosniff
expires
Thu, 02 Jan 2025 09:22:02 GMT
accept-ranges
bytes
access-control-allow-origin
https://www.fortinet.com
content-length
713
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/x-javascript
last-modified
Wed, 01 Jan 2025 00:28:58 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
RCf5bd1991cad84a7294a7b609189a1fa5-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/ 		1021 B
881 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/RCf5bd1991cad84a7294a7b609189a1fa5-source.min.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:195::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c22adc88145c38f62f89d36d723ab590e2b570156ac028922e5e4ba48b734bbb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
max-age=3600
timing-allow-origin
*
content-encoding
gzip
etag
"c12da556e26f9f041b5d7e3098bdad09:1735691338.103454"
x-content-type-options
nosniff
expires
Thu, 02 Jan 2025 09:22:02 GMT
accept-ranges
bytes
access-control-allow-origin
https://www.fortinet.com
content-length
600
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/x-javascript
last-modified
Wed, 01 Jan 2025 00:28:58 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
RCcd84e40d19c24776bef77836ab2f8df6-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/ 		819 B
782 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/RCcd84e40d19c24776bef77836ab2f8df6-source.min.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:195::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
70d52606c810c9e105ca8195688bb37d0af61603676f5ea7bd82d13b8d44c82e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
max-age=3600
timing-allow-origin
*
content-encoding
gzip
etag
"c12da556e26f9f041b5d7e3098bdad09:1735691338.103454"
x-content-type-options
nosniff
expires
Thu, 02 Jan 2025 09:22:02 GMT
accept-ranges
bytes
access-control-allow-origin
https://www.fortinet.com
content-length
501
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/x-javascript
last-modified
Wed, 01 Jan 2025 00:28:58 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
RC4daaa3cd330f4ee2934602a98dab7c5f-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/ 		388 B
523 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/RC4daaa3cd330f4ee2934602a98dab7c5f-source.min.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:195::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b9c0849d4741288a83848b2ba5748394e357d71be4a8a8b973540e1f484f4910
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
max-age=3600
timing-allow-origin
*
content-encoding
gzip
etag
"c12da556e26f9f041b5d7e3098bdad09:1735691338.103454"
x-content-type-options
nosniff
expires
Thu, 02 Jan 2025 09:22:02 GMT
accept-ranges
bytes
access-control-allow-origin
https://www.fortinet.com
content-length
242
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/x-javascript
last-modified
Wed, 01 Jan 2025 00:28:58 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
RCf30ab81c91bc4e9c9063a3e8818e020f-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/ 		706 B
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/RCf30ab81c91bc4e9c9063a3e8818e020f-source.min.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:195::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b413eff54afe21ebbacfe0855a4d134d7160bf6283fe60b13459dd723d6fc517
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
max-age=3600
timing-allow-origin
*
content-encoding
gzip
etag
"c12da556e26f9f041b5d7e3098bdad09:1735691338.103454"
x-content-type-options
nosniff
expires
Thu, 02 Jan 2025 09:22:02 GMT
accept-ranges
bytes
access-control-allow-origin
https://www.fortinet.com
content-length
449
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/x-javascript
last-modified
Wed, 01 Jan 2025 00:28:58 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
RC0ba76d5bbb984ea6a79cd6308c48dbff-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/ 		2 KB
1005 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/RC0ba76d5bbb984ea6a79cd6308c48dbff-source.min.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:195::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6173179e8ee283fb547279d4dd4bc3cc64925236051c11f09b1395324a1298c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
max-age=3600
timing-allow-origin
*
content-encoding
gzip
etag
"c12da556e26f9f041b5d7e3098bdad09:1735691338.103454"
x-content-type-options
nosniff
expires
Thu, 02 Jan 2025 09:22:02 GMT
accept-ranges
bytes
access-control-allow-origin
https://www.fortinet.com
content-length
723
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/x-javascript
last-modified
Wed, 01 Jan 2025 00:28:58 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
RC0829ccf7bc5a44478ae2705d4c111c37-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/ 		966 B
833 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/d5da379907ac/RC0829ccf7bc5a44478ae2705d4c111c37-source.min.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:195::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
7214f2426ac1e8a55ca88a637cad62cbd162d8601f61e04bb2537d96978960e7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
max-age=3600
timing-allow-origin
*
content-encoding
gzip
etag
"c12da556e26f9f041b5d7e3098bdad09:1735691338.103454"
x-content-type-options
nosniff
expires
Thu, 02 Jan 2025 09:22:02 GMT
accept-ranges
bytes
access-control-allow-origin
https://www.fortinet.com
content-length
551
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/x-javascript
last-modified
Wed, 01 Jan 2025 00:28:58 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
aHR0cHM6Ly93d3cuZm9ydGluZXQuY29tL2Jsb2cvdGhyZWF0LXJlc2VhcmNoL3JhbnNvbXdhcmUtcm91bmR1cC1pbnRlcmxvY2s
data.schemaapp.com/Fortinet/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://data.schemaapp.com/Fortinet/aHR0cHM6Ly93d3cuZm9ydGluZXQuY29tL2Jsb2cvdGhyZWF0LXJlc2VhcmNoL3JhbnNvbXdhcmUtcm91bmR1cC1pbnRlcmxvY2s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:27c2:9800:1f:d9e6:d540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Headers
x-account-id
Access-Control-Request-Method
GET
Origin
https://www.fortinet.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-account-id
access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
access-control-expose-headers
x-amz-meta-source
access-control-max-age
3000
age
186
content-length
0
date
Thu, 02 Jan 2025 08:18:57 GMT
server
AmazonS3
strict-transport-security
max-age=31536000; includeSubDomains;
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
via
1.1 87231a08ea3c7f15402d76db2a29d98c.cloudfront.net (CloudFront)
x-amz-cf-id
JQCEdHkOcYIot8kW_QQzHhwMMB6D1bkhc5SAXM1EY3nI3geud6H4WQ==
x-amz-cf-pop
IAD61-P4
x-cache
Hit from cloudfront
aHR0cHM6Ly93d3cuZm9ydGluZXQuY29t
cdn.schemaapp.com/highlighter/prod/Fortinet/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.schemaapp.com/highlighter/prod/Fortinet/v2/aHR0cHM6Ly93d3cuZm9ydGluZXQuY29t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:27c2:7000:a:6e64:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
x-account-id
Access-Control-Request-Method
GET
Origin
https://www.fortinet.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
14400
content-length
0
date
Thu, 02 Jan 2025 08:22:03 GMT
referrer-policy
strict-origin-when-cross-origin
server
AmazonS3
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 0be89ec5b9fd1e7b2066b4e5e6c14da0.cloudfront.net (CloudFront)
x-amz-cf-id
jbpQZdcTOiqnEAW1LfMd5Tnv65BBbV2WePuoSgJUZDRfNcLiKhXDXA==
x-amz-cf-pop
IAD61-P4
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
aHR0cHM6Ly93d3cuZm9ydGluZXQuY29tL2Jsb2cvdGhyZWF0LXJlc2VhcmNoL3JhbnNvbXdhcmUtcm91bmR1cC1pbnRlcmxvY2s
data.schemaapp.com/Fortinet/ 		0
461 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://data.schemaapp.com/Fortinet/aHR0cHM6Ly93d3cuZm9ydGluZXQuY29tL2Jsb2cvdGhyZWF0LXJlc2VhcmNoL3JhbnNvbXdhcmUtcm91bmR1cC1pbnRlcmxvY2s
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:27c2:9800:1f:d9e6:d540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

x-account-id
Fortinet
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json

Response headers

access-control-max-age
3000
access-control-expose-headers
x-amz-meta-source
age
186
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
EhApcEV_QRX_QqvD-iLsL71IWfZ-D56obWiCa5SOp5Al7VjvJZMwtA==
date
Thu, 02 Jan 2025 08:18:56 GMT
content-type
application/json
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
strict-transport-security
max-age=31536000; includeSubDomains;
cache-control
max-age=14400
via
1.1 87231a08ea3c7f15402d76db2a29d98c.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
0
x-amz-cf-pop
IAD61-P4
server
AmazonS3
aHR0cHM6Ly93d3cuZm9ydGluZXQuY29t
cdn.schemaapp.com/highlighter/prod/Fortinet/v2/ 		18 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.schemaapp.com/highlighter/prod/Fortinet/v2/aHR0cHM6Ly93d3cuZm9ydGluZXQuY29t
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:27c2:7000:a:6e64:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
55d73bb932092f3d251f9adb3f3fbd34d19c0e0aff3dfed7f7c5784b15166e77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

x-account-id
Fortinet
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json

Response headers

x-amz-meta-url
https://www.fortinet.com
access-control-expose-headers
x-amz-meta-source,x-amz-meta-accountid,x-amz-meta-url
content-encoding
br
x-amz-version-id
kjUmJllqhtpzagAxYWIz9e094WbPDgES
etag
W/"1428c2fd1d816347fcf0272f2e842226"
age
96953
x-content-type-options
nosniff
x-amz-meta-source
SchemaApp
x-amz-meta-templateid
x-cache
Hit from cloudfront
x-amz-cf-id
G3S9QmTVFYhhdTqdsh1rtH1005T7EOkco8PQzcxpIYZ0o5P665dzEg==
date
Wed, 01 Jan 2025 05:26:10 GMT
content-type
application/json
vary
accept-encoding
last-modified
Wed, 18 Dec 2024 14:55:16 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-replication-status
COMPLETED
cache-control
max-age=699840
referrer-policy
strict-origin-when-cross-origin
via
1.1 0be89ec5b9fd1e7b2066b4e5e6c14da0.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
1; mode=block
x-amz-meta-companyid
http://schemaapp.com/resources/Company/Fortinet
x-amz-cf-pop
IAD61-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
0786.js
script.crazyegg.com/pages/scripts/0117/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0117/0786.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16fb72ffe51980a00e52edf9a001b7d560b2bdbd1a56e04366a70b674204c359

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

access-control-expose-headers
CE-Version
content-encoding
gzip
cf-cache-status
HIT
age
68870
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
text/javascript
last-modified
Wed, 01 Jan 2025 12:55:51 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
8fb956cbfdf7429a-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
2481
ce-version
11.5.340
server
cloudflare
6si.min.js
j.6sc.co/ 		68 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.6sc.co/6si.min.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.251.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-251-17.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
91c20c70d36b608cf919e894b0ac9e32298d6b3ac3ca59c45a85e7c44161d170
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
private, proxy-revalidate, max-age=10800
content-encoding
gzip
etag
"6763d39f-1110f"
x-content-type-options
nosniff
expires
Thu, 02 Jan 2025 11:22:02 GMT
accept-ranges
bytes
content-length
18919
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx/1.14.0 (Ubuntu)
last-modified
Thu, 19 Dec 2024 08:04:47 GMT
obtp.js
amplify.outbrain.com/cp/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.165.92 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-165-92.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
90eaf5dbf35b26c11fe6c57f5da9d9d9f57872aaea3abe1e10c4ddc604bd7ed7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

Cache-Control
max-age=1200
Content-Encoding
gzip
ETag
"32f6b28da9ec7857a2f31f6650118a87:1734957062.79236"
Connection
keep-alive
Expires
Thu, 02 Jan 2025 08:42:02 GMT
Accept-Ranges
bytes
X-CC
US
Content-Length
8471
X-RG
NA
Date
Thu, 02 Jan 2025 08:22:02 GMT
Content-Type
application/x-javascript
Last-Modified
Mon, 23 Dec 2024 09:09:28 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
25f2dd15-02c6-4e7a-bc8b-c5722b49624d
tag.simpli.fi/sifitag/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.simpli.fi/sifitag/25f2dd15-02c6-4e7a-bc8b-c5722b49624d
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.245.15.98 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.15.245.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
c6bcc71f8a9f5497ccc35e3aa16e00110504488fef71fffea99853274f9d7c86

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

x-request-id
GBbSeNrblbkdtTNe7DGC
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding
gzip
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
server
openresty
17532650.js
bat.bing.com/p/action/ 		363 B
422 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/17532650.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4922a8859b315c354c23ad278e35483c6cf29aebf1c509c2c928c1f41634fe43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 215A89AD9F964436B6523676AFCB8EC0 Ref B: EWR30EDGE1020 Ref C: 2025-01-02T08:22:02Z
x-cache
CONFIG_NOCACHE
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
0
bat.bing.com/action/ 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=17532650&tm=al001&Ver=2&mid=003c3e67-449d-490f-9461-b7ba38a5b8a8&bo=1&sid=a50bb380c8e211ef957feb409c99d9e9&vid=a50bdce0c8e211efa9ba21867c5b4083&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=Ransomware%20Roundup%20-%20Interlock%20%7C%20FortiGuard%20Labs&kw=FortiGuard%20Labs%20Threat%20Research,Ransomware%20Roundup&p=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&r=&lt=571&pt=1735806122018,,,,,1,2,2,2,33,10,33,56,82,68,421,421,426,569,570,571&pn=0,0&evt=pageLoad&sv=1&cdb=AQET&rn=89387
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 43B2D38E9A66492AA4407ED56A0F4094 Ref B: EWR30EDGE1020 Ref C: 2025-01-02T08:22:02Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Thu, 02 Jan 2025 08:22:02 GMT
www.fortinet.com.json
script.crazyegg.com/pages/data-scripts/0117/0786/site/ Frame 4F21 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0117/0786/site/www.fortinet.com.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0117/0786.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b460980a36d06a51c1c049d260e38ba72b001cdb90b816f3ec79db874f3859e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers
CE-Version
content-encoding
gzip
cf-cache-status
HIT
age
68870
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/json
last-modified
Wed, 01 Jan 2025 12:55:51 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
8fb956cc5a0f435d-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
1455
ce-version
11.5.340
server
cloudflare
00ad3119690e692fd6990245f9741ea8f1
wave.outbrain.com/mtWavesBundler/handler/ 		2 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wave.outbrain.com/mtWavesBundler/handler/00ad3119690e692fd6990245f9741ea8f1
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.165.92 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-165-92.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
Cache-Control
max-age=60
ob-sent-time
1735762433216
Content-Encoding
gzip
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Connection
keep-alive
Expires
Thu, 02 Jan 2025 08:23:02 GMT
Access-Control-Allow-Origin
*
X-CC
US
Content-Length
22
X-RG
NA
Date
Thu, 02 Jan 2025 08:22:02 GMT
Content-Type
text/html; charset=utf-8
Vary
Accept-Encoding
x-traceid
ac7fb374f8c14c4ffe882e676c911263
topics
amplify.outbrain.com/ 		26 B
301 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/topics
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.165.92 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-165-92.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

Cache-Control
max-age=1200
Connection
keep-alive
Observe-Browsing-Topics
?1
Expires
Thu, 02 Jan 2025 08:42:02 GMT
Access-Control-Allow-Origin
*
X-CC
US
Content-Length
26
X-RG
NA
Date
Thu, 02 Jan 2025 08:22:02 GMT
Content-Type
text/html
unifiedPixel
tr.outbrain.com/ 		53 B
321 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/unifiedPixel?au=false&bust=07846236975203753&referrer=&marketerId=00ad3119690e692fd6990245f9741ea8f1&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&g=0&zone=all&obApiVersion=1.1&obtpVersion=2.18.156
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
content-length
54
content-encoding
br
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
image/gif;
x-traceid
44c22aa0d50b28d28607e1b91ace15a3
cachedClickId
tr.outbrain.com/ 		35 B
293 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00ad3119690e692fd6990245f9741ea8f1
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
39
content-encoding
br
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/javascript
x-traceid
19e38065cf0bd83cc1dc99a6ab177140
p
i.simpli.fi/ 		798 B
762 B 		Script
General
Check archive.org
Download Go to
Full URL
https://i.simpli.fi/p?cid=339566&cb=sifi_att_42656._hp
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.245.15.98 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.15.245.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
083e57bc4fc975a33178698afeca99b9252cc7d5494d504620c41cacf0d38c97

