www.uptycs.com Open in urlscan Pro
2606:2c40::c73c:67e2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
Submission: On June 07 via api (June 7th 2023, 2:10:12 am UTC) from TR — Scanned from DE

Summary HTTP 333 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 40 IPs in 2 countries across 35 domains to perform 333 HTTP transactions. The main IP is 2606:2c40::c73c:67e2, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.uptycs.com.
TLS certificate: Issued by GTS CA 1P5 on May 26th 2023. Valid for: 3 months.

This is the only time www.uptycs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
242	2606:2c40::c7... 2606:2c40::c73c:67e2	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1 2	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	184.30.16.120 184.30.16.120	16625 (AKAMAI-AS) (AKAMAI-AS)
12	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:8b65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6816:e17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6812:e0f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 6	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:cec9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
9	2.17.100.184 2.17.100.184	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42:600... 2a04:4e42:600::396	54113 (FASTLY) (FASTLY)
4	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:20c... 2600:9000:20c3:4600:15:a0d3:77c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	2600:9000:237... 2600:9000:237d:6200:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.65.140 151.101.65.140	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:63ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:6dc7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:8ace	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:76be	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6812:18c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:20c... 2600:9000:20c3:3c00:18:15b9:5a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	51.77.64.70 51.77.64.70	16276 (OVH) (OVH)
6	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	2600:1f18:e8a... 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4	14618 (AMAZON-AES) (AMAZON-AES)
3	2606:4700::68... 2606:4700::6811:d4f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:d6f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:ab0... 2a02:26f0:ab00::214:8e70	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2600:9000:223... 2600:9000:223e:2800:11:1faa:8080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:650c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6810:a852	13335 (CLOUDFLAR...) (CLOUDFLARENET)
333	40

242 2606:2c40::c73c:67e2 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.uptycs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7caf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.16.120 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-120.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh5.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh6.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh4.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:8b65 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:e17 (United States)

ASN13335 (CLOUDFLARENET, US)

my.hellobar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:e0f (United States)

ASN13335 (CLOUDFLARENET, US)

2617658.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6813:9a53 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:cec9 (United States)

ASN13335 (CLOUDFLARENET, US)

avatars.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.17.100.184 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-100-184.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c3:4600:15:a0d3:77c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.clickcease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:6200:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:63ac (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:6dc7 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8ace (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:76be (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:18c4 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c3:3c00:18:15b9:5a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

ob.segreencolumn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.segreencolumn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:d4f3 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d6f3 (United States)

ASN13335 (CLOUDFLARENET, US)

forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ab00::214:8e70 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223e:2800:11:1faa:8080:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.zi-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:650c (United States)

ASN13335 (CLOUDFLARENET, US)

ws-assets.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:a852 (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
242	uptycs.com www.uptycs.com	47 MB
12	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 100 lh5.googleusercontent.com — Cisco Umbrella Rank: 236 lh6.googleusercontent.com — Cisco Umbrella Rank: 846 lh4.googleusercontent.com — Cisco Umbrella Rank: 883	2 MB
10	6sc.co j.6sc.co — Cisco Umbrella Rank: 6413 c.6sc.co — Cisco Umbrella Rank: 9558 ipv6.6sc.co — Cisco Umbrella Rank: 6651 b.6sc.co — Cisco Umbrella Rank: 4271	15 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	279 B
6	segreencolumn.com ob.segreencolumn.com — Cisco Umbrella Rank: 16614 obs.segreencolumn.com — Cisco Umbrella Rank: 12570	34 KB
6	hubspot.com 2 redirects app.hubspot.com — Cisco Umbrella Rank: 5637 track.hubspot.com — Cisco Umbrella Rank: 2452	3 KB
5	zoominfo.com ws-assets.zoominfo.com — Cisco Umbrella Rank: 32721 ws.zoominfo.com — Cisco Umbrella Rank: 5046	20 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 390 www.linkedin.com — Cisco Umbrella Rank: 567 px4.ads.linkedin.com — Cisco Umbrella Rank: 6569	5 KB
4	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4469 forms-na1.hsforms.com — Cisco Umbrella Rank: 7485	3 KB
4	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2369	17 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 170	308 KB
4	hubspotusercontent-na1.net 2617658.fs1.hubspotusercontent-na1.net	106 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 263	63 KB
3	zi-scripts.com js.zi-scripts.com — Cisco Umbrella Rank: 21878	3 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4924 forms.hscollectedforms.net — Cisco Umbrella Rank: 5117	26 KB
2	hellobar.com my.hellobar.com — Cisco Umbrella Rank: 20431	72 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 75	166 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 1018	94 KB
1	ip-api.com pro.ip-api.com — Cisco Umbrella Rank: 5712	321 B
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3557	3 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2367	21 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 5166	22 KB
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1523	157 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1007	375 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 707	396 B
1	t.co t.co — Cisco Umbrella Rank: 505	378 B
1	clickcease.com www.clickcease.com — Cisco Umbrella Rank: 10882	54 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1389	8 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 942	5 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 745	15 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 127	455 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1892	254 B
1	hubspot.net avatars.hubspot.net — Cisco Umbrella Rank: 30877	1 KB
1	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 6022	5 KB
1	addthis.com s7.addthis.com — Cisco Umbrella Rank: 2185	426 B
333	35

	Domain	Requested by
242	www.uptycs.com	www.uptycs.com js.usemessages.com
7	b.6sc.co	www.uptycs.com
6	www.facebook.com	www.uptycs.com
5	obs.segreencolumn.com	ob.segreencolumn.com www.uptycs.com
4	ws.zoominfo.com	js.zi-scripts.com ws-assets.zoominfo.com
4	js.hs-banner.com	www.uptycs.com js.hs-banner.com
4	connect.facebook.net	www.uptycs.com connect.facebook.net
4	2617658.fs1.hubspotusercontent-na1.net	www.uptycs.com
4	lh6.googleusercontent.com	www.uptycs.com
4	lh3.googleusercontent.com	www.uptycs.com
4	cdnjs.cloudflare.com	www.uptycs.com
3	track.hubspot.com
3	js.zi-scripts.com	www.uptycs.com js.zi-scripts.com
3	forms.hsforms.com	www.uptycs.com js.hscollectedforms.net
3	px.ads.linkedin.com	3 redirects
3	app.hubspot.com	2 redirects www.uptycs.com
3	lh5.googleusercontent.com	www.uptycs.com
2	my.hellobar.com	www.uptycs.com my.hellobar.com
2	www.googletagmanager.com	www.uptycs.com
2	unpkg.com	1 redirects www.uptycs.com
1	ws-assets.zoominfo.com	js.zi-scripts.com
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	forms-na1.hsforms.com	www.uptycs.com
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	pro.ip-api.com	my.hellobar.com
1	ob.segreencolumn.com	www.googletagmanager.com
1	js.hsadspixel.net	www.uptycs.com
1	js.hs-analytics.net	www.uptycs.com
1	js.hscollectedforms.net	www.uptycs.com
1	js.usemessages.com	www.uptycs.com
1	alb.reddit.com	www.uptycs.com
1	px4.ads.linkedin.com	www.uptycs.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	analytics.twitter.com	www.uptycs.com
1	t.co	www.uptycs.com
1	www.clickcease.com	www.uptycs.com
1	www.redditstatic.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	j.6sc.co	www.uptycs.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	avatars.hubspot.net	www.uptycs.com
1	static.hsappstatic.net	www.uptycs.com
1	lh4.googleusercontent.com	www.uptycs.com
1	s7.addthis.com	www.uptycs.com
333	48

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
twitter.com
www.facebook.com
attack.mitre.org
www.youtube.com

Subject Issuer	Validity	Valid
www.uptycs.com GTS CA 1P5	`2023-05-26` - `2023-08-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-07`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
hubspotusercontent-na1.net Cloudflare Inc ECC CA-3	`2023-01-26` - `2024-01-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
6sc.co R3	`2023-05-25` - `2023-08-23`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-12` - `2023-10-08`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-17` - `2023-06-15`	3 months	crt.sh
clickcease.com Amazon RSA 2048 M02	`2022-10-27` - `2023-11-25`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-02-24` - `2023-08-06`	5 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-19` - `2023-10-15`	6 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.segreencolumn.com Amazon RSA 2048 M02	`2023-02-23` - `2023-09-15`	7 months	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-25` - `2023-12-26`	a year	crt.sh
js.zi-scripts.com Amazon RSA 2048 M02	`2022-10-17` - `2023-11-15`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
Frame ID: 31616FF34417E1312360B4D315027180
Requests: 333 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 8A25185C8D07E6101729E0F0C4DE0ACD
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 8F45A99EE3E27E16E01D0292ED430274
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 7595D8597B30EE9BEB1AF7011EFB80CA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cyclops Ransomware and Stealer Combo: Exploring a Dual Threat

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AddThis (Widgets) Expand

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/

Page Statistics

333
Requests

99 %
HTTPS

80 %
IPv6

35
Domains

48
Subdomains

40
IPs

2
Countries

51284 kB
Transfer

54736 kB
Size

24
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1057/
Title: scans and identifies processes

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1490/
Title: deletion of a specific shadow copy

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/uptycs/

Search URL Search Domain Scan URL

URL: https://twitter.com/uptycs?lang=en

Search URL Search Domain Scan URL

URL: https://www.facebook.com/uptycs/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@uptycs

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js HTTP 302
https://unpkg.com/@lottiefiles/lottie-player@1.7.1/dist/lottie-player.js

Request Chain 264

https://app.hubspot.com/settings/avatar/d41d8cd98f00b204e9800998ecf8427e HTTP 302
https://app.hubspot.com/userpreferences/v1/avatar/d41d8cd98f00b204e9800998ecf8427e HTTP 307
https://avatars.hubspot.net/default-80

Request Chain 283

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1686103802952&url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fcyclops-ransomware-stealer-combo HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1686103802952&url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fcyclops-ransomware-stealer-combo&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1252922%26time%3D1686103802952%26url%3Dhttps%253A%252F%252Fwww.uptycs.com%252Fblog%252Fcyclops-ransomware-stealer-combo%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1686103802952&url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fcyclops-ransomware-stealer-combo&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1686103802952&url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fcyclops-ransomware-stealer-combo&cookiesTest=true&liSync=true&e_ipv6=AQLZL7MpHVHTWgAAAYiTnk-AEinXgcEAorSPUpLA3QVEkWHPWcvfpcVikKRBwXGOAiS-YKaSBrOr

333 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request cyclops-ransomware-stealer-combo Show response
www.uptycs.com/blog/ 516 KB
55 KB 122ms
38ms Document
text/html 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2280f2193b242a7f44a1ea6c13e881d98d9873e326fcf4d55d248eb9768e9736

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=10800, max-age=0
cf-ray: 7d355b35babb2bfc-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Wed, 07 Jun 2023 02:10:01 GMT
edge-cache-tag: CT-118749292421,CG-2617658,CG-5593128451,P-2617658,CW-105369588578,CW-105720709649,CW-109011094577,E-105237096759,E-105237648739,E-105237674790,E-105237778736,E-105237810298,E-105237812090,E-105237812106,E-105237812592,E-109250214765,E-118532473678,PGS-ALL,SW-0,B-5593128451,GC-106292852859,GC-106293388626,GC-106405915759,GC-106405924729,TS-105237743018
etag: W/"a69b621ed9255b795827e7e645b36cee"
last-modified: Tue, 06 Jun 2023 23:49:27 GMT
link: </hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js>; rel=preload; as=script,</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script,</_hcms/forms/v2.js>; rel=preload; as=script
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a9EIXJHV5cEHCgGGJyEso%2BhtQqJB6C%2FdNw8uX5Pp81YrpF1KVC2vUtL65Hr%2FUWQ18yqUMru2B2koiL3mrqVKoRWd%2Fvr%2BTixiCpFTiDomloC086lbdMlQGADpr30u91rLOramTDZwU8IxoKU%2F"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-hs-cache-config: BrowserCache-5s-EdgeCache-180s
x-hs-cache-control: s-maxage=10800, max-age=0
x-hs-cf-cache-status: HIT
x-hs-content-campaign-id: 0dda784b-30ea-4a42-bc02-c3472e373b7d
x-hs-content-id: 118749292421
x-hs-https-only: worker
x-hs-hub-id: 2617658
x-hs-prerendered: Tue, 06 Jun 2023 23:49:27 GMT

GET
H2 200 index.js Show response
www.uptycs.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/ 11 KB
5 KB 67ms
63ms Script
application/javascript 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd5e0c3a0682f03217f201588e51e77bf778d5506224074918f505423f0e25a2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 0247123ccdc6a2a86167d7f4de30885a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 4013083
x-amz-cf-pop: DUS51-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: inhS2tX2f2C4tITR3p2haS.uhsvA9eGz
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 21 Apr 2023 15:17:56 GMT
server: cloudflare
etag: W/"0bbd63c0750f141fd5cec04a9393647e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9RktZdIl2NSvLFbtFMcUvPZd9AoxUbBntO3jjdO3bbX5INyG%2BXPdklJjvPfR8Dtn2EqfLJBcvzhUMWL47YsjMd2oRQqPNwNc6eID3fzlzAixrD5FJVPKKVEqqygvLlxilJoXdZEd3peTiCFI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7d355b360b052bfc-FRA
x-amz-cf-id: Zotbd_24scNt-rkGCwI2RXFGp_hl6_1rznpBb9RSzfoFf8CBhVH0hw==
expires: Thu, 06 Jun 2024 02:10:01 GMT

GET
H2 200 project.js Show response
www.uptycs.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ 1 KB
1 KB 68ms
64ms Script
application/javascript 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 14321821
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
server: cloudflare
etag: W/"61ca66de658cab9587e4636894680d5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NOQiWsF9NUjiUIDi4bNPhgsh94gS4EoHHnR8TKp4OsSC2X%2FeYfajD23XaFsX4uvLO3%2FnG9KnsOCN4q5rRA%2FML%2BgwKJWz1RgOK3hWZ4hs57Nb50CDn8kWy8Hii%2BDBy5Ezf9mMe0L8Nml92K3I"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7d355b360b062bfc-FRA
x-amz-cf-id: Gmu7KTY7blsKlzXVPdZyQR56plVX7Nf5OIQ45w-4iL04m-eAhg17RA==
expires: Thu, 06 Jun 2024 02:10:01 GMT

GET
H2 200 v2.js Show response
www.uptycs.com/_hcms/forms/ 526 KB
172 KB 74ms
71ms Script
application/javascript 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/_hcms/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae49970411fe1d34b61ff63481dae8dc1d6be4e7797a01c5ee6531ec95fb9aca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 462
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.3300/bundles/project-v2.js&cfRay=7d354ff1bb3a2ba2-FRA
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-evy-trace-listener: listener_https
etag: W/"c09c46dff7b486f6c0aa62e0e52b90d4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.3300/bundles/project-v2.js
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 1f1067e4f193aaabd2c24b99bcdc4e88.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: tKgXByzCM65Sg4v4s0wQtREn_83DFf4I
x-amz-cf-pop: IAD12-P3
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 3849b08a-cc17-47df-a167-9a00f32d4f2a
last-modified: Tue, 06 Jun 2023 10:33:59 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sapsoaoV0dHi3CT5aWImlxIbe3DThNJZko6VfxLXj1PFKQLeWBzL9235OnUnhbokqHxI%2F795KffgQnf43T0RCcCX%2BP%2BI%2BBsJTrG8rFZIOSelkFYwHjV7OSDh4xj6NeS2m9YUgQx5Gd8rTvM6"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-ksc82
cf-ray: 7d355b360b082bfc-FRA
x-amz-cf-id: sLqyXptEzZxRu1-krqefSOyoKF45j10cSGhVHifjuWOc70cQK0-q-Q==

GET
H2

200

lottie-player.js Show response
unpkg.com/@lottiefiles/lottie-player@1.7.1/dist/
Redirect Chain

https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
https://unpkg.com/@lottiefiles/lottie-player@1.7.1/dist/lottie-player.js

359 KB
93 KB

32ms
31ms

Script
application/javascript

2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@lottiefiles/lottie-player@1.7.1/dist/lottie-player.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24f64aff27b1368441f0ef15311dc5e2dde4f3b6406d1b9a73cd60525f812bf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:01 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 10682254
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GRBEFQCXCG03SK8GXGG2XRY7-fra
server: cloudflare
etag: W/"59a07-9+ZSgdYoXPYwDfF2oh5cz4L42Ds"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7d355b3648991e59-FRA

Redirect headers

date: Wed, 07 Jun 2023 02:10:01 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01H29SRT6ENZ75S53A6B6JARD2-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 120
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /@lottiefiles/lottie-player@1.7.1/dist/lottie-player.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 7d355b3628821e59-FRA

GET
H2 200 lottie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/lottie-web/5.7.14/ 262 KB
56 KB 33ms
15ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lottie-web/5.7.14/lottie.min.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91fcd16ee338ec3a811b01a394e49fadedb6414173b4e70c1def946e36ed1b96

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3388004
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 56224
last-modified: Tue, 12 Oct 2021 07:34:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61653a70-dba0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=agik4OW4ig9LA5NttTG6sbJjMdVikhDlLjlrTEtOWWh1A5p99uWIEX6T1qaRUDsT5dOZt0LnlM6V8S3o6CGy%2BS2hkWUo8%2BIvEVsKr0qWPBCD5wLkrOstnJMMdOmQelmxp1VL39aR4VhNYTmJ6TzPz2Je"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d355b3628791c03-FRA
expires: Mon, 27 May 2024 02:10:01 GMT

GET
H2 200 jquery-1.11.2.js Show response
www.uptycs.com/hs/hsstatic/jquery-libs/static-1.4/jquery/ 94 KB
35 KB 73ms
71ms Script
application/javascript 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs/hsstatic/jquery-libs/static-1.4/jquery/jquery-1.11.2.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 355e7d579c41c1dcc2113e41403be662.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 14321735
x-amz-cf-pop: FRA56-C2
x-amz-version-id: null
content-encoding: br
x-cache: Hit from cloudfront
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 08 Jan 2015 18:08:00 GMT
server: cloudflare
etag: W/"5790ead7ad3ba27397aedfa3d263b867"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wiiw2v8BupT0nst6Z6X0J%2B%2Fsvxl5uqM2eWnT6Rz%2Bpr495izy5BEESrXlZ6AZ%2F6Jst%2B7coqo1yio5nvQMZLUxOW65dLhvswvXGvuQA%2BZL%2FCbj%2FndBkwgdboa3TXGHJkGLePhDBA3aAyouXn6x"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7d355b360b122bfc-FRA
x-amz-cf-id: LvZnxcwIil5wSpzV5ACiVc3tyqM9yUHGxb-CLe_P1VvYkEAXHbqDZg==
expires: Thu, 06 Jun 2024 02:10:01 GMT

GET
H2 200 jquery-migrate-1.2.1.js Show response
www.uptycs.com/hs/hsstatic/jquery-libs/static-1.4/jquery-migrate/ 7 KB
3 KB 76ms
74ms Script
application/javascript 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs/hsstatic/jquery-libs/static-1.4/jquery-migrate/jquery-migrate-1.2.1.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 14321735
x-amz-cf-pop: FRA56-C2
x-amz-version-id: null
content-encoding: br
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 08 Jan 2015 18:08:00 GMT
server: cloudflare
etag: W/"eb05d8d73b5b13d8d84308a4751ece96"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qHDikn2kDWhbsY3dy7h9OuXc89%2FmfbJ5IxIwfYYDP5nKeWHkLCREtJFUtcrpUKVffoXLEMkivwOyxjafvct%2F6HBP3tDgJUrO5JFN2vRNUMYnfQBU%2BbmMhi%2B%2BTOCVGgwF5BGI4fE09FeL1ROp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7d355b360b182bfc-FRA
x-amz-cf-id: o_uAQDFuwKxlzdHCDm-2SJyWzcGOGfc4NjbaSFnGh-ugqGqfY_cg9g==
expires: Thu, 06 Jun 2024 02:10:01 GMT

GET
H2 200 main.css
www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237096759/1685718446584/Uptycs_Theme_2023/css/ 183 KB
35 KB 178ms
176ms Stylesheet
text/css 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237096759/1685718446584/Uptycs_Theme_2023/css/main.css

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

347b188f7e8cbacd6a78c08bdcd479ee8878e183db0f2686f8271d7bd848771e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: 1F5F3615KDB1T6NQ
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: PENDING
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener: listener_https
etag: W/"a1aa3b744a795ef31b3e6f3663bd9b4b"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1685718446584
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 6400936fc4525d1c60e3e8fee9d4806e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 1QfkinXuY8Ai2Hz0TYNS9WguTkfOMhBD
x-amz-cf-pop: IAD12-P2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 150
alt-svc: h3=":443"; ma=86400
x-amz-id-2: B7k7DkW8AN1S7i+i1WPbmml/qRyz1wGrhE9p5+pysqSjzbmSBANJZM32SdqeLXD2502KFPW2XrM=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 486b970d-5b5c-4af3-aad8-e9447f8eb221
last-modified: Fri, 02 Jun 2023 15:07:27 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=li2DYTuefCG0wofKAdpCztVhQC7%2FJF0H6wCOYQ19i0jcVOQ6FPjgq8gRRXziZQO9aWi8Sz8nBiNOz68cUmMozVzuP4uxfUVFLjCNAnCv0EkqNrtdBJFyfBJR0iRVl%2BRQs3i45tA5XFhkOzkN"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-9xkdz
access-control-allow-credentials: false
cf-ray: 7d355b360b0a2bfc-FRA
x-amz-cf-id: DA3QJgG56unY0mhVAJY1rYS61w0navrYz7jtq3HCRzEmyC_6kW5k-A==

GET
H2 200 blog.min.css
www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237812106/1685982493663/Uptycs_Theme_2023/css/templates/ 31 KB
8 KB 430ms
428ms Stylesheet
text/css 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237812106/1685982493663/Uptycs_Theme_2023/css/templates/blog.min.css

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

72247706e45f83f7e255885a76aee237f5a77ade4c31fddb48a4564c39079974

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: H0E8HGGDAWVSWYCM
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: PENDING
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener: listener_https
etag: W/"efc90b9414a51038eded37ea262b231d"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1685982494468
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 69d1fa5e076e71f2d4b957dec774cb8a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: yv0km_UGZEyQIaVhyGsCg.c4zIXco5GL
x-amz-cf-pop: IAD55-P1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 117
alt-svc: h3=":443"; ma=86400
x-amz-id-2: HqN2EQpYj0uBW8UUG85ZaYs10CBi2JF8asFlOAKb92hS7gma77lX4i2tfVzH/E0b/wecq/tiHOg=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 784c53c8-0229-4139-93e7-bb0f378bfe34
last-modified: Mon, 05 Jun 2023 16:28:15 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ExOu7OBAiEG3%2BqJM6uPt160pwPSucux1I0QT2sm35K8vWXMVuKtdSqV3vJfPHutmpyFuhXVO4cPRiOZPf%2BTPG7WvlqdbmuQR0i%2BIHM72fc51ACGZcoQZFnXtGDGd%2FZSq3sImb37cSRwZqWfw"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-mxtb7
access-control-allow-credentials: false
cf-ray: 7d355b360b0b2bfc-FRA
x-amz-cf-id: hQU7Z6ye8B5X-n3-Rn9jZMYl8gehPi6Ar1pIlVPN61NibwXqytcUTw==

GET
H2 200 theme-overrides.min.css
www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237648739/1682460993713/Uptycs_Theme_2023/css/ 26 KB
6 KB 436ms
434ms Stylesheet
text/css 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237648739/1682460993713/Uptycs_Theme_2023/css/theme-overrides.min.css

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e323a3bf913040ce64061d772773acb0bb08c19c7e69c056b6fcfbdf12f525f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: Y0JENW9822E5TR1R
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener: listener_https
etag: W/"174b8eb2ba65ddfd3002bb51f0ffe065"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1682460995425
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 263d97c176fc51d1d08116820c013de4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: AiF4wyLkU5NKj4pmHh3kueEph9ecESFg
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 156
alt-svc: h3=":443"; ma=86400
x-amz-id-2: YLd8X0pfgg1xeA60/HPSKtXd/SwaBi5y4PiEoZ2EUQ7KH0wnyezjWq0W50OncfAE6u7sj0s01h4=
x-evy-trace-route-configuration: listener_https/all
x-request-id: bf0b0b9a-783f-44d3-ac4e-9449d4f63df7
last-modified: Tue, 25 Apr 2023 22:16:36 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QOHHhrIrxstz6Fxjtk2FmKD13XRRxTlO%2Fx30syf3lKdgqnR%2B9mpr%2FlNUMVPu1UNRoxo296G%2F%2BUx%2FUbfhERw90ZskHNMJ4Iw5o5SaWFj%2FSFqMsEjxFwhKrxvR8zBFcz5dt3VM9vIOXhaCHN7X"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-55b7d448b-rwfnd
access-control-allow-credentials: false
cf-ray: 7d355b360b0d2bfc-FRA
x-amz-cf-id: mX-jpBbHyAFbMf7M_7pjKmeyieLVnp3JtOXyJvxsx3NH98ZKgtamkg==

GET
H2 200 uptycs-custome-style.min.css
www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/118532473678/1685718406549/Uptycs_Theme_2023/css/ 7 KB
3 KB 154ms
153ms Stylesheet
text/css 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/118532473678/1685718406549/Uptycs_Theme_2023/css/uptycs-custome-style.min.css

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

92b6882a6f1f89eaea5cd62363f34180267d117487929efc8e050c20cacc5174

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: SSQ7SA72NBXMRGH8
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener: listener_https
etag: W/"4d34062fc6bdbe0bd26f0e05ac925dde"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1685718407267
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 3542174e2d71e2c3dffc0069aa7cbb34.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: I2u5wpqEqHlnWhjKeXnhMCYg2FYZxTsy
x-amz-cf-pop: IAD12-P2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 101
alt-svc: h3=":443"; ma=86400
x-amz-id-2: c8UKYQO4kkDidQNprI8LzR6+UbfL9/4seZgYTy5eu5fHwu/EX4/R/914L/GHPASqnW4wPnfjOSAFEDobLKhjRA==
x-evy-trace-route-configuration: listener_https/all
x-request-id: 0d9a7df7-12cd-4460-b1c8-606e65d11d8c
last-modified: Fri, 02 Jun 2023 15:06:48 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nsj55ms4chHvC7KMnMF7CnL60Qze7MFXqCDcvRC4gbhtJl%2FIZbklJ04m093LI%2FlnvkaxN5asL4fQ5NLaLBj3xzuYIAVHOFTXGXsP50qhy0cNhTJqPjqb5nSBdntRoxzFquWUqYpL%2Buuze4oR"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-mxtb7
access-control-allow-credentials: false
cf-ray: 7d355b360b0f2bfc-FRA
x-amz-cf-id: LPD690wdGMT9ffC4WcHdEqkQu1hXZbC3uksREuIB1eq-ma8u1l-XPQ==

GET
H2 200 module_105369588578_EXT_-_Header_Module_-_2023.min.css
www.uptycs.com/hs-fs/hub/2617658/hub_generated/module_assets/105369588578/1682272643585/ 94 B
749 B 155ms
153ms Stylesheet
text/css 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/module_assets/105369588578/1682272643585/module_105369588578_EXT_-_Header_Module_-_2023.min.css

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3799757070241db252436a90cbf25cac68f7e10e7c51580326b01d1a62dc1424

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: P1KT840XZJECXNTM
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener: listener_https
etag: W/"1e74c22cf5629d8ab7f0b04c54fe6106"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1682272643585
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: kFSkTEy6UrPCBE9dkmQ6PCfwpnx7LecI
x-amz-cf-pop: IAD12-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 146
alt-svc: h3=":443"; ma=86400
x-amz-id-2: a9EHwMXe07Dzpy8Mio8zQwHy0r/Cqy8uTJkG3hxWXhX4cr2eDVg0g1E8rqTL1GGBKb2qFo+SfaM=
x-evy-trace-route-configuration: listener_https/all
x-request-id: c09c8e5a-1d9a-48d5-b13d-d04f67fa0591
last-modified: Sun, 23 Apr 2023 17:57:24 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kqO7p3RqBUN9IfMSGo8a2cDJCL5jk9GbTxTpjBpQQqzjSvAJhnoDk%2BptJjsgq1zofFwqLOe%2BIFFMgscM0CwfKv3Q1avm8LGHk%2B2NNYPQwYrlhsjQ5WlxY%2B4Sr374G9cNAk38092yp59XarXm"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-55b7d448b-hlzsf
access-control-allow-credentials: false
cf-ray: 7d355b360b102bfc-FRA
x-amz-cf-id: oma6bzq-7_dyigNtAyhX4M4oR_AwH-ljKbhlFAmkREUxgf7qw5ZCbw==