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding
gzip
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
openresty
js
www.googletagmanager.com/gtag/ 		323 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-38BQ9XFDT4
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ec3105df4954c7156294dc8d49cf77b91545a8495843abda66850a5cd82ac63f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 02 Jan 2025 08:22:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109837
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		276 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-662878185&l=dataLayer&cx=c&gtm=45je4cc1v893708426za200
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3a1551d2f1ea530f7b11e3410a4000685eafb041cf34e9fbfff375bd1f893b0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 02 Jan 2025 08:22:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 02 Jan 2025 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
98771
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		229 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-10050195&l=dataLayer&cx=c&gtm=45je4cc1v893708426za200
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f14d85a30929be99fe5420590b3f17fc45be9d8bea0c70a681cd90c8e3b388f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 02 Jan 2025 08:22:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 02 Jan 2025 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
83736
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		250 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-609297413&l=dataLayer&cx=c&gtm=45je4cc1v893708426za200
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4aa211504fc8a12718b3cf04fa8e903b35c10782d1d0157536d39ea09590333c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 02 Jan 2025 08:22:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 02 Jan 2025 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
91550
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		261 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-729495989&l=dataLayer&cx=c&gtm=45je4cc1v893708426za200
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4e07b3eb8bc93035fc627ee6956931577828f28e1b0c72e2b41d5162afeea8f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 02 Jan 2025 08:22:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 02 Jan 2025 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
94666
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		421 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-748285774&l=dataLayer&cx=c&gtm=45je4cc1v893708426za200
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c1f30adcc2af13335029f3896147ebb303ec21a75c1ac75a7b5bb4f095647d10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 02 Jan 2025 08:22:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
137120
x-xss-protection
0
server
Google Tag Manager
4905af20a771527fdcc240cf8ab4172a.js
script.crazyegg.com/pages/versioned/common-scripts/ 		107 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/4905af20a771527fdcc240cf8ab4172a.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f17058a6ac8f171e452a0ed24075c6e592834eef8dc12e343ade35adc73c4cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
503358
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
text/javascript
last-modified
Thu, 12 Dec 2024 18:42:04 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
public, max-age=31536000, s-maxage=31536000
timing-allow-origin
*
cf-ray
8fb956ccbe7b429a-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
37122
server
cloudflare
/
c.6sc.co/ 		7 B
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.6sc.co/
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.251.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-251-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
GET,POST
access-control-allow-origin
https://www.fortinet.com
content-length
7
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
text/html
access-control-allow-headers
*
/
ipv6.6sc.co/ 		37 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipv6.6sc.co/
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:d::17cd:6a49 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
ad42aafd9b82614660ba913875c636cd20b580b0a38e037a772040d3d35953ad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
max-age=0, no-cache, no-store
pragma
no-cache
6si-ipv6
2a0d:5600:24:1500:1011:e5b3:3f85:8165
expires
Thu, 02 Jan 2025 08:22:03 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1735806123016_400219719_3128181753_22_762_12_25_219";dur=1
access-control-allow-origin
https://www.fortinet.com
content-length
37
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
text/html
vary
Origin
img.gif
b.6sc.co/v1/beacon/ 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=5eeecf22b2d12a77a14639dce97b7a36&svisitor=null&visitor=6c2a5ace-37ee-47a7-8a08-11e721dce565&session=2e60489d-25b7-4432-835c-6a86ee711f27&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Thu%2C%2002%20Jan%202025%2008%3A22%3A02%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Interlock%20is%20a%20recent%20ransomware%20variant%20that%20has%20victimized%20organizations%20in%20the%20United%20States%20and%20Italy%2C%20but%20may%20have%20hit%20other%20countries.%20The%20ransomware%20affects%20not%20only%20Windows%2C%20but%20also%20the%20FreeBSD%20platform.%20Read%20more.%22%2C%22keywords%22%3A%22FortiGuard%20Labs%20Threat%20Research%2CRansomware%20Roundup%22%2C%22title%22%3A%22Ransomware%20Roundup%20-%20Interlock%20%7C%20FortiGuard%20Labs%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&pageViewId=24c97bc1-f558-4cd1-84e8-b1c336cdfda2&v=1.1.31
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.251.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-251-17.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"63f02dad-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Thu, 02 Jan 2025 08:22:03 GMT
accept-ranges
bytes
content-length
43
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
image/gif
last-modified
Sat, 18 Feb 2023 01:45:17 GMT
server
nginx/1.14.0 (Ubuntu)
img.gif
b.6sc.co/v1/beacon/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=5eeecf22b2d12a77a14639dce97b7a36&svisitor=null&visitor=6c2a5ace-37ee-47a7-8a08-11e721dce565&session=2e60489d-25b7-4432-835c-6a86ee711f27&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2002%20Jan%202025%2008%3A22%3A02%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%225eeecf22b2d12a77a14639dce97b7a36%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2002%20Jan%202025%2008%3A22%3A02%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2002%20Jan%202025%2008%3A22%3A02%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2002%20Jan%202025%2008%3A22%3A02%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%227381d1d7c753fe2d8e217c3fdc44c0f17418dcc4%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2002%20Jan%202025%2008%3A22%3A02%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Interlock%20is%20a%20recent%20ransomware%20variant%20that%20has%20victimized%20organizations%20in%20the%20United%20States%20and%20Italy%2C%20but%20may%20have%20hit%20other%20countries.%20The%20ransomware%20affects%20not%20only%20Windows%2C%20but%20also%20the%20FreeBSD%20platform.%20Read%20more.%22%2C%22keywords%22%3A%22FortiGuard%20Labs%20Threat%20Research%2CRansomware%20Roundup%22%2C%22title%22%3A%22Ransomware%20Roundup%20-%20Interlock%20%7C%20FortiGuard%20Labs%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&pageViewId=24c97bc1-f558-4cd1-84e8-b1c336cdfda2&v=1.1.31
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.251.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-251-17.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"615ccf10-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Thu, 02 Jan 2025 08:22:03 GMT
accept-ranges
bytes
content-length
43
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
image/gif
last-modified
Tue, 05 Oct 2021 22:17:52 GMT
server
nginx/1.14.0 (Ubuntu)
aHR0cHM6Ly93d3cuZm9ydGluZXQuY29tLyNDb3Jwb3JhdGlvbg
data.schemaapp.com/Fortinet/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://data.schemaapp.com/Fortinet/aHR0cHM6Ly93d3cuZm9ydGluZXQuY29tLyNDb3Jwb3JhdGlvbg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:27c2:9800:1f:d9e6:d540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Headers
x-account-id
Access-Control-Request-Method
GET
Origin
https://www.fortinet.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-account-id
access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
access-control-expose-headers
x-amz-meta-source
access-control-max-age
3000
age
186
content-length
0
date
Thu, 02 Jan 2025 08:18:58 GMT
server
AmazonS3
strict-transport-security
max-age=31536000; includeSubDomains;
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
via
1.1 87231a08ea3c7f15402d76db2a29d98c.cloudfront.net (CloudFront)
x-amz-cf-id
sWuIXXztxBnxilLvcxU_8buVr49FzofDApWrthquoxJfAAmpz6NppQ==
x-amz-cf-pop
IAD61-P4
x-cache
Hit from cloudfront
entities
api.schemaapp.com/entityrecognition/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.schemaapp.com/entityrecognition/entities?highlight_id=http%3A%2F%2Fschemaapp.com%2Fresources%2FTagLookupOmniLinkedEntity_6760f8d1501e20.85355480&highlight_config=%7B%22%40id%22%3A%22http%3A%2F%2Fschemaapp.com%2Fresources%2FTagLookupOmniLinkedEntity_6760f8d1501e20.85355480%22%2C%22xPath-input%22%3A%22%2Fhtml%2Fbody%2Fdiv%5B1%5D%2Fdiv%2Fdiv%5B2%5D%2Fdiv%2Fdiv%22%2C%22target%22%3A%22https%3A%2F%2Fapi.schemaapp.com%2Fentityrecognition%2Fentities%22%2C%22propertyPath%22%3A%5B%22mentions%22%5D%2C%22%40type%22%3A%22TagLookupOmniLinkedEntity%22%7D&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.6.76.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-76-58.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-account-id
Access-Control-Request-Method
POST
Origin
https://www.fortinet.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Requested-With,X-Hash,cache-control,x-account-id
access-control-allow-methods
POST, DELETE, OPTIONS, HEAD
access-control-allow-origin
*
content-length
3
content-type
application/json
date
Thu, 02 Jan 2025 08:22:03 GMT
x-amz-apigw-id
DwDqyExgIAMEj4w=
x-amzn-requestid
c08891fb-9308-4e3f-90e5-9d53fc24044f
x-amzn-trace-id
Root=1-67764cab-26bac22a010b5a0d64554c87
aHR0cHM6Ly93d3cuZm9ydGluZXQuY29tLyNDb3Jwb3JhdGlvbg
data.schemaapp.com/Fortinet/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://data.schemaapp.com/Fortinet/aHR0cHM6Ly93d3cuZm9ydGluZXQuY29tLyNDb3Jwb3JhdGlvbg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:27c2:9800:1f:d9e6:d540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6ab8cec21d24650e7daff4c1b478cd643158968caec50be8f44571eed95d130b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

x-account-id
Fortinet
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json

Response headers

x-amz-meta-url
https://www.fortinet.com/#Corporation
access-control-max-age
3000
access-control-expose-headers
x-amz-meta-source
content-encoding
gzip
etag
W/"888a68fe35afddc64f3c7bb5822fef2b"
x-amz-version-id
JL3XPQMGaH3aLjFwp_X3XsnEx3RSDrKq
age
186
access-control-allow-methods
GET, HEAD
x-amz-meta-source
Editor
x-cache
Hit from cloudfront
x-amz-cf-id
HD9uDx7Oe3uANtE5mdkBT3VXZxTlsnJQRLdD0L9-m3wGf0ZeclZEWA==
date
Thu, 02 Jan 2025 08:18:58 GMT
x-amz-meta-accountid
Fortinet
content-type
application/json
last-modified
Fri, 13 Dec 2024 16:13:08 GMT
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
strict-transport-security
max-age=31536000; includeSubDomains;
x-amz-replication-status
COMPLETED
cache-control
max-age=699840
x-amz-meta-mainaccount
Fortinet
via
1.1 87231a08ea3c7f15402d76db2a29d98c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
IAD61-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
entities
api.schemaapp.com/entityrecognition/ 		12 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.schemaapp.com/entityrecognition/entities?highlight_id=http%3A%2F%2Fschemaapp.com%2Fresources%2FTagLookupOmniLinkedEntity_6760f8d1501e20.85355480&highlight_config=%7B%22%40id%22%3A%22http%3A%2F%2Fschemaapp.com%2Fresources%2FTagLookupOmniLinkedEntity_6760f8d1501e20.85355480%22%2C%22xPath-input%22%3A%22%2Fhtml%2Fbody%2Fdiv%5B1%5D%2Fdiv%2Fdiv%5B2%5D%2Fdiv%2Fdiv%22%2C%22target%22%3A%22https%3A%2F%2Fapi.schemaapp.com%2Fentityrecognition%2Fentities%22%2C%22propertyPath%22%3A%5B%22mentions%22%5D%2C%22%40type%22%3A%22TagLookupOmniLinkedEntity%22%7D&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.6.76.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-76-58.compute-1.amazonaws.com
Software
/
Resource Hash
bb8df3dcda36a5ed9c236d2d64ef80f2db160f7322b0108b1f1d1cd372c994c0

Request headers

x-account-id
Fortinet
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json
Content-Type
text/plain;charset=UTF-8

Response headers

x-amz-apigw-id
DwDqyE58IAMEo3Q=
x-amzn-trace-id
Root=1-67764cab-20055c820bc5530e242fb143
access-control-allow-credentials
true
x-amzn-requestid
e38503c4-22dd-438d-80e4-4af31803cc04
access-control-allow-origin
*
content-length
12265
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
application/json
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Requested-With,cache-control,x-account-id
receive
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://um.simpli.fi/smaato
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=72DA43C5F49A43AAA30B11F1478DBA9E
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3372&partner_device_id=a06bf76061
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=e6e5e5e3-028b-4aef-9b59-a8816d1b0acc%252C%252C&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=e6e5e5e3-028b-4aef-9b59-a8816d1b0acc%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=544cab45-6d92-41cc-bdd8-9dc0b0aadec1&ttd_puid=e6e5e5e3-028b-4aef-9b59-a8816d1b0acc%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=544cab45-6d92-41cc-bdd8-9dc0b0aadec1&ttd_puid=e6e5e5e3-028b-4aef-9b59-a8816d1b0acc%2C%2C
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

strict-transport-security
max-age=31536000
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
95
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
image/png
server
Jetty(11.0.13)

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=544cab45-6d92-41cc-bdd8-9dc0b0aadec1&ttd_puid=e6e5e5e3-028b-4aef-9b59-a8816d1b0acc%2C%2C
content-length
359
date
Thu, 02 Jan 2025 08:22:03 GMT
server
Kestrel
72DA43C5F49A43AAA30B11F1478DBA9E
sync.1rx.io/usersync/simplifi/
Redirect Chain
  • https://um.simpli.fi/nexxen
  • https://sync.1rx.io/usersync/simplifi/72DA43C5F49A43AAA30B11F1478DBA9E
0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/simplifi/72DA43C5F49A43AAA30B11F1478DBA9E
Protocol
H2
Server
69.194.240.13 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

expires
0
cache-control
no-store, no-cache, must-revalidate
date
Thu, 02 Jan 2025 08:22:03 GMT
pragma
no-cache

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://sync.1rx.io/usersync/simplifi/72DA43C5F49A43AAA30B11F1478DBA9E
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Wed, 01 Jan 2025 08:22:03 GMT
access-control-allow-origin
*
content-length
142
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
xuid
eb2.3lift.com/
Redirect Chain
  • https://um.simpli.fi/triplelift
  • https://eb2.3lift.com/xuid?mid=7969&xuid=72DA43C5F49A43AAA30B11F1478DBA9E&dongle=yf3
  • https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=72DA43C5F49A43AAA30B11F1478DBA9E&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
37 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=72DA43C5F49A43AAA30B11F1478DBA9E&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
image/gif

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
/xuid?ld=1&mid=7969&xuid=72DA43C5F49A43AAA30B11F1478DBA9E&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date
Thu, 02 Jan 2025 08:22:03 GMT
sync
simplifi.partners.tremorhub.com/
Redirect Chain
  • https://um.simpli.fi/telaria_p
  • https://simplifi.partners.tremorhub.com/sync?UISF=72DA43C5F49A43AAA30B11F1478DBA9E
43 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simplifi.partners.tremorhub.com/sync?UISF=72DA43C5F49A43AAA30B11F1478DBA9E
Protocol
H2
Server
2600:1f18:612b:4280:9e87:de84:5a7a:fd90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
image/gif
server
nginx

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://simplifi.partners.tremorhub.com/sync?UISF=72DA43C5F49A43AAA30B11F1478DBA9E
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Wed, 01 Jan 2025 08:22:03 GMT
access-control-allow-origin
*
content-length
142
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain
  • https://um.simpli.fi/tapad
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=72DA43C5F49A43AAA30B11F1478DBA9E
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=72DA43C5F49A43AAA30B11F1478DBA9E
95 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=72DA43C5F49A43AAA30B11F1478DBA9E
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

strict-transport-security
max-age=31536000
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
95
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
image/png
server
Jetty(11.0.13)

Redirect headers

strict-transport-security
max-age=31536000
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=72DA43C5F49A43AAA30B11F1478DBA9E
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
0
date
Thu, 02 Jan 2025 08:22:03 GMT
server
Jetty(11.0.13)
empty.gif
um.simpli.fi/
Redirect Chain
  • https://um.simpli.fi/ad_advisor
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=72DA43C5F49A43AAA30B11F1478DBA9E
  • https://d.agkn.com/pixel/10751/?che=1735806123235&ip=5.181.234.134&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D213180605115006894158
  • https://um.simpli.fi/aa_px?sk=213180605115006894158
  • https://um.simpli.fi/empty.gif
43 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/empty.gif
Protocol
H2
Server
34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
96.170.150.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
access-control-allow-origin
*
content-length
43
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
location
/empty.gif
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-length
142
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://um.simpli.fi/intentiq
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=72DA43C5F49A43AAA30B11F1478DBA9E
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=72DA43C5F49A43AAA30B11F1478DBA9E&ckls=true&ci=q3LG07Lce7&nc=false&trid=-1208926803
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=72DA43C5F49A43AAA30B11F1478DBA9E&ckls=true&ci=q3LG07Lce7&nc=false&trid=-1208926803
Protocol
H2
Server
2600:9000:2479:b200:1b:6b7d:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 10d8c7e85dc4bacbe46fc8920b2edbc4.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
image/gif
x-amz-cf-pop
IAD61-P3
x-amz-cf-id
wkY06ZIZza92aSuzDWsGK60aKRi7W_9vcHyC7F_EV9rjPXy3RyJWeQ==

Redirect headers

patent
https://www.almondnet.com/ip
cache-control
no-cache, no-store, must-revalidate
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=72DA43C5F49A43AAA30B11F1478DBA9E&ckls=true&ci=q3LG07Lce7&nc=false&trid=-1208926803
pragma
no-cache
via
1.1 10d8c7e85dc4bacbe46fc8920b2edbc4.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
image/gif
x-amz-cf-pop
IAD61-P3
x-amz-cf-id
VKfu4o5dQd_U8R8LUhrYVqvOVNes9uE6r2nZsI3eeNsxN_EUoPMMwQ==
Pug
image2.pubmatic.com/AdServer/
Redirect Chain
  • https://um.simpli.fi/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:72DA43C5F49A43AAA30B11F1478DBA9E
42 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:72DA43C5F49A43AAA30B11F1478DBA9E
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
no-store, no-cache, private
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
image/gif; charset=utf-8
server
nginx

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:72DA43C5F49A43AAA30B11F1478DBA9E
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Wed, 01 Jan 2025 08:22:03 GMT
access-control-allow-origin
*
content-length
142
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
user-registering
ads.stickyadstv.com/
Redirect Chain
  • https://um.simpli.fi/freewheel
  • https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=72DA43C5F49A43AAA30B11F1478DBA9E
43 B
655 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=72DA43C5F49A43AAA30B11F1478DBA9E
Protocol
HTTP/1.1
Server
63.251.28.210 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

Transfer-Encoding
chunked
Cache-Control
no-cache
Pragma
no-cache
x-sticky-vk
1735806123218021-318
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Date
Thu, 02 Jan 2025 08:22:03 GMT
Content-Type
image/gif
Server
nginx

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=72DA43C5F49A43AAA30B11F1478DBA9E
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Wed, 01 Jan 2025 08:22:03 GMT
access-control-allow-origin
*
content-length
142
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
engine
pbid.pro-market.net/
Redirect Chain
  • https://um.simpli.fi/dtnx
  • https://fei.pro-market.net/engine?du=24;csync=72DA43C5F49A43AAA30B11F1478DBA9E;mimetype=img;
  • https://fei.pro-market.net/engine?du=24;csync=72DA43C5F49A43AAA30B11F1478DBA9E;mimetype=img;sr
  • https://cms.analytics.yahoo.com/cms?partner_id=DATCS
  • https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS
  • https://pbid.pro-market.net/engine?du=81&mimetype=img&csync=y-50v70mVE2pRQofB8FpK1HnXZ1vAJitA25fA-~A
43 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbid.pro-market.net/engine?du=81&mimetype=img&csync=y-50v70mVE2pRQofB8FpK1HnXZ1vAJitA25fA-~A
Protocol
H2
Server
2600:1901:0:8eee:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
via
1.1 google
anserver
gapp1
expires
Mon, 1 Jan 1990 0:0:0 GMT
access-control-allow-origin
*
alt-svc
clear
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-length
43
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
image/gif
server
Apache-Coyote/1.1

Redirect headers

strict-transport-security
max-age=31536000
location
https://pbid.pro-market.net/engine?du=81&mimetype=img&csync=y-50v70mVE2pRQofB8FpK1HnXZ1vAJitA25fA-~A
age
0
referrer-policy
no-referrer-when-downgrade
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
text/html
server
ATS
/
loadm.exelator.com/load/
Redirect Chain
  • https://um.simpli.fi/exelatem
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=72DA43C5F49A43AAA30B11F1478DBA9E&j=0
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=72DA43C5F49A43AAA30B11F1478DBA9E&j=0&xl8blockcheck=1
0
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=2191&simid=72DA43C5F49A43AAA30B11F1478DBA9E&j=0&xl8blockcheck=1
Protocol
H2
Server
52.0.156.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-156-250.compute-1.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
no-cache
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date
Thu, 02 Jan 2025 08:22:03 GMT
x-powered-by
Undertow/1
server
nginx
access-control-allow-credentials
true

Redirect headers

cache-control
no-cache
location
https://loadm.exelator.com/load/?p=204&g=2191&simid=72DA43C5F49A43AAA30B11F1478DBA9E&j=0&xl8blockcheck=1
access-control-allow-credentials
true
content-length
0
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
image/gif
x-powered-by
Undertow/1
server
nginx
sync
ups.analytics.yahoo.com/ups/55964/
Redirect Chain
  • https://um.simpli.fi/yahoo
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=72DA43C5F49A43AAA30B11F1478DBA9E
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=72DA43C5F49A43AAA30B11F1478DBA9E&verify=true
0
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55964/sync?uid=72DA43C5F49A43AAA30B11F1478DBA9E&verify=true
Protocol
H2
Server
2001:4998:60:807::1 , United States, ASN14196 (YAHOO-CHA, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Thu, 02 Jan 2025 08:22:03 GMT
age
0
content-type
text/html
server
ATS
referrer-policy
no-referrer-when-downgrade

Redirect headers

strict-transport-security
max-age=31536000
location
https://ups.analytics.yahoo.com/ups/55964/sync?uid=72DA43C5F49A43AAA30B11F1478DBA9E&verify=true
age
0
referrer-policy
no-referrer-when-downgrade
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
text/html
server
ATS
sync
sync.bfmio.com/
Redirect Chain
  • https://um.simpli.fi/beachfront
  • https://sync.bfmio.com/sync?pid=141&uid=72DA43C5F49A43AAA30B11F1478DBA9E
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=141&uid=72DA43C5F49A43AAA30B11F1478DBA9E
Protocol
HTTP/1.1
Server
3.82.182.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-82-182-220.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