GET
H2 200 module_105720709649_EXT_-_Footer_Module_-_2023.min.css
www.uptycs.com/hs-fs/hub/2617658/hub_generated/module_assets/105720709649/1683746526617/ 151 B
1 KB 172ms
170ms Stylesheet
text/css 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/module_assets/105720709649/1683746526617/module_105720709649_EXT_-_Footer_Module_-_2023.min.css

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

afd60f081e93bfdd3ae88f14119219e17d1ce9f48ffdb1bab92fb19fb8993f26

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: C0YP5RFH4VMPDQ8K
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener: listener_https
etag: W/"68e1ed56e2a7062e0fd9ee995d0e37fc"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1683746526617
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 6e44ac4753bea102fe3aae286f68acfe.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: fYwKzhvDjPo6TNeYS2U6aZilNPS4JPXy
x-amz-cf-pop: IAD55-P1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 119
alt-svc: h3=":443"; ma=86400
x-amz-id-2: H1dOTg4j18cMSPXt1/8ckZ1nJ1rqMQDWHRLRFIU47V1NOR0RHFdregGASYhy/wVNsz+uhskMQqA=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 0977b11f-fac5-4ddd-ad38-48a2db8af42b
last-modified: Wed, 10 May 2023 19:22:07 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pSwdj5LGMiLbbHwrCi3w6KK21yXEE4LX65rrZ4ePwm977hkzi6xaCcYLYMAb37iYOOixMyqh0f6QxSdvTkWjdrtWu2V0UYkYLGisiQGtcN%2Be07vy6lk3Copu8lVsk3Yrh8g%2BBX6tRxWlSx0R"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-55b7d448b-7hqzq
access-control-allow-credentials: false
cf-ray: 7d355b360b112bfc-FRA
x-amz-cf-id: g1VZyeufbEf3APw_SUJUcpR32h0b5IG-BXQXNEV7GJkMM-CIRpxKQA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 255 KB
86 KB 120ms
30ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FM1R8N7KP8

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1c582a3753604cf8ce65c1e86c1c85ab7b2c24c7e53b88b72464d77c0a70816a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88046
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 07 Jun 2023 02:10:01 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 56 B
426 B 39ms
11ms Script
text/javascript 184.30.16.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.16.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-16-120.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Jun 2023 02:10:01 GMT
server: Oracle API Gateway
opc-request-id: /D8671846FBD69F7C54BBD2EC8D2D63C0/AF434AAF3798523061A37CE8E52CCD56
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
server-timing: ak_p; desc="1686103801298_34694271_151386741_23_3787_5_14_219";dur=1
content-length: 76
x-xss-protection: 1; mode=block

GET
H3 200 Logo.png
www.uptycs.com/hs-fs/hubfs/ 2 KB
2 KB 118ms
89ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hs-fs/hubfs/Logo.png?width=272&height=80&name=Logo.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

531b8e2e19fc6ca9b09f0a73587963b0dbe3b79ea056fb10d0875b91653bbb40

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-106883654926,P-2617658,FLS-ALL
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
content-length: 1708
cf-resized: internal=ok/m q=0 n=853+0 c=0+2 v=2023.5.0 l=1708
last-modified: Fri, 17 Mar 2023 09:13:22 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfvRZ75P8xraLZIXLezWsgepK00xAWZ76OhjZiyMwwDQ:d278421bd7fefc0c8282dbf672ba6506"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ymugejLHwz54OzzAGcHM%2FcN%2BB6CUNplt932i09IMCfBj4txPsIDY6dUOa4RrYozJCzXPhupbcOMQ7FNF%2ByLqpzD7%2BqGPmk9JzGIqnNo%2FiwsDWQpOdXCDJLp%2BhCCqz5RHbLkJAmSGxEYeBcEs"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7d355b390e263a68-FRA

GET
H3 200 Cyclops%20admin%20post.png
www.uptycs.com/hubfs/ 49 KB
50 KB 164ms
135ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Cyclops%20admin%20post.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

400e67a02f131bcbbe9f3f1a712c671f8e17befc26eb34d4cbe929e149956c32

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-118750415106,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: NJK8ACYK5H5ZKCY3
x-amz-server-side-encryption: AES256
edge-cache-tag: F-118750415106,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Cyclops%20admin%20post.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "f1eb3383a8542029086ce27b5601e431"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1685897706643
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: yPzRkxr6wj27op6UVYdQa.m6tR9fvF1G
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=69155
x-cache: RefreshHit from cloudfront
cache-tag: F-118750415106,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 50344
x-amz-id-2: mdejKjctHBNdbhlYqiMnJFAE0Sps/L6EGgo5DjJ4GFsbjSorpSjwfkiMM9MPN31OtcJvzVUHW+c=
last-modified: Sun, 04 Jun 2023 16:55:07 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M5BFMQpcRfMWLnhd1oFi52FelamhR%2B41GIvNpqTWnVmz8GyU88oGjsM%2BsVc5Yt99kY0KuRpXGZlfr2ASV6yx944KiCU2vC2%2BLKGJrjMakZdQtd5jlEvhj1AV5TwE85yXPzP3LB2pHeOC0gCi"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b390e283a68-FRA
x-amz-cf-id: c7tX2XPrWsBerbGlq7dWf3hUqblkuVKrYhBJunV0o3LzG0W_b3njlQ==

GET
H3 200 CyberSecurity%20StandUp%20-%20CDR%20Explained%20-%20Watch%20Now.jpg
www.uptycs.com/hubfs/ 61 KB
62 KB 389ms
360ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/CyberSecurity%20StandUp%20-%20CDR%20Explained%20-%20Watch%20Now.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

907da40b1eef8c8c7e8540f1ed745d3f7d1747f2280195f31515908cd300f84c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-108919904285,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: NJK07E899ECMVVWP
x-amz-server-side-encryption: AES256
edge-cache-tag: F-108919904285,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="CyberSecurity%20StandUp%20-%20CDR%20Explained%20-%20Watch%20Now.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "82781107d184761792f550c65b6d2900"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1680200411463
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: QwkRPCm4qySnWy87HpxazjMJmmUbbbxZ
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=112238
x-cache: RefreshHit from cloudfront
cache-tag: F-108919904285,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 62044
x-amz-id-2: 9POeAHZYd2TIL2xVho6xYEs3Evr55eGptRkeL72Ek9kFODK57NFehR2FTtBFsKWFzm7c3HhW1Qo=
last-modified: Thu, 30 Mar 2023 18:20:12 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7FeIBx%2FlPbTWIrB8v2V1HeFJnBzCaxLIZpwhH6NIzxsDpOlsBityX75sZaBl6psuR0acVbqqqXdtlM4oxWVmCvIkbGdEfS0WV2VOZnRrFNIC3UjBTJz3psdn0QhfwCqaK2mZHY8%2FuA6CcK%2Bb"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b390e293a68-FRA
x-amz-cf-id: CkAT_GGVFf-IOgz-_2b7dSOAPTK3EnxuhzIvbGBfJlKkeHHbDzYGKg==

GET
H3 200 national-harbor-and-capital-wheel-at-night_credit-national-harbor.jpg
www.uptycs.com/hubfs/ 53 KB
54 KB 327ms
298ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/national-harbor-and-capital-wheel-at-night_credit-national-harbor.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6358132966e1b981be9b45cfe3e6b29d36863d44755937fdcb701ebfdcebba0b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-118530965253,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: 1S7KKAGSDEHBFHB5
x-amz-server-side-encryption: AES256
edge-cache-tag: F-118530965253,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="national-harbor-and-capital-wheel-at-night_credit-national-harbor.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "5bd14368e0ece48b1e25363834ffe02f"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1685718803836
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: In.tRaujcT2GQVah7rykNyesIT285v7W
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=103779
x-cache: RefreshHit from cloudfront
cache-tag: F-118530965253,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 53872
x-amz-id-2: AFxjO0oI8RfNw7JuPaXMISO+q9QvgvuI0HqVnsd6EUUsu2nAevmiMY1AKlKlVfBVXf2i5l8UZsE=
last-modified: Fri, 02 Jun 2023 15:13:24 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rA7vajNwnrdxlijzahLCNNiahZGQnrxTcQo6vTLu0pixHaU1GvUibFA%2FgPEOVx8wAIQmHepqZf5wBh8dKDclGbncYSPeGGB4v0YUuYyED%2B%2Fgbfnq%2Bb5Ypx5BB4C6pS1ETCU2Qe%2FrN01iC8n4"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e2f3a68-FRA
x-amz-cf-id: vlVfm3og2_G3PUDD-L4OjgXYf9Q2i1VQ7oSvRbWS4ypsWpZ4uCcapA==

GET
H3 200 uptycs-platform-final.png
www.uptycs.com/hubfs/ 99 KB
100 KB 165ms
137ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/uptycs-platform-final.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd6bc293197999e9a505f41aaf63637517977b0d3a9e5deecad9ca960a8add2e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-47893989192,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: VZAPHQ5RWE377HHK
x-amz-server-side-encryption: AES256
edge-cache-tag: F-47893989192,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="uptycs-platform-final.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "7022575bfd935dc8eb145a0253822074"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1621964890070
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: VV1aEsl4qrHv1E8tSx_3oQ4I3qdPKJXy
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=139883
x-cache: RefreshHit from cloudfront
cache-tag: F-47893989192,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 101324
x-amz-id-2: Btd+yEQt0g85Xoa+DpZ5Xi901aZ99Zo4JaINDhslEMfv9djqwY9Nh+z7WAGKyX8zp0p4GOG4+6c=
last-modified: Tue, 25 May 2021 17:48:11 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uy%2BOW%2Bcu%2FN6kciRAcS%2BGYN%2FMgIs5cRl4r1X89MTjei58PzXa03N1O1ou3jBmNOeHgh5qSE8LVhYoACYFbw71ENZgVS595nZV4PxTAbCQIgZtRToEct%2B0XrEKjQNb7DO04%2B7GwxEjTl1CyrOa"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e303a68-FRA
x-amz-cf-id: 6P4xUHFVxpNaQkhaNN28pGP3V9-DANHrSsI2xcqCYU1LiCUoArBxjQ==

GET
H3 200 Blog%20.png
www.uptycs.com/hubfs/ 552 KB
553 KB 169ms
141ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Blog%20.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

513a0196d2e74dc807ffdbd0d5383975e2614946d96ac0699bdf98540f380d23

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-116082428761,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: VZAKNNHBD27HH133
x-amz-server-side-encryption: AES256
edge-cache-tag: F-116082428761,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Blog%20.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "43c7a7ee6ba17492a1261b3b8464331f"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1684421704609
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: d75M3NmK93SpA.7kyjnQRdK0bsVCApST
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=879966
x-cache: RefreshHit from cloudfront
cache-tag: F-116082428761,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 565028
x-amz-id-2: DuH7y6MMLYr3wPBgjnTmWVtHKR/mxjcC0oHuAIE2BPxovygTtvJI1l/C5TtE4EfZul1Sk65Pqz+qb887iFqaAQ==
last-modified: Thu, 18 May 2023 14:55:05 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BUyU3n80j813331VA8zz%2BLWE7OeWMAJbuKJcN8y6O7%2FzV3v9YTk312q41cr7zqt%2BsWdtQ6xPM6eNKN6bpU4GpTvcRFmMls6X0FM4YgxVR3eMBzrUeDtJCnOwqXyTJU55eYlgIqU%2B25SUdNb"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e313a68-FRA
x-amz-cf-id: 6ke3LTINQOqWbecoSYo9ZM6uJhbk5f1T8tFLcievJFfGjXhLQaDcRQ==

GET
H3 200 One%20hand%20preventing%20punch%20attack%20of%20another%20hand.jpeg
www.uptycs.com/hubfs/ 60 KB
62 KB 116ms
88ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/One%20hand%20preventing%20punch%20attack%20of%20another%20hand.jpeg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e0f35a884a699c2538d2511ec2b8f301d203047e7564e9f7cd9cbce73b5e982

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-115169596248,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: CM7DCRBVJS70T3RH
x-amz-server-side-encryption: AES256
edge-cache-tag: F-115169596248,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="One%20hand%20preventing%20punch%20attack%20of%20another%20hand.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "893b5673dbb737b257f2d6a1cf35e5a3"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1683816915744
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: JVHlpOIMF5KL.LEwcUG38BPRmmm2saPl
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=494333
x-cache: RefreshHit from cloudfront
cache-tag: F-115169596248,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 61648
x-amz-id-2: CU2rINNEj1lTv4owHLVto4ALmM0Aj9W7b+m7Sg7W0m+ncdCetfvvmABe0tZJuOLOtI3CW2QCEbvGAUg26TybsQ==
last-modified: Thu, 11 May 2023 14:55:16 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VAc3TMKd99hdirOJB85w6bp7ndS0hfciNnAlO1i2hgzG7yiyDKYFg2r10aIO%2BbD4swBT%2BSvSDta%2BRAWwGH9YBGVfCzrdeNVL8BC6GCSJ6csjPmdGCCr0Vf8MKdjRIVfC21%2BKRUfA6hi2SfNE"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e323a68-FRA
x-amz-cf-id: EBDppFKKaQoF0GWzrXA_udt6GY4RVP678YhcXMjKEqhMHrsCBiEk-g==

GET
H3 200 Featured%20Image.png
www.uptycs.com/hs-fs/hubfs/ 550 KB
551 KB 119ms
90ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hs-fs/hubfs/Featured%20Image.png?width=1199&quality=high

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

35a64c8c2cf505628cac2270e83f8fec18c7fd3ccb6677b0f69d9f23cf078189

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-115022911873,P-2617658,FLS-ALL
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
content-length: 562974
cf-resized: internal=ok/h q=0 n=16+119 c=0+0 v=2023.5.0 l=562974
last-modified: Wed, 10 May 2023 16:38:16 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cf4OOJb3CuWbnAhhE8pZya7zxZmuaQL8ruO4GCtmSGDQ:a573bcde65cca06ecd69ec2e1de1d43b"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r6nx2caRThuPtl%2FWd6YX%2BZTNbfyvgK0JmrUalTzVdPs8DIutEhr2VHQtufAUhKs0I3EaNB0FOXpryE81D0NfLdp4Pgx7nQyxH6AuOAVXLwzlKNjHh7RmwUYW0Lo0Iz1RrarD6F%2BVqJfkhAGg"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7d355b391e333a68-FRA

GET
H3 200 Image%20of%20businessman%20examining%20objects%20with%20magnifier.jpeg
www.uptycs.com/hubfs/ 82 KB
83 KB 211ms
183ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Image%20of%20businessman%20examining%20objects%20with%20magnifier.jpeg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

41d1476dd2c9d39d825f66917480fcc31de80afb20ffbc464319a9579f6e0962

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-113952949798,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: CM78FCZNJN7HMS15
x-amz-server-side-encryption: AES256
edge-cache-tag: F-113952949798,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Image%20of%20businessman%20examining%20objects%20with%20magnifier.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "483d48f95d6fb63935432f2ecde1bb19"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1683058835572
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: hv7YYeX0utmfZPDvqCa3VVhcFzhrrS74
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=645451
x-cache: RefreshHit from cloudfront
cache-tag: F-113952949798,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 83736
x-amz-id-2: DnZV4/OhZ5gEdPm5Q3mM5vYxarXc/Yzi0DzJd+Ceul1wPwMiXOF4e/7gUZBVjXEfI/4uvOESFJo=
last-modified: Tue, 02 May 2023 20:20:36 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lkUxRAq0AwajcBdLPHfY8gSaV0umqYJ1TOR9sXbPn46ZApTB%2Fn7hITsQ9JJXIm%2FI788TsdKpdHodZiF5KTE5v4fc4u6wZmMB%2Be%2FxRmsx%2BpAH03JWPOZhSO7xFYmAI50AsmYO8rY9z1BDgRQ2"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e343a68-FRA
x-amz-cf-id: ljG7AGqi5WZNoEfK9bksLAM3G6UcdCr7x6p9RwssEcIGq1WuknvRCw==

GET
H3 200 RTM%20Locker%20Ransomware%20as%20a%20Service%20-%20Featured%20Image.png
www.uptycs.com/hubfs/ 140 KB
142 KB 135ms
107ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/RTM%20Locker%20Ransomware%20as%20a%20Service%20-%20Featured%20Image.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b5dc9b51b59dd4b8074da124cb0d662deddb17a65712122bad13db214b28f42

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-112780881495,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: PP40A2751ZNJ6CQP
x-amz-server-side-encryption: AES256
edge-cache-tag: F-112780881495,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="RTM%20Locker%20Ransomware%20as%20a%20Service%20-%20Featured%20Image.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "ae4f50f058e6f3d0afae80cba9852111"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1682458594691
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 df327bd0c8709a81ade8602ac9ef16e0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: WNRN0LKTkWF8dAKjDJvM68lGhpEWKR8T
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=189205
x-cache: RefreshHit from cloudfront
cache-tag: F-112780881495,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 143598
x-amz-id-2: U84S1OicaU5zbPWB/XpDCfausPiimqiBPdorc3gGJi1bHoT8qqH+m8H7h8xsBSyZ9FR9dv9Vtog=
last-modified: Wed, 03 May 2023 16:05:11 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qxsaEj5UB1aD6dQyCW5JDrJVimLsiBE0%2Bhd6u7hpDR0cc5YQY88n%2BWS2G0NvuJ0cLj9SRzJN0dGj7YjsJRkV0Fzb8qZqHSXGTPIqKN5L4DjMN04QOUfOfKpC9xTC1MIBoG4x3Y63NhPhsI5W"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e363a68-FRA
x-amz-cf-id: K1IVhDETyb3TPAiMOTpO3B2nebso6nya0v0Aw9KRHDh5CDQE-JzwvA==

GET
H3 200 ottom8.png
www.uptycs.com/hubfs/ 175 KB
177 KB 1417ms
1389ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/ottom8.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

43bd71ab57ef0a5b7346753c76f7756303f7acfd6860e74eb0cb15ed38779bbc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-111731412633,P-2617658,FLS-ALL
age: 19452
x-amz-request-id: HF753A280M1XMBV2
x-amz-server-side-encryption: AES256
edge-cache-tag: F-111731412633,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="ottom8.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "b5f10c03d0bcd3d2327813cbb9eb4fc1"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1681915912055
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: Z5kK7UrRMZpo6R84khKicHbSCyNk5sZP
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=293080
x-cache: RefreshHit from cloudfront
cache-tag: F-111731412633,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 179600
x-amz-id-2: mrCOh8DENwOlhdjqcSNq7DPr9YMU7S7GuZWuFtWcvq8zq3jQYigGrJfeq06wXWzt1PtsNkN5l2Wf1KFv19IVuhWFTL07c45Y/DlSXnaiV8E=
last-modified: Wed, 19 Apr 2023 14:51:53 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0PDslhxPQeOIA4WG%2FXkzQ0GJTPVIhZRrFe0yUDdyJDNaqVLqIOP716%2Bj31TaqPlqM56AmI%2F%2Bw0ccE4OKNxLpGQT7u9nHaaXLdAh%2BTmke3c%2FUxnf8nHF34iu1ZNLwY92SZ7J8gWCEtB%2F1wge"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e373a68-FRA
x-amz-cf-id: 0BN7He9OAY19VwQmabxObSNzh64PBNnA9h6sCHMuivjDcZq5GPcy2w==

GET
H2 200 HqB45O2x4s0KKeslf9uwP2l7LeMJNGtsJ15vFhx8_y8lciCHRZIrmzowdVizF9Wfyzd8pg1UVT3XjJQESPSfeWK7EuphDWElOyZWDDLTMVj3s35ABSmY04eDgCuOEm7UJ-jbVgNJEGCdvna78OKEFbQ
lh3.googleusercontent.com/ 112 KB
112 KB 289ms
192ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/HqB45O2x4s0KKeslf9uwP2l7LeMJNGtsJ15vFhx8_y8lciCHRZIrmzowdVizF9Wfyzd8pg1UVT3XjJQESPSfeWK7EuphDWElOyZWDDLTMVj3s35ABSmY04eDgCuOEm7UJ-jbVgNJEGCdvna78OKEFbQ

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1fbff42868494cca8f7de3b7149fe4ca0eb0043f9fff74f87cdf0e8145932e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:02 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114668
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 08 Jun 2023 02:10:02 GMT

GET
H3 200 Blog%20-%20CSU%20Cyber%20for%20StartUps.png
www.uptycs.com/hubfs/ 576 KB
578 KB 123ms
95ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Blog%20-%20CSU%20Cyber%20for%20StartUps.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fc9f1facac909542aa513934c6cb47b1d36d50771d1da3368b864ee7bfe029b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-111802646556,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: HF7EWZJXH4GD2QFR
x-amz-server-side-encryption: AES256
edge-cache-tag: F-111802646556,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Blog%20-%20CSU%20Cyber%20for%20StartUps.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "5932ff1cfbcfac67b484244f72a8719e"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1681942513656
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: OnvG8eoERutmgN0xxfpZETohiP7r2RHS
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=911952
x-cache: RefreshHit from cloudfront
cache-tag: F-111802646556,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 590058
x-amz-id-2: 7sR/9LaMmC6KIMcxN5vDoo0KifWyXxGLYbG/U/LVRnmheezzZZb4f0s2DgANZTX3ScCONPyMKTDmyjbfIfcsgNrVjYhNPFputym+tS+hxeo=
last-modified: Wed, 19 Apr 2023 22:15:14 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dbNEI0ga5wzVx2A9aw46Hs0oX0oNsIDkX4y6BMUDjRr%2F%2BDCarbYQiv%2BtxdFPtujKW0kcY5UEv%2FVuJkoTzdPifZU7I1pZMmq02N%2B0jpKUG31GfMuDq%2FcNhb2Zy5U5B%2Fd3zLys4Wo3OplYK32M"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e383a68-FRA
x-amz-cf-id: dRABQt0WsQ0JTsg2xXdl-RBvDgadFe0jHi08qnDpSn2Z7K48mrYAkg==

GET
H3 200 APT-36_FI_Blog_600x325.jpg
www.uptycs.com/hubfs/ 66 KB
67 KB 1398ms
1370ms Image
image/jpeg 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/APT-36_FI_Blog_600x325.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb0a88c1688bc286cc56820f7233e73c0fd8c109c77f3a9f1ad7a8212428ec96

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-111428133942,P-2617658,FLS-ALL
age: 22795
x-amz-request-id: 18XHZ84V646VJVG1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-111428133942,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "1781a089e2ebc83083dd0b43429faa60"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1681756444884
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 df327bd0c8709a81ade8602ac9ef16e0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 00OaDUtLyOLC0lSKJqZwTdzkSeFldQ0b
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: degrade=85, origSize=103055, status=webp_bigger
x-cache: RefreshHit from cloudfront
cache-tag: F-111428133942,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 67097
x-amz-id-2: jgcGpG4jXdjPM7xM4R8h4cFn9Xz2G5dPgpBy6ZSvJ7X6BhmkItvJQOSIKOuGvZZs56FBfbFsYfD18/ROUPhXZA==
last-modified: Mon, 17 Apr 2023 18:34:05 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V93VJtQ91hCe9Bel1XvYa%2FhLjn%2Fo407fOdzWmgy9rUl9vEKwOVGvhqCaiRU%2B0iPch802zf%2BUIKNuMAOWnfYiwlXRs67TCJbgPM46JOrG2iB%2BHPXsM%2BEx9GmbqewhXvCGgwV509rY5tmYPPbr"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e393a68-FRA
x-amz-cf-id: SP4YGIHeUebpDVsvT16eOkKia3oTU3gEwcjXpANSsIS1kgG-W5WyVw==

GET
H2 200 xaUIMcGBp4ZOSxz2rG0tgCpCo3zl5mB2Mopk-TzRAsx2fj0FWfOEjlvStXtbLzf1IAr1pJycqPDxH8pvpqXFa0gsXvd19hNWElMDMVF3zgltML7WKWEQYr1z-amapbXhfhmKbkhM66UoaJf68tCKgls
lh3.googleusercontent.com/ 432 KB
433 KB 319ms
223ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/xaUIMcGBp4ZOSxz2rG0tgCpCo3zl5mB2Mopk-TzRAsx2fj0FWfOEjlvStXtbLzf1IAr1pJycqPDxH8pvpqXFa0gsXvd19hNWElMDMVF3zgltML7WKWEQYr1z-amapbXhfhmKbkhM66UoaJf68tCKgls

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cba766236206ed7627c08ad6cb79e65212f918b6c151d1ecbd60f6c3cdc60429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:02 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="Untitled.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 442826
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 08 Jun 2023 02:10:02 GMT

GET
H2 200 i3oDhaNlzwjAs0eV93sJH1AH9DjL3dR09QCTdahU_BoP9ONSZERJ2zdRrtv9e9O1PCV5HnCGnFcPwg0CDWrk9boL6n93Hn7cShbNBcgLcWL34_wluFBCFQcsqZSRXNmp_7_l59o4NdUWn6L5h013KKk
lh5.googleusercontent.com/ 200 KB
200 KB 251ms
164ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/i3oDhaNlzwjAs0eV93sJH1AH9DjL3dR09QCTdahU_BoP9ONSZERJ2zdRrtv9e9O1PCV5HnCGnFcPwg0CDWrk9boL6n93Hn7cShbNBcgLcWL34_wluFBCFQcsqZSRXNmp_7_l59o4NdUWn6L5h013KKk

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8d605a66e6a893628f8892b501dce73240ab3490010515086a9d7d47a2b720a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:01 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 204749
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 08 Jun 2023 02:10:01 GMT

GET
H3 200 Back%20view%20of%20businesswoman%20working%20with%20modern%20virtual%20technologies.jpeg
www.uptycs.com/hubfs/ 110 KB
111 KB 385ms
358ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Back%20view%20of%20businesswoman%20working%20with%20modern%20virtual%20technologies.jpeg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd7a6c710c8054479996fe2bf1b710df713004aeb8e87fa495513b865223e018

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-110373137281,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: G69M254EY7K06K98
x-amz-server-side-encryption: AES256
edge-cache-tag: F-110373137281,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Back%20view%20of%20businesswoman%20working%20with%20modern%20virtual%20technologies.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "a36a21c0acb0920a70900bb9cf1c6b61"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1681148385473
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: JMs6LshvFV5ffZWSmdkzNLB3tQg21rzN
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=744963
x-cache: RefreshHit from cloudfront
cache-tag: F-110373137281,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 112752
x-amz-id-2: W5BMwpYcWC90d5TVD/r3efLRFJQ3QnD0JITX1gkCkErC8xzZ8j3wJ/KS5eQEbV8XmtsNM76dMV4=
last-modified: Mon, 10 Apr 2023 17:39:46 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Vudoc5qQiMlVEFRKM8ZkyiBfhXc%2BDVei%2BhoJt0XAD4LjW15mfxwm1ELdGS8%2FxaBN4Fwkz1VKd3ndemQiUMdw3HOp6P%2B1peIRN1ScItpsRj1eKc86LdxlWapvKJoMFpYrdZbUt0R%2FHOJ5eTZ"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e3a3a68-FRA
x-amz-cf-id: Sq23Cv4d8ZVTk6AQmtrPMfdwVFWUvbZyyrL5jB417B9ZGsPw64f2ag==

GET
H2 200 -zQJekhIyY-nLvD2GJBhdWe6kVDAOSE_lNELLTDLOeMO-Y5H-ewkHf-0EO8_ry2hjODbd5bhvlLdCjJmYlo4QYsy1ILkRFfWr9YuLhlycZlEPWmG9Ub6ihi5J3PCsX_CkpBjnBVsKdQcuiuIaIz1f2o
lh3.googleusercontent.com/ 58 KB
58 KB 264ms
169ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-zQJekhIyY-nLvD2GJBhdWe6kVDAOSE_lNELLTDLOeMO-Y5H-ewkHf-0EO8_ry2hjODbd5bhvlLdCjJmYlo4QYsy1ILkRFfWr9YuLhlycZlEPWmG9Ub6ihi5J3PCsX_CkpBjnBVsKdQcuiuIaIz1f2o

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

15c98134a7db6b6bdf01c89a7bceb5cc1d2937986d161e5e468475058636428b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:01 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58938
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 08 Jun 2023 02:10:01 GMT

GET
H3 200 Read%20Now%20CSU%2004-06-2023.png
www.uptycs.com/hubfs/ 551 KB
552 KB 132ms
105ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Read%20Now%20CSU%2004-06-2023.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

77a4263576c428ce177182dc24de5156dde9095d3d066cc794d47a1dadcbd6e7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-109727989884,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: YCNWBF70XB0HGA0A
x-amz-server-side-encryption: AES256
edge-cache-tag: F-109727989884,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Read%20Now%20CSU%2004-06-2023.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "4a87f2b2af318e7aec3a05220c4727ec"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1680734784239
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: BRbyhIrTnUSz19QCCLzb7S7736SArAmx
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=856391
x-cache: RefreshHit from cloudfront
cache-tag: F-109727989884,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 563776
x-amz-id-2: EKcbQmh33Eeh0m6vKnWgnJwc8T9qlXkEkw3vC74FW1iIvk/Js9LeG3ioe8twydS53SFy7YBlE5Q=
last-modified: Wed, 05 Apr 2023 22:46:25 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9RysPp6LXvcI7FXVTsOIAQnxnzqOVPh2G1hFPD5BvuaBRoeJHev15fNs0jQ4JgCyauc6W8IRtxVMne7ViNQFeveKbJeoZDPM6vGz9qZhuNhYwBW4Eq1FWoXFaTteqdPJ6xEyXqwgX7bapzSd"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e3b3a68-FRA
x-amz-cf-id: jmvnyjGaBgVWz-H8kf1jMxp_99CF74Mq6sKLVmNsdfyhriCRTmHBOQ==

GET
H3 200 Raja%20Jasper%20and%20Saurabh%20Wadhwa%20osquery@scale%202022.png
www.uptycs.com/hubfs/ 524 KB
525 KB 1399ms
1372ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Raja%20Jasper%20and%20Saurabh%20Wadhwa%20osquery@scale%202022.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5a543acd7ab6ed1bbb7e32831aba10a371c74b5b5c5efbc156bddfe32799ad1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-109642727347,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: YCNQWGTRP5KFAPMN
x-amz-server-side-encryption: AES256
edge-cache-tag: F-109642727347,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Raja%20Jasper%20and%20Saurabh%20Wadhwa%20osquery@scale%202022.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "c7c4f1d938d3ebcf253b1a0c48e24e9c"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1680704432899
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: Ew7y8U_gJzQECx1ix3fDcIEC6Crz4gN_
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=1010697
x-cache: RefreshHit from cloudfront
cache-tag: F-109642727347,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 536368
x-amz-id-2: h+DqvSORfQCyUYVi36MEdsLMugj61V0G6FXH2uuGmpiw/aHyvwfboJMpOxqVM4cALD9Jj7Ltk3E=
last-modified: Wed, 05 Apr 2023 14:20:34 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kmHWqvbN0v57kknxyqpCpHudveqfiDONB4VhMCs0FuHzWVNaacRgFoAMJZAHj49anZdjxSMGgVcHNBj7BkMeNcUxz4s3wxxzDFm7zUcO1p16YjjuOvUue4Vw9sgPWyCfRD%2FLcsLW4bq70lBj"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e3d3a68-FRA
x-amz-cf-id: sFJg_kySlbXbpwtH8kUkTY8a9ek0VOUngxmUJ6YmKG2QnaPK4MhDwg==

GET
H3 200 CDR%20Icon%20400x200.png
www.uptycs.com/hubfs/ 10 KB
12 KB 252ms
225ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/CDR%20Icon%20400x200.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1aa55a45372916db5b66372e7264879e2d841f7179013b5e30bba0a4ce29048e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-109493936746,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: MDFFKPXSCZWTEM74
x-amz-server-side-encryption: AES256
edge-cache-tag: F-109493936746,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="CDR%20Icon%20400x200.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "314eada8902ae075821b14c551e15150"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1680622386224
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: IhQ1eADaCQVqctrc_oa3jfsXgXltVl2x
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=16134
x-cache: RefreshHit from cloudfront
cache-tag: F-109493936746,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 10590
x-amz-id-2: nwfWZQfDm7sXEiRmTzI34KVA/uIjatce9Rjddbe0B4G+kWYhGh/oaS3Aqizr8Xwrk4h67Ln8CFA=
last-modified: Tue, 04 Apr 2023 15:33:07 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f8u%2FiQ6vuAlzJutrpVoKjCqODO8%2B%2FUKqlB7V7s%2FbZuFScgouao71FeR12StdCmMvhWgZ0XvGQOsoVj320NzLLiBhjJr1AYoLZHMGz01gyklOzKB2q76qXTLEYm9p0dH26niog%2ByB9FexTfFy"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e3e3a68-FRA
x-amz-cf-id: -ZlA0GiMk3P0tHj_DM5Hj4GnFggMYNJ8I_Kd3ovcAJ-rV-gx1w1yyQ==

GET
H2 200 pDkHcMeRrLA9KC9w9Gh3-JIqeVM5PEsi77UqlsbywW_Pbizxn7W3LEEYU8BHB8LBssP41Gbf_111C-CLO7nMWz86oLsXGCeSPYCwYSLkcWLnTSCWnWq43FbrrnKzBckyvBuyoF3UYr-ltVMDqgeHnxw
lh6.googleusercontent.com/ 192 KB
192 KB 320ms
225ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/pDkHcMeRrLA9KC9w9Gh3-JIqeVM5PEsi77UqlsbywW_Pbizxn7W3LEEYU8BHB8LBssP41Gbf_111C-CLO7nMWz86oLsXGCeSPYCwYSLkcWLnTSCWnWq43FbrrnKzBckyvBuyoF3UYr-ltVMDqgeHnxw

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cfe54f49db449fb9fed45514921a18f6fa352af4da35f818ab626431dbc85e67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:02 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 196284
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 08 Jun 2023 02:10:02 GMT

GET
H3 200 RSA%202023%201040%20x%20560.jpg
www.uptycs.com/hubfs/ 32 KB
33 KB 253ms
226ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/RSA%202023%201040%20x%20560.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

97cd6433bbb9681654b1c13ca36a1764768dc0661c7f99c0d2b7c926d2f2c3f7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-101559473805,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: YCNNNC4FJ4TXHSRD
x-amz-server-side-encryption: AES256
edge-cache-tag: F-101559473805,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="RSA%202023%201040%20x%20560.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "497d542fbcf575fddff4884ca2e571ee"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1675797596715
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: a308mKp0Rzywbwi5eQTUXRLiBITiTlDN
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=68776
x-cache: RefreshHit from cloudfront
cache-tag: F-101559473805,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 32440
x-amz-id-2: jyr+O8F+xAFsTQsY4nz7R0vhmE8jfTPWarUoDlqVER3TtxrVn7xNjiEtKzY0KwfBgOjqGYbdeJY=
last-modified: Tue, 07 Feb 2023 19:19:57 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AVqvGdLMBDF4WuFpQ6INsqT9bMFLLrBDP4pqvLNTfiCdtrZQ9B3u%2FECVcIt%2Fd4HdmWrGOEAfzzfD3r7ILTYlZzW8VdzpYqECm1HcQPJ3ZL7SUV%2FTMrHIY8S7l00%2FyTly3UUb2WrSOGhhbwKa"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e3f3a68-FRA
x-amz-cf-id: Lk65jRfUw3eJ_onoIxZARLXE53dA9lPIMkpk4mOoG6i0L5iLRx7DLA==

GET
H3 200 Figure%203-1.png
www.uptycs.com/hubfs/ 248 KB
250 KB 255ms
228ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Figure%203-1.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

96c81de7da8622e045b41b4fda9e57c0ea8da4df280ff5b8cd86556e620f8de2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-107904113725,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: YCNHETD5DB2ZV7M9
x-amz-server-side-encryption: AES256
edge-cache-tag: F-107904113725,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Figure%203-1.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "b5598e7e6b9fc84517e3cafe7601968b"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1679678387383
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: icIVIL59tUWA1HPAc1RsCV1DKdV8yaEE
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=419810
x-cache: RefreshHit from cloudfront
cache-tag: F-107904113725,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 254233
x-amz-id-2: ABtxw+J77k3T/nwKCr0a4YPD/iobBLVRmKCrvOH4aNwZBxw4xLrsOVN5KRqjWbxp9domx249rmHdKnZIbR79yZhIMPAHqsUU
last-modified: Fri, 24 Mar 2023 17:19:49 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z5zDK9G7k45DonACcrHkQm%2BP1wkRSiYbhDRth3yvVmcURbfGzefOBtvurXfWM%2FdhbP4AFYLMbX5mXsCHhPGSj7SYeBO9HHJvMg1qwCEc8IANpiGFXJAA7ZZEagRErAMdXB%2FalQjab9OaIA4u"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e403a68-FRA
x-amz-cf-id: kgSR2UML75Z1JaYMOPe3Zn4KNdXcKQa_L58xLE-CYoWuZY_EtmDatg==

GET
H3 200 CNAPP%20market%20guide_Figure%204_No-Caption.png
www.uptycs.com/hubfs/ 131 KB
133 KB 1382ms
1356ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/CNAPP%20market%20guide_Figure%204_No-Caption.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e08d5eef0ce4766aab6c3cb19a447fd7b30db98b33b3b47e7e6e6d38194eb23a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-107553957226,P-2617658,FLS-ALL
age: 19452
x-amz-request-id: E7C4WTXGTJAV2573
x-amz-server-side-encryption: AES256
edge-cache-tag: F-107553957226,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="CNAPP%20market%20guide_Figure%204_No-Caption.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "a889781ddfb22fd4eeeace2be3aae227"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1679508272215
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: jCejTR9vT9K92sar0jpQ0eSQuH85Cl4v
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=269392
x-cache: RefreshHit from cloudfront
cache-tag: F-107553957226,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 134636
x-amz-id-2: x3lY+IPmp9QONXsMV1SxFF2PIEoaAfUgc63M626+SYj3PqXHLgqzUyFuKe5xefjXYy8WnhdKLEYtyraIoxT032qByYE9WPDZ7UEDUsXpVXo=
last-modified: Wed, 22 Mar 2023 18:04:33 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQzMu7YuH4eyYR%2FI7lfLU0da5e4%2FoTFvkJbiJHD8dAQx5ZfHrmfMAtuhNTF6RU9wwSH9v7jlOv4CLsYBNg0Ft5WobKyAqu6898EAtkF7YOFHJNaB7W2N9RAzb5HlgL5XDmHr%2FHnM%2BAaLWl%2Fk"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e413a68-FRA
x-amz-cf-id: oZDu6vbL--4v-hpkqcuDesU0jB1uSWzbOF4UP8H_TcsNebr56Qz4FA==

GET
H3 200 Women%20in%20Cybersecurity%20Blog.png
www.uptycs.com/hubfs/ 112 KB
113 KB 1359ms
1333ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Women%20in%20Cybersecurity%20Blog.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c860d7ce21c26a7ffda7cc827220cae3a65b123b315d6d3cb62b6323c3de8f86

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-106682650778,P-2617658,FLS-ALL
age: 19452
x-amz-request-id: DQ234HM702ZA25MT
x-amz-server-side-encryption: AES256
edge-cache-tag: F-106682650778,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Women%20in%20Cybersecurity%20Blog.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "d02673b59af0d34c12712dee9591603e"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1678917178952
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: uRMQRIhJ3Ep1FCVIcuT0xU7U0vX8Lera
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=158599
x-cache: RefreshHit from cloudfront
cache-tag: F-106682650778,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 114344
x-amz-id-2: CR4LbaU5Y1m0qa1N5NCHT0PUcVO2CR4yCO6m+f3pzKu6ZbrC4n6K/d1LmlKLbX2Dfy8UQboWJn4=
last-modified: Wed, 15 Mar 2023 21:53:00 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bSGhvkOM7ZzVVyXJjfLZ0zdEWtDd2aKmMvoJnP6deVVYHjB8VWho9beanLcPa6055hdUBFrvwWpkkfBmfA2%2B5jF7GkRAbQz%2FZZHD8ucQjMvlAijfM4JaBnr42pniRLm9S2C%2F0SC3GgoqdKff"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e423a68-FRA
x-amz-cf-id: PmLiFh7htKwKq_Vdpfa0zXMXUpzOe-RFzWiiT-_1jQpN3Ak4AMyUXw==

GET
H2 200 VzxsMoHGX0gnP-84fzbGuE98VRNAB3vv6H4jSGvF6wlYHx1-aS52IG_3BwtirJUbsJjnPPVFIriiQCYKmYatXYaJJAmhLIQ3j4r9aGkOuCa6PPlqWYQSPXXEsJSfqNvGDdyPaBvZDq2h
lh6.googleusercontent.com/ 159 KB
159 KB 263ms
169ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/VzxsMoHGX0gnP-84fzbGuE98VRNAB3vv6H4jSGvF6wlYHx1-aS52IG_3BwtirJUbsJjnPPVFIriiQCYKmYatXYaJJAmhLIQ3j4r9aGkOuCa6PPlqWYQSPXXEsJSfqNvGDdyPaBvZDq2h

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

98012ac2c9a9f159b72ca52a77e83b7006cbf82eb4fe2bd577dd323c97451fc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:01 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="Uptycs protect options.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 162704
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 08 Jun 2023 02:10:01 GMT

GET
H3 200 Image%20of%20sport%20girl%20in%20jump%20against%20color%20spot%20background.jpeg
www.uptycs.com/hubfs/ 57 KB
58 KB 1330ms
1304ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Image%20of%20sport%20girl%20in%20jump%20against%20color%20spot%20background.jpeg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d88664397af128d5919cc2e1fe36eb5d5d84f25d77eb95db3d2cd18965269da

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-106702985059,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: ZV4W2NV4QHYMRVDD
x-amz-server-side-encryption: AES256
edge-cache-tag: F-106702985059,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Image%20of%20sport%20girl%20in%20jump%20against%20color%20spot%20background.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "894717f46b3d80bd4d6da7e2eff4748e"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1678932524247
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 25O1d7HJpoYcdZuEUKMei1SWMGsTeF6R
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=558725
x-cache: RefreshHit from cloudfront
cache-tag: F-106702985059,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 57944
x-amz-id-2: LeDR2h3BfuJqJ8Ll2idlwrv0WVL4V8a+tyN85/zJSsC2Z4+5ygxIboMIV3sginInMZCO4ZfkXHg=
last-modified: Thu, 16 Mar 2023 02:08:45 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6KMcuvTYaFCP9kNOXcg2I8WcVr0xf5zn2Jma4hkTOGGaJ4k34M4YowRzSkOJuE3VUHx2iKKw0Gu7n8sJyig1G1eKD71nPH0Q%2FSXQTRHcTG1o%2Bu3ABYfHru4N27tYovgSdw6qKLB8AnhnUlCF"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e433a68-FRA
x-amz-cf-id: 5G4Ukxezk553vECVdZn9RUCx2YF2sJLvqQf1YTQWxvpk9dS-62h6bA==

GET
H3 200 Woman%20with%20an%20e-book%20reader%20while%20friends%20carry%20books.jpeg
www.uptycs.com/hubfs/ 72 KB
74 KB 274ms
248ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Woman%20with%20an%20e-book%20reader%20while%20friends%20carry%20books.jpeg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

be6e0d9ed2365febfabce590a615d3ff17cd1a5978c2a80356d70268a332b26a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-106693218744,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: 83QZCAY227JN72ZG
x-amz-server-side-encryption: AES256
edge-cache-tag: F-106693218744,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Woman%20with%20an%20e-book%20reader%20while%20friends%20carry%20books.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "72c186576d4849ab81b9e29e41c874bd"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1678932148912
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: GuQ6gdf6gEhAtKMQGVRpk0Lxnb49UYHW
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=650392
x-cache: RefreshHit from cloudfront
cache-tag: F-106693218744,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 73954
x-amz-id-2: 70upqdgRv3caa+9aHvEHvSgDk0wqXV8FgEoi8q4AYg+MacAVkIPXsUzrdayJao+4oOlAzLoE6kc=
last-modified: Thu, 16 Mar 2023 02:02:29 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KTL%2FyXcs8UHmAKxClu8ea9W67fWcRFa6DTWuQwpZC91qkHMBw9MO41ibbtAMrC97kmpnv3aPA4DtyqBcB9mVfUIKr%2BIOsJ30JKxVcp%2Ffic7rp21uUgyeB8R%2FYuTCdOFlB5dJGDIZUc5Sk6fw"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e443a68-FRA
x-amz-cf-id: cZ3mA41DBB9RgB-sgtSi9u52rIkT2PcINHvgKX8Lp1qvwSazrjAvnQ==

GET
H2 200 bp-f-jPilGsN5_hxixxrIuUxvp69VUqMR818Q9Wra3Pmmw8eEfLGCrPLobbpJmSUYtb6t2k0pxiRkUz56VqYQ_QJ4rPcIcrTg8SW4kom7GTDL_W_OBWOac9jpub_SIl48I6mGynxnD0ZZCVNwvDv-Wo
lh5.googleusercontent.com/ 155 KB
155 KB 305ms
220ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/bp-f-jPilGsN5_hxixxrIuUxvp69VUqMR818Q9Wra3Pmmw8eEfLGCrPLobbpJmSUYtb6t2k0pxiRkUz56VqYQ_QJ4rPcIcrTg8SW4kom7GTDL_W_OBWOac9jpub_SIl48I6mGynxnD0ZZCVNwvDv-Wo

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cb8b41e200f78c6a320b4b693fec261f736cace6360bdec556dd3f2714a9c3f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:02 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="HookSpoofer.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 158327
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 08 Jun 2023 02:10:02 GMT

GET
H3 200 Uma%20Unni%20Thumbnail.png
www.uptycs.com/hubfs/ 330 KB
331 KB 282ms
257ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Uma%20Unni%20Thumbnail.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd9c2b524477a8b54f804e2f107a83cd38403b0ce63c8daf4f3235b23d8fc7ec

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-106692975221,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: Q2GPGDJFCTQAQKAG
x-amz-server-side-encryption: AES256
edge-cache-tag: F-106692975221,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Uma%20Unni%20Thumbnail.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "f1ac61da285db2dbef542aed8a4a8dca"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1678929375769
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: PAPVWToIoSm4BjlU7xKJGuRyGcRi5Mwu
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=623459
x-cache: RefreshHit from cloudfront
cache-tag: F-106692975221,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 337636
x-amz-id-2: iYvVp1r17DBPT9uj6LYjtykeLBG6htCYl1hM52lPwTQrLlHu6pfN+X5cZpIJ26KElSBY+D2m/BY=
last-modified: Thu, 16 Mar 2023 01:16:16 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jRPicQP%2FTh4zg1mPxeav6rBrbt3Id%2F65wmbGx34UTgN6muBnhOxABXhc%2Fn34goAFYHqOFSu3J7n4NRgFJCcfo%2BZKqmv47pa6NUDc35%2BOXadbi373j3vVVkFD%2BdoBcfLfJAxP6z2FiO2V%2BHa"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e453a68-FRA
x-amz-cf-id: U3E2_Z5P01d_95kft0df_GriFIx_Y-Nn-Q8kzhW4KTAeCwjb8ZEwWw==

GET
H3 200 ChatGPT%20and%20Cybersecurity%20LinkedIn%20Live%20Event%20Thumbnail.png
www.uptycs.com/hubfs/ 551 KB
552 KB 412ms
386ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/ChatGPT%20and%20Cybersecurity%20LinkedIn%20Live%20Event%20Thumbnail.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c02834b47104a96967e32675a202ead928b3a45d9c699f529163021143bb7a0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-105870327826,P-2617658,FLS-ALL
age: 19452
x-amz-request-id: YCNP5KW21ZCSNHY3
x-amz-server-side-encryption: AES256
edge-cache-tag: F-105870327826,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="ChatGPT%20and%20Cybersecurity%20LinkedIn%20Live%20Event%20Thumbnail.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "d195cff39937603658b2d5cdaf88190f"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1678394504806
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: H5EQ8mYZhEu5AhLw3xgA_1kQeDCrlh9F
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=873543
x-cache: RefreshHit from cloudfront
cache-tag: F-105870327826,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 563862
x-amz-id-2: HQF5Q3vSq2venR3fpKMf+0LJ62oPlhtofZHLuSvh0wRExQdYeoisFlWWCok/wGdUCWj0J9Cfq3c=
last-modified: Thu, 09 Mar 2023 20:42:20 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sZd8f6qJ%2F%2FgYG79DoY8TsmyKGsOvwdBigr8ELPjReDJ2y%2FMtnHfEKnaOEFxMXSpHDC4olSn6d9WgIU9afquy%2FuMhGE9F4wGVEXaZ1QddvFILZGaxv6A9E0l2pRY1f%2BvO%2BkiRh6Kt4C%2F%2BHt9K"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e463a68-FRA
x-amz-cf-id: St8MTB6xXS7vhq2-otxUX70Yrk0mC7jPf8-a33ZVZxL2_Ib-okvZFg==

GET
H3 200 Image%20for%20blog%20.png
www.uptycs.com/hubfs/ 567 KB
568 KB 434ms
408ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Image%20for%20blog%20.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

74492769e7a4ae72b969e195cf04027c5da7721a1dcaa822db8fbf6c0eb38679

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-105875898377,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: AK5MMBVCA18MKVE0
x-amz-server-side-encryption: AES256
edge-cache-tag: F-105875898377,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Image%20for%20blog%20.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "be1c2e8dba2ebeec7c4d13f4ee6071b6"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1678398562257
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 85ca8c4198fb707d10ecc2a784a315be.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: pFMHdTAJ1sVQPjWYh3JqSIHUoQNRBcJD
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=887045
x-cache: RefreshHit from cloudfront
cache-tag: F-105875898377,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 580242
x-amz-id-2: yDwkLbEdJg4dsRQeTSITMcv6hk1lEPT4i3OO+guhfsSVcgFfi15aep0jUkyMqDbpy7zaXvO6/js=
last-modified: Thu, 09 Mar 2023 21:49:23 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=skWJRYCIf2VHcFoqhBx%2BhZj3Lr6C9afUUmueIltD8%2BfVR58rJZIMVZ1%2B11AehSqpj7wY2GWByjfELZllicr8bzYooA8jV8oxM97jJv2j3wiSHvCQD2oP3dNjHO%2BbR6XVxXdAwu6bjpkrXvy2"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e483a68-FRA
x-amz-cf-id: h0Hp--LA5gFe0KZj_xHPUaXgzziCPx14Q5aqBu9QEU-wDRBx5UzAHQ==

GET
H3 200 Blog%20-%20LastPass%20Security%20Breach%20%20.png
www.uptycs.com/hubfs/ 551 KB
552 KB 444ms
418ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Blog%20-%20LastPass%20Security%20Breach%20%20.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

723fa11b73a59e983916e2b69eabdcfcc838fddf4bdcf80b3f78d9a866fa27a9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-104828779961,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: JSTGN24NS978MD7F
x-amz-server-side-encryption: AES256
edge-cache-tag: F-104828779961,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Blog%20-%20LastPass%20Security%20Breach%20%20.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "2e10e86d1bd7fdf9dcb8fe016dfedc8b"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1677773394052
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: MZaafjQaua54dCR_hCdbbn4IaONYYG.6
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=869482
x-cache: RefreshHit from cloudfront
cache-tag: F-104828779961,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 563854
x-amz-id-2: cM0ajO8GkQc5EpIwQja7BUurf7kKIwyNamDAV2QmSaAjJgIXucI4AcwgQLyvpRUUdm85A8JoZAI=
last-modified: Thu, 02 Mar 2023 16:09:55 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2BQz6zNOwZwfPel9ZRgYsczhmeiL30jxFqXY9vPIofjiGsYckAAexpP7wM0qx9kmZchAAbiOhsW7vMJr%2BPnho6izddiZz1onPyu6KsTK3OWt0xGU6ZrjJN7G%2FecLC7jgXAS99Q7WBPePnRHf"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e493a68-FRA
x-amz-cf-id: t9pl7DgGodCgvDLelRcCCEGTpqJzbwjRtuJPjeQ85TQpnmGSIImSkw==

GET
H2 200 HCZ_H8Htzq-VcSxhekhY-uSlwsdWteA2h5PGr5s6xVtwwqF9elcAL8EFmdScjiqT2QshmsjsHwW9UNDLBQMz6mbvzgmC5mBv0J284c_i2_H03S5yQArZnDHg34k4aT-iGf7pGKUvMsUdS63BTUCYgjk
lh4.googleusercontent.com/ 179 KB
180 KB 250ms
158ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/HCZ_H8Htzq-VcSxhekhY-uSlwsdWteA2h5PGr5s6xVtwwqF9elcAL8EFmdScjiqT2QshmsjsHwW9UNDLBQMz6mbvzgmC5mBv0J284c_i2_H03S5yQArZnDHg34k4aT-iGf7pGKUvMsUdS63BTUCYgjk

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9815d9ce08d6fc114bb40678ba47b346e231ba0a8c8ad9f7862794b02d63c950

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:01 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 183455
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 08 Jun 2023 02:10:01 GMT

GET
H3 200 Quarterly%20Threat%20Bulletin%20%236%20660x360.jpg
www.uptycs.com/hubfs/ 19 KB
20 KB 300ms
275ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Quarterly%20Threat%20Bulletin%20%236%20660x360.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

63435f8e349ab7c51dbf963bd660c8f47085d11e5d1ac14b5cecf94074e9b6b0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-102505278375,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: FY7FWZQEESQ36823
x-amz-server-side-encryption: AES256
edge-cache-tag: F-102505278375,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Quarterly%20Threat%20Bulletin%20%236%20660x360.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "ef691bb8b581623614fcd321dbc4b4a6"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1676404811517
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: _X93eVh7jhlQMJZpAKt2Syoo4DJAQzJo
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=37067
x-cache: RefreshHit from cloudfront
cache-tag: F-102505278375,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 19348
x-amz-id-2: w16VHb9no/zkP6iJ6ile6mwYKPivUStyvId6FFnypCgrAWm1stjsCWhvt2Yr6yIgMHe7zQAP6D0=
last-modified: Tue, 14 Feb 2023 20:00:12 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0988ypKq4WkPJZrpbeE%2BPssc%2FtZGd%2FHi3inoIbJyWYQTyWbCqK%2FBI%2F0mFv6zalql%2FG%2B0PhvBqhtl5alC95Y7luG5W36YaXYM%2BjC%2BQjJQZwpHa49qKFOpihY7jwEnDAE7mvB5QloKNbN0dbdU"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e4a3a68-FRA
x-amz-cf-id: prChDOoWnXb_8S2AjIcHiubUv-szB9Jn569ZmXv_s5yF1B_ZulzO7g==

GET
H3 200 uma_osquery@scale_thumbnail_800x400.jpg
www.uptycs.com/hubfs/ 29 KB
31 KB 462ms
437ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/uma_osquery@scale_thumbnail_800x400.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

10482743fb0f36a396539ef6d105de5e1822bcb7a14b4af22ea5a53f810b4c42

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-102030876053,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: YCNREM8N51Z9393F
x-amz-server-side-encryption: AES256
edge-cache-tag: F-102030876053,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="uma_osquery@scale_thumbnail_800x400.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "88aef9141d6e9e69db6ab2eb5bb35999"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1676056754569
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: jCJXkuiaceX2EZmq6mmbgF1Jm9n2C2jd
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=60790
x-cache: RefreshHit from cloudfront
cache-tag: F-102030876053,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 30048
x-amz-id-2: VW8b80pBn3zwZn4w+61fD0Xv/eqqKmzwrGIp8SGdcFrd3ZA/gOHLq0t7tCWPLdU5DK5ICv5F3m+D44jnMEagDPSaGa1nKFwn
last-modified: Fri, 10 Feb 2023 19:19:15 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LouuNCkIngYVz5dV5Gptbgt7W8oAopVa4N5XEpC%2BL0m61CGE9KRjB1l1cEc0fhZnR%2BGSfYZYVsJXW6Xfsfwe3xL3csIYFjJ36FtKNFWUU405yiFSk%2FyOA8rD0upB5wOiFPoaS3tGU%2Fju10vB"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e4b3a68-FRA
x-amz-cf-id: fBBL8a9CW0cc4WATW7yvEY7r_uBZfWGO1JhZuHQF6lZzwj_OXZFnZw==

GET
H2 200 1hW07mSpsmxjtTbeA9p4raAYCj1nJ7-dTmSpwK7bw80Dp7FGvaGWwcJB9cPqNyl76Sr5CNaVaa4ONcBrJr7qcihfb9C5T3_ZNW-dFJdhknjI2HhPEc2Dcot4pK4AE-tFK3_ysB5Gqwx5pFY5wcadzU4
lh6.googleusercontent.com/ 98 KB
98 KB 469ms
377ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/1hW07mSpsmxjtTbeA9p4raAYCj1nJ7-dTmSpwK7bw80Dp7FGvaGWwcJB9cPqNyl76Sr5CNaVaa4ONcBrJr7qcihfb9C5T3_ZNW-dFJdhknjI2HhPEc2Dcot4pK4AE-tFK3_ysB5Gqwx5pFY5wcadzU4

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f7586df149c56356640efea7482bc3092d1598fdf7826c7c0c239eb23c7f2960