Date
Thu, 02 Jan 2025 08:22:02 GMT
Connection
keep-alive

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://sync.bfmio.com/sync?pid=141&uid=72DA43C5F49A43AAA30B11F1478DBA9E
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Wed, 01 Jan 2025 08:22:03 GMT
access-control-allow-origin
*
content-length
142
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
29931
stags.bluekai.com/site/
Redirect Chain
  • https://um.simpli.fi/bluekai
  • https://stags.bluekai.com/site/29931?id=72DA43C5F49A43AAA30B11F1478DBA9E
0
0
tpid=72DA43C5F49A43AAA30B11F1478DBA9E
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain
  • https://um.simpli.fi/crwdcntrl
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=72DA43C5F49A43AAA30B11F1478DBA9E
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=72DA43C5F49A43AAA30B11F1478DBA9E
49 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=72DA43C5F49A43AAA30B11F1478DBA9E
Protocol
H2
Server
44.210.165.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-165-62.compute-1.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
no-cache
pragma
no-cache
expires
0
access-control-allow-origin
*
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
49
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
image/gif
x-server
10.40.0.219

Redirect headers

cache-control
no-cache
location
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=72DA43C5F49A43AAA30B11F1478DBA9E
pragma
no-cache
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
0
date
Thu, 02 Jan 2025 08:22:03 GMT
x-server
10.40.56.238
merge
ce.lijit.com/
Redirect Chain
  • https://um.simpli.fi/lj_match
  • https://ce.lijit.com/merge?pid=2&3pid=72DA43C5F49A43AAA30B11F1478DBA9E
  • https://ce.lijit.com/merge?pid=2&3pid=72DA43C5F49A43AAA30B11F1478DBA9E&dnr=1
43 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=72DA43C5F49A43AAA30B11F1478DBA9E&dnr=1
Protocol
H2
Server
3.219.92.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-92-71.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
pragma
no-cache
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
image/gif
vary
Accept-Encoding

Redirect headers

cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
location
https://ce.lijit.com/merge?pid=2&3pid=72DA43C5F49A43AAA30B11F1478DBA9E&dnr=1
pragma
no-cache
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 02 Jan 2025 08:22:03 GMT
vary
Accept-Encoding
db_sync
px.ads.linkedin.com/
Redirect Chain
  • https://um.simpli.fi/liveramp_match
  • https://idsync.rlcdn.com/419566.gif?partner_uid=72DA43C5F49A43AAA30B11F1478DBA9E
  • https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogNzJEQTQzQzVGNDlBNDNBQUEzMEIxMUYxNDc4REJBOUUQABoNCKuZ2bsGEgUI6AcQAEIASgA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=ff3a1eece8ef709ea65221ca05948be918162b56e99a9c7ec7a7ff0fe6c7e6ff791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=ff3a1eece8ef709ea65221ca05948be918162b56e99a9c7ec7a7ff0fe6c7e6ff791426b5417dce21&rand=08807367
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=ff3a1eece8ef709ea65221ca05948be918162b56e99a9c7ec7a7ff0fe6c7e6ff791426b5417dce21&rand=08807367&expected_cookie=9bdf403a-0664-403a-ab1c-dc800bd5b01b
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=ff3a1eece8ef709ea65221ca05948be918162b56e99a9c7ec7a7ff0fe6c7e6ff791426b5417dce21&rand=08807367&expected_cookie=9bdf403a-0664-403a-ab1c-dc800bd5b01b
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: D0B8A34789354C35A0ECA3A736E5A531 Ref B: EWR30EDGE0219 Ref C: 2025-01-02T08:22:03Z
x-li-fabric
prod-ltx1
x-li-uuid
AAYqtNtlQ4OqTS/j5VLenQ==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Thu, 02 Jan 2025 08:22:03 GMT

Redirect headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
location
/db_sync?pid=10339&puuid=ff3a1eece8ef709ea65221ca05948be918162b56e99a9c7ec7a7ff0fe6c7e6ff791426b5417dce21&rand=08807367&expected_cookie=9bdf403a-0664-403a-ab1c-dc800bd5b01b
x-msedge-ref
Ref A: B67F12BB28D74EC8AC7AE4813D8DBBDA Ref B: EWR30EDGE0219 Ref C: 2025-01-02T08:22:03Z
x-li-fabric
prod-ltx1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-uuid
AAYqtNtkEydLz8xA0IjXDg==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Thu, 02 Jan 2025 08:22:03 GMT
/
www.google.com/pagead/1p-conversion/1026675585/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1735806122942&cv=7&fst=1735806122942&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1533130008&cv=7&fst=1735806122942&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLH...
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=1533130008&cv=7&fst=1735806122942&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrF...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-conversion/1026675585/?random=1533130008&cv=7&fst=1735806122942&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkMmxAgjTxbEC&pscrd=IhMI6MX02s3WigMVkmFHAR2ssiLDMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhlodHRwczovL3d3dy5mb3J0aW5ldC5jb20v&is_vtc=1&cid=CAQSGwCa7L7dkWKiYjBkPAG_IrZwozeUaXJYaDaCWw&random=2679992745
Protocol
H3
Server
2607:f8b0:4004:c08::63 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 02 Jan 2025 08:22:03 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://www.google.com/pagead/1p-conversion/1026675585/?random=1533130008&cv=7&fst=1735806122942&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkMmxAgjTxbEC&pscrd=IhMI6MX02s3WigMVkmFHAR2ssiLDMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhlodHRwczovL3d3dy5mb3J0aW5ldC5jb20v&is_vtc=1&cid=CAQSGwCa7L7dkWKiYjBkPAG_IrZwozeUaXJYaDaCWw&random=2679992745
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Thu, 02 Jan 2025 08:22:03 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
spotx_match
um.simpli.fi/ 		0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/spotx_match
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
96.170.150.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

access-control-allow-methods
GET, POST, OPTIONS
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-origin
*
date
Thu, 02 Jan 2025 08:22:03 GMT
x-content-type-options
nosniff
bounce
ib.adnxs.com/
Redirect Chain
  • https://um.simpli.fi/an
  • https://ib.adnxs.com/setuid?entity=66&code=72DA43C5F49A43AAA30B11F1478DBA9E
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D72DA43C5F49A43AAA30B11F1478DBA9E
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D72DA43C5F49A43AAA30B11F1478DBA9E
Protocol
H2
Server
68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
5.181.234.134; 5.181.234.134; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
abc544ec-4f21-48cf-873c-163935dda9e0
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Thu, 02 Jan 2025 08:22:03 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4

Redirect headers

cache-control
no-store, no-cache, private
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D72DA43C5F49A43AAA30B11F1478DBA9E
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
5.181.234.134; 5.181.234.134; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
d65cd5c6-13e1-4c81-9844-bee294c10680
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Thu, 02 Jan 2025 08:22:03 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=72DA43C5F49A43AAA30B11F1478DBA9E&expires=365
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=72DA43C5F49A43AAA30B11F1478DBA9E&expires=365
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
ffef7c53154b04a892ce1f9531c32cb1
Pragma
no-cache
content-length
42
Content-Type
image/gif

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=72DA43C5F49A43AAA30B11F1478DBA9E&expires=365
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Wed, 01 Jan 2025 08:22:03 GMT
access-control-allow-origin
*
content-length
142
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=72DA43C5F49A43AAA30B11F1478DBA9E
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=72DA43C5F49A43AAA30B11F1478DBA9E&cc=1
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=72DA43C5F49A43AAA30B11F1478DBA9E&cc=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
private, max-age=0, no-cache
pragma
no-cache
x-forwarded-for
5.181.234.134
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
image/gif
vary
Accept

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=72DA43C5F49A43AAA30B11F1478DBA9E&cc=1
x-forwarded-for
5.181.234.134
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 02 Jan 2025 08:22:02 GMT
content-type
text/plain; charset=utf-8
vary
Origin
g_match
um.simpli.fi/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEE9XqtjsR7v4ZmDUryv8aKs&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=72DA43C5F49A43AAA30B11F1478DBA9E
  • https://um.simpli.fi/g_match?id=
0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/g_match?id=
Protocol
H2
Server
34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
96.170.150.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
expires
Wed, 01 Jan 2025 08:22:03 GMT
access-control-allow-origin
*
date
Thu, 02 Jan 2025 08:22:03 GMT
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

Redirect headers

cache-control
no-cache, must-revalidate
location
https://um.simpli.fi/g_match?id=
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
229
date
Thu, 02 Jan 2025 08:22:03 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-38BQ9XFDT4&gtm=45je4cc1v9191763579za200&_p=1735806122772&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1739739365.1735806123&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1735806123&sct=1&seg=0&dl=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&dt=Ransomware%20Roundup%20-%20Interlock%20%7C%20FortiGuard%20Labs&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1045
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c01::8b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.fortinet.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
text/plain
server
Golfe2
api.min.js
a.opmnstr.com/app/js/ 		47 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.opmnstr.com/app/js/api.min.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1207:2 Chicago, United States, ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI),
Reverse DNS
Software
BunnyCDN-IL1-1207 /
Resource Hash
cc0f5d9221ccfacb888ac774cf36b9e64b686e5148a79e7620ece8b1f7dbecea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

perma-cache
HIT
cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"676efd76-bd17"
cdn-fileserver
749
date
Thu, 02 Jan 2025 08:22:03 GMT
cdn-storageserver
NY-268
last-modified
Fri, 27 Dec 2024 19:18:14 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
12/31/2024 23:13:15
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
2
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
eeead8679598b5d7a37db0dc130f3bd8
cdn-pullzone
293267
cdn-proxyver
1.06
access-control-allow-origin
*
cdn-edgestorageid
941
server
BunnyCDN-IL1-1207
cdn-requestcountrycode
US
img.gif
b.6sc.co/v1/beacon/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=5eeecf22b2d12a77a14639dce97b7a36&svisitor=null&visitor=6c2a5ace-37ee-47a7-8a08-11e721dce565&session=2e60489d-25b7-4432-835c-6a86ee711f27&event=ipv6&q=%7B%22address%22%3A%222a0d%3A5600%3A24%3A1500%3A1011%3Ae5b3%3A3f85%3A8165%22%7D&isIframe=false&m=%7B%22description%22%3A%22Interlock%20is%20a%20recent%20ransomware%20variant%20that%20has%20victimized%20organizations%20in%20the%20United%20States%20and%20Italy%2C%20but%20may%20have%20hit%20other%20countries.%20The%20ransomware%20affects%20not%20only%20Windows%2C%20but%20also%20the%20FreeBSD%20platform.%20Read%20more.%22%2C%22keywords%22%3A%22FortiGuard%20Labs%20Threat%20Research%2CRansomware%20Roundup%22%2C%22title%22%3A%22Ransomware%20Roundup%20-%20Interlock%20%7C%20FortiGuard%20Labs%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&pageViewId=24c97bc1-f558-4cd1-84e8-b1c336cdfda2&ipv6=2a0d%3A5600%3A24%3A1500%3A1011%3Ae5b3%3A3f85%3A8165&v=1.1.31
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.251.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-251-17.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"615ccf10-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Thu, 02 Jan 2025 08:22:03 GMT
accept-ranges
bytes
content-length
43
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
image/gif
last-modified
Tue, 05 Oct 2021 22:17:52 GMT
server
nginx/1.14.0 (Ubuntu)
www.fortinet.com.json
script.crazyegg.com/pages/data-scripts/0117/0786/sampling/ Frame 4F21 		46 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0117/0786/sampling/www.fortinet.com.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/4905af20a771527fdcc240cf8ab4172a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3101bd6ed043b8f0a43d018c65a2371c6ef23f0b9eb6db3fae93f9bf2bd22acf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers
CE-Version
content-encoding
gzip
cf-cache-status
HIT
age
69972
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
application/json
last-modified
Wed, 01 Jan 2025 12:55:51 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
8fb956cd7b05435d-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
65
ce-version
11.5.340
server
cloudflare
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&scrsrc=www.googletagmanager.com&frm=0&rnd=861030587.1735806123&dt=Ransomware%20Roundup%20-%20Interlock%20%7C%20FortiGuard%20Labs&auid=603154757.1735806123&navt=n&npa=0&gtm=45fe4cc1v9185241837za200zb893708426&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1735806123139&tfd=1121&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10050195&l=dataLayer&cx=c&gtm=45je4cc1v893708426za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::63 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers
activityi;fledge=1;src=10050195;npa=0;auiddc=603154757.1735806123;ps=1;pcor=2083632089;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1v9185241837za200zb893708426;gcd=13...
td.doubleclick.net/td/fls/rul/ Frame 1172 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=10050195;npa=0;auiddc=603154757.1735806123;ps=1;pcor=2083632089;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1v9185241837za200zb893708426;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock?
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fortinet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Jan 2025 08:22:03 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;src=10050195;npa=0;auiddc=603154757.1735806123;ps=1;pcor=2083632089;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1v9185241837za200zb893708426;gcd=13l3l3l3l1l1...
ad.doubleclick.net/ 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;src=10050195;npa=0;auiddc=603154757.1735806123;ps=1;pcor=2083632089;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1v9185241837za200zb893708426;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qk-in-f148.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Thu, 02 Jan 2025 08:22:03 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
activity;register_conversion=1;src=10050195;npa=0;auiddc=603154757.1735806123;ps=1;pcor=2083632089;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1v9185241837za200zb8937...
ad.doubleclick.net/ 		0
0
clock
tracking.crazyegg.com/ Frame 4F21 		39 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/clock?u=1170786&st=424000&t=1735806123196&tk=329ee1373036c5ddcda74cf257baa0a6
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/4905af20a771527fdcc240cf8ab4172a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.19.220.126 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-19-220-126.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b566a2b48dde2e3b59a7870fb0b183468f8574eebf909dc61511f3b08326d264

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/json
Referer

Response headers

cache-control
no-store
access-control-allow-origin
*
content-length
39
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
text/plain
server
awselb/2.0
clock
tracking.crazyegg.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/clock?u=1170786&st=424000&t=1735806123196&tk=329ee1373036c5ddcda74cf257baa0a6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.19.220.126 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-19-220-126.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.fortinet.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Authorization,Content-Type,Access-Control-Allow-Origin,Access-Control-Allow-Methods
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public, max-age=86400
date
Thu, 02 Jan 2025 08:22:03 GMT
server
awselb/2.0
vary
Access-Control-Request-Headers, Origin, Access-Control-Request-Method
details
epsilon.6sense.com/v3/company/ 		770 B
662 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://epsilon.6sense.com/v3/company/details
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.231.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afe865822f884bb48.awsglobalaccelerator.com
Software
/
Resource Hash
8816bf019bc7944bc83a7a8bb53b181b18c59f65070274ebe384b4e44c648910

Request headers

Authorization
Token 7381d1d7c753fe2d8e217c3fdc44c0f17418dcc4
X-6s-CustomID
WebTag1.0 5eeecf22b2d12a77a14639dce97b7a36
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-expose-headers
X-6si-Region
timing-allow-origin
https://6sense.com
content-encoding
gzip
x-6si-region
access-control-allow-credentials
true
access-control-allow-origin
https://www.fortinet.com
content-length
402
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
application/json
vary
Origin, Accept-Encoding
details
epsilon.6sense.com/v3/company/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://epsilon.6sense.com/v3/company/details
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.231.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afe865822f884bb48.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-6s-customid
Access-Control-Request-Method
GET
Origin
https://www.fortinet.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,x-6s-customid
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
https://www.fortinet.com
access-control-expose-headers
X-6si-Region
access-control-max-age
1800
content-length
0
date
Thu, 02 Jan 2025 08:22:03 GMT
timing-allow-origin
https://6sense.com
x-6si-region
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/609297413/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/609297413/?random=1735806123222&cv=11&fst=1735806123222&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200zb893708426&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&hn=www.googleadservices.com&frm=0&tiba=Ransomware%20Roundup%20-%20Interlock%20%7C%20FortiGuard%20Labs&npa=0&pscdl=noapi&auid=603154757.1735806123&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=4
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c03::9a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7421b6125844ab02fb402c330987c89ff62046048f724e4e14a66cb20ca59412
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2315
date
Thu, 02 Jan 2025 08:22:03 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
609297413
td.doubleclick.net/td/rul/ Frame 5CFA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/609297413?random=1735806123222&cv=11&fst=1735806123222&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200zb893708426&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&hn=www.googleadservices.com&frm=0&tiba=Ransomware%20Roundup%20-%20Interlock%20%7C%20FortiGuard%20Labs&npa=0&pscdl=noapi&auid=603154757.1735806123&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fortinet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Jan 2025 08:22:03 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/662878185/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/662878185/?random=1735806123286&cv=11&fst=1735806123286&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v887005625za200zb893708426&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&hn=www.googleadservices.com&frm=0&tiba=Ransomware%20Roundup%20-%20Interlock%20%7C%20FortiGuard%20Labs&npa=0&pscdl=noapi&auid=603154757.1735806123&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=4
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c03::9a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58eac33425084c3a81cdd8b29645b37d5c0a4b5b69947f77359ae54d914014f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2332
date
Thu, 02 Jan 2025 08:22:03 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
662878185
td.doubleclick.net/td/rul/ Frame 1971 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/662878185?random=1735806123286&cv=11&fst=1735806123286&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v887005625za200zb893708426&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&hn=www.googleadservices.com&frm=0&tiba=Ransomware%20Roundup%20-%20Interlock%20%7C%20FortiGuard%20Labs&npa=0&pscdl=noapi&auid=603154757.1735806123&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fortinet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Jan 2025 08:22:03 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/729495989/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/729495989/?random=1735806123347&cv=11&fst=1735806123347&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200zb893708426&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&hn=www.googleadservices.com&frm=0&tiba=Ransomware%20Roundup%20-%20Interlock%20%7C%20FortiGuard%20Labs&npa=0&pscdl=noapi&auid=603154757.1735806123&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=4
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c03::9a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c50e317d9e2532e75ca2a67b6f985164c39e9dfce18cb3cd83fe9dce224bab7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2315
date
Thu, 02 Jan 2025 08:22:03 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
729495989
td.doubleclick.net/td/rul/ Frame 9FC3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/729495989?random=1735806123347&cv=11&fst=1735806123347&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200zb893708426&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&hn=www.googleadservices.com&frm=0&tiba=Ransomware%20Roundup%20-%20Interlock%20%7C%20FortiGuard%20Labs&npa=0&pscdl=noapi&auid=603154757.1735806123&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fortinet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Jan 2025 08:22:03 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
api.min.css
a.omappapi.com/app/js/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/api.min.css
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1207:2 Chicago, United States, ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI),
Reverse DNS
Software
BunnyCDN-IL1-1207 /
Resource Hash
9913af3d52a269c71873f72f239acd195edd2e1d4c729ca56ab810ff15947196