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:02 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100115
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 08 Jun 2023 02:10:02 GMT

GET
H2 200 1tm7pCHJ0buvgVTG0uyeVppO-vBZKdqa0scuqMoQNM4Amuv593xWRCXB4asZ9gQJ5rs2kPwnZPkaoRquSH-iktD3GgH2Du-Q1-iMRqSm9TY6OJLsuqG3xCWFWJ-yUN4YhnNLWOKw001TKg1tXXJRt7o
lh5.googleusercontent.com/ 138 KB
138 KB 207ms
207ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/1tm7pCHJ0buvgVTG0uyeVppO-vBZKdqa0scuqMoQNM4Amuv593xWRCXB4asZ9gQJ5rs2kPwnZPkaoRquSH-iktD3GgH2Du-Q1-iMRqSm9TY6OJLsuqG3xCWFWJ-yUN4YhnNLWOKw001TKg1tXXJRt7o

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2fc951783cca0a7b96ebd7cad4287432c68e7ed356dca24cb7cd5f379e0d6a5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:02 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141153
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 08 Jun 2023 02:10:02 GMT

GET
H3 200 osquery@scale_thumbnail_800x400%20%281%29.jpg
www.uptycs.com/hubfs/ 32 KB
33 KB 463ms
438ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/osquery@scale_thumbnail_800x400%20%281%29.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1f8fc3977d8130f942563b9b171c5dce6311407f6e9069e221f7bc7c856f65d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-101430715210,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: YCNXG8N0HTNRC8WW
x-amz-server-side-encryption: AES256
edge-cache-tag: F-101430715210,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="osquery@scale_thumbnail_800x400%20%281%29.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "40f9a903bc08ac0448dda394210b99ff"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1675720699871
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: iVFs8Fh_1lPv0vVNWh1I3D.D__mNSFNj
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=63377
x-cache: RefreshHit from cloudfront
cache-tag: F-101430715210,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 32608
x-amz-id-2: 8u3xL8u0lhMZMKdeMwtKR1wDgbutMgG+2qOTI9FX+gaTWnSycpXDDwBPJyL0d3nClqRn0W7hfj8=
last-modified: Mon, 06 Feb 2023 21:58:20 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yz4ar0VnsrDQQrvFc91YCETya2Wl931V7NuXi9GF1kGILb4Z9UAdv%2FhVKN1MqUFX5kFLm1vwBkJ7ZVOG9eNomMjrS1up8z9tBMAtP9o2yOYcjroHUKp6F6Qu1JKO9Qnauwz0DE2mv0mLGB5N"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e4d3a68-FRA
x-amz-cf-id: J8c5A_rLxCRX1hknT5eb8_usFDWf5DcIOMif6SwsZ_tGXkxScShTOQ==

GET
H2 200 Kyen9LMTvtjAv_UmP1uKFnvaT60TJEkMjg3KMnvQvV2YpP3YX-_GnBScc5QGjdWQYA9UBfXUYJ-wOb0XjZhYqbZvtGswoUS8Qoy0kyroX7Z5pmqf8X3_YgOOo1m0URZj6vUgQd2SgPS-m4Q4vtrI3eHDVns7zJLxIqXuTBGqahxffkqWhaHsIySBWkUrNw
lh3.googleusercontent.com/ 33 KB
33 KB 194ms
194ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/Kyen9LMTvtjAv_UmP1uKFnvaT60TJEkMjg3KMnvQvV2YpP3YX-_GnBScc5QGjdWQYA9UBfXUYJ-wOb0XjZhYqbZvtGswoUS8Qoy0kyroX7Z5pmqf8X3_YgOOo1m0URZj6vUgQd2SgPS-m4Q4vtrI3eHDVns7zJLxIqXuTBGqahxffkqWhaHsIySBWkUrNw

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0bda287c9b9e3f0ae341b440b466d24b39c5ce6fd5f6a143f8f13a2787c9c90d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:02 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="pasted image 0.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33695
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 08 Jun 2023 02:10:02 GMT

GET
H3 200 visual-studio-code-remote-code-execution-vulnerability-cve-2022-41034-e.png
www.uptycs.com/hubfs/ 22 KB
23 KB 467ms
442ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/visual-studio-code-remote-code-execution-vulnerability-cve-2022-41034-e.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

afb0477f93dd3bd75ae28ce2ece49e77babdc9fa24c39cc08ad3474fb3a343bc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-97973597024,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: YCNQQ5YFH4M5PERW
x-amz-server-side-encryption: AES256
edge-cache-tag: F-97973597024,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="visual-studio-code-remote-code-execution-vulnerability-cve-2022-41034-e.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "71604f62dafe063ab1227bcce92f646d"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1673363649816
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: IluFEs.LVtBG40sA_.YrooKmRl2rSJtF
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=50898
x-cache: RefreshHit from cloudfront
cache-tag: F-97973597024,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 22304
x-amz-id-2: TvHcZT3Bw+3L6PnsNnELfD4jwalsZqYbqf/yqqx1asK5kxXfdhrWQmLGjg9NblD6sbdm43dGAvE=
last-modified: Tue, 10 Jan 2023 15:14:10 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Un2bz18X1suUl2FL6xu9Ok6n2t%2Bie%2FWQhJgnJ02zaGK4KZSweIjncBKjJ%2BvSVPdFwLc0Qcn4Z60e4nej53uLbOsCEublYErsScrkUhn8NHjOtPXplLe5DQTBVpXEzyMl9F70pods3JAh9%2F9"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e4e3a68-FRA
x-amz-cf-id: lKWWSHeZWcSW2LmgY7Q3413F5-m8oBchlsJsOQP_ud-i6xDUV6JZcA==

GET
H3 200 Infostealer%20Italy%209.jpg
www.uptycs.com/hubfs/ 65 KB
67 KB 469ms
444ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Infostealer%20Italy%209.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc4b0be7900a697d24ac97c2042dda59ff965530e25be103610587aee4162e8b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-96909522455,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: YCNZ1NZSAVRPP52P
x-amz-server-side-encryption: AES256
edge-cache-tag: F-96909522455,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Infostealer%20Italy%209.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "3b831bbf19bef049a5be305e8a34465b"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1672416010355
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: K2RDDxYgasbgUgcOo4mYiDPZPs0z4SXc
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=207899
x-cache: RefreshHit from cloudfront
cache-tag: F-96909522455,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 66992
x-amz-id-2: JWDvzqA9wR5erRQ8zKf9ZwwEEgo0FR6oqylZ7lEh4X0Ab5wmHp3sKpglDWV7qo67XF9ebqXxmXZPkdFM7e4VuAuFrqAUzla2u3Lb5yrxQqo=
last-modified: Fri, 30 Dec 2022 16:00:11 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HHhew4N5yLLilol%2Fb%2BeNsKmIA4LZ%2F21qGaf9KNC40Clx7apVw47J1%2BtsDKQPAw9MFgsJWoMxEfJlXcuUXyiOarG0MdNuo2ylyB6chXwins2%2BQqnw3BpVEjMf%2BASJO3zNPwo5%2Bhqgoyj5ZAyD"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e503a68-FRA
x-amz-cf-id: o-fa_cbcZuS0pKDUW1zFZx-FmH7UgKkm-kkra4sPvb7EovObiNJzFQ==

GET
H2 200 cJsNF683DAn_IpB7A6E_iCES7VhccEV0vnJ5_j6RhtzaW9ActmkcgqSbuh8W6rkudjZJbKBcszM3rGX0JYaTX8mpKdkYUJPTWqa4VeVoOkiG7TmHbPifz3AZJ2mPEpWPQKmuRPSG3B-ru4wmJrTnKz-jgNnaXNwV0zajBWrArSYVIiZRRrpzTPsGvR_nZg
lh6.googleusercontent.com/ 118 KB
118 KB 391ms
391ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/cJsNF683DAn_IpB7A6E_iCES7VhccEV0vnJ5_j6RhtzaW9ActmkcgqSbuh8W6rkudjZJbKBcszM3rGX0JYaTX8mpKdkYUJPTWqa4VeVoOkiG7TmHbPifz3AZJ2mPEpWPQKmuRPSG3B-ru4wmJrTnKz-jgNnaXNwV0zajBWrArSYVIiZRRrpzTPsGvR_nZg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1ce621824395b9632d5912ac864f9f390835ac19f032873e4b4ab47c615249d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:02 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120821
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 08 Jun 2023 02:10:02 GMT

GET
H3 200 detecting-anomalous-aws-sessions-temporary-credentials.jpg
www.uptycs.com/hubfs/ 19 KB
21 KB 473ms
448ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/detecting-anomalous-aws-sessions-temporary-credentials.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

64aff949a4c6ff62de62fe273e549a0201ae378a1c1e625f4d354964842b9048

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-95639467287,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: ZMK50B743XKXT3JA
x-amz-server-side-encryption: AES256
edge-cache-tag: F-95639467287,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="detecting-anomalous-aws-sessions-temporary-credentials.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "9866111606beae7a070d7441db221144"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1671221966087
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 0VmqyIsDY0XdcITAblvIfgNqRnO69_yg
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=42110
x-cache: RefreshHit from cloudfront
cache-tag: F-95639467287,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 19644
x-amz-id-2: gnaZoROw98NYP3Xiun1wPOZGYIfzuZipnRh/DcokoMfv0fX+cdtkxgkLCBkax0X6AQGC/CcnFXw=
last-modified: Fri, 16 Dec 2022 20:19:27 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5dYLigVADneneW44AgLO%2FAZS9K0dFg63%2BoksWpP170lLyYDtFQ%2Frp%2Fw0njGqrUyDMb4CeoWGaFh4WmiwzbbbxIcdIegSR3K%2Bm7JIQzW6yYJxoJkKX%2Fpck7pd9yPDA2a0IrLglhIoLZh%2BMAAV"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e513a68-FRA
x-amz-cf-id: 5sc1mNpv01chg9dD_cZuYJ9sFP2IuLeXSKKS4yYIMCTsozpWWKc3PA==

GET
H3 200 Jack%20Roehrig.png
www.uptycs.com/hubfs/ 436 KB
438 KB 301ms
276ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Jack%20Roehrig.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

26ad18d9d926fef0b77a58ecb16a796ae67026869ed46374635e87782881a018

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-94383712681,P-2617658,FLS-ALL
age: 19450
x-amz-request-id: CQ6GFW1BXHJ27BDY
x-amz-server-side-encryption: AES256
edge-cache-tag: F-94383712681,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Jack%20Roehrig.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "9bdb70d29fe300263018c33c101d8caf"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1670364588191
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: LUncfp9td9dhggH0iDRsdRu6aHXwHhFI
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=863281
x-cache: RefreshHit from cloudfront
cache-tag: F-94383712681,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 446946
x-amz-id-2: Lyu0pI2gnq6y7pNGBix8ptT85wjqm6zICoTy5b6u2t8totgMZ7Nw4q+nV4U+6GFtqENn9A0pUWI=
last-modified: Tue, 06 Dec 2022 22:09:49 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=inkrseXacFrwikppfi2XiJlcWv8y2h4yt5t1izccrJmBJ7n90DXyKLlM9%2Fgidy873uL7UMqJ7JRpIFbLKOGpyP0ZbvMQ3EZBaLhPrsNixssutT1NBdQVvCmXGb18oZj3Tsaeir4kQV%2FZexCh"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e533a68-FRA
x-amz-cf-id: mNCsSoZdZ3UqlOd8JIR6UkMfVf-mTTFvS1mCGMqhig_l3yKPoqPr3Q==

GET
H3 200 Untitled%20design%20%284%29-Dec-01-2022-08-10-42-5576-PM.png
www.uptycs.com/hubfs/ 55 KB
56 KB 358ms
334ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Untitled%20design%20%284%29-Dec-01-2022-08-10-42-5576-PM.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f6b0391239c451fb33725ce2c21fd88af433c256f2928bf479d85fec4cbf8ba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-93816522264,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: 1AV5XVHH0C84W3C3
x-amz-server-side-encryption: AES256
edge-cache-tag: F-93816522264,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Untitled%20design%20%284%29-Dec-01-2022-08-10-42-5576-PM.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "17fbd4fd1bd067cef2dea81c469b7cc7"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1669925442557
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 df327bd0c8709a81ade8602ac9ef16e0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: ApdcRVNHpH2E8uo03dCiagJbzAO9fxzS
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=108460
x-cache: RefreshHit from cloudfront
cache-tag: F-93816522264,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 55996
x-amz-id-2: sFOhxVeePfjHSzvtzUu0FVEBExUzVPgdOqSXhzZW61XIY4k5EuGolE0VxGjTYXq/mpyt/6wGOKw=
last-modified: Thu, 01 Dec 2022 20:10:43 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KdAS%2BYH3wC3RCwjCZ46QmzVqBvWXeOkCXq7SUIKih68lJKrytMtv9x2Wuy6iFUoTaDRZMlTyVK3jkw94wI%2BaeB6RlmZh%2FVshHPKb3oCwNYFRyByXUkvKb4HbUGCh4brv72Z8aha0BsL0UR8V"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e543a68-FRA
x-amz-cf-id: zNXq5SthSYO735w7uMkrzHBk1LVczlz2hcgSZvVoSWixPqnsxc3tXg==

GET
H3 200 Blue%20And%20Green%20Minimal%20Boost%20Your%20Start-up%20Twitter%20Post.png
www.uptycs.com/hubfs/ 185 KB
186 KB 360ms
335ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Blue%20And%20Green%20Minimal%20Boost%20Your%20Start-up%20Twitter%20Post.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

abedb392188f303dac70a7c23856dfaef5bed3a2d166f59c5f7ef34bd77ad1a9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-93650434413,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: HZW338HDTYG95VNW
x-amz-server-side-encryption: AES256
edge-cache-tag: F-93650434413,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Blue%20And%20Green%20Minimal%20Boost%20Your%20Start-up%20Twitter%20Post.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "0dc328ea18b92428bc1ebc1285b4b315"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1669824931623
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: WdN3jYYpKNBi02OjPCxiptZiKfWG1lKG
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=338238
x-cache: RefreshHit from cloudfront
cache-tag: F-93650434413,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 189256
x-amz-id-2: LqrvrTEJcbE8RNNRlhhRaQVdqbUuVyDGWN2JalDhay7d+kNrQXEc0xZHjjliwv/eUhDzSE7CEla4m/OBL1emql+PjRcbVz7t9Ap37IlnudI=
last-modified: Wed, 30 Nov 2022 16:15:32 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9meoZo92Zh53W%2B%2Bw4kiPXa0pxhtJ5yuMsmvrzFIIxZw%2Bcym2GJtG8cr2TTXEUK30HfNilIjcZByYEm%2BbS1lBuGPqlK5nhFaAjZnpfheuHuEBINNbaDOpydQ%2B%2FjOK0x9jdTEe3zhzib7MAY0U"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e553a68-FRA
x-amz-cf-id: HGtCr0pT35xXf1aJ0Jdv1su2j__IfaFkeY4sVA_b5pOVF6huiXlS-A==

GET
H3 200 Untitled%20design%20%284%29-Nov-07-2022-07-46-54-0571-PM.png
www.uptycs.com/hubfs/ 31 KB
32 KB 476ms
452ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Untitled%20design%20%284%29-Nov-07-2022-07-46-54-0571-PM.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d17e6276a8bb6d49c9cafef93a50c1d9c563f3415ab3518ba6d47d2ae765101c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-90840662844,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ216C2YMB993EW5
x-amz-server-side-encryption: AES256
edge-cache-tag: F-90840662844,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Untitled%20design%20%284%29-Nov-07-2022-07-46-54-0571-PM.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "d6c780477227e1b88f07f86927dd0e69"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1667850414057
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: Jcabd.mHw_4BKzNlGRtFZNVRQ7EiwKPC
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=59566
x-cache: RefreshHit from cloudfront
cache-tag: F-90840662844,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 31796
x-amz-id-2: iBExzbCBMQaROvDZMNSvyRvaeVlmJzKDhGkcovbVf9sF3retbUIOpb40T7eyYhUfKxEDkdwxS7A=
last-modified: Mon, 07 Nov 2022 19:46:55 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5k4dPATxgLdZhex1p2y5YF2hbhhde05l7KHckgdNLfIvxxOdBkoWbIKO4d%2Br9AY0S2GnnJpdEufS%2FWZb6OV%2FNPmEwTMutCEtwCNPP6GvVhpi28SOOs9WjAVjpi3cPKtgkjGCA9Lxw94rawfq"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e573a68-FRA
x-amz-cf-id: oYFiMx6QTdOCZ1KS1vcfRwv8c9rrh7-Xi9xmBfk7XSdU8iyF9mKSTA==

GET
H3 200 Finserv.png
www.uptycs.com/hubfs/ 372 KB
373 KB 477ms
452ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Finserv.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

beda9163ca9562766672fd468d2b33345038fb4285a161a9609c05926888878e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-91108759139,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: J8T1QDARCBTVFXV2
x-amz-server-side-encryption: AES256
edge-cache-tag: F-91108759139,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Finserv.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "b8cd5a5c935b0d5af8b150d95139d971"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1668026174732
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: wZsnFqlVXhSdJs5C4HvncBOJl3y2QgFo
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=614589
x-cache: RefreshHit from cloudfront
cache-tag: F-91108759139,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 380784
x-amz-id-2: t6IPeWCyIk6vV4mbISMxVJ06DJhr4Pz89rb57KUsou0pmhrDDCelRxDJThlnpyZTAWY9SdvtU2o=
last-modified: Wed, 09 Nov 2022 20:36:15 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tssZWXy1M0Q5Z%2F9nO8O%2BLuCL2NuaVkW3VqUOv%2Ft%2FTQl68oCz3A9UevJzN72jhi1cFShtdaVDKfNF3JHd4%2FdNP9DEhrLDvJPRixlIjjNa8giNz1IU8g7UtC9RR9CTdDOqoEVcvNABDfhABFfX"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e583a68-FRA
x-amz-cf-id: pdlHLq7HhAHhkgZrfHqbq8J--bweJpjedodXmEY7H8A0tIqN2MHLNA==

GET
H3 200 vegasreinvent.jpg
www.uptycs.com/hubfs/ 861 KB
862 KB 736ms
712ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/vegasreinvent.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

025f1c52285dcd852223dfe74c8889ca3a790bbe9e8ef8c7695cf4f2bd3f83c4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-90426949269,P-2617658,FLS-ALL
age: 19452
x-amz-request-id: BNDZZSFT4QDYDJ9P
x-amz-server-side-encryption: AES256
edge-cache-tag: F-90426949269,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="vegasreinvent.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "1be3e46273f34c588ce9d2ea1910a3a7"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1667496630360
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: dded3fRUtg6mgXhZgeM00dOKU.aSp6KV
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=1318815
x-cache: RefreshHit from cloudfront
cache-tag: F-90426949269,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 881534
x-amz-id-2: mw0dDytv8MdP5a6SVQgKE/JEok1rOMn7dOTp8wXyac1t+5UvPWFyP7sN8JMobkTTELR+Oi2evyc=
last-modified: Thu, 03 Nov 2022 17:30:32 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g4LgMSPMce02wBnGu2ofGSB1DThMCVOEtTdSUsoxsGQ8jBtgQOfUnY5TSoDbXRRpmwsjY3fWXiTHJjvtCICJ2MSEnwil9mOhobqboQnxITXWkxXwtIz2ozqpM%2BU07MWbKl0clJ6SJtdL0vpY"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e5a3a68-FRA
x-amz-cf-id: 5RxpD2oFcZkrqP2b75E5LW6lFYpaHud7pwLMKJTu_ce9y6prhEwSPw==

GET
H3 200 Detections%20K8s.gif
www.uptycs.com/hubfs/ 5 MB
5 MB 689ms
665ms Image
image/gif 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Detections%20K8s.gif

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

185f046d1c26f5cdb94f03ee99715314703ce6749f6616696d42881b4380dd8c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-89212857780,P-2617658,FLS-ALL
age: 19452
x-amz-request-id: DQ2FED1EW5667G5A
x-amz-server-side-encryption: AES256
edge-cache-tag: F-89212857780,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "e53dd4e3fa78c4bb1574649c0b6ee641"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1666580488420
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: oSrD4vfOT0Ira.x.zXN4C8jyEhzlNCw.
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: status=input_too_large
x-cache: RefreshHit from cloudfront
cache-tag: F-89212857780,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 5482095
x-amz-id-2: JWQfXBujtTp2yQ4iEFYRlqaDVtGra9D789p/3XQUBHJMqx32YC30KM2r8JywD6/aoeUNPgOtnUY=
last-modified: Mon, 24 Oct 2022 03:01:29 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=srC6KL3XvjIOU4shU8Zsgz0mkk9V%2B3u0wULjB5iMIRkPJD08Fm9cR4NNJK3eiXKevs95DPTEJtmJPnWRrf%2FrLSmNkR0XDGnU3Nt8gBrzAd5VfDpnPg10FOElxbf9VnTHt3p%2B1wseI57mW0tb"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e5b3a68-FRA
x-amz-cf-id: PUKmCn0ruwM31QKVMtICh4fN_WDZtter0MutnyiY3QjSp8ReTb2SbA==

GET
H3 200 Text4Shell%20hosts-png.png
www.uptycs.com/hubfs/ 819 KB
821 KB 485ms
460ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Text4Shell%20hosts-png.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fed1fff45f56f577091f0cc42e24cd5e04d4cf834f00f29f25bbbd1accc462bf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-88863457150,P-2617658,FLS-ALL
age: 19452
x-amz-request-id: DQ22XVYKFZCHFYFF
x-amz-server-side-encryption: AES256
edge-cache-tag: F-88863457150,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Text4Shell%20hosts-png.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "17b6fafdddb30c5ee68db2ffe1de3431"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1666280481915
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 85ca8c4198fb707d10ecc2a784a315be.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: z_iV6R4hzxzhTMbhRG.NWDKsvQg58Afm
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=1406973
x-cache: RefreshHit from cloudfront
cache-tag: F-88863457150,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 839157
x-amz-id-2: T0RjlaSKHvbXu80RktUtPOqfpnq0H1muAwYDWstwkhMQbnWvO7sSou/FJNzOxVugM50IPFrqCwQ=
last-modified: Thu, 20 Oct 2022 15:41:23 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QsdMfO4tO6yDKyeWSLlR9oKdDNBCJOLvr9z4MVGBpYzYqy37qJptZYPdFu3ibUwQeBFWrMiAlmLXLglm2V8R5tRZTa%2F4ldKpCthxUe77rPhPFFa1XDZ41DGdaj8Y2kzwRSbnUhD%2FF5SU%2F9yg"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e5c3a68-FRA
x-amz-cf-id: pkQ9NlSMMcvbVpCTOxHlYJTRH8TWzH0vUtKG2rM9Uu7SLjnlPvQHYA==

GET
H3 200 KubeCon%20LinkedIn%20Post%20%231%20copy%20copy.png
www.uptycs.com/hubfs/ 36 KB
37 KB 523ms
498ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/KubeCon%20LinkedIn%20Post%20%231%20copy%20copy.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e9e0178c9a233703cf0e3911e42639b08a2600eeeb90dfc6bcd3ceb71386b34

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-87914714882,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: A12Y6S3XB5ZMTYSC
x-amz-server-side-encryption: AES256
edge-cache-tag: F-87914714882,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="KubeCon%20LinkedIn%20Post%20%231%20copy%20copy.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "245b2238aabf3e8786651b8416bedaba"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1665600450571
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: gYdpWdtuKdI1rTB5YjpyrS.ESJsdtpnR
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=49746
x-cache: RefreshHit from cloudfront
cache-tag: F-87914714882,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 36706
x-amz-id-2: DRRvE1Fa1Ln0F1/dOaZYOzxbZulgUNPfdwv54nKwYXIWdLXWC4z1/Z6lGhS5V6CAw9zkbkKGu7U=
last-modified: Wed, 12 Oct 2022 18:47:31 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UA2YsDYaQTocKVdxHyDHY1iip4vRa8fJvygOaxaMV5rM6mtouFJtPYGA2leVUz8cB6MH3ac6USNRANaeVeP6AY6awDjjptEBwXgDp8lBHdMyUY4lYggtihHxYZE9X3Lq4yPoVXZWllJRufSu"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e5d3a68-FRA
x-amz-cf-id: -fQ9nNNioRLqwpjOZbFAwAYSPPfJ1Lg69YJvAWwnEpP1eRzU8kXWaA==

GET
H3 200 Blue%20And%20Green%20Minimal%20Boost%20Your%20Start-up%20Twitter%20Post-png-1.png
www.uptycs.com/hubfs/ 188 KB
190 KB 524ms
500ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Blue%20And%20Green%20Minimal%20Boost%20Your%20Start-up%20Twitter%20Post-png-1.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

87db1adbfa9997fc7b6655b4fea6ba00e2bb33043fe83186a6241e0d6ad2b2ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-84362095437,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: ZBVTDZQCFREGDK0H
x-amz-server-side-encryption: AES256
edge-cache-tag: F-84362095437,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Blue%20And%20Green%20Minimal%20Boost%20Your%20Start-up%20Twitter%20Post-png-1.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "b9942104aae7151cd764cc94f594de16"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1662662030009
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: WX.YaB2EVzVfsoNTefPCpPBBdlGVn4S2
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=359533
x-cache: RefreshHit from cloudfront
cache-tag: F-84362095437,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 192840
x-amz-id-2: wEjvexd9+8Xc7fL9bTSB9aZ+upY3h1wb7AT+g90kY147/A55I92eqtQZm4WBkZuQvIPtF34B91k=
last-modified: Thu, 08 Sep 2022 18:33:51 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B7zmEkEVmFyL5AY2voSVpBy0azqYT1kf2KCEOjBvwdaWUYbepnwRFSK%2B7wj1HpAPz8m2G%2BZ6857ZKUZh6bRJCuOB4IuIPtYTKiUK8n1S6OQPfzht%2BbVsZgCdMUe2NEVULgSuwMEhq7L6FpPu"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e5e3a68-FRA
x-amz-cf-id: Bl40OKstuvKGbwN6-Io8PcPLRZ9P6n7M2bYeKEp4ZunbALKDsEJ71A==

GET
H3 200 Eventbrite%20Header-1.png
www.uptycs.com/hubfs/ 129 KB
130 KB 670ms
646ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Eventbrite%20Header-1.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c60a2330c6427ac34384de011a3f9314fac76ce6dac453a392e585ee843e5ab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-82269762922,P-2617658,FLS-ALL
age: 19452
x-amz-request-id: 7GGFKDRF71BK1YX0
x-amz-server-side-encryption: AES256
edge-cache-tag: F-82269762922,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Eventbrite%20Header-1.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "d6f59dec5d01f8985c14c86e6c96d2f3"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1660769015318
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: nyzikH14wPOZSTYRe7L5_tFxpKDxCxCX
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=316235
x-cache: RefreshHit from cloudfront
cache-tag: F-82269762922,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 131866
x-amz-id-2: ojj0XpDe3omxVnFySrE8cVlTf1bZA+9i5WxkaG+U68VX2+9+v+LKY3+W5IaZgJo2bX016X7gDmk=
last-modified: Wed, 17 Aug 2022 20:43:36 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZxXox2vgHNENkv4G1G3l1CypI%2FvZImL%2Fs6x2oeSuskqmjyia%2B8V74z7vZxLiP5lSbZyFHNSe%2FGyBuWjTCBKMbZiEkCzbTLsORLbl%2BvFZbw9XQw2%2Fy7fZQG6JTEtjM8DmLRpUnAvXmoGNX42t"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e5f3a68-FRA
x-amz-cf-id: axW2c0B6f-pcT9MDBdhUE5G63dDHzhfD6Er0aV4DZI5s1Y4kmaA08g==

GET
H3 200 2-2.png
www.uptycs.com/hubfs/ 247 KB
249 KB 552ms
528ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/2-2.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9e8a21f5e8ff639f82cfe75f3bd2debecfca4ce93e6493ffe5b5ffbad1bcd17

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-84370573629,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: YCNQ6EKQKJCMGBJT
x-amz-server-side-encryption: AES256
edge-cache-tag: F-84370573629,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="2-2.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "d68ea9f6b083b4bd1c29b0dab512f15d"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1662666146621
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: .RRKAJ6dWQtDGuGjvQ64F3dKlpcCeZbK
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=453693
x-cache: RefreshHit from cloudfront
cache-tag: F-84370573629,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 253250
x-amz-id-2: VUzdU0JLrcce+Gg6ys+aNR0jtv+QdN7aAwazlFcUV9xEWFDcb6nG5NpA6pqc7K8P81C4oM8tgUY=
last-modified: Thu, 08 Sep 2022 19:42:27 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nqjLOe8%2F7rhuHw9dmzBvt%2FYvNsSLXYflw7E59GGH6pylSJ9fIl3xOdefR6UiaEeWCGNtFsSy%2FRzAK0YMb7mEMaKJr1kNGTCb2TVYgPq%2F%2BtJZ%2Fsh%2Bcg9Ux75oPEXwDJVPLsGQ%2Fanmc24AjaRD"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e603a68-FRA
x-amz-cf-id: w70hfyC_bI6hfS5NZlPE-QV3VP4LeSkTo9zntelMQsfBKayTNF0g8w==

GET
H3 200 Twitter-Broad-1.jpg
www.uptycs.com/hubfs/ 66 KB
67 KB 568ms
544ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Twitter-Broad-1.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

886464fa957e1261e72553b74545fb54123a668a4b7ebe98d27252fcf06b1c1c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-84089617282,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: G2N5N18HBQHWVHZY
x-amz-server-side-encryption: AES256
edge-cache-tag: F-84089617282,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Twitter-Broad-1.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "2fcd9be4b105f1480068c18c5b313821"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1662469078994
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: sOLtHINApwvfXiQC_nNx.TnZ53O0vbHE
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=522587
x-cache: RefreshHit from cloudfront
cache-tag: F-84089617282,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 67246
x-amz-id-2: BiC8HJ+i/XPlQBIvbhU4Y0VCxr+gRNCU0SLf5/3NzelTU8px+9Gvizupae4oxpvUkEr6ag/iUj0=
last-modified: Tue, 06 Sep 2022 12:58:00 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99gtOo8ThB%2FToJPVeAxNu4hlrJ94su7sp3O9HsXHg%2B5c8htSPGHwCqXwvj0UO9vuwCYXmvjxRLW4ruvI9YPI6NESnyKH65VPSUg6dFk%2F4QMEN6acEZ3gDgsZO8HBSY4Qpop%2BWOCNhuy90z8C"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e613a68-FRA
x-amz-cf-id: WFIkL04L-xIyRpJzgR81XU93JgLKWBp07oemog-1d29aCegMsO-Mtw==

GET
H3 200 Figure%201-2.png
www.uptycs.com/hubfs/ 313 KB
314 KB 571ms
547ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Figure%201-2.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

282f0f072527ed5b1802761719061a5d6989d04bd9b5ecaf62db556e96c1f76d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-84683179104,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: 2TB7VS9G451FSAAB
x-amz-server-side-encryption: AES256
edge-cache-tag: F-84683179104,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Figure%201-2.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "541f7b3999081eca14b1f13d7797000a"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1662999049909
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: yqQgby3WAyRIr6BayheSGLmRbwQ0nOLt
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=413692
x-cache: RefreshHit from cloudfront
cache-tag: F-84683179104,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 320160
x-amz-id-2: DUAO4eUlCI5+julJq6RtCuDGDS0Pu0CAyofMKEp+JZ68WzIeMs7Xq+s4lsL7rdpXhXmWhBAhhuM=
last-modified: Mon, 12 Sep 2022 16:10:51 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EU%2FryskGkghrxUP6wMRxWBojV4U1SVrVtbDn2VpT6rUjZVsLDyIa2dJNNdknAvdajJCr9pMteUkNcbx5ro3SyEKCzN3c94zjECs0ivDut2v35oRSRsxXGJQcb%2FUQnWSQEPzXU3Zal4qOAyov"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e623a68-FRA
x-amz-cf-id: FqOIZlZ-YnOs3-_owrmkw4PCW1rAKvbHhJvlqHQGJLwNkvAKDEnRqA==

GET
H3 200 csa1cover.png
www.uptycs.com/hubfs/ 50 KB
52 KB 594ms
570ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/csa1cover.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9a1433f2255340d75e19439b2a337caef50d3ad3f7a8cc907b711db7e2ba935

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-83586573599,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: YCNG071F54B044QZ
x-amz-server-side-encryption: AES256
edge-cache-tag: F-83586573599,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="csa1cover.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "dbf467e6e68ad23eb99d4ec124ecbc2e"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1661971251146
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 3GdQHIsXbhJcBaoPZ6dC0N3kVTcwnPg7
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=92717
x-cache: RefreshHit from cloudfront
cache-tag: F-83586573599,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 51488
x-amz-id-2: MCongqIIFRhyPI+0GeWhsNuer09Sz5FH+NI4bq2r+L1OMl/GUbfSmxBelUZCi4MeQ7xfngkcGV88Sp7QKdOxtA==
last-modified: Wed, 31 Aug 2022 18:40:52 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2FQw9DwNKkTrP1kxnRD%2Fo4hAmojlU2tTcd6RvaX7VUy2YpsgPjefphbDPzcsPGdhe0XD6FJdXYcdQD34f0GBTIcD%2FmEwHxXYiOFsIlys5Ggc2OhzI%2F6GT164iLTUH3lKObNLF0mUm9PJbIwT"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e633a68-FRA
x-amz-cf-id: zcgQhCAcm2tvaxrRuCn6bO_OGAV2QBzQhbJNT_PvQ2GY9XY6lHdk5A==

GET
H3 200 risk%20posture.png
www.uptycs.com/hubfs/ 600 KB
601 KB 597ms
573ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/risk%20posture.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf7a489f64cf82675aadf82eddeb5190fb5f6810a3b679b027d11cb71b9f4db8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-82955972641,P-2617658,FLS-ALL
age: 19452
x-amz-request-id: YCNXPP040S33WECW
x-amz-server-side-encryption: AES256
edge-cache-tag: F-82955972641,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="risk%20posture.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "a300ffe9d66b9c378b7c4146d5f6150c"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1661386358009
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: .Asl1geec60gNN29Q9jSg4S.4xcUGuWB
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=920768
x-cache: RefreshHit from cloudfront
cache-tag: F-82955972641,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 614406
x-amz-id-2: ZZ4GWlTfRz4sgSc3YILkP9iV0YbwjO8Uqgmdaf3IDKQFEZ3NIeF/8e/H/0Urxz7tQ/Vl2Gd1beXFJHpcMKEAzl4VEb7usOtAqMzM2/Mw2Gg=
last-modified: Thu, 25 Aug 2022 00:12:39 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g51BIAx%2FlbwiwNg%2F8EGWI4n%2FWinM60i1MsayeFQhlx4rA%2FOi%2Fgo6TKZfw0qXYasXwWy4%2FAjOcpjDb%2F4SHdZsO99zJad9y6EF6o9H3qGoPx0kKFpKO3tVRTgC148lTJ4CjLCXE%2FGLV7ShCcJ7"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e643a68-FRA
x-amz-cf-id: RBbCuFpozjeM6Cf6cvPsHQal54dObjRD0TqobbodvVDbCGWP4VIS_g==

GET
H3 200 Cloud%20Networking.png
www.uptycs.com/hubfs/ 734 KB
735 KB 610ms
586ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Cloud%20Networking.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

78527320468cfc1d867e2724e5d6f9016b0e041a53a46230b37b1d50983080d4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-82665283737,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ2FK318Y35WB2G6
x-amz-server-side-encryption: AES256
edge-cache-tag: F-82665283737,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Cloud%20Networking.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "68555495f06e552c146d7971331e8bdd"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1661181197641
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: HoEXP0itJ7nFGnGPHMMngx2f6Xh64qPr
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=1066933
x-cache: RefreshHit from cloudfront
cache-tag: F-82665283737,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 751522
x-amz-id-2: LI2IHOUJ8RJzxXlorCYtEX6yKsFH19WiC2gWwWDehYv3KkZLVdkjTCROhMHbNM9HNwKM5Uxo7ZMPBKnA3TxSgw==
last-modified: Mon, 22 Aug 2022 15:13:18 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6BkRgfZ0nrpaA2ZiM992jI1w3Bpb0aCt8yWpzPVmMqV4Yc8QzuSF%2Ft38ZM8lNris5VdsznuCP4GU5RT%2Fv3G%2F0VkBA%2BN0D6xWKKxTeafn136KBq6UP10U530rsO3Vanzc7KepQlVXDLDiKtSc"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e653a68-FRA
x-amz-cf-id: XER4eZxEmCsmL-bwJ5bfNpFdnnww1x12UQwr7eVc1HQXRPq-jDMMXw==

GET
H3 200 osquery@scale%20popup%20form%20banner.jpg
www.uptycs.com/hubfs/ 13 KB
14 KB 637ms
613ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/osquery@scale%20popup%20form%20banner.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

61f618abdc510fcbfe4d6e9640ed8ad8b97887eca9624f978800eaa8d87265dd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-81831675990,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DFAX4HKDWRM60B6A
x-amz-server-side-encryption: AES256
edge-cache-tag: F-81831675990,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="osquery@scale%20popup%20form%20banner.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "14dbfd480838511e4f8a395786bd2a0f"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1660307027491
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 8bStCrHBUNiAuhsj9uwKEkeM5xwPPuvF
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=24087
x-cache: RefreshHit from cloudfront
cache-tag: F-81831675990,P-2617658,FLS-ALL
x-amz-meta-index-tag: none
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 12940
x-amz-id-2: xtUuJq/O2yXjBciRURlSue3s/fKH/Sp/Q21TJ2JlaTeiWKYPWrv5ZuY9vDhVu5ZbKi/7gL5hj3o=
last-modified: Fri, 12 Aug 2022 12:23:48 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=heHSAn8ajlDQIcncmUgxXy9mH8g47ML9e5yHj0AIpYduBE8fuLv6vH%2Bpb4tH0fhgqMJFASmD1QrKV27x4kGftkhT1mZG9GkP1i0Ai%2Bz%2BSKFFLHHtO%2B35AB94LPfNEgjaeI4TK7bWM9Glizdj"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e663a68-FRA
x-amz-cf-id: q8esZO0KUwtLwGrKHYQvETn7OWVy5wEI0Iw0t5vEusa9VyATl46UQA==

GET
H3 200 elias_new_job.png
www.uptycs.com/hubfs/ 613 KB
614 KB 637ms
613ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/elias_new_job.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

991143ba81d57e98ed06c053db767df00729e6d62a696d50ef39760c0e789d68

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-81447890289,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: Z2BKA82TYSP5K21X
x-amz-server-side-encryption: AES256
edge-cache-tag: F-81447890289,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="elias_new_job.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "3593c934a2c8dbeb52f3cc55440cb93c"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1659986891943
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 85ca8c4198fb707d10ecc2a784a315be.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: si9CANYa7jJn6EQ1ffBADh0z6VjPDnS4
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=1199393
x-cache: RefreshHit from cloudfront
cache-tag: F-81447890289,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 627384
x-amz-id-2: j48JC9gBwu45t+T9ayf3qS0HgkWj8yk3NxrlxwATXPz8/xASBjqvqRDTWYPiSHBVDmKS1SxW1E4=
last-modified: Mon, 08 Aug 2022 19:28:13 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BgFvP4iyrgwlMybB%2BdyFr%2FAEwCBG2pSwmN2%2BotG7G3qybpvFbo8YMaOuGCoqv6ZICKuloV076kyWJtBFToGsGStu%2BONEv%2F6XS%2FUB46M3G2JU2m2D8mO4H1ki%2FMsyvSdFQitNwBLTIA8dc187"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e673a68-FRA
x-amz-cf-id: sAtsXn33CJx-R6nZHcYrr86tLo6ylCOrNGDeV2lE29vea-7qvED-Qg==

GET
H3 200 Eventbrite%20Header.png
www.uptycs.com/hubfs/ 129 KB
130 KB 664ms
640ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Eventbrite%20Header.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c60a2330c6427ac34384de011a3f9314fac76ce6dac453a392e585ee843e5ab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-81092204185,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: 69GQ8HNMN91P3M4Y
x-amz-server-side-encryption: AES256
edge-cache-tag: F-81092204185,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Eventbrite%20Header.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "d6f59dec5d01f8985c14c86e6c96d2f3"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1659616905257
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: CnKJ7Q.PJvRDZCuk17wfVaFAQ1FPYJaF
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=316235
x-cache: RefreshHit from cloudfront
cache-tag: F-81092204185,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 131866
x-amz-id-2: vkBlp7zsp98jhlrNJJmgzA03Ex/kEx7aeT+OQHRnHcRP4s1JGsAg28EHYJDSAU8vvFix6wuEang=
last-modified: Thu, 04 Aug 2022 12:41:46 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zxl2ujFMzclqeBqRFE4GWEsezLWiM9g7EwvuxsV%2Fs4RCbFo5g9mdYI6Ov0YspuBbAgU73vY99SIEI%2F9HLFI35G2xAY3rLqmpFnjrbS7jiTiGsoGlTcQrumXD8fpKfPTTo%2FEwx0YI%2FGhkGGJt"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e683a68-FRA
x-amz-cf-id: 02tR5IULhx4ECrlipxJ1J_YilBJrNdrl-_c2pXfYapH5z5yLcTfV_w==

GET
H3 200 CDR%20activity%20image.png
www.uptycs.com/hubfs/ 59 KB
60 KB 788ms
764ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/CDR%20activity%20image.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

597891d43d969c1edea0bccd56d142a0e504d3b2f0fbde3678502917be7bc74f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-80550721067,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: H4VSMP4AGFVBC8MG
x-amz-server-side-encryption: AES256
edge-cache-tag: F-80550721067,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="CDR%20activity%20image.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "f6fcd387475db7e8de2d9ac641fa3b89"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1659109302206
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: hYt3E1i4wt3IEqbHun1HSwXxBn2lKrPA
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=164917
x-cache: RefreshHit from cloudfront
cache-tag: F-80550721067,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 60066
x-amz-id-2: e/8CaX4omJenrjib/0sAFzxltCzRjUgJV0HvaGBQak/OT6h1F3vjHUjxJ/wd/gQ67wEluDG2vME=
last-modified: Fri, 29 Jul 2022 15:41:43 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Be65mPrzHYHo%2FW1nB6Nv%2B0YG2YYEj268TJffTyt4MqqW3HAZfJJ04J8QrsBKdenfxp9me%2BtQl1Mp69OGkAQp8133TdWjnMEkWZdkmCoVgLVtIRTnoN3tzO6yhux11OtdIRMFCco25GiaxBXX"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e693a68-FRA
x-amz-cf-id: BvRji25wpR_CQHCTh6oxKqKMHROr7raFo0tBoJY5w-q2eUBmtvxz1g==

GET
H3 200 tr728.png
www.uptycs.com/hubfs/ 46 KB
47 KB 793ms
769ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/tr728.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

43dc6750bf9d8e08b0b7e6605050bc0c5d5b8f8adc2b9f5c4ac35607f3a659cc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-80457058105,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: YCNYCRTJ3RP81Z1Z
x-amz-server-side-encryption: AES256
edge-cache-tag: F-80457058105,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="tr728.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "5ec37045cfa63be2d12b4981323cecc3"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1659025528167
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: QxuI74R93618nXeNNJ1ix85IyKk.CrSs
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=99668
x-cache: RefreshHit from cloudfront
cache-tag: F-80457058105,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 46692
x-amz-id-2: IdHVUoVIXwXol8/UzewEjdF1rgmtxzo2D9JS4vdall7SyOZ4crrXtMOQOdGZbpCszOqPjN4cMwc=
last-modified: Thu, 28 Jul 2022 16:25:29 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eoTMPie1RGIRyucP4MP3xXwYDfq77Xlzk8tNC0y%2F3Q7aZO1zvu%2Bzx%2FvhDFh6siI9JZ%2FJZdxjxy2P%2Bu68yYps7LTrvPFy6NYnw33xmosJ8l6YhpdSsJVpGLubefzFsgMVzKK9%2BlGC1ROHqUuk"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e6a3a68-FRA
x-amz-cf-id: e2J_1fvVwQ6P2F3KPyGan6rQMixPprDJM_7mu0iJBjTadcy4sq_wKA==

GET
H3 200 Untitled%20design%20%284%29-1.png
www.uptycs.com/hubfs/ 310 KB
311 KB 801ms
777ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Untitled%20design%20%284%29-1.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e789d96d7bab02bbed6f04e0ac89e55fab3955b655670971abbc88d5981c7df

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-80136639654,P-2617658,FLS-ALL
age: 19452
x-amz-request-id: 13KTKVMNGR8F2MG0
x-amz-server-side-encryption: AES256
edge-cache-tag: F-80136639654,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Untitled%20design%20%284%29-1.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "2768e91a04b14e92a5528cddd8a4eb1a"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1658762879200
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 2Pmk0gcqJdl5FWSCPfusXyKhfedrcNFO
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=485643
x-cache: RefreshHit from cloudfront
cache-tag: F-80136639654,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 317194
x-amz-id-2: 6RXRUWDFjqETersmy38MAbYlf+mAAlYW3exy8nzFxAFVYEm/Ew0pQvJxcpjNT3sFCiNweary1je0dYEcDWREqw==
last-modified: Mon, 25 Jul 2022 15:28:00 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uyHI7yx5Ywpbg0ck%2FSCf1Srk1gMcOhhySsjiWrSNqTwP5oosPFgalxS5Rnnpa76jzLQAbOniToxvlC1%2BnptLjj9MZmCgtDezbNtYE6TW681uUeytwspzCtHPxvFSgnUuN165M3zuJ82ffVV5"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e6b3a68-FRA
x-amz-cf-id: uDYZN-BCyluC79xoVLcKdLmH0-0KO1SdBjVPYKmyF6xnp9girci7iA==

GET
H3 200 t%20detect.png
www.uptycs.com/hubfs/ 60 KB
61 KB 809ms
785ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/t%20detect.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

57113010b06b98c9f8f45f86da3848be28f4af90e0f6290143955d5d1a947199

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-79246996556,P-2617658,FLS-ALL
age: 19452
x-amz-request-id: DQ20P416DQNK84CE
x-amz-server-side-encryption: AES256
edge-cache-tag: F-79246996556,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="t%20detect.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "caabd6d91e260309a84a9c43a5c6a0a6"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1657837704933
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: XuquBOcByDtKgYrVy26al5UTVR1qwAYf
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=114789
x-cache: RefreshHit from cloudfront
cache-tag: F-79246996556,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 60942
x-amz-id-2: 5dxKawO2oA5XR7RiO60uxKxfquq/5TTqNOW/ExI3f9F4FfsBVg3EdenbkmPc+rtw6s8kHQM7Hro=
last-modified: Thu, 14 Jul 2022 22:28:26 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fGydBLmMyhukqeKooPhxvEr45qnd6Ptwa4FECoJ2m%2FvPDYErTRKVlLkO79saAVNl1NzSPU0xYrPHp9XBd4hIDpsZSESM7o7ppbWMlDSFYjskkWngSC9QFZBvJXe2p5H54o7a1ZhT%2BJSuOsks"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e6c3a68-FRA
x-amz-cf-id: v0XQfZcs_VOzHZ-8QBq-1ZRO6LahyIzZvUC2iULTwtWSDe631IsoEw==

GET
H3 200 containerizationindevops.png
www.uptycs.com/hubfs/ 864 KB
865 KB 817ms
793ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/containerizationindevops.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e17794f8ad4196da7e61b94425d3264e4393e19e5eb01f1e46916f9b12da1f59

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-78901369751,P-2617658,FLS-ALL
age: 19452
x-amz-request-id: PD3C2TCZZVRN104M
x-amz-server-side-encryption: AES256
edge-cache-tag: F-78901369751,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="containerizationindevops.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "c8124eef7e56f963628c14eaf220e41f"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1657561857880
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: ZCSB6PLfbJvSlsW9mtNxApMC6tsBAx5z
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=1186788
x-cache: RefreshHit from cloudfront
cache-tag: F-78901369751,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 884270
x-amz-id-2: jQK0ZxUS1InY8LgdwtLDBfqlN9wdmseyOXNRheNf3LuRP7YTKk5GE5vFy8pvfN6SXaZ6QhusHJI=
last-modified: Mon, 11 Jul 2022 17:50:59 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=afj26NVGgOnNvH6uMjJUne08q%2FS%2BjeIRlDT8X7hMyPx42oc3GPagVAlJoG4uRITCDokMxrvXDKlJ8x6PW0qqvf0Smh4mZruclR4hyCYk3ECqKv5uNk0eJwOhBHiO%2BLEendHNjfwWsBA1PtlF"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e6d3a68-FRA
x-amz-cf-id: FODSJXW3QVF3eGEM27FDvQElb8C3WFN_phIxT9bhUDAMJ8ItWVBnAg==

GET
H3 200 Boston%20Seaport.jpeg
www.uptycs.com/hubfs/ 282 KB
284 KB 841ms
817ms Image
image/jpeg 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Boston%20Seaport.jpeg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

69a4abdff3c982000a98fed41d42966a478d1f671318328a20c8e33997e2e037

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-78066375453,P-2617658,FLS-ALL
age: 19452
x-amz-request-id: DQ2CHQ9DXQSXE5AF
x-amz-server-side-encryption: AES256
edge-cache-tag: F-78066375453,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "ea6df35861d2b31cf630ad105a130c0d"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1656685260489
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 45144f4effc6db6c846de623ab8b639a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: QoeJhyn52J0yjRCiTHaJoKlPQRu1SYOV
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: degrade=85, origSize=291992, status=webp_bigger
x-cache: RefreshHit from cloudfront
cache-tag: F-78066375453,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 289058
x-amz-id-2: r3VZ1B0u0BX7KXcyWEwtY07afdh5QGIO0mg3DmI+AjRPWRoppVRTlHI39pKjIN1xvVFRGE4oEys=
last-modified: Fri, 01 Jul 2022 14:21:01 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P5S0a4%2FkkMP6EuSez9I9ZbZO0jN9u5zj9QLXPg%2FDFi%2FjWN%2F3wKX6V%2B6MwFXC2j%2B88un7Mu%2FmANu0Ng9RhjUTdcu7jv35XA7plK4oi7qcKGDdr68iTgcq%2Bje1XHpGa29PZT%2BZVFvaBZzDFNH9"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e6e3a68-FRA
x-amz-cf-id: I88q2FfzJKJM79ICzCCbEkAbr16i7ipJE4tvuGBjpjncmYtqjh6mZA==

GET
H3 200 2.Builder-1.png
www.uptycs.com/hubfs/ 10 KB
11 KB 855ms
831ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/2.Builder-1.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

90c1eab3b4538c8dcab89abc55fd1543863dc9a556ee9d537c0ddb4f954f5bbb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-78096135839,P-2617658,FLS-ALL
age: 19452
x-amz-request-id: DQ28P76A2XTJWSAJ
x-amz-server-side-encryption: AES256
edge-cache-tag: F-78096135839,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="2.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "93da4fdabbb742556436400f3e5d9a31"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1656707882005
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: CobMgVLBU0BxJX2WvKrgu8DHIIe_bEJF
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=22389
x-cache: RefreshHit from cloudfront
cache-tag: F-78096135839,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 10138
x-amz-id-2: 55bur1u9etEdXE285aNBmBQJ1pQB2E+WQfIPTzfdofG1uy6fRyoIZPejeWtiO5Xjb9ItS+xFGXkvmDiyOpFPsguDyhivvXzRfzwdT0igbRU=
last-modified: Fri, 01 Jul 2022 20:38:03 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nh0PN%2FqEdOpoH5Q4VG0oEEhf8%2Fda7yDFsgh6qFzirS6O6nhJDRHDqDEnSmVfgejAVTxDqYCtrv0122LxMIST%2FkJFMdSoeI6GCs9A1KWVxHOcuXFsV51S%2Fe7iXZqfFTIHUeoyQKzfUTtDy5TH"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e6f3a68-FRA
x-amz-cf-id: t7bGSa86q8UsH20SLjxg8_1spTpDsVXpRkzFYj8WdDjDa0ezkHPD1w==

GET
H3 200 rsa%201200%20by%20636.png
www.uptycs.com/hubfs/ 735 KB
736 KB 857ms
833ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/rsa%201200%20by%20636.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

364a135e97395201bc9d462d0875b4ac8d4f6dfa8d90ca6805faceabf81b27d4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-78005507461,P-2617658,FLS-ALL
age: 19452
x-amz-request-id: 3ZFPDGR64NGWCFEG
x-amz-server-side-encryption: AES256
edge-cache-tag: F-78005507461,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="rsa%201200%20by%20636.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "f353c533f3465e72bd755c335aff2a00"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1656626428846
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: CTh9pSedVDe68gARH9dGCmx36WwvI_PT
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=1216026
x-cache: RefreshHit from cloudfront
cache-tag: F-78005507461,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 752396
x-amz-id-2: cEkfFifes7Jm0xrNp9gsosUftPY0H4cFONkwU5dfM6Z6nE0Z9XwsdC772HreDK0sY3SxCpis6Fg=
last-modified: Thu, 30 Jun 2022 22:00:30 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QXNONUYqHEmcn%2Bbx%2BR%2Bp1pLoa1tyml3lTMQpbd8abphdWwb1OjOHZUtsWXSGihexPnNfF%2FNtjATwRCTjyTimGbR%2BtUwABBHLE62W4FQ34Y9QFVvvpBgOYrOHTlBklcw%2F1odqxXFxoiPu9D02"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e703a68-FRA
x-amz-cf-id: lT710deNzSp-N1Mx5mNCmrRzNmH335dg3coHWW23JQ_0FkADObeL8w==

GET
H3 200 final1200by676.png
www.uptycs.com/hubfs/ 91 KB
92 KB 1660ms
1636ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/final1200by676.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bbf35aafd5e30a0885ba2a5e75a7b9ba6b133a293e149ee6c8178b91d6214d2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-76376117038,P-2617658,FLS-ALL
age: 19452
x-amz-request-id: DQ21NYGKN240FP7Z
x-amz-server-side-encryption: AES256
edge-cache-tag: F-76376117038,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="final1200by676.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "94302620492c4a23879f855d3b870c9e"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1655245247351
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: Ue9TuqpltH1s.8iqh5Kf.bRvDqAhYz6c
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=149838
x-cache: RefreshHit from cloudfront
cache-tag: F-76376117038,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 92980
x-amz-id-2: ZYLvxmcIoikSSWDjSVxLTjIqHm9gVQmn03JynxvUqn9jjTPHKVjautF0KHqOPLioXA2Z28GKukA=
last-modified: Tue, 14 Jun 2022 22:20:48 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zx4jTEmAi0s2AXDGDQMeZKk%2FcV61DsrrxjyjQf76iG%2FyRRzzj6X4AVdniB97OoHd2H0lNkitUQ6tHZuagufH2tCKeGCCLdG0Fk28Y5p5qz8SnoWgXPqKzHBB09fJ3zwfcnIZ3PIPbQyaUdKi"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e713a68-FRA
x-amz-cf-id: TtXQIA5jAmvgWW6YCSM84KlLPufA5NAuWToAbaGYMXZHGXar_CnC2w==

GET
H3 200 sdwanvsmpls1200by676%20.png
www.uptycs.com/hubfs/ 896 KB
897 KB 1663ms
1639ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/sdwanvsmpls1200by676%20.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

25740c821eaa640f47e09aa3067be10c6cff03038ee6edc2778acfc23234eac1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-76333745562,P-2617658,FLS-ALL
age: 19452
x-amz-request-id: 7SXBKMX5E754WAJJ
x-amz-server-side-encryption: AES256
edge-cache-tag: F-76333745562,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="sdwanvsmpls1200by676%20.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "93c1efb17e682b84751911f867bc0899"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1655227128663
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 8FO8PsHSNQdwM8ZTj9KOrZD3ILRnKBdb
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=1504122
x-cache: RefreshHit from cloudfront
cache-tag: F-76333745562,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 917064
x-amz-id-2: bJpo2fIZdOhCzf3jsGbLGpdLJX855z5fanAL1XJW+qmYrmyFrAELsGUszrKkpJxaDjBfMpDnLB4=
last-modified: Tue, 14 Jun 2022 17:18:50 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pCPC%2Fr0iaHm3HYDRkUTOJ2RifCyNSSVMOzYjmqG7603zps903ilvY82oVB%2BBR5j0pXNRLGfTVEzqyL8zqwuwjznozQVyyzoBusF4cRYL2fUT1BpY8CdvAiHMAye0dO%2FL3xTtZP1GtcG%2B4aqa"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e733a68-FRA
x-amz-cf-id: HriyZu2bl559JxmrR7gfFX5fxErKXMNOKnljeTMU9tTiv1yUrdy4JA==