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

perma-cache
HIT
cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"676ef9cf-2644"
cdn-fileserver
749
date
Thu, 02 Jan 2025 08:22:03 GMT
cdn-storageserver
NY-268
last-modified
Fri, 27 Dec 2024 19:02:39 GMT
content-type
text/css
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
12/28/2024 00:08:01
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
8598aae804fe1657f3bf39a2cee82c83
cdn-pullzone
293267
cdn-proxyver
1.07
access-control-allow-origin
*
cdn-edgestorageid
1234
server
BunnyCDN-IL1-1207
cdn-requestcountrycode
US
39852
api.omappapi.com/v2/embed/ 		165 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.omappapi.com/v2/embed/39852?d=fortinet.com
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b934ce9883949e7bceb88fa78a354125eefc85715f7e54da8ff529c94ebab0fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

x-user-agent
standard--
cf-cache-status
DYNAMIC
expires
Thu, 02 Jan 2025 08:23:21 GMT
x-cache
Error from cloudfront
x-amz-cf-id
I41VDLhzq7X-Lr_5Iilc5ZuYwa30r8Vv3h-ovWWYLkkqwawVw5cn7A==
date
Thu, 02 Jan 2025 08:22:03 GMT
x-cache-config
0 0
content-type
application/json
vary
Accept-Encoding, User-Agent
access-control-allow-headers
X-CSRF-Token
cache-control
public, max-age=120, stale-while-revalidate=1800
via
1.1 79455aeea26d3c071fd96c3c1432669a.cloudfront.net (CloudFront)
cf-ray
8fb956cfba77c343-EWR
access-control-allow-origin
*
content-length
165
x-amz-cf-pop
EWR53-P1
server
cloudflare
tracking.js
trk.techtarget.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk.techtarget.com/tracking.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1347 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=1200
content-encoding
br
cf-cache-status
HIT
age
73187
via
1.1 google
cf-ray
8fb956cfb83943fe-EWR
expires
Thu, 02 Jan 2025 08:42:03 GMT
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
text/javascript
last-modified
Tue, 13 Dec 2022 15:01:39 GMT
vary
Accept-Encoding
server
cloudflare
tag.js
abm-tracking.demandscience.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abm-tracking.demandscience.com/tag.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.32.164.86 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-164-86.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
1885fa140df271c97bf904d43f5385b84aa7458ff60cc20dae89ca4e9df959d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

Cache-Control
public, max-age=0
ETag
W/"879-19321dea034"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2169
Date
Thu, 02 Jan 2025 08:22:03 GMT
Content-Type
application/javascript; charset=UTF-8
X-Powered-By
Express
Server
nginx/1.18.0 (Ubuntu)
Last-Modified
Tue, 12 Nov 2024 19:34:18 GMT
wid.tracker.js
tmp.argusplatform.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tmp.argusplatform.com/js/wid.tracker.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b697c4c8e7c22fa7e18ccef66c1bda6610f19ec8c7d1c60fb3696db54ea5362e
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preloadmax-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preloadmax-age=31536000
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
content-encoding
br
etag
"28476869"
referrer-policy
same-origin
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
date
Thu, 02 Jan 2025 08:22:03 GMT
x-xss-protection
1; mode=block
content-type
text/javascript
last-modified
Sat, 08 Jun 2024 11:51:22 GMT
vary
Accept-Encoding
x-azure-ref
20250102T082203Z-156796c549bkmhc6hC1EWRrra80000000m4g000000000wse
js
pixel.mathtag.com/event/ 		161 B
712 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/event/js?mt_id=1629896&mt_adid=260855&mt_exem=&mt_excl=&v2=&v3=&s1=&s2=&s3=&v1=en:blog:threat-research:ransomware-roundup-interlock
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.200.232.253 Frederick, United States, ASN30419 (PAEDAE-INC, US),
Reverse DNS
Software
MT3 1688 76e1918 master ord ord-pixel-x48 config_version:"1063" /
Resource Hash
98192c2b3bfd0e66cff07b8ba31ff42de9182144d3e21b9ca258f13da96ee457
Security Headers
Name Value
Strict-Transport-Security 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

Strict-Transport-Security
31536000
Cache-Control
no-cache
Content-Encoding
gzip
Connection
close
Cross-Origin-Resource-Policy
cross-origin
Referrer-Policy
strict-origin
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
all
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Date
Thu, 02 Jan 2025 08:22:03 GMT
X-XSS-Protection
0
Content-Type
text/javascript
Server
MT3 1688 76e1918 master ord ord-pixel-x48 config_version:"1063"
spx
dx.mountain.com/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dx.mountain.com/spx?dxver=4.0.0&shaid=32336&tdr=&plh=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&cb=64316805657881600term=value
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.151.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-151-245.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
7efd44222bfdd05440452c5f8dbfdb57da88cf6afab6e7a3922640d7dee3e5e5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

transfer-encoding
chunked
content-encoding
gzip
x-envoy-upstream-service-time
2
expires
Thu, 01 Jan 1970 00:00:00 GMT
be
spx-prod
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
application/javascript;charset=utf-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
server
istio-envoy
uwt.js
static.ads-twitter.com/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.80.157 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

vary
Accept-Encoding,Host
cache-control
no-cache
content-encoding
gzip
etag
"4328e910de583ad53b3a7a76455af005+gzip+gzip"
accept-ranges
bytes
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
15926
date
Thu, 02 Jan 2025 08:22:03 GMT
x-tw-cdn
FT
last-modified
Tue, 29 Oct 2024 01:22:31 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-iad-kiad7000145-IAD, cache-chi-klot8100035-CHI
x-amz-server-side-encryption
AES256
insight.min.js
snap.licdn.com/li.lms-analytics/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:5::17c7:3727 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
6c0d4e3bd890a4bf01c9a301d3e3ff127af22636c4f94250cc230815eb701593
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
max-age=24023
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
7404
date
Thu, 02 Jan 2025 08:22:03 GMT
last-modified
Wed, 18 Dec 2024 08:42:17 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
events.js
tags.srv.stackadapt.com/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.175.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-175-245.compute-1.amazonaws.com
Software
/
Resource Hash
d6c9633a6d94a48dedc7e1d8e007c24b58eea421b8ecd17e7bf9bf365af84610

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

access-control-allow-origin
*
cache-control
max-age=5
content-encoding
gzip
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
text/javascript
iztag.js
tags.inzynk.io/0ulh3gex/ 		34 B
428 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.inzynk.io/0ulh3gex/iztag.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2191:6200:12:dfa9:e200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c0b4a76926bdb1cd2207319f82aa00def513ba7d0cbaf57ea4a21b64866f0869

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

x-amz-version-id
15XT7F8rursoJ6jHrhKIXrYdXTZkWasY
etag
"595f7fa79bc22a7029d2751228622eb4"
age
70674
via
1.1 7fc4d53a17d950b206cd9fccf1108b8a.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
34
x-amz-cf-id
AmMgieVL-M729gJQRvZyUDV_oeQKRgLn1R27DCohoVOHHiN07Bu9Vg==
date
Wed, 01 Jan 2025 12:44:10 GMT
content-type
application/octet-stream
last-modified
Thu, 05 Sep 2024 13:11:02 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C1
x-amz-server-side-encryption
AES256
px
secure.adnxs.com/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=1773420&t=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
5.181.234.134; 5.181.234.134; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
6d7e18a8-72f6-4b28-a671-1c67ee4d89fc
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Thu, 02 Jan 2025 08:22:03 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4
seg
ib.adnxs.com/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/seg?add=36113683
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
5.181.234.134; 5.181.234.134; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
196a488f-1248-42c4-81e5-8607c1c06c43
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Thu, 02 Jan 2025 08:22:03 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4
sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame 3E38 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fwww.fortinet.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-609297413&l=dataLayer&cx=c&gtm=45je4cc1v893708426za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
151717
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Tue, 31 Dec 2024 14:13:26 GMT
expires
Wed, 31 Dec 2025 14:13:26 GMT
last-modified
Thu, 12 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/609297413/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/609297413/?random=1735806123222&cv=11&fst=1735804800000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200zb893708426&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&hn=www.googleadservices.com&frm=0&tiba=Ransomware%20Roundup%20-%20Interlock%20%7C%20FortiGuard%20Labs&npa=0&pscdl=noapi&auid=603154757.1735806123&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7doQq8XJU9mkVlRYosV1kFrH0MQSPwE1UcMdbqfSmeupdvOwTY&random=2678584765&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::63 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 02 Jan 2025 08:22:03 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.com/pagead/1p-user-list/662878185/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/662878185/?random=1735806123286&cv=11&fst=1735804800000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v887005625za200zb893708426&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&hn=www.googleadservices.com&frm=0&tiba=Ransomware%20Roundup%20-%20Interlock%20%7C%20FortiGuard%20Labs&npa=0&pscdl=noapi&auid=603154757.1735806123&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dr9V1xIu9_wFEM6DdKY-NrMb1Ui8-zkaA_GTWSBkXR4Fjepo3&random=4168353113&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::63 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 02 Jan 2025 08:22:03 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.com/pagead/1p-user-list/729495989/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/729495989/?random=1735806123347&cv=11&fst=1735804800000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200zb893708426&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&hn=www.googleadservices.com&frm=0&tiba=Ransomware%20Roundup%20-%20Interlock%20%7C%20FortiGuard%20Labs&npa=0&pscdl=noapi&auid=603154757.1735806123&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dfwYEFJQUJBPRdMRJWsOuVvKe8gcX-m4RzedDckncrBZoG_CU&random=1805532173&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::63 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 02 Jan 2025 08:22:03 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ransomware-roundup-interlock;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6144490074789.548
10104846.fls.doubleclick.net/activityi;dc_pre=CMSPlNvN1ooDFaFlRwEdeZ8lew;src=10104846;type=sitew00;cat=sitew006;u3=https://www.fortinet.com/blog/threat-research/ Frame ACBF
Redirect Chain
  • https://10104846.fls.doubleclick.net/activityi;src=10104846;type=sitew00;cat=sitew006;u3=https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock;dc_lat=;dc_rdid=;tag_for_child_di...
  • https://10104846.fls.doubleclick.net/activityi;dc_pre=CMSPlNvN1ooDFaFlRwEdeZ8lew;src=10104846;type=sitew00;cat=sitew006;u3=https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://10104846.fls.doubleclick.net/activityi;dc_pre=CMSPlNvN1ooDFaFlRwEdeZ8lew;src=10104846;type=sitew00;cat=sitew006;u3=https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6144490074789.548?
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.201.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f148.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fortinet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
2132
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Jan 2025 08:22:03 GMT
expires
Thu, 02 Jan 2025 08:22:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Jan 2025 08:22:03 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10104846.fls.doubleclick.net/activityi;dc_pre=CMSPlNvN1ooDFaFlRwEdeZ8lew;src=10104846;type=sitew00;cat=sitew006;u3=https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6144490074789.548?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-5pJDzxmb' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-5pJDzxmb' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=14, rtx=0, c=23, mss=1232, tbw=4506, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
vVJHrt/1lvM2xaJttiwxu7YfTBIo3DHdGWUygPuXqzH+RUAu3qn4DGQDauhrgTZIV65gGqCZTJnAGl6Zivb66w==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62282
x-xss-protection
0
origin-agent-cluster
?1
siteanalyze_6033413.js
siteimproveanalytics.com/js/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteimproveanalytics.com/js/siteanalyze_6033413.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a3ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
207cf18dd6b5c283f5c1f2ad622dbdf57b13426727b840de705a66405fc37ea4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"7d99f692e7d388db5d44c38318be4b32"
age
6700
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hnQ3%2Fq8dKUwZhrmS8XT%2BeBf2C%2BuViAj93o%2BVK5%2FvKZYgMWXwVI2OcpZ6SbXrJPYglXxBOTdPHNcDi6NWqCnjcajFES9c3sQcZLBRp59%2FBa5M24vHKCGxE067K7t6Vpu6%2BdI9EYXDH6mM0qTN3ZvC4n9prk3USEY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8212&min_rtt=7974&rtt_var=1875&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4184&recv_bytes=4278&delivery_rate=72982&cwnd=12000&unsent_bytes=0&cid=7b469a5cb92c55e7&ts=27&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 19 Nov 2024 19:07:27 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-amz-id-2
PkhGMrXDJ1Yvn0D2YN3xh/Q1OC6bgpPBOOANaiJdX0U6U00RXlznzZvFzOFQB9dnBcmpHJV6YtE=
cache-control
max-age=86400, no-transform
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
1308XSHA8148CB6R
cf-ray
8fb956d03d3043f2-EWR
accept-ranges
bytes
content-length
11721
server
cloudflare
sa.css
tags.srv.stackadapt.com/ 		65 B
203 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.175.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-175-245.compute-1.amazonaws.com
Software
/
Resource Hash
749cb20f8dd0c7db6df84c56298bedf97323c71f0c891be605820a2071e846e7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

access-control-allow-origin
*
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
65
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
text/css
sa.jpeg
tags.srv.stackadapt.com/ 		0
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.175.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-175-245.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

access-control-allow-origin
*
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
651
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
image/jpeg
gif.gif
ibc-flow.techtarget.com/a/ 		43 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=1247773&r=1735806123530&ref=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&version=2.4
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.208.111.34.bc.googleusercontent.com
Software
nginx/1.20.2 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
ibc_rate_tier
1247773
Referer
https://www.fortinet.com/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=7uenZA==, md5=/JT7DD7YqPkJ28djCgmH/w==
etag
"fc94fb0c3ed8a8f909dbc7630a0987ff"
access-control-allow-methods
GET, POST, OPTIONS
x-goog-stored-content-encoding
identity
expires
Thu, 02 Jan 2025 09:22:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
43
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
image/gif
last-modified
Thu, 08 Dec 2022 21:19:29 GMT
vary
Origin
x-guploader-uploadid
AFiumC4Jr1-m07vAhsH_iLEAyctrnKLWiE6M8FaoBzZAW8itEISkVZ56Eptod0Sso1uOIMiB
access-control-allow-headers
ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
cache-control
public, max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1670534369365034
content-length
43
server
nginx/1.20.2
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:5::17c7:3727 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
e6b8a90a2870483ace67380ff4a64b39bfecb7952a432393470d76a6614fc62c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
max-age=16976
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
14634
date
Thu, 02 Jan 2025 08:22:03 GMT
last-modified
Mon, 02 Dec 2024 19:22:52 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
gif.gif
ibc-flow.techtarget.com/a/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=1247773&r=1735806123530&ref=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&version=2.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.208.111.34.bc.googleusercontent.com
Software
nginx/1.20.2 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
ibc_rate_tier
Access-Control-Request-Method
GET
Origin
https://www.fortinet.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 02 Jan 2025 08:22:03 GMT
expires
Thu, 02 Jan 2025 08:22:03 GMT
server
nginx/1.20.2
vary
Origin
via
1.1 google
x-guploader-uploadid
AFiumC7R6e2X-3RRDupy75lTzcYDqNtzMc17OcI-5O6xV4fNOFw4IwYNT6jrxPv7_84iDK1D
is
3.212.39.155/ 		32 B
437 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://3.212.39.155/is?cb=1735806123544
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.212.39.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-39-155.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
49b6ae29845094b31c235d9d3a9fe3663a845583291ea68c37d91341e0f31a54

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

x-envoy-upstream-service-time
1
connection
close
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
x-application-context
application:prod:8080
content-length
32
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
text/plain;charset=utf-8
server
istio-envoy
access-control-allow-headers
Accept, Content-Type, x-requested-with, X-Custom-Header
NRJS-5566e73879405a23f6d
bam.nr-data.net/events/1/ 		24 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/NRJS-5566e73879405a23f6d?a=1386204789&sa=1&v=1.266.0&t=Unnamed%20Transaction&rst=1530&ck=0&s=f454af5a8d179db5&ref=https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock&ptid=82f0cad3b9938668
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.fortinet.com/

Response headers

Connection
keep-alive
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
access-control-allow-origin
https://www.fortinet.com
Content-Length
24
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
image/gif
x-served-by
cache-lga21983-LGA
attribution_trigger
px.ads.linkedin.com/ 		2 B
763 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=7120%2C2159050%2C4628290%2C6313418&time=1735806123564&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*
Referer
https://www.fortinet.com/

Response headers

x-li-pop
afd-prod-lor1-x
content-encoding
gzip
x-fs-uuid
00062ab4db65f1ad82303ced7eccb76b
x-msedge-ref
Ref A: 21C9E76DB6C74B7BAAF6E68C3737178E Ref B: EWR30EDGE0317 Ref C: 2025-01-02T08:22:03Z
x-li-fabric
prod-lor1
x-restli-protocol-version
1.0.0
access-control-allow-methods
GET, OPTIONS
x-li-uuid
AAYqtNtl8a2CMDztfsy3aw==
x-li-proto
http/2
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
application/json
access-control-allow-headers
*
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=7120%2C2159050%2C4628290%2C6313418&time=1735806123564&li_adsId=86366531-ceb5-4cdc-b9d1-f02f3964f5b9&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fth...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D7120%252C2159050%252C4628290%252C6313418%26time%3D1735806123564%26li_adsId%3D8636...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=7120%2C2159050%2C4628290%2C6313418&time=1735806123564&li_adsId=86366531-ceb5-4cdc-b9d1-f02f3964f5b9&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fth...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=7120%2C2159050%2C4628290%2C6313418&time=1735806123564&li_adsId=86366531-ceb5-4cdc-b9d1-f02f3964f5b9&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Ft...
0
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=7120%2C2159050%2C4628290%2C6313418&time=1735806123564&li_adsId=86366531-ceb5-4cdc-b9d1-f02f3964f5b9&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&liSync=true&e_ipv6=AQID17C9Vb1EjgAAAZQmG39nRWsApSzxMWX0g6V3qdVqt28MKcbKGD1V-o9f33OZMl6wZ6TyhEtzApZaWzXMmOjimDQZvqw
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: E1C19201B0434EB2B2CDF03F422AB271 Ref B: EWR30EDGE0314 Ref C: 2025-01-02T08:22:03Z
x-li-fabric
prod-ltx1
x-li-uuid
AAYqtNtrFT2+U+m4HE+FzA==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
application/javascript

Redirect headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=7120%2C2159050%2C4628290%2C6313418&time=1735806123564&li_adsId=86366531-ceb5-4cdc-b9d1-f02f3964f5b9&url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&liSync=true&e_ipv6=AQID17C9Vb1EjgAAAZQmG39nRWsApSzxMWX0g6V3qdVqt28MKcbKGD1V-o9f33OZMl6wZ6TyhEtzApZaWzXMmOjimDQZvqw
x-msedge-ref
Ref A: BD88238B05784CBFA909043A4366F14F Ref B: EWR30EDGE0219 Ref C: 2025-01-02T08:22:03Z
x-li-fabric
prod-ltx1
x-li-uuid
AAYqtNtpi8QcMQV0T+UJKw==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Thu, 02 Jan 2025 08:22:03 GMT
/
pixels.argusplatform.com/wh/track/ 		205 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixels.argusplatform.com/wh/track/?site_id=C6AC00C8269540D0ABFF19F1B5558B6D&visitor_id=1735806124347331734&event_type=page_request&timestamp=1735806124&page_title=Ransomware%20Roundup%20-%20Interlock%20%7C%20FortiGuard%20Labs&page_url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&page_url_referer=
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2ed114345dab0a74e1c81b100e3db108ff86464854f3159d005fac67413454b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

request-context
appId=cid-v1:ead16ead-3a47-42dd-aec9-91a1bbb42ff5
strict-transport-security
max-age=31536000
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
application/json; charset=utf-8
x-azure-ref
20250102T082203Z-156796c549bkrq8hhC1EWR4ggg0000000hbg000000002dp3
sa.jpeg
tags.srv.stackadapt.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.175.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-175-245.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

access-control-allow-origin
*
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
651
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
image/jpeg
177020962864941
connect.facebook.net/signals/config/ 		70 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/177020962864941?v=2.9.179&r=stable&domain=www.fortinet.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c8ab7a6c910bf3dd6027dd6a7cc5ee53aff303e494b02168a0ac30040682eb17
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-QxKTlqvI' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-QxKTlqvI' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=13, rtx=0, c=75, mss=1232, tbw=71256, tp=67, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
aG8R94yWW3lbAHJ5dW2SMG9eoFliS0k6nCzHlWUbzz9B6FopzP+6a85yVGwM0qbYdF5TSkcbeAZLlLkzPfAGtQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
14261
x-xss-protection
0
origin-agent-cluster
?1
adsct
t.co/i/ 		43 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&dv=Pacific%2FHonolulu%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2648%2624%261600%261200%260%26na&eci=2&event_id=84a7ec79-126f-4821-baf0-d051fb14b53d&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a8ca8a8c-8b3e-4f1b-b62e-a0c1ebc65cba&tw_document_href=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o6ezf&type=javascript&version=2.3.31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

strict-transport-security
max-age=0
x-transaction-id
1ae1a8ef81a7814d
cache-control
no-cache, no-store, max-age=0
x-connection-hash
738bcdd2821c7fa64dcd00cff29410b6f19097b559cffc5fda9c3afe6cea39fe
cf-cache-status
DYNAMIC
cf-ray
8fb956d0d8d7de9a-EWR
x-response-time
84
content-length
43
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_b
adsct
analytics.twitter.com/i/ 		43 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&dv=Pacific%2FHonolulu%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2648%2624%261600%261200%260%26na&eci=2&event_id=84a7ec79-126f-4821-baf0-d051fb14b53d&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a8ca8a8c-8b3e-4f1b-b62e-a0c1ebc65cba&tw_document_href=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o6ezf&type=javascript&version=2.3.31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

strict-transport-security
max-age=631138519
x-transaction-id
daac9b25efcc6af0
cache-control
no-cache, no-store, max-age=0
x-connection-hash
8807f1de6ccf80e6cbd25054df49dd7ebc1f394df8e63db71444a0ffac84c8f5
x-response-time
76
content-length
43
date
Thu, 02 Jan 2025 08:22:03 GMT
perf
7402827104
content-type
image/gif;charset=utf-8
server
tsa_b
adsct
t.co/i/ 		43 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&dv=Pacific%2FHonolulu%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2648%2624%261600%261200%260%26na&eci=2&event_id=592ff7f3-dcdd-40fd-b7e7-cd8308bd5342&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a8ca8a8c-8b3e-4f1b-b62e-a0c1ebc65cba&tw_document_href=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o72wb&type=javascript&version=2.3.31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

strict-transport-security
max-age=0
x-transaction-id
f28664f2284f20cc
cache-control
no-cache, no-store, max-age=0
x-connection-hash
354f6946a4c01e081af56461fe2bd0a194d03c2a9853019303df676b3233a107
cf-cache-status
DYNAMIC
cf-ray
8fb956d0d8d8de9a-EWR
x-response-time
71
content-length
43
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_b
adsct
analytics.twitter.com/i/ 		43 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&dv=Pacific%2FHonolulu%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2648%2624%261600%261200%260%26na&eci=2&event_id=592ff7f3-dcdd-40fd-b7e7-cd8308bd5342&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a8ca8a8c-8b3e-4f1b-b62e-a0c1ebc65cba&tw_document_href=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o72wb&type=javascript&version=2.3.31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

strict-transport-security
max-age=631138519
x-transaction-id
5e2fc11bdfa7d913
cache-control
no-cache, no-store, max-age=0
x-connection-hash
8807f1de6ccf80e6cbd25054df49dd7ebc1f394df8e63db71444a0ffac84c8f5
x-response-time
6
content-length
43
date
Thu, 02 Jan 2025 08:22:03 GMT
perf
7402827104
content-type
image/gif;charset=utf-8
server
tsa_b
adsct
t.co/i/ 		43 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&dv=Pacific%2FHonolulu%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2648%2624%261600%261200%260%26na&eci=2&event_id=7dd54076-b44c-417e-80e8-087077db3cfb&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a8ca8a8c-8b3e-4f1b-b62e-a0c1ebc65cba&tw_document_href=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxlzj&type=javascript&version=2.3.31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

strict-transport-security
max-age=0
x-transaction-id
7978e323a305c2ce
cache-control
no-cache, no-store, max-age=0
x-connection-hash
713531d6975916f1cffe7bdc7abfaec6365890581106676b0de51ad83421e772
cf-cache-status
DYNAMIC
cf-ray
8fb956d0d8dade9a-EWR
x-response-time
86
content-length
43
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_b
adsct
analytics.twitter.com/i/ 		43 B
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&dv=Pacific%2FHonolulu%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2648%2624%261600%261200%260%26na&eci=2&event_id=7dd54076-b44c-417e-80e8-087077db3cfb&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a8ca8a8c-8b3e-4f1b-b62e-a0c1ebc65cba&tw_document_href=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxlzj&type=javascript&version=2.3.31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

strict-transport-security
max-age=631138519
x-transaction-id
dc0c25fa8b65601d
cache-control
no-cache, no-store, max-age=0
x-connection-hash
8807f1de6ccf80e6cbd25054df49dd7ebc1f394df8e63db71444a0ffac84c8f5
x-response-time
6
content-length
43
date
Thu, 02 Jan 2025 08:22:03 GMT
perf
7402827104
content-type
image/gif;charset=utf-8
server
tsa_b
s29863615651765
metrics.fortinet.com/b/ss/fortinetincproduction/1/JS-2.27.0-LEWM/ 		43 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.fortinet.com/b/ss/fortinetincproduction/1/JS-2.27.0-LEWM/s29863615651765?AQB=1&ndh=1&pf=1&t=1%2F0%2F2025%2022%3A22%3A3%203%20600&sdid=6562704549CD5AB4-2E95DF59ED7A82A2&mid=19547725784456508053899750086620924793&aamlh=7&ce=UTF-8&pageName=en%3Ablog%3Athreat-research%3Aransomware-roundup-interlock&g=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&cc=USD&events=event3&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=www.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&v3=%2B1&c7=Entire%20Site&c8=New&v25=19547725784456508053899750086620924793&v27=BLOG&v33=en%3Ablog%3Athreat-research%3Aransomware-roundup-interlock&v35=Enabled&v92=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&v97=Shunichi%20Imano%20and%20Fred%20Gutierrez&v98=November%2029%2C%202024&v106=New%20York%20City&v107=New%20York&v108=United%20States&v126=NA&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=ED8739F75677FE917F000101%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.39.35 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-39-35.data.adobedc.net
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store, max-age=0, no-transform, private
pragma
no-cache
etag
3727615265583497216-4618500359982221419
x-content-type-options
nosniff
expires
Wed, 01 Jan 2025 08:22:03 GMT
access-control-allow-origin
*
p3p
CP="This is not a P3P policy"
content-length
43
date
Thu, 02 Jan 2025 08:22:03 GMT
x-xss-protection
1; mode=block
last-modified
Fri, 03 Jan 2025 08:22:03 GMT
vary
*
server
jag
content-type
image/gif;charset=utf-8
image.aspx
6033413.global.siteimproveanalytics.io/ 		34 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://6033413.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&title=Ransomware%20Roundup%20-%20Interlock%20%7C%20FortiGuard%20Labs&res=1600x1200&accountid=6033413&rt=1625&prev=ea93e379-037a-5042-3237-599afe9a5422&luid=642658f0-9b9b-e2ce-1b82-7c61995c1dce&rnd=71725
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.142.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-142-145.compute-1.amazonaws.com
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

expires
Thu, 02 Jan 2025 08:22:03 UTC
cache-control
max-age=0
content-length
34
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
image/gif
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=177020962864941&ev=PageView&dl=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&rl=&if=false&ts=1735806123656&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1735806123654.599545932972220204&ler=empty&cdl=API_unavailable&it=1735806123596&coo=false&exp=j3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=12, rtx=0, c=23, mss=1232, tbw=4507, tp=9, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=177020962864941&ev=PageView&dl=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&rl=&if=false&ts=1735806123656&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1735806123654.599545932972220204&ler=empty&cdl=API_unavailable&it=1735806123596&coo=false&exp=j3&rqm=FGET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7455230531652467964"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xf77e856888256f1c","source_keys":["1"]}],"aggregatable_values":{"1":10922},"aggregatable_source_registration_time":"exclude","filters":{"3":["1473595392721544"]},"debug_reporting":true,"debug_key":"356421916222369053"}
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
Xx+r1AWSAipyJErDl84VKp43LM7D/KuugaYcgx8de+zWqsB356kP94+GarZJ79gUnjpb/9bbZb6g6P5dw5gSIA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7455230531652467964", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=12, rtx=0, c=23, mss=1232, tbw=4905, tp=13, tpl=0, uplat=109, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
73871aa4-5ac2-4a47-a667-eac59aaee203
https://www.fortinet.com/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.fortinet.com/73871aa4-5ac2-4a47-a667-eac59aaee203
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
Content-Length
43
saq_pxl
tags.srv.stackadapt.com/ 		138 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=NZlTqtu9vowXrexrDZrWUA&is_js=true&landing_url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&t=Ransomware%20Roundup%20-%20Interlock%20%7C%20FortiGuard%20Labs&tip=DN_uq8-Im5cK8zHGR0_3_d833BWzTLSDzocAfmL457Q&host=https%3A%2F%2Fwww.fortinet.com&sa_conv_data_css_value=%270-25a744f8-f721-5f4c-5833-b7c07c020435%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd925a744f8f7215f4c5833b7c07c02043505b5ea86&l_src=&l_src_d=&u_src=&u_src_d=&shop=false&sa-user-id-v3=s%253AAQAKIEgH5wOz9NO5PStU46rmbXzsJbTOzAYU5i4bqwST5fnMENYBGAQgq5nZuwYwAToExbdv9kIE0LbzjA.VYXuQj5AZNlYkigVmZPVprzlw8KH4MIOYYabas%252BRkJc&sa-user-id-v2=s%253AJadE-PchX0xYM7fAfAIENQW16oY.I0gVsW9vUsRw%252FlJy784VzsJ0%252BS%252BhBRQYobq984cW3Og&sa-user-id=s%253A0-25a744f8-f721-5f4c-5833-b7c07c020435.n3VLlkvMT4bFhhGcwJJ84ljjIxj3Xj4EyRm%252FCR5gApo
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.175.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-175-245.compute-1.amazonaws.com
Software
/
Resource Hash
e1132f3948b84a67d82e91f47f44d9d8dbbbe4b8c86bcbcf1c0774bb73ccfbc0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

access-control-allow-methods
GET
access-control-allow-origin
https://www.fortinet.com
content-length
138
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
text/plain; charset=utf-8
access-control-allow-credentials
true
access-control-allow-headers
*
saq_pxl
tags.srv.stackadapt.com/ 		138 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=kcdPQbWRrikzOaW0iSiObg&is_js=true&landing_url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&t=Ransomware%20Roundup%20-%20Interlock%20%7C%20FortiGuard%20Labs&tip=DN_uq8-Im5cK8zHGR0_3_d833BWzTLSDzocAfmL457Q&host=https%3A%2F%2Fwww.fortinet.com&sa_conv_data_css_value=%270-25a744f8-f721-5f4c-5833-b7c07c020435%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd925a744f8f7215f4c5833b7c07c02043505b5ea86&l_src=&l_src_d=&u_src=&u_src_d=&shop=false&sa-user-id-v3=s%253AAQAKIEgH5wOz9NO5PStU46rmbXzsJbTOzAYU5i4bqwST5fnMENYBGAQgq5nZuwYwAToExbdv9kIE0LbzjA.VYXuQj5AZNlYkigVmZPVprzlw8KH4MIOYYabas%252BRkJc&sa-user-id-v2=s%253AJadE-PchX0xYM7fAfAIENQW16oY.I0gVsW9vUsRw%252FlJy784VzsJ0%252BS%252BhBRQYobq984cW3Og&sa-user-id=s%253A0-25a744f8-f721-5f4c-5833-b7c07c020435.n3VLlkvMT4bFhhGcwJJ84ljjIxj3Xj4EyRm%252FCR5gApo
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.175.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-175-245.compute-1.amazonaws.com
Software
/
Resource Hash
1ebf4765c39e042319d8cc3f4070ef97c89b6e18a3f28bcec0bb7e58a9042a8f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

access-control-allow-methods
GET
access-control-allow-origin
https://www.fortinet.com
content-length
138
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
text/plain; charset=utf-8
access-control-allow-credentials
true
access-control-allow-headers
*
fp.min.js
cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/ 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
99dc3803d1f19c8103f79f834044b2afd4c8af5b7927efbd36b1052d528b40ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"83f4-k1lBXMQZh0ZUAAhwylRSOHXBLBY"
age
31638
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220049-FRA, cache-lga21921-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
13749
x-jsd-version
3.4.2
site-visitors
intentstream.contanuity.com/api/ 		115 B
374 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://intentstream.contanuity.com/api/site-visitors?pageIdentifier=fortinet_2712
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.226.187.177 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-226-187-177.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
930494fef37c0c702073ceeddd12da067bba2824f8eba39e1f9a3c5332bec6b6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
x-pixel-auth
true
Referer
https://www.fortinet.com/

Response headers

strict-transport-security
max-age=15724800; includeSubdomains
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
https://www.fortinet.com
content-length
115
date
Thu, 02 Jan 2025 08:22:03 GMT
content-type
application/json; charset=utf-8
vary
origin
server
nginx
site-visitors
intentstream.contanuity.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://intentstream.contanuity.com/api/site-visitors?pageIdentifier=fortinet_2712
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.226.187.177 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-226-187-177.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-pixel-auth
Access-Control-Request-Method
GET
Origin
https://www.fortinet.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match,x-pixel-auth
access-control-allow-methods
GET
access-control-allow-origin
https://www.fortinet.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
access-control-max-age
86400
cache-control
no-cache
content-length
0
date
Thu, 02 Jan 2025 08:22:03 GMT
server
nginx
strict-transport-security
max-age=15724800; includeSubdomains
https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock
abm-tracking.demandscience.com/page-tracking/fortinet_2712/ 		2 B
665 B 		Script
General
Check archive.org
Download Go to
Full URL
https://abm-tracking.demandscience.com/page-tracking/fortinet_2712/https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock?visitorId=d6537317bffb3b903736e7239c156559_1735806123915&&clientId=undefined&&cookieEnabled=true
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.32.164.86 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-164-86.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate
Pragma
no-cache
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Connection
keep-alive
Access-Control-Allow-Methods
GET, POST, OPTIONS, PUT, PATCH, DELETE
Expires
-1
Access-Control-Allow-Origin
*
Content-Length
2
Date
Thu, 02 Jan 2025 08:22:03 GMT
Content-Type
application/json; charset=utf-8
X-Powered-By
Express
Server
nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
img.gif
b.6sc.co/v1/beacon/ 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=5eeecf22b2d12a77a14639dce97b7a36&svisitor=null&visitor=6c2a5ace-37ee-47a7-8a08-11e721dce565&session=2e60489d-25b7-4432-835c-6a86ee711f27&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2002%20Jan%202025%2008%3A22%3A03%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2002%20Jan%202025%2008%3A22%3A02%20GMT%22%2C%22timeSpent%22%3A%221005%22%2C%22totalTimeSpent%22%3A%221005%22%7D&isIframe=false&m=%7B%22description%22%3A%22Interlock%20is%20a%20recent%20ransomware%20variant%20that%20has%20victimized%20organizations%20in%20the%20United%20States%20and%20Italy%2C%20but%20may%20have%20hit%20other%20countries.%20The%20ransomware%20affects%20not%20only%20Windows%2C%20but%20also%20the%20FreeBSD%20platform.%20Read%20more.%22%2C%22keywords%22%3A%22FortiGuard%20Labs%20Threat%20Research%2CRansomware%20Roundup%22%2C%22title%22%3A%22Ransomware%20Roundup%20-%20Interlock%20%7C%20FortiGuard%20Labs%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&pageViewId=24c97bc1-f558-4cd1-84e8-b1c336cdfda2&ipv6=2a0d%3A5600%3A24%3A1500%3A1011%3Ae5b3%3A3f85%3A8165&v=1.1.31
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.251.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-251-17.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"60bb2e15-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Thu, 02 Jan 2025 08:22:04 GMT
accept-ranges
bytes
content-length
43
date
Thu, 02 Jan 2025 08:22:04 GMT
content-type
image/gif
last-modified
Sat, 05 Jun 2021 07:56:05 GMT
server
nginx/1.14.0 (Ubuntu)
tracking
tracking.contanuity.com/ 		2 B
769 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.contanuity.com/tracking?visitorId=d6537317bffb3b903736e7239c156559_1735806123915&&clientId=undefined&&cookieEnabled=true
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.203.236.163 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-236-163.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate
Pragma
no-cache
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Connection
keep-alive
Access-Control-Allow-Methods
GET, POST, OPTIONS, PUT, PATCH, DELETE
Expires
-1
Access-Control-Allow-Origin
*
Content-Length
2
Date
Thu, 02 Jan 2025 08:22:04 GMT
Content-Type
application/json; charset=utf-8
X-Powered-By
Express
Server
nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
/
px.ads.linkedin.com/wa/ 		0
251 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*
Content-Type
text/plain;charset=UTF-8