GET
H3 200 Untitled%20design%20%283%29.png
www.uptycs.com/hubfs/ 597 KB
598 KB 1670ms
1647ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Untitled%20design%20%283%29.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e948d524b4c7e8974319a3abe22085503bb05e331f7879628bd0db7b6922362e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-75834977648,P-2617658,FLS-ALL
age: 19452
x-amz-request-id: DQ2BP9Q7JTMXG5R7
x-amz-server-side-encryption: AES256
edge-cache-tag: F-75834977648,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Untitled%20design%20%283%29.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "cd3aeb3058e6d4351e7df9c74ab99fc9"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1654790498884
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 6f32a39163a1e36ace7a71a85e2d2884.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: j8XNkZcJ2EyREMAxEazP54CL680vT6ep
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=927427
x-cache: RefreshHit from cloudfront
cache-tag: F-75834977648,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 611022
x-amz-id-2: 4S50B4nO3cMMtUttMXkgcdc/XYRh9rHi1OaBgD6Q91tLzAZw5z+8wM/DL09u/7Wx91nrSRyX6QI=
last-modified: Thu, 09 Jun 2022 16:01:40 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FBPC0w4gMbgAoXSvHVXKgFPeJcLTY0oXtmlyI9pAursRD732K60BFwdM5Ss07mJ0UQF0CxkpMeWnPAvd2glmqCxxnxyfQV3PZcTMwzKvOw4ZxBUWA1Y24GEVMq9iWfXMAdcrxIACULwU3ALC"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b391e743a68-FRA
x-amz-cf-id: _R-b9W3VrQZ7UDBjHRG7azg_3bfgkKnuxz8w3Vdh1zpVu4C9rVcmBQ==

GET
H3 200 cover%20cover.png
www.uptycs.com/hubfs/ 662 KB
664 KB 1679ms
1655ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/cover%20cover.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e52158ca0ed26f8b918eb4486ae7dab42deafc8ff926ba5fc15e194d36ceff5d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-75746587695,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ247HEWJXZPJ2S6
x-amz-server-side-encryption: AES256
edge-cache-tag: F-75746587695,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="cover%20cover.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "c31218fec9dea3d150f7aa649574728d"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1654715737235
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: NclTsvI3N2VwFzWVGxKNbzNRRlEdTdaP
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=1086337
x-cache: RefreshHit from cloudfront
cache-tag: F-75746587695,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 678246
x-amz-id-2: kFF7GaWF3J6/oorF4eLlbKUnm3qVyxnVQoz8z1k0H0sQX3R/qmHu6rbj+jNP7H9bVdYNlv0EMAk=
last-modified: Wed, 08 Jun 2022 19:15:38 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cwE3e4Mb47hAqbGnXDNyEcGlKqnErSDdZPQo6xa%2F0l8RKjW%2FFEj6FKbr%2FzP358WD10Ug1gsFM1AGA798D%2F11jEj32XOFsWIwLcbqLJlBRmIa9OyEJUUQZTyQerQHlSmfCAUkfSPcnwiwDzbW"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392e763a68-FRA
x-amz-cf-id: VSJwpdjPEa4PZfKup6VO20Jcyhxt6ifSCzs3A_3g0tFiuv5VBaj_EA==

GET
H3 200 seshu%20blog%20post%201223.png
www.uptycs.com/hubfs/ 53 KB
54 KB 1731ms
1708ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/seshu%20blog%20post%201223.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e38cbe8e907849635c9ddeb902d6ee1176093d96ce75d7c9e20fc482e0d859c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-62558802975,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: MDQNF2M4Y8BZW8BN
x-amz-server-side-encryption: AES256
edge-cache-tag: F-62558802975,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="seshu%20blog%20post%201223.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "d856185a0fbdcb88163ec7ec7156c586"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1640298882897
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: tC0bvvqNBho1JySIMdvjNaBP9OuDJyUL
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=79845
x-cache: RefreshHit from cloudfront
cache-tag: F-62558802975,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 54284
x-amz-id-2: IfxG2yTFnWkduQctxyJdik9a3+YJxnkIXrNPUYPR4FlLKaRITpLxHptcmtY+P/mZ3TV2Nj0AAWE=
last-modified: Thu, 23 Dec 2021 22:34:43 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2oesIcp%2FPL6TewOAb7Q13%2F2tk028q3Rh8NLntoC%2BxN0tlMAVkP9uvdrqInYaA5JsHbzYDjURosEKGq4fITVS%2B4EQ3R7AQC1Xtwi4sXI6NoQQDjf7fHKmEX6vE5XvrcyLrAATMO7Sufoyynhl"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392e773a68-FRA
x-amz-cf-id: 3fs8Xc5pp509qo12qwXcdPfBW_n56FpUjaZ0xTdZikhBFuK3wgdgPQ==

GET
H3 200 Shutterstock_308055317.jpg
www.uptycs.com/hubfs/ 20 KB
21 KB 888ms
864ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Shutterstock_308055317.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b1b5e2aea7238798fa2c487b50cb4cb7b0416970140f58c403cac0a57a684f5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-75080783214,P-2617658,FLS-ALL
age: 19450
x-amz-request-id: 0NDF9P8WBCDKFD76
x-amz-server-side-encryption: AES256
edge-cache-tag: F-75080783214,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Shutterstock_308055317.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "697b487dc3e4691cdb60d28ccb629dd7"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1654092063143
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 85ca8c4198fb707d10ecc2a784a315be.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: BGVDT2tWyCpqmJs4T_C2vuKFvnxtlyl7
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=76248
x-cache: RefreshHit from cloudfront
cache-tag: F-75080783214,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 20050
x-amz-id-2: IKJ+suD1s/CdxmHbnyXrIX8WBtzKwyrTeqwiDFRv4Gw23IjoKKla/rdUUI/jCrM78rge7UpbOxZSLe+sATtjkTEQafrJEK9o
last-modified: Wed, 01 Jun 2022 14:01:04 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ydL%2F4285JkWpl6oNS4IYNVKY6A6iV05Xq33pHB4vKFaT05pyVHribLH8o3dn8u8C1Cqk4zkF1iui7QMRXbq5f%2Ba3G9%2BOTLvP0fwb37sFl1CKDObgHpGWvP1H97slUicCh4jkXAG8DVQicrlw"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392e783a68-FRA
x-amz-cf-id: Yh1PkLHY4GIq7CXpwH9chlQWoLitAeZlWBVDIi_G6EV0hRuKSVJSgw==

GET
H3 200 Untitled%20design%20%282%29-1.png
www.uptycs.com/hubfs/ 631 KB
633 KB 1734ms
1711ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Untitled%20design%20%282%29-1.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e67a9b92883ef1ff613d10804cbfe272bfd05ea2e3e47d5383e3d74a2221f816

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-74027242531,P-2617658,FLS-ALL
age: 19450
x-amz-request-id: GV2H7K17JV6NPRSX
x-amz-server-side-encryption: AES256
edge-cache-tag: F-74027242531,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Untitled%20design%20%282%29-1.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "039b2887bb3a563523bef72750db97df"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1652988086542
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: kGSRga0iP.jx_jG_IvQb6ZmSp1O.kP_j
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=987309
x-cache: RefreshHit from cloudfront
cache-tag: F-74027242531,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 646434
x-amz-id-2: b5DizQYrjCUgfitFjaV2OUkpGH/1MmQ8vJdenP4bKS4v6feZaY+/OvnKpXMUuHbvuQaSpejDSk4=
last-modified: Thu, 19 May 2022 19:21:27 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=trwLkUhZawvtwo738f6Cj2dVxVmEEg1i1irKTmMD08MX9i9sinFwLIBxRV1VIilTOEuFokt0NlYy2p1l4mLuGDvMagp3SskKx4Atv6VZqNO90lfAriPUQEZVQe0eiV2icnkc%2B7cS0Ci7MZmZ"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392e793a68-FRA
x-amz-cf-id: -nWUj2LqOAFdSgV9rWSsYFzM3EhPBROkxDyhsFvW-J2e-Gktnr-V-g==

GET
H3 200 1200%20by%20676.png
www.uptycs.com/hubfs/ 1 MB
1 MB 1627ms
1603ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/1200%20by%20676.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0683d2c2837b34f8d2a1c3e7e918d3fcdfdbe1537c7b0bdc325f964b8a646739

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-73535521601,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ24TC1RE0VK7GKZ
x-amz-server-side-encryption: AES256
edge-cache-tag: F-73535521601,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="1200%20by%20676.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "79e1163e9b1e5eea81d4bb99962829b7"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1652457382395
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: vUIp2XA0emXw09ouv9WhqytgiglJrNe0
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=2150917
x-cache: RefreshHit from cloudfront
cache-tag: F-73535521601,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 1569274
x-amz-id-2: 0YyKb5Gm/5fbi12etHlDSVyic4FPx9omFDAfStnHT0Wbs7ukMgxq1mO3/xzcdCwMifkGHNEMsmU=
last-modified: Fri, 13 May 2022 15:56:23 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xBkHeSG2PcZbxXds6DBHaH7GJSblWV6yF%2FU4fsJ13hh%2FPE5f8IOO69T3oh21Vdiw%2BW7sjsiy9Mj%2F1Hq8lFqPwvCxzEEiVvWGIepnuF3l3toluJC%2BiRhQHyNmjf2KijFNLAjWx0hLCjzNarR6"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392e7a3a68-FRA
x-amz-cf-id: -Ud0Dccb7JhxJE5SUcQ1l-Jh00uQr6VMytpEKup4fA-2d3XELJzjOg==

GET
H3 200 shutterstock_1053940421.png
www.uptycs.com/hubfs/ 91 KB
92 KB 888ms
864ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/shutterstock_1053940421.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

00d6bf29c873205f8d626dd698b0cfef89fe0cabeabae24ddb8fb83b5f5a0e1d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-72686079292,P-2617658,FLS-ALL
age: 19450
x-amz-request-id: 2TBQZ3S541KM6KB6
x-amz-server-side-encryption: AES256
edge-cache-tag: F-72686079292,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="shutterstock_1053940421.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "b0e102000cd1234fec455501b9d00e46"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1651631036267
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: q9iy8n4J4KzgXvB6K8_Kr6tW9Ko9tMO6
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=149521
x-cache: RefreshHit from cloudfront
cache-tag: F-72686079292,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 93122
x-amz-id-2: TxajhNMfWHTXm0BAewMCiYSA13PKjMNJkzqMLYFYpgL0mIKwBBSR/YbuCKQLQPBJ0OmfULzpnHc=
last-modified: Wed, 04 May 2022 02:23:57 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKMQvJLIJUMaL4YDBQGGVTTKQRCpZHRqFs27FKbPpZES6c7MBpWMZmDGzjGuE0GCGR1EPG3GcZWgjLNY6EY1r1dP4FeZA3hUSlCTOOu6JAzBa8ySrQOuIjkO1Cqj5dsEsVNKIA361dwsRUJN"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392e7b3a68-FRA
x-amz-cf-id: 8S2XcRAKuLP8m4VkXHl5XuP3-WJXyoMVZgPbeEhh9pvNxFz1yvQsjw==

GET
H3 200 q12022quarterlythB.png
www.uptycs.com/hubfs/ 35 KB
36 KB 1629ms
1605ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/q12022quarterlythB.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

86fb96f7c72af3a732e2a0b6ca2a7466b847b0d38b4444f297d491b74d5e0b35

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-72269069624,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: 3HACJCN2TJP9ZWRE
x-amz-server-side-encryption: AES256
edge-cache-tag: F-72269069624,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="q12022quarterlythB.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "31489eb0e1bfe733d683ed4430696203"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1651242547587
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: Bfycr12.K5OVJTBXdjw_k1J2DU38QRpl
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=57068
x-cache: RefreshHit from cloudfront
cache-tag: F-72269069624,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 35902
x-amz-id-2: /2jTZ3bu6fmEs2qv942bxcNhmSF71BMVB7fbaYYIZn1hXaccMI1sjR/XWL9JEsGNLsjENXVPNRg=
last-modified: Fri, 29 Apr 2022 14:29:08 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dEieC8pPAdv3k%2FrU6bryGHYgEuJZCPHIXc2UlRX9pK7n9uFlR1pHRA7eVv4pIbuX9rOCRtYQRzQgjcQYdkj1WEKoTkF%2B3%2BN0qAha8zSRTWNg1UhunhmKupEQGaC2U6%2Bki7JCHWDjdeqrO7o5"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392e7c3a68-FRA
x-amz-cf-id: 3yDjjoZpgmBSq0k90dD9O13-v7trPslKu9aYlccUeyqA4w7wBNdotQ==

GET
H3 200 tobias-fischer-PkbZahEG2Ng-unsplash.jpg
www.uptycs.com/hubfs/ 1 MB
1 MB 1630ms
1606ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/tobias-fischer-PkbZahEG2Ng-unsplash.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

acbc247c6499740853af4443a11e625ee66eb77e475486251faa47a3aef3f158

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-71191828304,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: F1FW20ZXH811ABR5
x-amz-server-side-encryption: AES256
edge-cache-tag: F-71191828304,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="tobias-fischer-PkbZahEG2Ng-unsplash.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "b3202144eb50a7cc1d5b7045d5a9d604"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1650051222949
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 099a327961f82798658bf21aa210d4a0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: UmBTmXeUynMw7GZ.Rwzl_uMSbqzjaEY.
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=1870321
x-cache: RefreshHit from cloudfront
cache-tag: F-71191828304,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 1233552
x-amz-id-2: f70GazCtkc9voelDbHwE6a+eK6xp+P/HaESRThO+SGWImtrfHMue3N8wRscDY0xrJOHV8U0SGuSCbz4Qy0h1W6V3qhXUMKUt
last-modified: Fri, 15 Apr 2022 19:33:45 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2dEmX3HH6zDN1pN8gb4dEYAIUf3pXChjqgD0x9eWP0ZMPIGN7vMIzywJJYL6xeDJWeeoRSGllgvReP8wl5VgY21rk72go6mtrdXgDvzsSOWg3mQ%2BVlwkqiQxSqTdxHTngDsa1BoqbZW928Fv"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392e7d3a68-FRA
x-amz-cf-id: OIgmWNCurpZYD11E_MwaP-ir1Gicgfyey0Kwc50pRx7fqMTEix-y-w==

GET
H3 200 Untitled%20design%20%282%29%20copy%205.png
www.uptycs.com/hubfs/ 45 KB
46 KB 1636ms
1613ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Untitled%20design%20%282%29%20copy%205.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dd890e2f62ba236c4800a6512fde6be77919e66765c318a15c21dcb9d8b3986

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-65907425652,P-2617658,FLS-ALL
age: 19450
x-amz-request-id: DQ2BFX4ZH7EFZ2ND
x-amz-server-side-encryption: AES256
edge-cache-tag: F-65907425652,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Untitled%20design%20%282%29%20copy%205.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "1a92b33a6c256617de9e5e362d678a9c"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1644446196641
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: T.5_YltTcHBVvwl_7RrsRHm.15BeHGor
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=71917
x-cache: RefreshHit from cloudfront
cache-tag: F-65907425652,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 46094
x-amz-id-2: X/eIyniRYQcdpL/GODzkGOIoq76lee7E8Qa7HmtIAsVpUJS8tdAj8bHl6F+KNKRdpA5gjEBPZHA=
last-modified: Wed, 09 Feb 2022 22:36:37 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYr%2B2MdqQuZSMvVoAFJ4azrZx8Rtpxq664x%2F70SZ81r2IkqWN83C2pfvijot7rIWQv1NGnkjGm7CnYcanhczUdV%2Foo1nkz819F53s2QxkPJlPQFXPDqBNYbCToGmohT%2FmJT%2BkJ83uD61eUSP"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392e7e3a68-FRA
x-amz-cf-id: 1PF7Dr_TfQrSLFiUs8Ii1QbVS7kFSTkwI_s0z2gITma0ktfR4-74IA==

GET
H3 200 175x300-1.png
www.uptycs.com/hubfs/ 38 KB
40 KB 1609ms
1585ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/175x300-1.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

82262c011fececb7e8842ce5b332d424a4b770ffc375401f5ac5183510d4e48c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-68047149107,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: YCNRE68NVFQCB8SG
x-amz-server-side-encryption: AES256
edge-cache-tag: F-68047149107,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="175x300-1.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "73d3e561b1ce4523e506bcc1a6e94775"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1646768164870
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: Eu1FDkWJ5NxVy.mhq.CAAXAbP94_246V
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=55818
x-cache: RefreshHit from cloudfront
cache-tag: F-68047149107,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 39194
x-amz-id-2: k4tuQG/kbM377ZdglPqEcsLYKed/gipONR5bdWSvfzLtfsD5y7vyWA8GF+EB4bI4RXFJIDK4+YEQog5raeZ87Q==
last-modified: Tue, 08 Mar 2022 19:36:05 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZP7xe%2FeesXevTR7SOKErNk4nz08eN7bugQyQNTc7f6OaZYupEWBM%2BBFMuI5G6qNpD2J6%2B7P%2BdYP%2FDxjcNUMgvALtbmYwsRHlO5cBQrHsNuKgcu1tsyxgaBuNxeSNllKqZ9%2FOdsfyyiAHmZbg"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392e7f3a68-FRA
x-amz-cf-id: EMTT1zbyO2nqbZZ8Ebuv4PmHqdOGlOU3A0XxZ1DBYXiGC6pQWUpRzw==

GET
H3 200 300x175.png
www.uptycs.com/hubfs/ 74 KB
76 KB 1418ms
1395ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/300x175.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

339bee26a9619577d33dab15ef00cdbddaee9edbd2e0567ed21647f59ed301c0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-67496207963,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: 7AD36G96Z4D64BAA
x-amz-server-side-encryption: AES256
edge-cache-tag: F-67496207963,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="300x175.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "7749084078b60a2c116d5fb3dce34cfa"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1646174851972
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: PE8AW26MIldkrSJka.tg6rDomV7AwP0v
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=108506
x-cache: RefreshHit from cloudfront
cache-tag: F-67496207963,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 76054
x-amz-id-2: Y4mnFhasWLNu60ZooWKwiIzuxjxgwvUFuyh2xUAjyNOVoFzo6qZ3xZUOlaxwNBj7xiSpxlVYOpM=
last-modified: Tue, 01 Mar 2022 22:47:33 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mIHrEdzr9yLAFXrJIoekb5OMoS8TA1OkL%2F0CD%2BUfPaabA9ZeqY7NY0WOkRcdgCXzQOoaN0G8BtcjdyjNE1dM1XmSfXCLh2GVfhcddOXJH0PdMEw6%2BXTg%2FfL32CJ3I9gNDRo9T9VHIPYWyxtk"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392e803a68-FRA
x-amz-cf-id: 8ezyDbpW_MOFLv98Egm5eaaNwwM9d7P8H92dfJ9vpMrv2lT61wmzLQ==

GET
H3 200 300%20x%20175%20.png
www.uptycs.com/hubfs/ 44 KB
46 KB 889ms
866ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/300%20x%20175%20.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

125141325f226b3bebcb3a4f5e48d16ca4409b0c2ac4fe16da2fbe83ceeae98b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-67387107700,P-2617658,FLS-ALL
age: 19450
x-amz-request-id: FFDZFBDHKMDXPH2Y
x-amz-server-side-encryption: AES256
edge-cache-tag: F-67387107700,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="300%20x%20175%20.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "ec803e38d4b369ab873b73f28f044adc"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1646089665587
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 45144f4effc6db6c846de623ab8b639a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 7Z1IOvewyF6IP7I.JmBrxNLWjAiTdTRD
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=72982
x-cache: RefreshHit from cloudfront
cache-tag: F-67387107700,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 45390
x-amz-id-2: iNB/BZ+mNuq5OOFfIHNbY5OA9YdH1VS142ssYW4TG9V3x4oWiSoj+APKfnJtGQZ2zLyi9ceN+jk=
last-modified: Mon, 28 Feb 2022 23:07:46 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lPsXAfBxigRqRMso0nR7kwQ60hyUj%2FsGtEjEv6dfo%2FcJH1eZ%2BVJHet9tP%2BITSr496%2BD5l9Vd9WySCBcELZ1JTwbXp6qwnWl40WQxfeORtNrsnLOygn6OXMpKLbzvtXyMIKLh%2FKTg660BuM1V"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392e823a68-FRA
x-amz-cf-id: zXnUZCl1dkp14Lm46qzcafcYZoWmopWe6dR2dpKMDEE_3_1WIuQQrQ==

GET
H3 200 TB%203%20300x175.png
www.uptycs.com/hubfs/ 35 KB
36 KB 1426ms
1402ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/TB%203%20300x175.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b1f4eeead3f7385f6a6dd9b4ddb4588ff7f3884618bfb7563e47c4804c1bbe2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-67172041254,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ28KDY7XH8K7Q0A
x-amz-server-side-encryption: AES256
edge-cache-tag: F-67172041254,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="TB%203%20300x175.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "7426be80f3b6f8059faf06b3c9cde116"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1645824445834
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: T9aWduxt9VQMZ8ZhIeiKVo9cu.BTjroM
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=56113
x-cache: RefreshHit from cloudfront
cache-tag: F-67172041254,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 35786
x-amz-id-2: Glc2FyGoMNhwZQOkqjELRprhkkHycTOr83KumePFkhOJMPYUSEqDOC3iODr43X7sKGn3GPd6/fFplrMSDqUxGg==
last-modified: Fri, 25 Feb 2022 21:27:26 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1y591jCxZnYNzH1xypJ2HJnhnY2Wga4UUy3LChYb14VGhTIFtO%2B8h%2FVAVKwkcgpK9gqxtkS4Ilre0BdARem%2B83otHyOdpbBrI6SVuWDshOuB3XORDXFAqTlbM6hXDWOo9E0ac8uqoYu4Elgs"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392e833a68-FRA
x-amz-cf-id: ISzANkgccFZB8yezKHcCnDWhfI8df-3tt0_wilvt2hbMopOT-SDxOQ==

GET
H3 200 shutterstock_639700315.png
www.uptycs.com/hubfs/ 97 KB
98 KB 1428ms
1405ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/shutterstock_639700315.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

deb74c4a1729f4e2d90c8616a9837d7e0128d290fcad033e673621dfc08bf61e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-67062339596,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ27B7SFPQSJZ2V4
x-amz-server-side-encryption: AES256
edge-cache-tag: F-67062339596,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="shutterstock_639700315.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "b9a1c9999a8c411350432ed9c81c7f56"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1645728725299
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 94Kn7A4WBzBabhP4wVN7lmp.mUl8_kND
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=179125
x-cache: RefreshHit from cloudfront
cache-tag: F-67062339596,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 98872
x-amz-id-2: v3IVrjpU4YtZGBqikyOQrehPKdHlSdyzDszO6PFKWk7gYo/eWlWLWa2+8f2pdL/+c0OjH3EXpGB4TA4cO5inDw==
last-modified: Thu, 24 Feb 2022 18:52:06 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fz%2BxnOp6QgloBEVBBeScc7x%2Br1vcRemm21JzH7lk4dEx4eHudENKU06eR9vq5cCWuHMCXfqhNa4KyK87FVPq1vEBrbkEt37cm1W0uN86tiGJnQPxYkeWzMEuyj2Kmte7Nj7vU5ey7flxEwiz"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392e853a68-FRA
x-amz-cf-id: TrxtdrEiYI0ISWA3J0rryr6F0mztpBMeev9q6TblMQkqCWJW3_APOQ==

GET
H3 200 yara%20featured%20300x175-1.png
www.uptycs.com/hubfs/ 56 KB
57 KB 1431ms
1408ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/yara%20featured%20300x175-1.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b539042f7864598fc7f4fcc269e625aa84f77923e8c78385efd13cb47665d82

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-66535311136,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ22EKZX8HJ8SP1Y
x-amz-server-side-encryption: AES256
edge-cache-tag: F-66535311136,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="yara%20featured%20300x175-1.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "eb48ba518651930b5321453877d9d2a2"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1645120299747
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: tI2RIZEKDS1yn5JWpo4riAsFlS3b5dSJ
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=96540
x-cache: RefreshHit from cloudfront
cache-tag: F-66535311136,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 57144
x-amz-id-2: cIJAwgE8S/7us3kAbYYlSW6xJDwls9Frtdb2E+Rfl8RFagTOR2WvNQ5yCcDRDXXsW4zCXKxNxIEZlM9iqd4LyQ==
last-modified: Thu, 17 Feb 2022 17:51:40 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0sxIzEHI9SHnMpEykRbbGO5kqyYsNdfL6gljhfnggi1RkTKDD30UJCglhy26LUc%2B3WtDGk39BqQhvrHntctZ5PAJ47ztaqIKOKZEdx3mnMsswLr7P%2F9324li1hyimWYfZOHEYqc2%2FIe13QHv"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392e873a68-FRA
x-amz-cf-id: GdhNsWxhyTO5oZ4LJDMxTh74NU-y0txdy6K5Op4336TjyvcE53wgmQ==

GET
H3 200 Untitled%20design%20%282%29.png
www.uptycs.com/hubfs/ 52 KB
53 KB 1433ms
1409ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Untitled%20design%20%282%29.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfbeea09eb526908e198e475137c59fb253b93a902c7214f4d4f1d2c6a6bd360

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-65884356265,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ25EQRH7FH1KRHX
x-amz-server-side-encryption: AES256
edge-cache-tag: F-65884356265,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Untitled%20design%20%282%29.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "676738d4c0a70b951285c014e5736f5b"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1644425004233
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: QL9rTiHR9qGVfD.thwyKzsHSg_gim4mb
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=75025
x-cache: RefreshHit from cloudfront
cache-tag: F-65884356265,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 52928
x-amz-id-2: 5LnSD34TMlgHeC1kAvuJeIbdkV0Y8FDH7doE3i6PS6F1SsT+kp8WgMEMM6dQfVOF7ucRgjyAOns=
last-modified: Wed, 09 Feb 2022 16:43:25 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lCo5bJ3b79fq4UiYBf4i5yM1drieUMKrv43EWUzlL%2FqfgqLpMVUo5OmBAEb3Tyjr6sjFupMFW8wqmACm5wHAKv7ylK3QL%2BMlaVHinLVg50UkFfcpNhFBT8Nb6oOgN%2BBe5Yk6NTZoECCIoCBJ"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392e883a68-FRA
x-amz-cf-id: yn58ghDhFC_Vyhuw47JU0ot2G0HfVuybEacgC3hoFB9VqNSqluOYag==

GET
H3 200 mitre%20d3fend.png
www.uptycs.com/hubfs/ 64 KB
65 KB 896ms
873ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/mitre%20d3fend.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

45d0d01ddc2a32f97e557e378d859fe6983fced69df35bb7a33b58ec8e8b2b57

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-65440130704,P-2617658,FLS-ALL
age: 19450
x-amz-request-id: TBCYPT9EJ79084Q1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-65440130704,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="mitre%20d3fend.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "c42428ffdf282c6abc9e1d54ab45d6ea"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1643912198143
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: XkRRr41vPmqODjdnYHVe5kB5Sh.mLVcL
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=101107
x-cache: RefreshHit from cloudfront
cache-tag: F-65440130704,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 65628
x-amz-id-2: qxJeTe7B8aUIW/nVJd1QYBFXdFuO345UYDnTHF5YgwQlWEII0io4HWwk8HSlck53d8fOeUeU1K4=
last-modified: Thu, 03 Feb 2022 18:16:39 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0f96MpOWxLlJ9dg81F6pZTBlk70BqPgR3MZPHzTJ5f0Tpr1mgHW45eC2MI82ipibwWnRtUenshZopj%2B5UqPJ2eDzLeICd6qJ%2BN0AW4QKFnpRG5zkJ3gFuSmezmKogMPC94zPpLSMyCBHXAko"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392e893a68-FRA
x-amz-cf-id: Rsb_E7aqkDjAW6IY5VRdyEauyB4Njj0lj6X8xYsnCrup6zMYPLjBMA==

GET
H3 200 daniel-falcao-Pt27b3dRdVA-unsplash.jpg
www.uptycs.com/hubfs/ 210 KB
212 KB 1377ms
1353ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/daniel-falcao-Pt27b3dRdVA-unsplash.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

033fe3b5728ce47c95034c13598ee92832dd2607b0d20d142ba18b8c3438bd40

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-65979175985,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: KR35054VP93Q9T48
x-amz-server-side-encryption: AES256
edge-cache-tag: F-65979175985,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="daniel-falcao-Pt27b3dRdVA-unsplash.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "4d96240dcedae7189f72e5c98731f5c2"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1644510885180
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 099a327961f82798658bf21aa210d4a0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: UuiJtk0Fjay94PR6D8LuMJNqf01Vz6vf
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=384779
x-cache: RefreshHit from cloudfront
cache-tag: F-65979175985,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 215514
x-amz-id-2: xnQre5ngbotBMthscDULqb1zAUuRarDwWVC1WNBTPrTL6SZYaIiqpiILsuOqGQLIiG//MaNuveg=
last-modified: Thu, 10 Feb 2022 16:34:46 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5JVMhcDvmWFu2SA2Ftp0Al%2Bhw7OlqWoizJe%2ByQHmIBocHI4NZDzyfelmaU5E6j%2B8jVnh%2FPlHzstWR%2FWVySHl53PmTOzvM7%2FpeAr276U33qDEWwUQgm46Sq8QuUgbdVoGTAQcjW0RzLStt3A2"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392e8a3a68-FRA
x-amz-cf-id: -yxLBlVYyOapA6Nz6JsU4XRlLFMPqfCT3zFimDQTGL8TVjHbyQ5NwA==

GET
H3 200 EDR%20vs%20XDR%20300x175.png
www.uptycs.com/hubfs/ 67 KB
69 KB 890ms
866ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/EDR%20vs%20XDR%20300x175.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

98c77c9fcb9c3df92f30db7d22a9e2a4dca1c875cdd0a1bfe3557e3e4ae235d7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-64169281564,P-2617658,FLS-ALL
age: 19450
x-amz-request-id: DQ2EEVJ3XSRJFMQQ
x-amz-server-side-encryption: AES256
edge-cache-tag: F-64169281564,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="EDR%20vs%20XDR%20300x175.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "c2914451623a2437c668b7a4824287fd"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1642523846056
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 0bTcidTp4Pt3jDVQ9RJzNf6LJzqKapx6
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=108399
x-cache: RefreshHit from cloudfront
cache-tag: F-64169281564,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 69098
x-amz-id-2: miLb2ku0vd6ZbTmm1rFL6abeEFI4KbZJlhuWxqLJTia8mHQvqegY6Tv+6AAkqCMuPJZhoK0q78s=
last-modified: Tue, 18 Jan 2022 16:37:27 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T8QMp2Oxox%2BXE7ExDDacL4EQHPO6XDh%2Bh8UICd5%2B4oMJMdg3P0zpjtrPDJTTkjuL4RS6yjTakS8fKGEYVpKUo12ePFL%2BvLEe5J1qTG0D3szSqC1YDDtSU%2BaV4GBu%2BOjF9QqhV4L7D9x5eobi"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392e8c3a68-FRA
x-amz-cf-id: PVIPfufmPr8GZ-FsaYpVxdbVS-cWJ9s0bvLFwrjEytPfshkiozxTUQ==

GET
H3 200 featured%20image%20dfnr%20whitepaper%20final.png
www.uptycs.com/hubfs/ 27 KB
28 KB 893ms
870ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/featured%20image%20dfnr%20whitepaper%20final.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7e91209b1d7a3b7654fba96853f5a8a76f9e6df777f968497b055bcd601bc5e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-63983479061,P-2617658,FLS-ALL
age: 19450
x-amz-request-id: YCNTJZNCXHZ2YZH2
x-amz-server-side-encryption: AES256
edge-cache-tag: F-63983479061,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="featured%20image%20dfnr%20whitepaper%20final.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "2cc4cbffa2ac7c677f427ae139cba441"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1642284247573
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 7BEaNIAC8ued6e59GFiLR.62_1bk.IcG
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=42915
x-cache: RefreshHit from cloudfront
cache-tag: F-63983479061,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 27194
x-amz-id-2: ukL5gzkxzNP+dnRpfz7HBABKK91uTEIjRJyD8NGhHvC4ykYsa5CkE9Y9WyfgofvWlDy82YnzScs=
last-modified: Sat, 15 Jan 2022 22:04:08 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dg9p%2F4zrQkuDhwx%2FZ%2Fm4Lw0vxJwxh9IwqTRq%2Bv3rUV6E1g9ENiehUTUgY2BAH3sJeAUZ3RRAU9giGbbK3YwQ6RePPsNe2zLPSEK6%2FBoTOou8P5tfqnfult3DKDWezUWWR0RiAjzsqDDsNZqH"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392e8d3a68-FRA
x-amz-cf-id: axPdNnR-A_WUJoCb725n0NLM3DwHGMQ9MWHZ4BaajRlg5p93wezVtw==

GET
H3 200 Untitled%20desjign.png
www.uptycs.com/hubfs/ 56 KB
57 KB 1353ms
1329ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Untitled%20desjign.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dfbf4ba923132bfdda3e3c1bba53121024069aed1098249d3e00653c32dec36

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-63867347267,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ2B0KFFQVBR7HGS
x-amz-server-side-encryption: AES256
edge-cache-tag: F-63867347267,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Untitled%20desjign.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "289a644aed36a5266f1d80e10b3b8d54"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1642145191643
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: GgArR7lJXV_YquGGjTzxvYaAL3UenODQ
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=83683
x-cache: RefreshHit from cloudfront
cache-tag: F-63867347267,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 57416
x-amz-id-2: aK5Iv9bV8/5mhoCBa6uShw/dkezBHHhU7NzrEzCfxYlERNQpz5MD/zuQT1fgHnE7G81FAs16D+c=
last-modified: Fri, 14 Jan 2022 07:26:32 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTLbsPAAeiCY4qM9%2BZ4AtCS5MMWoPjYduNiflNryCkJycxd5wUgFHfaj5dzfqBEfouN8QmupOjbRLrewe5nUJJEPeQJrM6PUsFMcEmoMkpdZXEnk80PhO7yJ4vnSveeP%2BVGUP14n0q5yieUt"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392e8e3a68-FRA
x-amz-cf-id: KDViF969Ui2V7ISWscQkoCO_jm2AkJIh2U4SOH3lFtkA0TGoJKznlw==

GET
H3 200 1-1.png
www.uptycs.com/hubfs/ 48 KB
49 KB 894ms
871ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/1-1.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e968a2d348e640ffd1efe0835ce50f4ce7e95472260b2a88334adf2a96175e5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-62390745179,P-2617658,FLS-ALL
age: 19450
x-amz-request-id: YCNXTXFT3GWPZAZQ
x-amz-server-side-encryption: AES256
edge-cache-tag: F-62390745179,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="1-1.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "b70fb0d65d90043b246ea7709df41fd6"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1640115187469
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: gKrMBmuT257WWiHfxaQc1H9r7h.WgpIy
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=73834
x-cache: RefreshHit from cloudfront
cache-tag: F-62390745179,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 49072
x-amz-id-2: eV88hnDmq8t+yPoSCGvyYb9PTtqCgPof5hl1qjL1MeGoZc5fh2e18KLG5XweboHXJcaZIG5dBvA=
last-modified: Tue, 21 Dec 2021 19:33:08 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGYBDa31HIcTXlnMSutYMbFObyC9%2BdOklXMUT94uvz2Lx7PO9cKOa9O9FglRE69rQktC3H2bmogC%2FFBQrRu0vJJ3DNBzO1AKFP6hUzrYIdMDMrvcLWWpU6QPRriFRMgQUhkM6sfY96Ko2UdO"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392e8f3a68-FRA
x-amz-cf-id: bJCp7I91bNW_FLMb1FlNFIoTwGAh3fxtvwq-e_WdSwu5wMwj55UKPQ==

GET
H3 200 shutterstock_672392776.png
www.uptycs.com/hubfs/ 213 KB
214 KB 895ms
872ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/shutterstock_672392776.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

19b66701798932c36f52e2caf58b1f864fd95d7ad2fb44580481d72901999dbe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-62307699854,P-2617658,FLS-ALL
age: 19450
x-amz-request-id: BEWCR1GN2WVPEJS3
x-amz-server-side-encryption: AES256
edge-cache-tag: F-62307699854,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="shutterstock_672392776.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "dee95912ef575c061066e323ca63215a"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1640021945134
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 56317bf75183e752b06c880e8a1e502a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: No_eyY9Xec12pRqKJAuSPI86e2gK33C9
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=377329
x-cache: RefreshHit from cloudfront
cache-tag: F-62307699854,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 218064
x-amz-id-2: NCzly4l/z7bnZjy8kh165jBqhPc0WVnKUCbrJFMtb4zGYSf74BUoGZK2qRdSCXkOk+VH7594h/I=
last-modified: Mon, 20 Dec 2021 17:39:06 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jI0yCDjkO9RhrkyfNnuh0rWveJmo9h2ulnxgYBVKpCzoeEPkrhgFAkAg0TUTcAi3cozmpe%2FejaERDxYxbXU%2BchWUY8TaoJnBshUaKOQ3wiuY94k0aI8Au0%2F15S9PFRws9dH1IXRlEXUSBh%2Fq"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392e903a68-FRA
x-amz-cf-id: bvErkaN9A5J-NFNK_99d2sHsVzmAGeEwtelquO-jJWTyc7Ed4_hmEw==

GET
H3 200 shutterstock_1705312234.png
www.uptycs.com/hubfs/ 210 KB
212 KB 905ms
882ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/shutterstock_1705312234.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c5d356794069bfe8be40f47d8e5030a24f70a31c6df0824ecfecf089258a4e6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-61766270250,P-2617658,FLS-ALL
age: 19450
x-amz-request-id: MSSGHWAYK12YV62Q
x-amz-server-side-encryption: AES256
edge-cache-tag: F-61766270250,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="shutterstock_1705312234.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "88252ce13e77c2ad0e713bf2dfae97d5"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1639367120866
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 8JPXGLrIZJ6DkrRK3phRiHiCAGeYX_hp
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=357981
x-cache: RefreshHit from cloudfront
cache-tag: F-61766270250,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 215296
x-amz-id-2: yWgYchRwpOb3PvyqrZd5/13UqxFUJTWtVsd5uIXvynGhLm/g7KFJFSt43Gt9efhdYsM/6BNmdVQ=
last-modified: Mon, 13 Dec 2021 03:45:21 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gt1XZaluZ3LJMVrXRHfWN33GhZaxjpg6%2FLgsB8nXbp112aUmw031wNwLwIGWWBFnBrJ1C2kGf9656Cc5usMfTNazJMgndKyST3ycrCiQ%2BrfZg4Kq2lO4Hys3qX7Fsrq4GFezK8C%2BBIOgHIh2"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392e923a68-FRA
x-amz-cf-id: wrnkudXLcfkZzd6LLZXddtTxn5FErEEoexh9OqLoY8cv8xW1E5RwcA==

GET
H3 200 shutterstock_1815224501-1.png
www.uptycs.com/hubfs/ 186 KB
187 KB 1341ms
1318ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/shutterstock_1815224501-1.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b24cceb36c48c7f116606cc3684976c2f8de8c4338daa464b6f4ebef2c8dc175

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-61766049057,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: YW360AV3GW7XDMBC
x-amz-server-side-encryption: AES256
edge-cache-tag: F-61766049057,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="shutterstock_1815224501-1.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "9a98f3bf9905c874943da3de12de7c15"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1639366153583
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 56317bf75183e752b06c880e8a1e502a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: ee8ef3itCaUoqpKfFbZj9O8J85PKrTDW
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=357160
x-cache: RefreshHit from cloudfront
cache-tag: F-61766049057,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 190464
x-amz-id-2: zKTIvT0XanHPrdrbZ4j9ifJrERhp84yQ/cJ5+koEhRrqmK9cTCgb+YpulvpdHDAulxMkapdX1Tc=
last-modified: Mon, 13 Dec 2021 03:29:14 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nECS0VO2OKSRxewHk0JkefNAfSOUueVHgxUd4%2FAzYHpsFzbXL9KCX1xdFxgh9wy%2FnOPAFKiBJ51lUN1O%2FMcGSWBE4E1Zwkcnl7Hg4d2aiwVxnOcooYnNI2UEmYpFz7Z3hBEM7Xg87Zk4fuPk"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392e933a68-FRA
x-amz-cf-id: j9lB637AOL3TCuHK1AFZPu4n40f3teHjCgwlD1kOsVgvRDw_5RYXwg==

GET
H3 200 300X175%20Q3%20BULLETIN.png
www.uptycs.com/hubfs/ 16 KB
18 KB 1356ms
1332ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/300X175%20Q3%20BULLETIN.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

94e9a152864f4b99a19e7ce56ecc8d2540d543e0fa637ae201d96b01382e5c70

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-61673316890,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: 2RFQ363DB91ANADM
x-amz-server-side-encryption: AES256
edge-cache-tag: F-61673316890,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="300X175%20Q3%20BULLETIN.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "f8db6f7436854a7d5b8f51e442eaed5e"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1639185485406
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: G49DQuvXhJXrTLweBtOX.u9_BB4JQ3_6
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=23674
x-cache: RefreshHit from cloudfront
cache-tag: F-61673316890,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 16730
x-amz-id-2: 7E+t4PeuVnRirteLG3PfS0qvvmLSuVLQULfYBOsw5SNRui0ghrOKcNogv6jHz8B+voPDmLKHkR8=
last-modified: Sat, 11 Dec 2021 01:18:06 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=106us5UdIGT1SbFAYUmhqYlQDdEoZ0ro3RiobpCon7t4%2Fb1ivMstlRaHzIfc9JBNoOe3fKeyEi4HX8ZGckRrvfQqDSaIfcK7kJKhmjFc3%2FCedCQpSuAenJ%2BmJPsbkkoPvKcVM3jmoZDHpA0W"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392e953a68-FRA
x-amz-cf-id: hp0qW2J-gh7dUJaHu7WEelIfZBHpV4KEsx96cFKikarJwIVSlEjmfA==

GET
H3 200 osq2.png
www.uptycs.com/hubfs/ 29 KB
30 KB 1098ms
1075ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/osq2.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

38db9ae5a722e7ce9de054f6b11bc629509253b370ef486bc32c64c312132a1f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-59612301674,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: YCNQ5G4R38G50EHQ
x-amz-server-side-encryption: AES256
edge-cache-tag: F-59612301674,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="osq2.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "6945ceeae6c11952a97df2468ed18a1a"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1636733704658
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: qYYKpojIZC1HhlmPfN7eHzV7tfAxYysm
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=46449
x-cache: RefreshHit from cloudfront
cache-tag: F-59612301674,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 29226
x-amz-id-2: L24z8zNdIb5uVy5gwP2CRn087bgpWU6hd87c5sgXyAniEqBR35Co7XgoZ4x70V79iKzDsIQ2EHM=
last-modified: Fri, 12 Nov 2021 16:15:05 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=38OT4byG1f4iPSLNR3VknOUoW%2BEcDYBRwoqJId2pkY7LY%2FvvKI4ChlnmHAdSu9LcOjYQkwdkNRbETuwYAjDRsmtdfyamDuu0ymYdM0KjyjpANZAFN0z%2F%2BdNV2alEoTJH%2FNAMWwl3wj%2BmMekI"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392e963a68-FRA
x-amz-cf-id: 1Sn-x3mXDXCF-w1e2cYJr1azMtk7I4CBmYv3QdJoXtk5S6s9OG6O2g==

GET
H3 200 300x175-1.png
www.uptycs.com/hubfs/ 52 KB
53 KB 918ms
895ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/300x175-1.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fae0d60a98d3217d3b7dfd3dc684e69f9a13dd1e3de30f0987a2ae3accac66da

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-74716597351,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ2FC3FB1EM5HSMS
x-amz-server-side-encryption: AES256
edge-cache-tag: F-74716597351,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="300x175-1.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "4abb9215ef5efb9adcf0db18b5ada4af"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1653671111127
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: J7RmXYNLRxEddyw3C0RVCvHxtgsYqR6R
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=78658
x-cache: RefreshHit from cloudfront
cache-tag: F-74716597351,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 52910
x-amz-id-2: snTjoMYihoeaSjUsdqnsieQ/K9aOiVTJ6Nf2v1LWItxCd5Qp3KhNwOiEIzggr8GUxKL5gL7mWLc=
last-modified: Fri, 27 May 2022 17:05:12 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XR4tPmn4MszGg4MljkVQ1DzZSewaHtp3o2FpneuR6MwlKsXYemAT%2FakeMR4WcJ2yazaXipGT%2F0EZb38vRaRQVNZpJGo1x%2FlhcYAB5P2Gd331TguFy%2BTUwkKOQMfneoC8i%2FYIkktaIXQzRw2B"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392e983a68-FRA
x-amz-cf-id: cRZOeuWKOn8gNYcJkukDm1MznNsue13zWxi2s3pkHpHabkLJAMXdHA==

GET
H3 200 featured%20image%20scalability%202.png
www.uptycs.com/hubfs/ 48 KB
49 KB 1100ms
1077ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/featured%20image%20scalability%202.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9814c6dada27587c1dc8f3add43aab7795d8bfe5bee64a5e6141bc5f2e1fdad0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-57575439770,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: 265Q920AH2QT2TH9
x-amz-server-side-encryption: AES256
edge-cache-tag: F-57575439770,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="featured%20image%20scalability%202.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "984d2e657896ca65b1a52adf577696eb"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1634256158160
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 56317bf75183e752b06c880e8a1e502a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 7Mbr.hvugBD7XKxY7s9iVD0og63XsBKT
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=76139
x-cache: RefreshHit from cloudfront
cache-tag: F-57575439770,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 49100
x-amz-id-2: ltBzwD07qN+o8HEWpEaqFAkP4kOnpvcQSTNYljGdPsE2z0o232H9yEtA2lQPmrmRxi+NP6YV3cE=
last-modified: Fri, 15 Oct 2021 00:02:39 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gy7owjd6SJbQyaOjZ4ZMTLW0WBZt1dcjziWVUu3VO1sLj9JaioQuDuQ5vRTLuJSd7EMmxwaRP6iNVbCoTGHuqcfbUhuMLj%2BjRnWPF7mF0tgPEHdf5SOdO4vk3OyRdNBJ5x5tvQdtTgqHw6tP"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392e993a68-FRA
x-amz-cf-id: Ik5fT-ph8rRWmoLc3mb-3W_mwPiItfeAJ6z2p74w0nYuzpgFxl-Ujg==

GET
H3 200 shutterstock_1794130912.png
www.uptycs.com/hubfs/ 176 KB
177 KB 919ms
896ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/shutterstock_1794130912.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

98f22e1fd4bfab6b9130e484bbac88de2836e759ecc4a55d70f61602977b020d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-57971662106,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ2DYYA8JV87G6DV
x-amz-server-side-encryption: AES256
edge-cache-tag: F-57971662106,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="shutterstock_1794130912.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "ede99daccd91288b5e2d7b933a5d0b62"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1634739822420
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: zUBG_5DFaA_w5TgecpwhJKS7X_yU7qfr
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=302318
x-cache: RefreshHit from cloudfront
cache-tag: F-57971662106,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 180062
x-amz-id-2: WDjih9uKZanabf1xU87tKw16eJNVhe29XlPUnI41ko2nr5mpRQ5CQ9YCvaKOewBYS4oPmpgdrP2BGHFjPxZ773pbUIVh8P667mVerSzidS4=
last-modified: Wed, 20 Oct 2021 14:23:43 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ze2ozY59qGSQr%2F85n7Is5gngZPLLJzpXJB6TpFt4qacf2QY7BCsHdeQuwEI%2FmUdgETGdgj2B3WUNHFLAXQd%2F7oQj0T%2FE%2BiSghX4Wp1gCcf26%2BWpFK922Yyjvr1lokcxd5PJI5ol6DlVnvGQT"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392e9a3a68-FRA
x-amz-cf-id: e0GbyanmE5tST6pcQ1CZty5bVlkgdWZiEsvx7u5vA7KmPH2LaW0zrw==

GET
H3 200 Untitled%20design.png
www.uptycs.com/hubfs/ 33 KB
35 KB 1101ms
1078ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Untitled%20design.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

66e6da9679e4bdb0c739f19bf129c75f71e6cce3e106f989ea1f0a0297b7b508

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-56374970927,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ2CSSEKR9WN7ST6
x-amz-server-side-encryption: AES256
edge-cache-tag: F-56374970927,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Untitled%20design.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "c0162c4e42f01da769c21bce5382dddf"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1632935366440
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 40ScZ_CBzsqp8QFWJdSMP3Ji11XbrgM6
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=54953
x-cache: RefreshHit from cloudfront
cache-tag: F-56374970927,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 34112
x-amz-id-2: 3ADdu6GsVdO/CEiZkrViGNDttexYnD3nkj7p/d49AnmQPCLVXDdMp0y95/XmHNYc8Ou928a5rWI=
last-modified: Wed, 29 Sep 2021 17:09:27 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JkzKySKP9ui6wIacVC2P6PEA1AKNzpHWpcybTPz2ullTsX2XqvQkrSRz2w4jRqQqE6KOyzzbj%2BAz5I7IIkjSLwUPiAUIzIJvT%2FuFwsvax7PM2%2FgcB2HxQu1K9HYyHjmiSddCg1CVQsl4NBOX"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392e9b3a68-FRA
x-amz-cf-id: HaRwRL1xMDel9yYqOLTpsUC_u1C6DEE3ij6xSllRHvZp4ahb_9q0-g==

GET
H3 200 shutterstock_1294057789.png
www.uptycs.com/hubfs/ 185 KB
186 KB 928ms
905ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/shutterstock_1294057789.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bee2d200869493b6a7d7a5453cec13a717ceab674dc4b235078e8839359636c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-56484625454,P-2617658,FLS-ALL
age: 19450
x-amz-request-id: YCNTCYEP0WMJQTW1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-56484625454,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="shutterstock_1294057789.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "24ab78379599b3c0876305d026fa14e6"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1633036237720
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 1kn_zoNPpVyM8VQHJirfTXWCaCpChXec
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=312153
x-cache: RefreshHit from cloudfront
cache-tag: F-56484625454,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 189364
x-amz-id-2: cDID7oAEbMUOSIy1kx5kHRfceKNXTyB0PrMyfKZJb9SUDYSKx0uEvnv4dginUwWx6BhGKT75HgpN4XXbKGSpZhC0MV9iuWmkfqSIg8wgz4w=
last-modified: Thu, 30 Sep 2021 21:10:38 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1B5HL06gAmC%2BTQBkY9Xz%2B%2FFLpdmUCmlmjC2W2fASV1xhGXLguxpGu29KA%2B4xXblqISmEbMz2mseLWnMNAYGIDC0uf8ZKRP1PfP%2B%2Fmk2qObzwLyd%2BFJ8Be8qX9oW6L%2B2kFT6pHNk00XLPuMxs"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392e9c3a68-FRA
x-amz-cf-id: SHOS2n9dxUsIuMoU42TEOLQCH7ywvHxH-ZphRkKqh-sjqcEBQ8Jk2Q==

GET
H3 200 telemetry.jpg
www.uptycs.com/hubfs/ 400 KB
401 KB 931ms
908ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/telemetry.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fc2b1e4b03960e1427fe61aba149c3f9aeb1125b1c00f0fb376ec894f84e4b9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-55781606287,P-2617658,FLS-ALL
age: 19450
x-amz-request-id: 7JBBXGZG78AH1ZQV
x-amz-server-side-encryption: AES256
edge-cache-tag: F-55781606287,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="telemetry.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "e356d2e3422911249bb7a6d582b4d8b9"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1632281586692
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: W1By4CewTwyWvfUDwV25Dqu4L79bhmOc
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=783466
x-cache: RefreshHit from cloudfront
cache-tag: F-55781606287,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 409380
x-amz-id-2: SpvV3dY8kvvD7B2goMgjIXgCcVaT9iblJlBJb/GCZkG5M87URETAeHPzZpHvH88xKyFNzi+bmx4=
last-modified: Wed, 22 Sep 2021 03:33:09 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uw2XW5WmWQ7B94SUDEISHxamWPV5na9TDXy%2BtSN5lj3OqAhykhP8WhyulqwLyMoteVyfc%2FywZZ8BHBtD6Yy7r8Tn6WUkw7y%2Bk%2FRgCD%2FgX6k1%2F67bpbX6BVnGrb14oNP%2FEIghUM9FZzTuLmyl"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392e9d3a68-FRA
x-amz-cf-id: A7sKEmUJiPoLto3LEylevSj0EC6T_tdx3o374F78H8BaUq_A_0pDJA==

GET
H3 200 shutterstock_1530516716-1.png
www.uptycs.com/hubfs/ 230 KB
231 KB 948ms
925ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/shutterstock_1530516716-1.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4f5e38d67b77eea9860e7b0c715c55887a2a24ff4a7a125e24315c5b56ae9a4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-55495772808,P-2617658,FLS-ALL
age: 19450
x-amz-request-id: YCNM9536CWFF7J99
x-amz-server-side-encryption: AES256
edge-cache-tag: F-55495772808,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="shutterstock_1530516716-1.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "1207e7a3f4e7d86670abcb7cc51d47ce"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1631892153812
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: J1etmPRR4.KiXbdg6kE18c2frgAh9ySh
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=448599
x-cache: RefreshHit from cloudfront
cache-tag: F-55495772808,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 235536
x-amz-id-2: LHV6xm8xd2dh9Y42maSINE49Qx8BFwi625O7B+Sjskk1B20BqSIFHjtbyMV7m+lLKClLWWcojak=
last-modified: Fri, 17 Sep 2021 15:22:34 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fvaS2GkIe0rp0BTmdxAENPwS%2F9CY1d%2BABlrlAukp%2BlFOT%2Bj38ZLZRIFaaVK1m2zlQezumxtRvobkP1a0JuMeXxfVJDGbBRmLnqpBPwBfkZgsIvSpzXjEfBP91bmgto2OuQycJjqEYO62XX7%2B"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392e9f3a68-FRA
x-amz-cf-id: ExWRO4lhqsD8CysBX1cwhOWST-nQEPY63wOmv4mIPZl7ERyPIwz99w==

GET
H3 200 shutterstock_710262001.png
www.uptycs.com/hubfs/ 275 KB
276 KB 1122ms
1099ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/shutterstock_710262001.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e59e37b4497382cb006c541425c768074140e21f18210fe8e3346c9375a33439

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-54251318814,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: BDNHYDASH0962P75
x-amz-server-side-encryption: AES256
edge-cache-tag: F-54251318814,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="shutterstock_710262001.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "dc3f48f748f687ee484a8d13e24a93a9"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1630457384333
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: TXbatwtPLb.OvXlO8DDtkamAOycaHdaw
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=436131
x-cache: RefreshHit from cloudfront
cache-tag: F-54251318814,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 281584
x-amz-id-2: X+sxA4Km/VuBoFPMUdu+Qg6udd+6+qD8DDNWDgwrUlmm6r57UgMN0qhygtDuXV7soByeSgP6Xr8=
last-modified: Wed, 01 Sep 2021 00:49:45 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IurlSjwzRV4YSwvN5D%2FxfiEIkopRCP83pJFWZ73B4oCelK%2BsbedNNFuMUvfORtQN%2F%2FTdcJRp2gEepjwBFQlY53Gzf3smdBFYzSksZvoklCC3HTgGv4XT1E%2FTSP40RwTlPWVHi2wk0zjHX3dO"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392ea03a68-FRA
x-amz-cf-id: 2a-Vmkh4y4uhfUtHnDy-_aJzyi-rGKxJDeMS1urBGM-UAnQyU_WEQw==

GET
H3 200 Figure1.png
www.uptycs.com/hubfs/ 15 KB
16 KB 1131ms
1109ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Figure1.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a434db462bf3e2ce10111ecbea36d88ec976eb3466f879d2a24d00c61f8bc2cb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-54218320538,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: YCNSN5Y1AE8T78P8
x-amz-server-side-encryption: AES256
edge-cache-tag: F-54218320538,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Figure1.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "58e25a81fe5508f663a20420f509b90e"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1630424768274
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 86OKoVjHCDrH96G6X9Jk11PiygHR7J0H
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=27614
x-cache: RefreshHit from cloudfront
cache-tag: F-54218320538,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 15082
x-amz-id-2: 8GprxeBJCcg/5GH4qRGayRuFbArs8wkd93Aik1Ki7BX7705BaNgkspZPIPh9n+zOHrkZXlfmwPs=
last-modified: Tue, 31 Aug 2021 15:46:09 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T9YJyqtXxuovw3%2FJSyuJErSwLL73NRPky9qM3V209q%2Fa7J5lauvspX0prySy1gfHVp5NvnMogy4eLHZta5qCHj%2F0bOtgUjHa4CYLI%2FkAvS%2FzKTU6PyulZpfvX91lvkYZ1pkCOhTX6BXJi41k"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392ea13a68-FRA
x-amz-cf-id: 3B5lyIQyZNf9f_Bv79GDJD6hz_O7J5PJ8p8tbFJBBAlSJ9TGdEMQxA==

GET
H3 200 shutterstock_1540550600.png
www.uptycs.com/hubfs/ 209 KB
210 KB 1132ms
1109ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/shutterstock_1540550600.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