Response headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 2DCCE523EB7D4E50B862A6A40ECE1BDF Ref B: EWR30EDGE0219 Ref C: 2025-01-02T08:22:04Z
x-li-fabric
prod-ltx1
access-control-allow-credentials
true
x-li-uuid
AAYqtNtsYoD7B+A7BgBfdg==
x-li-proto
http/2
access-control-allow-origin
https://www.fortinet.com
x-cache
CONFIG_NOCACHE
date
Thu, 02 Jan 2025 08:22:03 GMT
vary
Origin
gtm.js
www.googletagmanager.com/ 		193 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M4NSPPXN
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8b4c855e309b10616a853822e4b11f2c6263ca07766b1e8dbd052e4bd008efaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Thu, 02 Jan 2025 08:22:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 02 Jan 2025 08:22:04 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 02 Jan 2025 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
70807
x-xss-protection
0
server
Google Tag Manager
usersync
tracking.contanuity.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/contanuity?buyer_user_id=d6537317bffb3b903736e7239c156559_1735806123915
  • https://match.prod.bidr.io/cookie-sync/contanuity?buyer_user_id=d6537317bffb3b903736e7239c156559_1735806123915&_bee_ppp=1
  • https://tracking.contanuity.com/usersync?bwcookie=AAN2JU7O7JkAABYVNwQl4w
0
0
/
webtracker.argusplatform.com/wh/track/ 		205 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://webtracker.argusplatform.com/wh/track/?site_id=C6AC00C8269540D0ABFF19F1B5558B6D&visitor_id=1735806124347331734&event_type=page_request&timestamp=1735806124&page_title=Ransomware%20Roundup%20-%20Interlock%20%7C%20FortiGuard%20Labs&page_url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&page_url_referer=
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2ed114345dab0a74e1c81b100e3db108ff86464854f3159d005fac67413454b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

request-context
appId=cid-v1:ead16ead-3a47-42dd-aec9-91a1bbb42ff5
strict-transport-security
max-age=31536000
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Thu, 02 Jan 2025 08:22:04 GMT
content-type
application/json; charset=utf-8
x-azure-ref
20250102T082204Z-156796c549bnw5nxhC1EWRp38s0000000kag0000000000nu
img.gif
b.6sc.co/v1/beacon/ 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=5eeecf22b2d12a77a14639dce97b7a36&svisitor=null&visitor=6c2a5ace-37ee-47a7-8a08-11e721dce565&session=2e60489d-25b7-4432-835c-6a86ee711f27&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2002%20Jan%202025%2008%3A22%3A05%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2002%20Jan%202025%2008%3A22%3A03%20GMT%22%2C%22timeSpent%22%3A%221004%22%2C%22totalTimeSpent%22%3A%222009%22%7D&isIframe=false&m=%7B%22description%22%3A%22Interlock%20is%20a%20recent%20ransomware%20variant%20that%20has%20victimized%20organizations%20in%20the%20United%20States%20and%20Italy%2C%20but%20may%20have%20hit%20other%20countries.%20The%20ransomware%20affects%20not%20only%20Windows%2C%20but%20also%20the%20FreeBSD%20platform.%20Read%20more.%22%2C%22keywords%22%3A%22FortiGuard%20Labs%20Threat%20Research%2CRansomware%20Roundup%22%2C%22title%22%3A%22Ransomware%20Roundup%20-%20Interlock%20%7C%20FortiGuard%20Labs%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&pageViewId=24c97bc1-f558-4cd1-84e8-b1c336cdfda2&ipv6=2a0d%3A5600%3A24%3A1500%3A1011%3Ae5b3%3A3f85%3A8165&v=1.1.31
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.251.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-251-17.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"60bb2e15-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Thu, 02 Jan 2025 08:22:05 GMT
accept-ranges
bytes
content-length
43
date
Thu, 02 Jan 2025 08:22:05 GMT
content-type
image/gif
last-modified
Sat, 05 Jun 2021 07:56:05 GMT
server
nginx/1.14.0 (Ubuntu)
st
px.mountain.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://px.mountain.com/st?ga_tracking_id=G-38BQ9XFDT4%3BG-JH142QCQCJ&ga_client_id=1739739365.1735806123&shpt=Ransomware%20Roundup%20-%20Interlock%20%7C%20FortiGuard%20Labs&ga_info=%7B%22status%22%3A%22One%20of%20the%20required%20properties%20not%20evaluated%20(mntnis%2C%20ga_tracking_id%2C%20ga_client_id%2C%20shpt).%22%2C%22available_ga%22%3A%5B%7B%22id%22%3A%22G-38BQ9XFDT4%22%2C%22sess_id%22%3A%221735806123%22%7D%2C%7B%22id%22%3A%22G-JH142QCQCJ%22%2C%22sess_id%22%3Anull%7D%5D%2C%22ga_tracking_id%22%3A%22G-38BQ9XFDT4%3BG-JH142QCQCJ%22%2C%22ga_client_id%22%3A%221739739365.1735806123%22%2C%22shpt%22%3A%22Ransomware%20Roundup%20-%20Interlock%20%7C%20FortiGuard%20Labs%22%2C%22dcm_cid%22%3A%221735806123.1%22%2C%22adobe_analytics%22%3A%7B%7D%2C%22mntnis%22%3A%22F9gH2mQqI7%2FQl4%2F23ZXTz8TSYdmeB%2Fkm%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A9%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%7D&dcm_cid=1735806123.1&available_ga=%5B%7B%22id%22%3A%22G-38BQ9XFDT4%22%2C%22sess_id%22%3A%221735806123%22%7D%2C%7B%22id%22%3A%22G-JH142QCQCJ%22%2C%22sess_id%22%3Anull%7D%5D&hardcoded_ga=&dxver=4.0.0&shaid=32336&plh=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&cb=64316805657881600term%3Dvalue&shadditional=sh_conversion%3DSHBLOCK%2Cgoogletagmanager%3Dtrue%2Cmediamath%3Dtrue%2Cga4%3Dtrue%2Cappnexus%3Dtrue
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.32.231.34 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-231-34.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
c8f3c27543f1d6e49d9d93ed7afb875cf4208c9d67e00949c61e39dd2817dcb8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

transfer-encoding
chunked
content-encoding
gzip
x-envoy-upstream-service-time
1
connection
close
access-control-allow-origin
*
p3p
CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
date
Thu, 02 Jan 2025 08:22:05 GMT
content-type
application/javascript;charset=utf-8
server
istio-envoy
gs
gs.mountain.com/ 		144 B
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gs.mountain.com/gs
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.12.117.226 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-12-117-226.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
eae36d96564f7969bc74e01c87295668b356326b4915f0e1c6069c7578deca48

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
public, max-age=31536000
x-envoy-upstream-service-time
1
connection
close
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
x-application-context
application:prod:8080
p3p
CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
date
Thu, 02 Jan 2025 08:22:06 GMT
content-length
144
content-type
application/javascript;charset=utf-8
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
istio-envoy
access-control-allow-headers
Accept, Content-Type, x-requested-with, X-Custom-Header
img.gif
b.6sc.co/v1/beacon/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=5eeecf22b2d12a77a14639dce97b7a36&svisitor=null&visitor=6c2a5ace-37ee-47a7-8a08-11e721dce565&session=2e60489d-25b7-4432-835c-6a86ee711f27&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2002%20Jan%202025%2008%3A22%3A06%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2002%20Jan%202025%2008%3A22%3A05%20GMT%22%2C%22timeSpent%22%3A%221004%22%2C%22totalTimeSpent%22%3A%223013%22%7D&isIframe=false&m=%7B%22description%22%3A%22Interlock%20is%20a%20recent%20ransomware%20variant%20that%20has%20victimized%20organizations%20in%20the%20United%20States%20and%20Italy%2C%20but%20may%20have%20hit%20other%20countries.%20The%20ransomware%20affects%20not%20only%20Windows%2C%20but%20also%20the%20FreeBSD%20platform.%20Read%20more.%22%2C%22keywords%22%3A%22FortiGuard%20Labs%20Threat%20Research%2CRansomware%20Roundup%22%2C%22title%22%3A%22Ransomware%20Roundup%20-%20Interlock%20%7C%20FortiGuard%20Labs%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&pageViewId=24c97bc1-f558-4cd1-84e8-b1c336cdfda2&ipv6=2a0d%3A5600%3A24%3A1500%3A1011%3Ae5b3%3A3f85%3A8165&v=1.1.31
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.251.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-251-17.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"63f020a0-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Thu, 02 Jan 2025 08:22:06 GMT
accept-ranges
bytes
content-length
43
date
Thu, 02 Jan 2025 08:22:06 GMT
content-type
image/gif
last-modified
Sat, 18 Feb 2023 00:49:36 GMT
server
nginx/1.14.0 (Ubuntu)
st
px.mountain.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://px.mountain.com/st?ga_tracking_id=G-38BQ9XFDT4%3BG-JH142QCQCJ&ga_client_id=1739739365.1735806123&shpt=Ransomware%20Roundup%20-%20Interlock%20%7C%20FortiGuard%20Labs&ga_info=%7B%22status%22%3A%22One%20of%20the%20required%20properties%20not%20evaluated%20(mntnis%2C%20ga_tracking_id%2C%20ga_client_id%2C%20shpt).%22%2C%22available_ga%22%3A%5B%7B%22id%22%3A%22G-38BQ9XFDT4%22%2C%22sess_id%22%3A%221735806123%22%7D%2C%7B%22id%22%3A%22G-JH142QCQCJ%22%2C%22sess_id%22%3Anull%7D%5D%2C%22ga_tracking_id%22%3A%22G-38BQ9XFDT4%3BG-JH142QCQCJ%22%2C%22ga_client_id%22%3A%221739739365.1735806123%22%2C%22shpt%22%3A%22Ransomware%20Roundup%20-%20Interlock%20%7C%20FortiGuard%20Labs%22%2C%22dcm_cid%22%3A%221735806123.1%22%2C%22adobe_analytics%22%3A%7B%7D%2C%22mntnis%22%3A%22F9gH2mQqI7%2FQl4%2F23ZXTz8TSYdmeB%2Fkm%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A9%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%7D&dcm_cid=1735806123.1&available_ga=%5B%7B%22id%22%3A%22G-38BQ9XFDT4%22%2C%22sess_id%22%3A%221735806123%22%7D%2C%7B%22id%22%3A%22G-JH142QCQCJ%22%2C%22sess_id%22%3Anull%7D%5D&hardcoded_ga=&dxver=4.0.0&shaid=32336&plh=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&shadditional=sh_conversion%3DSHBLOCK%2Cgoogletagmanager%3Dtrue%2Cmediamath%3Dtrue%2Cga4%3Dtrue%2Cappnexus%3Dtrue&cb=173580612587765&shguid=789354b5-eaad-3985-b99a-f44edf03d833&shgts=1735806126209
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.32.231.34 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-231-34.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
390ae5c2ed59ab8a2e4d3b49ab2d84422d07433ba53b548bce339fc844fd7e9c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

transfer-encoding
chunked
content-encoding
gzip
x-envoy-upstream-service-time
20
connection
close
access-control-allow-origin
*
p3p
CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
date
Thu, 02 Jan 2025 08:22:06 GMT
content-type
application/javascript;charset=utf-8
server
istio-envoy
tdsync
px.steelhousemedia.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=a6d2c72d-c8e2-11ef-be12-d73037b54172&gdpr=&gdpr_consent=
  • https://px.steelhousemedia.com/tdsync?tdid=544cab45-6d92-41cc-bdd8-9dc0b0aadec1&shguid=a6d2c72d-c8e2-11ef-be12-d73037b54172
0
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.steelhousemedia.com/tdsync?tdid=544cab45-6d92-41cc-bdd8-9dc0b0aadec1&shguid=a6d2c72d-c8e2-11ef-be12-d73037b54172
Protocol
HTTP/1.1
Server
52.10.121.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-121-135.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

x-envoy-upstream-service-time
12
connection
close
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-length
0
date
Thu, 02 Jan 2025 08:22:06 GMT
server
istio-envoy
access-control-allow-headers
Accept, Content-Type, x-requested-with, X-Custom-Header

Redirect headers

location
https://px.steelhousemedia.com/tdsync?tdid=544cab45-6d92-41cc-bdd8-9dc0b0aadec1&shguid=a6d2c72d-c8e2-11ef-be12-d73037b54172
content-length
277
date
Thu, 02 Jan 2025 08:22:06 GMT
server
Kestrel
ibs:dpid=903&dpuuid=544cab45-6d92-41cc-bdd8-9dc0b0aadec1
dpm.demdex.net/
Redirect Chain
  • https://insight.adsrvr.org/track/evnt/?adv=6s0zaeu&ct=0:0bi0elf&fmt=3
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=544cab45-6d92-41cc-bdd8-9dc0b0aadec1&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=544cab45-6d92-41cc-bdd8-9dc0b0aadec1
42 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=903&dpuuid=544cab45-6d92-41cc-bdd8-9dc0b0aadec1
Protocol
H2
Server
50.19.69.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-69-177.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs
dcs-prod-va6-1-v068-0ed99c529.edge-va6.demdex.com 2 ms
content-encoding
gzip
pragma
no-cache
x-content-type-options
nosniff
x-tid
P8t3Z1aaQdk=
expires
Thu, 01 Jan 1970 00:00:00 UTC
content-length
59
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Thu, 02 Jan 2025 08:22:06 GMT
content-type
image/gif

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=903&dpuuid=544cab45-6d92-41cc-bdd8-9dc0b0aadec1
content-length
189
date
Thu, 02 Jan 2025 08:22:06 GMT
server
Kestrel
img.gif
b.6sc.co/v1/beacon/ 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=5eeecf22b2d12a77a14639dce97b7a36&svisitor=null&visitor=6c2a5ace-37ee-47a7-8a08-11e721dce565&session=2e60489d-25b7-4432-835c-6a86ee711f27&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2002%20Jan%202025%2008%3A22%3A07%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2002%20Jan%202025%2008%3A22%3A06%20GMT%22%2C%22timeSpent%22%3A%221004%22%2C%22totalTimeSpent%22%3A%224017%22%7D&isIframe=false&m=%7B%22description%22%3A%22Interlock%20is%20a%20recent%20ransomware%20variant%20that%20has%20victimized%20organizations%20in%20the%20United%20States%20and%20Italy%2C%20but%20may%20have%20hit%20other%20countries.%20The%20ransomware%20affects%20not%20only%20Windows%2C%20but%20also%20the%20FreeBSD%20platform.%20Read%20more.%22%2C%22keywords%22%3A%22FortiGuard%20Labs%20Threat%20Research%2CRansomware%20Roundup%22%2C%22title%22%3A%22Ransomware%20Roundup%20-%20Interlock%20%7C%20FortiGuard%20Labs%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&pageViewId=24c97bc1-f558-4cd1-84e8-b1c336cdfda2&ipv6=2a0d%3A5600%3A24%3A1500%3A1011%3Ae5b3%3A3f85%3A8165&v=1.1.31
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.251.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-251-17.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"63f02dad-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Thu, 02 Jan 2025 08:22:07 GMT
accept-ranges
bytes
content-length
43
date
Thu, 02 Jan 2025 08:22:07 GMT
content-type
image/gif
last-modified
Sat, 18 Feb 2023 01:45:17 GMT
server
nginx/1.14.0 (Ubuntu)
img.gif
b.6sc.co/v1/beacon/ 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=5eeecf22b2d12a77a14639dce97b7a36&svisitor=null&visitor=6c2a5ace-37ee-47a7-8a08-11e721dce565&session=2e60489d-25b7-4432-835c-6a86ee711f27&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2002%20Jan%202025%2008%3A22%3A08%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2002%20Jan%202025%2008%3A22%3A07%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%225017%22%7D&isIframe=false&m=%7B%22description%22%3A%22Interlock%20is%20a%20recent%20ransomware%20variant%20that%20has%20victimized%20organizations%20in%20the%20United%20States%20and%20Italy%2C%20but%20may%20have%20hit%20other%20countries.%20The%20ransomware%20affects%20not%20only%20Windows%2C%20but%20also%20the%20FreeBSD%20platform.%20Read%20more.%22%2C%22keywords%22%3A%22FortiGuard%20Labs%20Threat%20Research%2CRansomware%20Roundup%22%2C%22title%22%3A%22Ransomware%20Roundup%20-%20Interlock%20%7C%20FortiGuard%20Labs%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&pageViewId=24c97bc1-f558-4cd1-84e8-b1c336cdfda2&ipv6=2a0d%3A5600%3A24%3A1500%3A1011%3Ae5b3%3A3f85%3A8165&v=1.1.31
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.251.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-251-17.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"60bb2e15-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Thu, 02 Jan 2025 08:22:08 GMT
accept-ranges
bytes
content-length
43
date
Thu, 02 Jan 2025 08:22:08 GMT
content-type
image/gif
last-modified
Sat, 05 Jun 2021 07:56:05 GMT
server
nginx/1.14.0 (Ubuntu)
pagecount
api.schemaapp.com/ 		256 B
460 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.schemaapp.com/pagecount
Requested by
Host: www.fortinet.com
URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.6.76.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-76-58.compute-1.amazonaws.com
Software
/
Resource Hash
bc7e9e9f3c7b92a586123fa8307f60371779d091f14f3372f69be992c0683b2e

Request headers

x-account-id
Fortinet
Referer
https://www.fortinet.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json
content-type
application/json
x-api-key
BiQcqdttWn7eunp8jvxM5oZl3DIx08J42LtTmaaj

Response headers

x-amzn-requestid
7eb1badc-fa47-4125-9f66-c59c4b224bf1
access-control-allow-origin
*
content-length
256
date
Thu, 02 Jan 2025 08:22:08 GMT
x-amz-apigw-id
DwDrnEkqoAMER2w=
content-type
application/json
x-amzn-trace-id
Root=1-67764cb0-4a3137e509d91bd452351955
pagecount
api.schemaapp.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.schemaapp.com/pagecount
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.6.76.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-76-58.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-account-id,x-api-key
Access-Control-Request-Method
POST
Origin
https://www.fortinet.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,x-account-id
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Thu, 02 Jan 2025 08:22:08 GMT
x-amz-apigw-id
DwDrmGIyoAMEEgQ=
x-amzn-requestid
b8d27ddd-79d1-42ee-bd80-9f80034a3081
x-amzn-trace-id
Root=1-67764cb0-5741c5344bed15c061fa160c
img.gif
b.6sc.co/v1/beacon/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=5eeecf22b2d12a77a14639dce97b7a36&svisitor=null&visitor=6c2a5ace-37ee-47a7-8a08-11e721dce565&session=2e60489d-25b7-4432-835c-6a86ee711f27&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2002%20Jan%202025%2008%3A22%3A09%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2002%20Jan%202025%2008%3A22%3A08%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%226018%22%7D&isIframe=false&m=%7B%22description%22%3A%22Interlock%20is%20a%20recent%20ransomware%20variant%20that%20has%20victimized%20organizations%20in%20the%20United%20States%20and%20Italy%2C%20but%20may%20have%20hit%20other%20countries.%20The%20ransomware%20affects%20not%20only%20Windows%2C%20but%20also%20the%20FreeBSD%20platform.%20Read%20more.%22%2C%22keywords%22%3A%22FortiGuard%20Labs%20Threat%20Research%2CRansomware%20Roundup%22%2C%22title%22%3A%22Ransomware%20Roundup%20-%20Interlock%20%7C%20FortiGuard%20Labs%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&pageViewId=24c97bc1-f558-4cd1-84e8-b1c336cdfda2&ipv6=2a0d%3A5600%3A24%3A1500%3A1011%3Ae5b3%3A3f85%3A8165&v=1.1.31
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.251.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-251-17.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.fortinet.com/

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"63f020a0-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Thu, 02 Jan 2025 08:22:09 GMT
accept-ranges
bytes
content-length
43
date
Thu, 02 Jan 2025 08:22:09 GMT
content-type
image/gif
last-modified
Sat, 18 Feb 2023 00:49:36 GMT
server
nginx/1.14.0 (Ubuntu)

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
stags.bluekai.com
URL
https://stags.bluekai.com/site/29931?id=72DA43C5F49A43AAA30B11F1478DBA9E
Domain
ad.doubleclick.net
URL
https://ad.doubleclick.net/activity;register_conversion=1;src=10050195;npa=0;auiddc=603154757.1735806123;ps=1;pcor=2083632089;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1v9185241837za200zb893708426;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock?
Domain
tracking.contanuity.com
URL
https://tracking.contanuity.com/usersync?bwcookie=AAN2JU7O7JkAABYVNwQl4w

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| NREUM object| webpackChunk:NRBA-1.266.0.PROD object| newrelic function| OptanonWrapper object| fortinet_blog object| EasyAutocomplete object| search_config boolean| blogFilter string| documentsQuery function| htmlEncode function| hideAutoComplete function| sitesearch_init function| sitesearch_search_callback function| sitesearch_countall_callback function| sitesearch_do_search function| sitesearch_do_force_search function| sitesearch_spellcheck_callback function| sitesearch_do_spellcheck function| sitesearch_do_suggest_search function| sitesearch_query_searchresult_callback function| sitesearch_do_query_searchresult function| sitesearch_click_page_callback function| sitesearch_click_page function| search_action function| sitesearch_search_fortiguard function| count_facets_type function| shuffle_facets function| setImmediate function| clearImmediate function| $ function| jQuery object| OtTrustedType string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| Optanon object| OneTrust function| e object| visitor object| adobe function| Visitor object| s_c_il number| s_c_in object| __target_telemetry object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| _satellite boolean| __satelliteLoaded number| timer_e object| schema_highlighter object| uetq function| gtag function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq object| t object| td object| schema_highlighter_instance object| _6si function| obApi function| UET function| UET_init function| UET_push object| ueto_75f979c68d boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL object| webpackChunkconversion_pixel_tag object| obtp object| sifi_att_42656 object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL object| webpackChunkCE2 object| CE2BH function| CE_URL_FINGERPRINT object| CE_API boolean| _storagePopulated object| GooglebQhCsO object| webpackChunkom_api_js object| _omapp function| OptinMonsterApp boolean| om_loaded object| om45602_39852 object| _omq function| omq object| techtargetic function| appendScriptTag string| currentWebsiteUrl string| link object| TAG_INFO string| wid_baseUrl object| wid_cmds object| cookieScriptWindow object| cookieScripts string| cookieScriptDomain boolean| cookieScriptShowBadge string| cookieScriptCurrentUrl string| pagePath string| ftntCampaign function| updateCampaignCookie function| ftntInjectCookieScript function| ftntCookieScriptCreateCookie function| ftntCookieScriptReadCookie function| twq string| _linkedin_data_partner_id string| _linkedin_partner_id string| _linkedin_partner_id_2 string| _linkedin_partner_id_3 object| _linkedin_data_partner_ids function| saq function| _saq object| targetGlobalSettings string| axel number| a function| fbq function| _fbq string| dcm_cid function| lintrk boolean| _already_called_lintrk string| WID_VISITOR_ID string| WID_EVENT_TYPES string| WID_PAGE_TITLE string| WID_PAGE_URL number| WID_INTERVAL number| WID_IDLE_INTERVAL function| addListenerMulti function| wid_initAgain function| wid_handleAnchorClick function| wid_bundleParams function| wid_handleApiRequest function| wid_fallBackApiRequest function| wid_handleButtonClick function| wid_findParentByTagName function| wid_getCurrentUnixTimestamp function| wid_getCookie function| wid_setCookie function| wid_deleteCookie function| wid_generateRandomGuid function| wid_zeroFill function| wid_str_pad function| wid_rand object| _sz object| Sixsct object| regeneratorRuntime object| twttr object| s_i_fortinetincproduction object| res object| saCookies string| current_window_url_param object| FingerprintJS object| ORIBILI object| xhr string| avail_ga_sorted object| irongate object| mntn

117 Cookies

Domain/Path Name / Value
www.fortinet.com/ Name: cookiesession1
Value: 678A3E59508CD33F4900212A5613B69C
www.fortinet.com/ Name: AWSALB
Value: tpwfMKiFizbaJgXdOuTV2uOd2h7u403+3c3oaQ2h/gpaH189llFwpYkr2A6EMxddzar0ojpNOQ9DDSo1giQo4h/6XbScrGEN5YB3Z42I9Rjs+u7GwPOoJUv9pfWZZdFEs3Uv/SLDJKU3p4cs8hsBY3UmfXFUdQ2o5jFQ4Hb7ayunA+e/S0Qmh1DemwxgkxRHxyVGOxEOt9mu0QX/MW7t4br7hsd0Njo3
www.fortinet.com/ Name: AWSALBCORS
Value: NBs7KE7Rzs0HlGMWKboBFIFsAMOzSj2dqjsEKJUrdFoPot6xKM2B13+iV97IOR2JiN7dee7y1PPxrHcAyH0EphqvrNJ4K2qAab5vVyOFD8QBbU0LMOl9ZW7vTq/JLrMaAI0rrmZjdQ0eM3mLCEZD/6sgb5uI4U/fjyT8NS6OGTprt79X/QbluQ88RUFHvY5Fp/HzBjabwaxO2PNCSe7pfcjIvPm+1ZLX
.fortinet.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Wed+Jan+01+2025+22%3A22%3A02+GMT-1000+(Hawaii-Aleutian+Standard+Time)&version=202312.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=cad36130-09b3-4e9f-9c50-5e6c20924c5b&interactionCount=0&landingPath=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&groups=C0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1
.fortinet.com/ Name: at_check
Value: true
.demdex.net/ Name: demdex
Value: 19924528742698380773934052682728532721
.fortinet.com/ Name: AMCVS_ED8739F75677FE917F000101%40AdobeOrg
Value: 1
.fortinet.com/ Name: mbox
Value: session#de1f0da2077540fc818111e197721634#1735807983|PC#de1f0da2077540fc818111e197721634.34_0#1799050923
.fortinet.com/ Name: mboxEdgeCluster
Value: 34
.fortinet.com/ Name: _uetsid
Value: a50bb380c8e211ef957feb409c99d9e9
.fortinet.com/ Name: _uetvid
Value: a50bdce0c8e211efa9ba21867c5b4083
.simpli.fi/ Name: suid
Value: 72DA43C5F49A43AAA30B11F1478DBA9E
.bing.com/ Name: MUID
Value: 05593BBC816C6FBE29B82ED4800E6EE3
.bat.bing.com/ Name: MR
Value: 0
.simpli.fi/ Name: uid_syncd_secure
Value: true
www.fortinet.com/ Name: _gd_visitor
Value: 6c2a5ace-37ee-47a7-8a08-11e721dce565
www.fortinet.com/ Name: _gd_session
Value: 2e60489d-25b7-4432-835c-6a86ee711f27
www.fortinet.com/ Name: dicbo_id
Value: %7B%22dicbo_fetch%22%3A1735806123021%7D
.fortinet.com/ Name: _ga_38BQ9XFDT4
Value: GS1.1.1735806123.1.0.1735806123.0.0.0
.fortinet.com/ Name: _ga
Value: GA1.1.1739739365.1735806123
.dpm.demdex.net/ Name: dpm
Value: 19924528742698380773934052682728532721
.fortinet.com/ Name: AMCV_ED8739F75677FE917F000101%40AdobeOrg
Value: 179643557%7CMCIDTS%7C20091%7CMCMID%7C19547725784456508053899750086620924793%7CMCAAMLH-1736410922%7C7%7CMCAAMB-1736410922%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1735813322s%7CNONE%7CMCSYNCSOP%7C411-20098%7CvVersion%7C5.5.0
.fortinet.com/ Name: _gcl_au
Value: 1.1.603154757.1735806123
.fortinet.com/ Name: cebs
Value: 1
.adnxs.com/ Name: XANDR_PANID
Value: L_H54yWE1ZjG3alvp3IPi-fFI2uZai2t93Kn6D4NH-U2CgpaaPiTmUuG--bJ16YSNJ9vMIQe1Kr2KyFF2Xk4XsDWJjyB__KtRgi688zw5Ao.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 7637009766823338499
.ads.stickyadstv.com/ Name: UID
Value: bde03bfcdb61dd494c85813cac6681ce
.ads.stickyadstv.com/ Name: uid-bp-26865
Value: 72DA43C5F49A43AAA30B11F1478DBA9E
.openx.net/ Name: i
Value: 9e3c9599-6a32-41c1-86b6-4ca1c3ef8b1b|1735806123
.3lift.com/ Name: tluidp
Value: 4110802463760447156428
.3lift.com/ Name: tluid
Value: 4110802463760447156428
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:72DA43C5F49A43AAA30B11F1478DBA9E&KRTB&23486-uid:72DA43C5F49A43AAA30B11F1478DBA9E&KRTB&23489-uid:72DA43C5F49A43AAA30B11F1478DBA9E
.pubmatic.com/ Name: PugT
Value: 1735806123
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.exelator.com/ Name: EE
Value: "618e8ea40a4d8a2e13c877c392f6ee90"
.agkn.com/ Name: ab
Value: 0001%3A56OqfKhnTTbYevzJ8rdSia9jk%2BYE0cm7
.intentiq.com/ Name: intentIQ
Value: q3LG07Lce7
.intentiq.com/ Name: IQver
Value: 1.9
.doubleclick.net/ Name: IDE
Value: AHWqTUkSJfg_1gAFXaIQF5dNr_itDEQf4zk7X44gtGjKhPjMf2t7Suf2vijBcRE22Z4
.tapad.com/ Name: TapAd_TS
Value: 1735806123231
.tapad.com/ Name: TapAd_DID
Value: e6e5e5e3-028b-4aef-9b59-a8816d1b0acc
.smaato.net/ Name: SCM
Value: a06bf76061
.smaato.net/ Name: SCMtapad
Value: a06bf76061
.smaato.net/ Name: SCM1001136
Value: a06bf76061
.rlcdn.com/ Name: rlas3
Value: yvu3hWyNnLS/R9ntl6KCnZtD+Rz5WJBJ6HHiQDGU8LM=
.rubiconproject.com/ Name: audit_p
Value: 1|ZH9a3OYVJiY/wLHJtc02wj14HTC7cmJJ3ryCbWzFD9FGXlzst0zOc6QqO7w/cixxrrTQ+mU6SYDdcuVnQi+ATaJ6VnTh3P21SOEcYOWBry3UoD/U0ByzF6XdRhhUVCAs9hASNvpsK9Fviu8sGaTs44ALYohfl4HHJvLNFANu2pA2/okQujXhJLKpUjWTmmg0
.rubiconproject.com/ Name: khaos
Value: M5F25CKW-D-3VTB
.rubiconproject.com/ Name: khaos_p
Value: M5F25CKW-D-3VTB
.rubiconproject.com/ Name: audit
Value: 1|ZH9a3OYVJiY/wLHJtc02wj14HTC7cmJJ3ryCbWzFD9FGXlzst0zOc6QqO7w/cixxrrTQ+mU6SYDdcuVnQi+ATaJ6VnTh3P21SOEcYOWBry3UoD/U0ByzF6XdRhhUVCAs9hASNvpsK9Fviu8sGaTs44ALYohfl4HHJvLNFANu2pA2/okQujXhJLKpUjWTmmg0
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.bfmio.com/ Name: __141_cid
Value: 72DA43C5F49A43AAA30B11F1478DBA9E
.bfmio.com/ Name: __io_cid
Value: 8a3d8a3b081cc22905f53d366a1d72718cca61d2
.lijit.com/ Name: ljt_reader
Value: J7v2AQZHPKqEDdymR9ePgXFZ
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2E>>j$+Vw!]tbPl1N!7On*M$=BXI+eV5[Zl!s=g(pK+J6_<vx+(l**V`D@m6(y3V%IXmIJ$XUp9RFMZ9T5_m!x!*c)h%hP
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHM0CLVIjXRxCDRJMUi0SjV0DjZwtw82djSKM0sNdXSYHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDYcEl%252BUWb6otDgxUUpaQyLSopPBZ8S5gMAphkpqA%253D%253D"
.intentiq.com/ Name: IQPData
Value: 95808133#1735806123272#0#1735806123272
.intentiq.com/ Name: CSDT
Value: UEQ6MTAwNDNfMCZVWWkxYjIz
.intentiq.com/ Name: intentIQCDate
Value: 1735806123274
.intentiq.com/ Name: ASDT
Value: 0
.rlcdn.com/ Name: pxrc
Value: CKuZ2bsGEgUI6AcQABIFCOhHEAA=
.pro-market.net/ Name: anHistory
Value: "-n70f9cmzsy4j+2+!#7')!#!!Ja"
.agkn.com/ Name: u
Value: C|0AAAAAAAALwkJKwAAAAAA
.yahoo.com/ Name: A3
Value: d=AQABBKtMdmcCEIvIoQs7fR-osoLNtPucWE8FEgEBAQGed2eAZ9xH0iMA_eMAAA&S=AQAAAnFiOjqfYP3ervjYdS4Qqwk
.lijit.com/ Name: _ljtrtb_2
Value: 72DA43C5F49A43AAA30B11F1478DBA9E
.adsrvr.org/ Name: TDID
Value: 544cab45-6d92-41cc-bdd8-9dc0b0aadec1
.pippio.com/ Name: did
Value: KtgoOL3JAHA_q8Bg
.pippio.com/ Name: didts
Value: 1735806123
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CKuZ2bsGEgYIgr0rEAA=
www.fortinet.com/ Name: _omappvp
Value: AMVx9vqZtsT7dxms1JayvJUNCEge81KKm6mi5BNMU67iOTjXLoI4r0IeWhpWUdV0BG8dCR9ScZDs7bx4wEbneiS4cuEDs6XT
www.fortinet.com/ Name: _omappvs
Value: 1735806123444
.fortinet.com/ Name: _ce.clock_data
Value: 153%2C5.181.234.134%2C1%2Ca11f5da7336cfe2e2fd950a3d968fdb0%2CChrome%2CUS
.fortinet.com/ Name: cebsp_
Value: 1
.fortinet.com/ Name: _ce.s
Value: v~b2be54191a93b75a240160736dcd381df6bfb853~lcw~1735806123480~vir~new~lva~1735806123193~vpv~0~v11.cs~424000~v11.s~a5650580-c8e2-11ef-8ea4-5570ab7459d9~lcw~1735806123481
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!56
.analytics.yahoo.com/ Name: IDSYNC
Value: "176k~2mq8:19ba~2mq8"
tags.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-25a744f8-f721-5f4c-5833-b7c07c020435.n3VLlkvMT4bFhhGcwJJ84ljjIxj3Xj4EyRm%2FCR5gApo
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-25a744f8-f721-5f4c-5833-b7c07c020435.n3VLlkvMT4bFhhGcwJJ84ljjIxj3Xj4EyRm%2FCR5gApo
tags.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AJadE-PchX0xYM7fAfAIENQW16oY.I0gVsW9vUsRw%2FlJy784VzsJ0%2BS%2BhBRQYobq984cW3Og
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AJadE-PchX0xYM7fAfAIENQW16oY.I0gVsW9vUsRw%2FlJy784VzsJ0%2BS%2BhBRQYobq984cW3Og
tags.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIEgH5wOz9NO5PStU46rmbXzsJbTOzAYU5i4bqwST5fnMENYBGAQgq5nZuwYwAToExbdv9kIE0LbzjA.VYXuQj5AZNlYkigVmZPVprzlw8KH4MIOYYabas%2BRkJc
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIEgH5wOz9NO5PStU46rmbXzsJbTOzAYU5i4bqwST5fnMENYBGAQgq5nZuwYwAToExbdv9kIE0LbzjA.VYXuQj5AZNlYkigVmZPVprzlw8KH4MIOYYabas%2BRkJc
.techtarget.com/ Name: __cf_bm
Value: 76javG1Chxui97S0aYuxbkQHQuxkLB729sTQiu2mAvc-1735806123-1.0.1.1-zm6hI9UAZ2MzIuVhtmdwkwjFmLQk.KEvFkf2C.nvvSJLtOeuilI0noehLuZfkIs136hH.cgqE6hWGeNVBgRHgQ
www.fortinet.com/ Name: sa-user-id
Value: s%253A0-25a744f8-f721-5f4c-5833-b7c07c020435.n3VLlkvMT4bFhhGcwJJ84ljjIxj3Xj4EyRm%252FCR5gApo
www.fortinet.com/ Name: sa-user-id-v2
Value: s%253AJadE-PchX0xYM7fAfAIENQW16oY.I0gVsW9vUsRw%252FlJy784VzsJ0%252BS%252BhBRQYobq984cW3Og
www.fortinet.com/ Name: sa-user-id-v3
Value: s%253AAQAKIEgH5wOz9NO5PStU46rmbXzsJbTOzAYU5i4bqwST5fnMENYBGAQgq5nZuwYwAToExbdv9kIE0LbzjA.VYXuQj5AZNlYkigVmZPVprzlw8KH4MIOYYabas%252BRkJc
.pro-market.net/ Name: anProfile
Value: "-n70f9cmzsy4j+1+1f=1+1g=1+1j=57:1+rs=s+rt=2A0D5600002415001011E5B33F858165+s2=(spgckr)+vm=24-72DA43C5F49A43AAA30B11F1478DBA9E:81-y-50v70mVE2pRQofB8FpK1HnXZ1vAJitA25fA-%7EA"
.linkedin.com/ Name: li_sugr
Value: 9bdf403a-0664-403a-ab1c-dc800bd5b01b
.linkedin.com/ Name: bcookie
Value: "v=2&4468b852-a817-49d1-80f9-189af3a7673d"
.linkedin.com/ Name: lidc
Value: "b=TGST00:s=T:r=T:a=T:p=T:g=3559:u=1:x=1:i=1735806123:t=1735892523:v=2:sig=AQHWp4fxIA1_Y42faDV9LQepOGh7q03h"
.www.fortinet.com/ Name: WID_VISITOR_ID
Value: 1735806124347331734
www.fortinet.com/ Name: aa_cc
Value: US
www.fortinet.com/ Name: aa_cn
Value: United%20States
www.fortinet.com/ Name: 6scexist
Value: true
.fortinet.com/ Name: gpv_pn
Value: www.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock
.fortinet.com/ Name: s_getNewRepeat
Value: 1735806123628-New
.fortinet.com/ Name: s_cc
Value: true
.fortinet.com/ Name: nmstat
Value: ea93e379-037a-5042-3237-599afe9a5422
.fortinet.com/ Name: _fbp
Value: fb.1.1735806123654.599545932972220204
.doubleclick.net/ Name: ar_debug
Value: 1
.linkedin.com/ Name: UserMatchHistory
Value: AQJNfmWQO5h-cwAAAZQmG368ihKitG1a1eMrNp-_20wiaY9Tl4gSCZgR6EkdMLY-6VFwQV1SRuKn3w
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJYrEdlI75SjQAAAZQmG368JqYI_5VC2ectFepBVAnCh_-AgW641x0l4vWY968kE7ywzLBToIHTg4SmATwVYQ
.t.co/ Name: muc_ads
Value: c11c3c66-7652-4c7b-8ebf-736536ff0f18
.t.co/ Name: __cf_bm
Value: xcj3jLDaSO7zqzb78w3A9sRAUqcK8dkLYuEttdup8uM-1735806123-1.0.1.1-4mLGbBkHyJ9YJPzQegcdzMDRvy9XsaFaImtP0JO4crUJhn_W3gwocr01oWwkrXYeU_PY9xWK.Xuxp8Usar5Dug
.twitter.com/ Name: personalization_id
Value: "v1_zYfBThugNERgAMkQkzobbQ=="
.www.linkedin.com/ Name: bscookie
Value: "v=1&20250102082203b409ffa7-b0c7-47be-8f49-b5a9bb211b80AQHV6XohlLeHoHRjWe3Q7dLLGR_VI1tx"
abm-tracking.demandscience.com/ Name: userId
Value: d6537317bffb3b903736e7239c156559_1735806123915
tracking.contanuity.com/ Name: userId
Value: d6537317bffb3b903736e7239c156559_1735806123915
tracking.contanuity.com/ Name: clientId
Value: undefined
.bidr.io/ Name: bito
Value: AAN2JU7O7JkAABYVNwQl4w
.bidr.io/ Name: bitoIsSecure
Value: ok
.mountain.com/ Name: guid
Value: a6d2c72d-c8e2-11ef-be12-d73037b54172
.px.mountain.com/ Name: tt
Value: "H4sIAAAAAAAAAKtW8guKNzYyNjaLNzK3NFayMtBRgnItjC2UrAzNjU0tDMwMjcxMTC11lMqUrIx0kLSA1RjUAgAuXueARgAAAA=="
.mountain.com/ Name: rt
Value: "MzIzMzY6MTczNTgwNjEyNg=="
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwi4mvSdksTVPRAFEhIKA2FhbRILCO7F7LuSxNU9EAUYASACKAIyCwjIxrzoqMTVPRAFOAFaCnN0ZWVsaG91c2VgAg..

7 Console Messages

Source Level URL
Text
rendering warning URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0601D009C340000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0301D009C340000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network error URL: https://stags.bluekai.com/site/29931?id=72DA43C5F49A43AAA30B11F1478DBA9E
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://api.omappapi.com/v2/embed/39852?d=fortinet.com
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://pixels.argusplatform.com/wh/track/?site_id=C6AC00C8269540D0ABFF19F1B5558B6D&visitor_id=1735806124347331734&event_type=page_request&timestamp=1735806124&page_title=Ransomware%20Roundup%20-%20Interlock%20%7C%20FortiGuard%20Labs&page_url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&page_url_referer=
Message:
Failed to load resource: the server responded with a status of 401 ()
rendering warning URL: https://www.fortinet.com/blog/threat-research/ransomware-roundup-interlock
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A070D20A9C340000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network error URL: https://webtracker.argusplatform.com/wh/track/?site_id=C6AC00C8269540D0ABFF19F1B5558B6D&visitor_id=1735806124347331734&event_type=page_request&timestamp=1735806124&page_title=Ransomware%20Roundup%20-%20Interlock%20%7C%20FortiGuard%20Labs&page_url=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fransomware-roundup-interlock&page_url_referer=
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://www.fortinet.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10104846.fls.doubleclick.net
6033413.global.siteimproveanalytics.io
a.omappapi.com
a.opmnstr.com
aa.agkn.com
abm-tracking.demandscience.com
ad.doubleclick.net
ads.stickyadstv.com
amplify.outbrain.com
analytics.twitter.com
api.omappapi.com
api.schemaapp.com
assets.adobedtm.com
b.6sc.co
bam.nr-data.net
bat.bing.com
bcp.crwdcntrl.net
c.6sc.co
cdn.cookielaw.org
cdn.jsdelivr.net
cdn.schemaapp.com
ce.lijit.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
d.agkn.com
data.schemaapp.com
dpm.demdex.net
dx.mountain.com
eb2.3lift.com
epsilon.6sense.com
fei.pro-market.net
fortinet.demdex.net
fortinet.tt.omtrdc.net
geolocation.onetrust.com
googleads.g.doubleclick.net
gs.mountain.com
i.simpli.fi
ib.adnxs.com
ibc-flow.techtarget.com
idsync.rlcdn.com
image2.pubmatic.com
insight.adsrvr.org
intentstream.contanuity.com
ipv6.6sc.co
j.6sc.co
js-agent.newrelic.com
loadm.exelator.com
match.adsrvr.org
metrics.fortinet.com
pbid.pro-market.net
pippio.com
pixel.mathtag.com
pixel.rubiconproject.com
pixel.tapad.com
pixels.argusplatform.com
px.ads.linkedin.com
px.mountain.com
px.steelhousemedia.com
px4.ads.linkedin.com
s.ad.smaato.net
script.crazyegg.com
secure.adnxs.com
simplifi.partners.tremorhub.com
siteimproveanalytics.com
snap.licdn.com
stags.bluekai.com
static.ads-twitter.com
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
t.co
tag.simpli.fi
tags.inzynk.io
tags.srv.stackadapt.com
td.doubleclick.net
tmp.argusplatform.com
tr.outbrain.com
tracking.contanuity.com
tracking.crazyegg.com
trk.techtarget.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
wave.outbrain.com
webtracker.argusplatform.com
www.facebook.com
www.fortinet.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
ad.doubleclick.net
stags.bluekai.com
tracking.contanuity.com
104.244.42.195
107.178.254.65
13.107.42.14
146.75.80.157
162.159.140.229
162.247.243.29
172.217.222.156
173.194.207.148
2001:4998:60:807::1
2001:4998:60:807::2
209.85.201.148
209.85.232.154
216.200.232.253
23.212.251.17
23.62.165.92
2400:52e0:1a00::1207:2
2600:1408:c400:195::1e80
2600:1408:c400:5::17c7:3727
2600:1408:c400:d::17cd:6a49
2600:1901:0:8eee::
2600:1f18:1492:1701:a964:c08d:f5eb:b0c
2600:1f18:612b:4280:9e87:de84:5a7a:fd90
2600:9000:2191:6200:12:dfa9:e200:93a1
2600:9000:2305:5200:1b:5138:8a40:93a1
2600:9000:2479:b200:1b:6b7d:2300:93a1
2600:9000:27c2:7000:a:6e64:b280:93a1
2600:9000:27c2:9800:1f:d9e6:d540:93a1
2600:9000:27c5:be00:19:fc2c:a140:93a1
2602:816:5001::39
2606:4700:3030::ac43:a3ed
2606:4700:4400::ac40:9b77
2606:4700::6812:1347
2606:4700::6812:209
2606:4700::6812:562a
2606:4700::6813:9308
2607:f8b0:4004:c08::63
2607:f8b0:4004:c1f::9d
2607:f8b0:400d:c01::8b
2607:f8b0:400d:c03::9a
2607:f8b0:400d:c09::61
2620:1ec:21::14
2620:1ec:33:1::10
2620:1ec:bdf::40
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
2a04:4e42:400::485
3.167.112.115
3.19.220.126
3.212.39.155
3.219.92.71
3.224.175.245
3.232.142.145
3.82.182.220
34.111.113.62
34.111.208.231
34.150.170.96
34.216.201.179
35.244.154.8
35.244.159.8
35.245.15.98
35.71.139.29
44.210.165.62
44.226.187.177
50.19.69.177
52.0.156.250
52.10.121.135
52.12.117.226
52.223.40.198
52.32.164.86
52.32.231.34
52.5.74.153
52.6.76.58
52.7.151.245
54.203.236.163
63.140.38.91
63.140.39.35
63.251.28.210
68.67.181.211
69.173.151.100
69.194.240.13
70.42.32.159
8.28.7.83
99.83.231.3
02ba77fbd3f91a30e62fed244be29b9c0b317e82d227e95d62146d6efd7d7031
083e57bc4fc975a33178698afeca99b9252cc7d5494d504620c41cacf0d38c97
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0f03d4ff929986a3cde83681fd2560eae544f7138f59945ec6ec32c17800ca91
11ed479adfd43d0a82a83570ce52ff6d9bee959fa3d3ba976153ea1bd436ee73
16fb72ffe51980a00e52edf9a001b7d560b2bdbd1a56e04366a70b674204c359
175ddc72d9185916d41bad941ca32a931e30248420ba2e37b24b34470dbd1ba3
1817562821d9834bf6ee21f3359a0dfe837fba42b69b02aead82799821883cb2
1885fa140df271c97bf904d43f5385b84aa7458ff60cc20dae89ca4e9df959d9
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1ebf4765c39e042319d8cc3f4070ef97c89b6e18a3f28bcec0bb7e58a9042a8f
207cf18dd6b5c283f5c1f2ad622dbdf57b13426727b840de705a66405fc37ea4
21994b28ae9425b76c8a8dec4ad36df0a0f603c9a53db34dc74e59cf9a0639b7
21ffa63cdad7e4ace0d3f02b9dc9cb4881aa1838c9cf9e7723777060cb3aad02
2466cad59509908859124f92c1d9a358117a2e9231859ab82c854d986af17510
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
256d602c23fe14a0d4a16dee290057bd3c857ebb06bf59f6c465135c0a6bcf38
2a250e2f225e48cf583d54a0a42d623c700847de17323bf23ea372e5d9e89cb2
2bc6a125d698416498cdf5ef60cd959aef01db95a6e3e0d74a95f9b6d3d78feb
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ed114345dab0a74e1c81b100e3db108ff86464854f3159d005fac67413454b7
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3101bd6ed043b8f0a43d018c65a2371c6ef23f0b9eb6db3fae93f9bf2bd22acf
316dc0dd1bc490af87ed65b708d9db3ed050a99b787d8b53d52d5a044c35982f
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
370df1cc8999c1e03fc1c5f7ced35334513d19233d1fc79d2c1c7f711361565d
390ae5c2ed59ab8a2e4d3b49ab2d84422d07433ba53b548bce339fc844fd7e9c
3a1551d2f1ea530f7b11e3410a4000685eafb041cf34e9fbfff375bd1f893b0e
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4397954d28816e7138d4f467de4c7d16eb5f2a0243ed06e7ea3b9c9424c7a6e4
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
487d6df3d178ff5ddbfffb18459379f3e9453b005b55f5541dcac359a1f10a77
4922a8859b315c354c23ad278e35483c6cf29aebf1c509c2c928c1f41634fe43
49b6ae29845094b31c235d9d3a9fe3663a845583291ea68c37d91341e0f31a54
4aa211504fc8a12718b3cf04fa8e903b35c10782d1d0157536d39ea09590333c
4b0a6a5f0ee45c837fcd1a12a51effd4d94cacc135ce756d51a5709d9ca6ec78
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c6cebf9cc5e5728a34cee8db8ea092a04a3cad1524fa006ec778b389e68ac11
4daecf9b36d5b73e88b2bc1b591f04c02430d16fd4b413304cf4b4fb4e158438
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e07b3eb8bc93035fc627ee6956931577828f28e1b0c72e2b41d5162afeea8f1
50d93a2c186cbd1032ed973e133713a6dfbbd5f7fba4fb89069350f228ce4d81
55d73bb932092f3d251f9adb3f3fbd34d19c0e0aff3dfed7f7c5784b15166e77
58eac33425084c3a81cdd8b29645b37d5c0a4b5b69947f77359ae54d914014f1
59e58524340cd7ad353be010374b124c242fdde10a0ed41047fe2fd4bb9e5a2e
5b4c9abcf01dcf74e0adf075ff4d47464c62c84307ae5ebd115d45da70e6443d
5f2dcdfbbf1fd969347ff61e05292ef288acfa7ee5ddc9a26365a6ec290f0783
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
61d1e0c234f322cf8deefe4cd7b6e53d82a2add960896fb5f83c888c77eaf224
65ddeaaa804b7e4d0a498ff9172dbc340cd3c9a12ac190090e2a1d018e545d98
66c08f23be2d3db3fd0c11954ec4fea3aef2e94c93078ce9c09cad2880092667
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6ab8cec21d24650e7daff4c1b478cd643158968caec50be8f44571eed95d130b
6b460980a36d06a51c1c049d260e38ba72b001cdb90b816f3ec79db874f3859e
6bf087f4d45f3e41ae521bb801a9bd6d7da99f9038483ac6e5fbb7f5936c6f2c
6c0d4e3bd890a4bf01c9a301d3e3ff127af22636c4f94250cc230815eb701593
6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552
70d52606c810c9e105ca8195688bb37d0af61603676f5ea7bd82d13b8d44c82e
7214f2426ac1e8a55ca88a637cad62cbd162d8601f61e04bb2537d96978960e7
727d19bf895438013bb188825e546dd6e61f80c2a4ea8e7b6e978b96bab546f4
7421b6125844ab02fb402c330987c89ff62046048f724e4e14a66cb20ca59412
749cb20f8dd0c7db6df84c56298bedf97323c71f0c891be605820a2071e846e7
7ac8b6ed773e6750e6f6507433211abe9598e3d059e78184e0fc0c48dd7fd51e
7b1e74dd6970b56853dfd79e59ba73315051b0c59a69c6a9fd87e515650fdc80
7db8d077fc21c20f1449a2603d524e423cfa25d7df6d5fd845a8e5e883aa227e
7efd44222bfdd05440452c5f8dbfdb57da88cf6afab6e7a3922640d7dee3e5e5
7fea0baaa04828601665ffcf851fa847b33b7d49378c20df51fd23d1f89c671e
804d2ba5b5b1dc948f7a41078c7c493bca3fabd3ccf66b40e9d2cfe1e47319ef
8087b5e7ba1613a35364e63a6458e840fc5ab7f30afd7d2e3026724d15b02a5a
83907c62882697715ee37010dfdbba0d612b17e9ce5291b87785b2ea6fd9bb2c
880631c2114729d56e5ea5eb3a35b85b47cecfbca7f63bf0d88ab9d68563ccc8
8816bf019bc7944bc83a7a8bb53b181b18c59f65070274ebe384b4e44c648910
8b4c855e309b10616a853822e4b11f2c6263ca07766b1e8dbd052e4bd008efaa
90eaf5dbf35b26c11fe6c57f5da9d9d9f57872aaea3abe1e10c4ddc604bd7ed7
91c20c70d36b608cf919e894b0ac9e32298d6b3ac3ca59c45a85e7c44161d170
930494fef37c0c702073ceeddd12da067bba2824f8eba39e1f9a3c5332bec6b6
96d6d86b8ccc57eb33440658f9fe0177bbdbc92bff2607af7b051dd55e5dcbef
98192c2b3bfd0e66cff07b8ba31ff42de9182144d3e21b9ca258f13da96ee457
9913af3d52a269c71873f72f239acd195edd2e1d4c729ca56ab810ff15947196
99dc3803d1f19c8103f79f834044b2afd4c8af5b7927efbd36b1052d528b40ae
9d31c8a9367636b711bf869cfb8ee766822b554e4775ae12ca36437e93948e70
9f17058a6ac8f171e452a0ed24075c6e592834eef8dc12e343ade35adc73c4cc
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a6173179e8ee283fb547279d4dd4bc3cc64925236051c11f09b1395324a1298c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad42aafd9b82614660ba913875c636cd20b580b0a38e037a772040d3d35953ad
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b413eff54afe21ebbacfe0855a4d134d7160bf6283fe60b13459dd723d6fc517
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b566a2b48dde2e3b59a7870fb0b183468f8574eebf909dc61511f3b08326d264
b697c4c8e7c22fa7e18ccef66c1bda6610f19ec8c7d1c60fb3696db54ea5362e
b934ce9883949e7bceb88fa78a354125eefc85715f7e54da8ff529c94ebab0fe
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
b9c0849d4741288a83848b2ba5748394e357d71be4a8a8b973540e1f484f4910
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb8df3dcda36a5ed9c236d2d64ef80f2db160f7322b0108b1f1d1cd372c994c0
bc7e9e9f3c7b92a586123fa8307f60371779d091f14f3372f69be992c0683b2e
bf7373288351e862e2ae59ff88b276613e7a55c31235ff278045cabfae02d106
c0b4a76926bdb1cd2207319f82aa00def513ba7d0cbaf57ea4a21b64866f0869
c1f30adcc2af13335029f3896147ebb303ec21a75c1ac75a7b5bb4f095647d10
c22adc88145c38f62f89d36d723ab590e2b570156ac028922e5e4ba48b734bbb
c50e317d9e2532e75ca2a67b6f985164c39e9dfce18cb3cd83fe9dce224bab7c
c6bcc71f8a9f5497ccc35e3aa16e00110504488fef71fffea99853274f9d7c86
c7c40fd217db29491549f02e29a3cde9a2f248c79b6eceb468ec1e326a23c8ed
c8ab7a6c910bf3dd6027dd6a7cc5ee53aff303e494b02168a0ac30040682eb17
c8f3c27543f1d6e49d9d93ed7afb875cf4208c9d67e00949c61e39dd2817dcb8
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc0f5d9221ccfacb888ac774cf36b9e64b686e5148a79e7620ece8b1f7dbecea
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d18b3c9feb76c3c1cfdcc51c732f113327e3c33fb3f63b479951f7da6ed1216f
d274d5471e57edba11e6dca2df73ff967545a3f45eed029f8fc37a15025aca09
d2afd46ac58cd7e89b3fdfd790300d69034e94151ed45acf83d7b6d5dccfdb17
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60
d6c9633a6d94a48dedc7e1d8e007c24b58eea421b8ecd17e7bf9bf365af84610
db058d72d7ba8ff6ed7209af23a4458c373cc78f72c81ec1df88bb5de72a0b0b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
df090cf74fc9677a1c0cae85bbcfc53ede82c4376ff47ed9f99bb76618471854
df54c069da584ec929d42161c8fd19e74c7f408d70e6e7e0f8d27cc9c02a0ad9
e1132f3948b84a67d82e91f47f44d9d8dbbbe4b8c86bcbcf1c0774bb73ccfbc0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45ed0724a5542eadff09cd5c34bf407f60e160c97cb86a7e635495a7cfaf5ea
e6b8a90a2870483ace67380ff4a64b39bfecb7952a432393470d76a6614fc62c
e9e8cc1be4e4dc657d0a17dfb2b1dfadc46c73360b7c33d4b0356923b14ac08b
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
eae36d96564f7969bc74e01c87295668b356326b4915f0e1c6069c7578deca48
ec3105df4954c7156294dc8d49cf77b91545a8495843abda66850a5cd82ac63f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef31fe45238b5ddc6d5a8285c6af094bfe2b67af3b8c9dec7b1bd8a39597bf1f
f14d85a30929be99fe5420590b3f17fc45be9d8bea0c70a681cd90c8e3b388f0
f1a9a37d87047aaacd18adb303378deca049de084696c0af3bb0725d30e93eab
f71b582cc6fac6e9e34fd669570bac2013e64779441c651b94d20fdabed8f120
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fe1a16df6a437b7f4f8599599595fab4d321b32504b198c95486d6c78ee4c018