181bcece2c56b40da16acba964f68f3865eab2f351f5202c657ddc353bf9467e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-54143417690,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: YCNKW7F9EDF2AHEQ
x-amz-server-side-encryption: AES256
edge-cache-tag: F-54143417690,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="shutterstock_1540550600.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "dddc6955ef02b948b9778b306b1308a9"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1630350131957
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 099a327961f82798658bf21aa210d4a0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: wqp_RGrexzL2.w2ej0uUGl7ttc3IS3jh
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=353926
x-cache: RefreshHit from cloudfront
cache-tag: F-54143417690,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 213840
x-amz-id-2: 4Se7L8Vw62S2nnkbiqqhTWkvh5iEuuq4Dws1J4mXKTL90yeUtbUZ5r1PC1yCmSx2OWKZbbx4BtU=
last-modified: Mon, 30 Aug 2021 19:02:13 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JG8EiKbaSCpcDeMJr5gVVJpQoOZoRdyvHYo%2F%2BfuuUuXXhFXXFGfwufu%2BDPr1uFKTJnfjGCAMRAsA6w9hNpQ6uWTNaICTOTKVBugt%2BpPJysHFyebcK14eFQhD2dI%2BWi2Wj%2BV%2F3J7jQHCLyWvo"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392ea23a68-FRA
x-amz-cf-id: 0DcY8ghWQn69oxL2qkK0lZnZ17tiyUVgFTqV5bV0Z8IqZ5BZUuyVuw==

GET
H3 200 shutterstock_1253167651.png
www.uptycs.com/hubfs/ 248 KB
249 KB 1151ms
1128ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/shutterstock_1253167651.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

db4a0289f5d52954c66bffe18aaefcaa2d8ce954f6f7c151034a9f23332731dc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-53255166353,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: CP7HFEV92H0DFG0M
x-amz-server-side-encryption: AES256
edge-cache-tag: F-53255166353,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="shutterstock_1253167651.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "8c44198c435e58ada667d9aff2c24012"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1629395318739
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: fT8.E_ITSW.MXlJm8oAOYb_wiKELZcX4
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=411234
x-cache: RefreshHit from cloudfront
cache-tag: F-53255166353,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 253844
x-amz-id-2: afRptWql8PzdVlgBIWZ9Is+sTXWNH1MplDCtB6Ikx1VJqgAoEE0rgV4nTiYI2tSaLDEkJqDb4ro=
last-modified: Thu, 19 Aug 2021 17:48:39 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jMKEV027kNJCwssoZDEeSD%2BxuMNUZmnO%2BPxlqNGkapCUQSnGJbdMNLWgzWkJOQsYUycSi7Mv6sQr8DPpvEU12BULmM%2Be01F9BckvkaJVw4RCtewfA8ELGFQvRV%2F5%2BW8IlRt%2BgR0XGX6hwEM0"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392ea33a68-FRA
x-amz-cf-id: ieLkxI7n8H8DO5wdMSPU9NqF6XryyQvwGklreDJE_TQb8hM_ljiAkQ==

GET
H3 200 shutterstock_1408742921.jpg
www.uptycs.com/hubfs/ 16 KB
18 KB 1168ms
1145ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/shutterstock_1408742921.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b69e6e19b883d8d33f471b99b6ec90e7256d33a0763a3ae9007f230e5960280

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-52521878344,P-2617658,FLS-ALL
age: 19450
x-amz-request-id: NTNED09H3JTG80M1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-52521878344,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="shutterstock_1408742921.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "c99f6d14859cd4150e2fc6b28c102337"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1628530970036
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: Sp9HXbzAr1nnThVwFlz.wlKmz_au7lyn
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=133502
x-cache: RefreshHit from cloudfront
cache-tag: F-52521878344,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 16628
x-amz-id-2: 9CB+6rD6dKsEsTnJ2W+CkiI48rXSL8MGxzFP8lRYWvmmZbORAd6aACXSF9SLnOEGD0P4veI50sE=
last-modified: Mon, 09 Aug 2021 17:42:51 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ebPlX%2BiRRpdX2nQM%2BfrIg4GS9WB9jj38UujYfUJf9T6ZieGYt4ScLAr5xj22o6R7sDw9VuNfYv2Ye1kDa6jKVnOrOEMZSbdIj5c8MZ5O3%2Bz4FRdlzdkAtstQPggf5zSjjJvtyBpeKkG9D7M7"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392ea43a68-FRA
x-amz-cf-id: phsro71xE1PxQIC7wC3C9IynldhDbv1kE9jhre32ERQjuaBZTvU2xg==

GET
H3 200 shutterstock_1703415496.jpg
www.uptycs.com/hubfs/ 34 KB
35 KB 1168ms
1146ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/shutterstock_1703415496.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

beef769731f181afee1e5ef1c0d1832e30c5e8d1e2864b27b0d18198442543b4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-52137571669,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: RY8MPZ7MS3AJMQWE
x-amz-server-side-encryption: AES256
edge-cache-tag: F-52137571669,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="shutterstock_1703415496.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "6d11d0acf87244f92f31a49a647d221e"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1628007686016
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 45144f4effc6db6c846de623ab8b639a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: uYIKW7UmJWJ5X6jkIZf98tk6KN95KTLl
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=250071
x-cache: RefreshHit from cloudfront
cache-tag: F-52137571669,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 34768
x-amz-id-2: ZVrn61Yy8jHWs6Jl6frATqJusAiWPITEumYlZYQI8XM3f877u3nUUD81dUDb1ZKDIHDawoTdWss=
last-modified: Tue, 03 Aug 2021 16:21:27 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hdAkhs7B9KCUKa85FJsQ5Lhq6Zy74MHyo0rZ3UKty0En2Nak0%2BznM9bKdctJpaNE5Z4ICln0QClK8TtWvS4hFGVZP%2Fk9FNvhDaSw1qF37LaXEIWM%2BIdVv2uQ%2FhJ1968IgZHrh5gMWhdxs%2Bq0"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392ea53a68-FRA
x-amz-cf-id: 1X3Zqq5N7UIiiNy1_L5XGNWeuD1s7zWDu619vLfciBr5-Dj-2U1rEg==

GET
H3 200 shutterstock_1056112217.jpg
www.uptycs.com/hubfs/ 33 KB
34 KB 1170ms
1148ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/shutterstock_1056112217.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8526d37cfba05d28de0566a2566b543788c241f791fc10bb2766e5ae15b8ec08

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-51909019440,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: CCAYGSM7HNECCBMH
x-amz-server-side-encryption: AES256
edge-cache-tag: F-51909019440,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="shutterstock_1056112217.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "ec05327014947a2278b5bae48b75b348"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1627680259690
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: Hu6rVBDLFlarX8FKBZVPJNfjZltTMkIy
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=254454
x-cache: RefreshHit from cloudfront
cache-tag: F-51909019440,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 33884
x-amz-id-2: UEaMGVJ36QJ0bUbJ8Ds0V+NTFc5OfOkbhVNfuQQ4pnNwuO9eYZEffkGJ6NX+Krj4ZfH0xxNKy3E=
last-modified: Fri, 30 Jul 2021 21:24:20 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dKLrdt5AMK6mSuLusrTGm1TdqO%2Bv9c4G02vRtoP2%2FLdEihbJPVyxhtKdo%2FsIZwBfLY6mHlOJn%2FdnyUOlYrEcPpP%2BLDvw6Q4s4ZsUYPjB4D6eBpA8IEZpICFESYV%2FkvfdVZuGAk%2FumJWs1VHO"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392ea73a68-FRA
x-amz-cf-id: eoHOfEkWN1AeKR90ifewYDTnfROlUWLmpdRNogBc5L6K9sWeg5zdnA==

GET
H3 200 shutterstock_137320796.jpg
www.uptycs.com/hubfs/ 43 KB
44 KB 1173ms
1150ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/shutterstock_137320796.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fee9b6b771116a9fb6a250561e8c91101496626b10f3495ab3988e53ce21bd33

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-51348181787,P-2617658,FLS-ALL
age: 19450
x-amz-request-id: MSSXWV96VP515YMW
x-amz-server-side-encryption: AES256
edge-cache-tag: F-51348181787,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="shutterstock_137320796.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "458db48d27b07667deac260542d4354d"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1626971962892
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: OJ00Kj70EJcI0BhrrPXw4uXjpZy_Gipq
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=262630
x-cache: RefreshHit from cloudfront
cache-tag: F-51348181787,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 44146
x-amz-id-2: jbbp8JOhm0Uz8SDq+2xudhLsUvY/6io9M63RMkvkL1dVrnNvEBb78PhkoWr9lfi+NQjFr8gFli0=
last-modified: Thu, 22 Jul 2021 16:39:23 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vrPsKTVYWgqWMfqNbkFWAZbxyZXx9vRiRC%2FldIS5JjdMYQOjfZE0Cc%2BhhuXV04cvdoOyeodyxW%2FHc2LGzEvUEvbpv%2B%2FTKTa9%2B6DtiBhez5oS7EMhzMpfu9LUvNuWBSNiKwGnphosG9ujH0Vt"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392ea93a68-FRA
x-amz-cf-id: aUugDLgzJPbiT3U_N6g_gao_ZERgrWiM7rdwVEU6v_9inY5RDVTW3g==

GET
H3 200 shutterstock_1319520962.jpg
www.uptycs.com/hubfs/ 282 KB
283 KB 1174ms
1151ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/shutterstock_1319520962.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

46189bb12e231197a9a0231f47e6fc1611a6c8eee3fcd0a4c8db3b16e66dad81

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-51343735860,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: XH51HJNXGNG5BSQ4
x-amz-server-side-encryption: AES256
edge-cache-tag: F-51343735860,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="shutterstock_1319520962.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "de4169707219a6e380d0062a9030195a"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1626969037949
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: eubhXgv9__El0q7M3tiGu5TK6UgS8OVJ
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=4995380
x-cache: RefreshHit from cloudfront
cache-tag: F-51343735860,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 288594
x-amz-id-2: R5nH+pFJ3su9rLBfL75DYamsO9Lvb0RCjvtbqf6Bn/v0runm22d/VV/wGLWhCqHVj4hsDapfwbA=
last-modified: Thu, 22 Jul 2021 15:50:39 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bdq8aAhZdl6jlKJ%2BWBYG4jpX7e40ogvvVSwx%2Fx7HXXRo9L3nvgB2O4QaEtYRpSiMjcB2Pluwdh5NLsExtGt4aTyWcWmXSvK3DotRnnJOHEtUzqaJFuXZlQ508RzCKsj%2BQdrC1VVEdjWKc9q0"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392eab3a68-FRA
x-amz-cf-id: atOeVJPEF2v-94XiuFMTAGAmnB2_CkCAnGNjJnT7o1R_16p0_sdg-w==

GET
H3 200 shutterstock_1024337071.jpg
www.uptycs.com/hubfs/ 25 KB
27 KB 1182ms
1160ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/shutterstock_1024337071.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

167cb332100bce826d24c07b0f765389660052abff884e33186af23eab202079

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-50960216717,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ203YG7E2R1V6P9
x-amz-server-side-encryption: AES256
edge-cache-tag: F-50960216717,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="shutterstock_1024337071.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "0536741ec183837e168ec09c4b433c2c"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1626449025431
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 72opil8p3.wdeFpoRhduCAIM.qx0uUGL
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=207376
x-cache: RefreshHit from cloudfront
cache-tag: F-50960216717,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 26054
x-amz-id-2: YDzB2JvcB5BhHYdn5nNo9eaCXX3KdjPqNSA5SSQjcU38LEZeY2Y20T/VYU7gaMopBf1oh8xT9g8=
last-modified: Fri, 16 Jul 2021 15:23:46 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6nrsnnp%2B%2Fnj%2FTrO373OwmfwH6o%2BYDysl1XHZFN2xMewNotSb%2BeZf15N0fk85UdIOGphmqGSmQvYks3%2F1pWmkYuy%2FuzwhcJadQuPIbqqMi%2BnTnF%2FSsDhgsrGqjClOrw3BCyApK%2BM65kBaqT0b"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392ead3a68-FRA
x-amz-cf-id: 84BrqN8vG2PrwuWiQGmch4H0ZOenpQ8EXVFSyhjOID1yO1HF-UqW0Q==

GET
H3 200 shutterstock_1922833733.jpg
www.uptycs.com/hubfs/ 45 KB
46 KB 1183ms
1161ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/shutterstock_1922833733.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fff626db979415c4ed29adbc984e1e774939f05eafbeaf0722d2bae77c5db6a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-50493041004,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: RFSR17Z0J1F0RQMR
x-amz-server-side-encryption: AES256
edge-cache-tag: F-50493041004,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="shutterstock_1922833733.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "4ef21b12b010fbb87d055ec76f867a3f"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1625844409762
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: T53OfMXibvX4zZaKpPWrcecFJyIJlWki
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=292515
x-cache: RefreshHit from cloudfront
cache-tag: F-50493041004,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 45720
x-amz-id-2: p0W1fwwbU4LBTqF4asNQqcLA2q6R9NU4d4a7zRXryQbrzYRCI9lQKkc9+yUgIPR01nqLHZt8Jrc=
last-modified: Fri, 09 Jul 2021 15:26:50 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CXIPvJ1Uf3LGcVOLY8GsxulGcFuA2FMt8j0mc4Vr0JcOUfpv4b4XkPIzJjU6AFta9KcD2zSGg%2FTqkF2MjKsSddRexsXmSYfKavBu%2Fd8Dwl%2BU57pIYZ9jKJpCb6WPNA8aMa9CRg4fPFALJhP2"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392eae3a68-FRA
x-amz-cf-id: 4_22cQ-GMJBRakFA7YsfEbLojHq5kxlfzTQ7_y-ZOP0fqsnJnV0MGg==

GET
H3 200 shutterstock_1748211680.jpg
www.uptycs.com/hubfs/ 4 KB
6 KB 1184ms
1162ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/shutterstock_1748211680.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b6986952de962c8190b4c131528bc626ac3c4b454fca260e69286147f7d1c2c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-50349525165,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ24955T8ZHNP5YH
x-amz-server-side-encryption: AES256
edge-cache-tag: F-50349525165,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="shutterstock_1748211680.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "cd4a542a94110777edf50dcaa75e1b32"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1625682803817
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 45144f4effc6db6c846de623ab8b639a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: ZEkG0sOhG8.ScUad2KnRdfCkHmgMEKq_
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=93972
x-cache: RefreshHit from cloudfront
cache-tag: F-50349525165,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 4366
x-amz-id-2: 9cP0DAKhbyesxBNiI2MrG88eyhGoVE3bqmneJ1Iyn8BVvG8YVUh/QKuEVa2kvDT49v5HNZ6LfVc=
last-modified: Wed, 07 Jul 2021 18:33:24 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xp9fczlkofihU4%2FNA724gEXO70sWAHMGf0QurM%2FX3tts9ZMkoNTP6HwuFytgF4jdF6wMkSDH1t9V8tjMnFEyicT6l3svuQCJaTvEn70rcIStvBRtuZMv6L1EhYw7Dfx2TT6R4g3ClbQTWRsq"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392eaf3a68-FRA
x-amz-cf-id: 7GnCHWFvacgRfCD1ZYXID4spM9q_ImNrWGA_Iiy82xqrLpD65wmgtg==

GET
H3 200 shutterstock_634316555.jpg
www.uptycs.com/hubfs/ 33 KB
34 KB 1184ms
1162ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/shutterstock_634316555.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fefedd78f62324de71cde893273b171a83412e653a5f7dbc1128e198c7c29e7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-49917981740,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: PG84V8NPW32ABE1R
x-amz-server-side-encryption: AES256
edge-cache-tag: F-49917981740,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="shutterstock_634316555.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "87d52318a9c6731540afcbb07f0dde5b"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1625100983382
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: fa41Q2cdW0PvQKlidaFqpiyBNpNcsKKM
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=232338
x-cache: RefreshHit from cloudfront
cache-tag: F-49917981740,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 33584
x-amz-id-2: GopbOtOOCryZ1F1oTUz8TuXL59ilm1O27q/iHIM9DnmRK3bKMMvRmf9j8YzSu616Hg4pNObA9WE=
last-modified: Thu, 01 Jul 2021 00:56:24 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fGQLtyRPy8DEEA0MXWEW0iGTmsGFcD1rbzj0tBVHkWmt4BwNX2QKsWP5LPq81oPHy9WsOnEvflrFfTkmW2AU5OwdDfpCtcX2GsE6XI6X2ouc47BdoF%2BWVFgNsP3kQxE2d0314L7OCvHDtNby"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392eb03a68-FRA
x-amz-cf-id: Uuk4hmgAdxbT-TNTT7Hd_EmHaC8GRMo3LZV_DIcGfyDtLOCE5EC9uw==

GET
H3 200 shutterstock_1722461929.png
www.uptycs.com/hubfs/ 193 KB
195 KB 1186ms
1163ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/shutterstock_1722461929.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3c6300ea64aa769c89071145843dc70ac0720161b2c17eac48471aabd0c1ac2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-49575064873,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ2AE4C4YKR19Z92
x-amz-server-side-encryption: AES256
edge-cache-tag: F-49575064873,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="shutterstock_1722461929.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "93a6354e16cda3cc3a5ae4a39b88357c"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1624646509834
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: C_yFRZH57PERTUPPUZrh5yhGqI5VdqlM
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=323327
x-cache: RefreshHit from cloudfront
cache-tag: F-49575064873,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 198106
x-amz-id-2: BeovdGY+eaUtawOxdMCmWLURPneL896sq72J5k6A7HPZlMCgqojQixkkaCRAocRoom3wgWQxtsg=
last-modified: Fri, 25 Jun 2021 18:41:50 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3gb9sk0UO0TxEZji1MBWle%2FeJa7YfoP8%2BWFUjxQLPy1rjY4ddhAR%2FUylFFV5aEnFqt%2B%2FNkyB3%2BpSlNslsh%2BJtAh40ejisupdC%2F4D7Qo1QlxPCinlmvuS3vLTQt0u9zEFIM5ffzN%2BqZ3pqde"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392eb23a68-FRA
x-amz-cf-id: bTONG3Rg44hb-HGRIYUr2TeX2G0fXWgD7fSGBggvWkUw292BZxRJvA==

GET
H3 200 shutterstock_1850285455.png
www.uptycs.com/hubfs/ 162 KB
163 KB 1193ms
1171ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/shutterstock_1850285455.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

90ab7683de64c8c0d9caab3d5b7401cfe1e7aa0b2abffc5465ee3faceeee4073

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-49344899512,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ217MZ0MZFGJNNM
x-amz-server-side-encryption: AES256
edge-cache-tag: F-49344899512,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="shutterstock_1850285455.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "4bffd6952aa8e31e2fde6bce624d6b03"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1624461051845
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: UPWpDgPjcLbUkfpp0L6o7A_MA37JcBvo
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=304332
x-cache: RefreshHit from cloudfront
cache-tag: F-49344899512,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 165458
x-amz-id-2: FIuntwDFrLwQjCx3EhiV2fjtcVkJs9KiEduY9iXD3796JzFcB8zgCYK8R6zrbdxeVyR74EErkxYn/Kv6Poo2iV+kQhhVYDIEhZ7Vuimctu8=
last-modified: Wed, 23 Jun 2021 15:10:52 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ggaurh6alhptyz9hrmdyBqu%2FEY12udT4crmm11P1Gwb4F9XwnIoxrAr6Z46f6Pm4MI0lr1g%2Fp9ErJ78t8sU9AUgGRU2riKhdwDPdkObAeD9HuECwRVFpeuHlLzR%2BtxpMBKuc2QP7ZmrvRzYc"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392eb43a68-FRA
x-amz-cf-id: xvutTl-MusQ_SMJM2Pja3_C_lLBsXY-IyuYYfwlwKepdxk-lP9v-9g==

GET
H3 200 shutterstock_1938567862.png
www.uptycs.com/hubfs/ 177 KB
179 KB 1196ms
1174ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/shutterstock_1938567862.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

27e7f50b393d38c6ee48e875b6d649bc88443f105c8cf984b7af4eaa78c8c405

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-49008598836,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: YCNWDJ0EYPDP5V12
x-amz-server-side-encryption: AES256
edge-cache-tag: F-49008598836,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="shutterstock_1938567862.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "d47ee0a8faccf3940113fc95cc20aa85"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1623961876491
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: wUquHgYf9E3S1KDfZP7Rjl0ufDtNqTSh
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=320797
x-cache: RefreshHit from cloudfront
cache-tag: F-49008598836,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 181546
x-amz-id-2: 9m27B5Y47Zjx7ycKT3IIbACk63Y/gsx1XUJ/s5eFFtOeZcDLpqH1v/jEbVOALmjqhHhozx3Rjkg=
last-modified: Thu, 17 Jun 2021 20:31:17 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G4DEMKeIeC8HV5bgezwtHRI%2FH3vDrlPxYEqYWTHXKK2%2FTauG%2Bh19oFVdD5%2BOov4L3cRdodZLTXYJy%2BdRQ%2Fqm40MC8ADnySQpnqy6a%2B65BvNfSl1WUNj9GKJ2pme%2BWSXSUk%2BJtCB3u7c6teTs"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392eb63a68-FRA
x-amz-cf-id: xPoOCHqWI5DP-x2yHPCtfQt6Uy3Z8xFoIXew4SqGRKT2o-ALtqF8dw==

GET
H3 200 shutterstock_92418187.png
www.uptycs.com/hubfs/ 344 KB
346 KB 1203ms
1180ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/shutterstock_92418187.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b7f97eca5d10cc754596c6cc6fb46b3c2a2ba7aec639988eb4c056ce8677b15

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-48824394618,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: YCNN8VTY7EQTJRTN
x-amz-server-side-encryption: AES256
edge-cache-tag: F-48824394618,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="shutterstock_92418187.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "14350d98d2f270084231e8c551feea4a"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1623716983771
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: ggMKncsJOXb4FOZ7GXSES635Ce7WNEC3
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=458707
x-cache: RefreshHit from cloudfront
cache-tag: F-48824394618,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 352636
x-amz-id-2: tFHMFt3+R45lM4m/vRqwJ93NtvTjfMe+TL6dwFbxXlI6tLGBbDNiH1g/fx5R16xU+IZzz5vFK4Q=
last-modified: Tue, 15 Jun 2021 00:29:44 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tOl%2FMeBkbLygRg%2FiflwoV9iiQ8YEJzDjiXDzcH%2BtIG0Pf1iSipnck3cQy9iSPZqsWFSn7Jr1WOLJvrb%2Fv1t15On%2F3hkvR52b1s5bQu7U6sUV4N5takv0gRpUkHNHjZqtKEhI5dsUIJbKiHEE"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392eb73a68-FRA
x-amz-cf-id: cYcMCuLyz-PREooRp9yfwkaRmiBu1E5dzlkqKt9ZPoQ4oTmz6WTD1Q==

GET
H3 200 iStock-908866958.jpg
www.uptycs.com/hubfs/images/ 128 KB
129 KB 1213ms
1191ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/images/iStock-908866958.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec0db20b624721da4885859a24bcf6f66ce06c7d6b174fa6e388e7ce7d8cf4e9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-5859179858,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: EYAF907DNYCMYDJK
edge-cache-tag: F-5859179858,P-2617658,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="iStock-908866958.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "485aad20fab83ca12f42b172d567d929"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: _g.6IL1RMTdEslWlQUdmtQBB_Sl0.f4u
x-amz-cf-pop: FRA56-P7
cf-polished: qual=85, origFmt=jpeg, origSize=308096
x-cache: RefreshHit from cloudfront
cache-tag: F-5859179858,P-2617658,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 131268
x-amz-id-2: Hz0cl229htlN7ktpImFNuxofcVSBx53+HcqFeYDPvY61bJZJ2NLN5hwuw4azNryq5q7JGvGmbSA=
last-modified: Tue, 02 Apr 2019 20:00:03 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7%2BFQBRVacwZPQDE8EGb1vnuoAyh5eifmDrtmn6hoMJ5DgiheZuZSC7Slp93JtX30ZMjEOjVlqh1nmAg0LpGWMuddsEHAR944luHLVOAyT2mfkUwCjOKoW1j%2B35z0dMKf43xMGX7Fe6w03Ue"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392eb83a68-FRA
x-amz-cf-id: eNxgHrjkLgwoWdPcKCKmyuNRSdSg5oDjc3DMy49vABg-T4C7ewOHfQ==

GET
H3 200 shutterstock_779097340.png
www.uptycs.com/hubfs/ 705 KB
707 KB 1220ms
1198ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/shutterstock_779097340.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3199e769b342b2d0961b80219c5db5891aa5cc6cf850e929a90b768d9045e93

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-46945745060,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ27Z1695RVQS5QC
x-amz-server-side-encryption: AES256
edge-cache-tag: F-46945745060,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="shutterstock_779097340.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "c8b350c6e03ad5c9f0c6f92aff807f11"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1620763018089
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: dlzOTQVVbIdIQAF_zO1E8hBGAjd98kh1
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=1261747
x-cache: RefreshHit from cloudfront
cache-tag: F-46945745060,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 722204
x-amz-id-2: pH9+yr0jyvPDqcsm43lTHxxm+hd8zowzO3adSg6fSYtCPliqtWB7AX1RkLhCsJqNENGcLHQzLHs4BpEdZbZe1g==
last-modified: Tue, 11 May 2021 19:56:59 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wM0gtMjuVQi02AapqxVDUiM9o7gdmqotfmXrTEnFSdPfw4YZKCaX0UF%2FDPLL09vtiCYIn0VbBKqpoUX08IP2dHdGrQsD9GfOnmNtUj0%2BCghfdu%2BOInuv13KfuzcgJouV4yNWKcYNqNy9S1mV"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392eb93a68-FRA
x-amz-cf-id: U8ljuvYut2kaIFdgn9gjdslGcg22MC6ddyw6Lh6GHg57JRJmj-84Nw==

GET
H3 200 shutterstock_634316555.png
www.uptycs.com/hubfs/ 589 KB
590 KB 1258ms
1235ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/shutterstock_634316555.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e996d19f55448797d3acca9478535b351b4322b49bdfce0fe52bcb4ceca5f07

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-46693126007,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ2E2F6ACBCC2J3E
x-amz-server-side-encryption: AES256
edge-cache-tag: F-46693126007,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="shutterstock_634316555.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "a742f2fe46ab6db4db583e069e632baf"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1620401743724
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: D7cFbgka0qGG3XZ8ES8C9sCYhnBTpQoB
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=1024386
x-cache: RefreshHit from cloudfront
cache-tag: F-46693126007,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 602724
x-amz-id-2: 3f8UjSql0rA321Hk3/XonBbxWtAdw+ldyKO77d1F9pg9uo1QSMp86rmkMYY9uBH5vW+Z8LA7Kik=
last-modified: Fri, 07 May 2021 15:35:44 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RI%2F44SPgVDmePCMEtMHkEKdTUwycBfB3RqLkzXGL5XzLLMUmzeKTE03vVwm0tPb9OOl0AC9UQUB%2FMbsjTtCyeXZd14knCcpHRGhYUqX5WbYBCGpz2m2F7bTzREUuEvmxAA1sxkpN%2Bi1cQXtH"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392eba3a68-FRA
x-amz-cf-id: qG9jJW3-fx4iN54cs8Q5rA0m78JC2tQdClLV4DwAOUc1mPuF624Tew==

GET
H3 200 uptycs-mitre-eval-feature-blog-1200x628.png
www.uptycs.com/hubfs/ 57 KB
59 KB 1277ms
1254ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/uptycs-mitre-eval-feature-blog-1200x628.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c0d5c750948cad9b79602caf943d8d42314b928364c05f7d339f4c8a36b1e5e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-45474234666,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: 75N4E33E0KKA9SS4
x-amz-server-side-encryption: AES256
edge-cache-tag: F-45474234666,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="uptycs-mitre-eval-feature-blog-1200x628.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "7a074e08d04a0fd1b05140d401612cf5"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1618882202285
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: TBXq_HfBvKHZJNp_FmKz3DSYlCJT0gqv
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=75648
x-cache: RefreshHit from cloudfront
cache-tag: F-45474234666,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 58742
x-amz-id-2: 3bJGfqdNq/qTlXrlduDJy+RQO8O9NsmYdwRpArepZLXdFxbafF4HI1H5CyBkm7TjIQ/+55m9buI=
last-modified: Tue, 20 Apr 2021 01:30:03 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJw2eqnmIXIqlNW9hhqI3YSS1l8IXYIrAPYoW9Gs8Lb8UnrIujFPrhtQ%2FbvAUOBQebaHiTkfGdOk949Yjm49F3vIdASOJV2z94pXKcGVLug2To8zeju0nDDI5%2BEncSppxZH%2Fidjlt5MVQBlK"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392ebc3a68-FRA
x-amz-cf-id: aR96Lm2v5gSNutSCvaCJF51wtE-TIKkaP7iU2qzEd43XQTQt5d5y8w==

GET
H3 200 Figure%2011_%20Uptycs%20detection%20for%20Gafgyt%20I_.png
www.uptycs.com/hubfs/Q1%202021-%20Blog%20Post%20Images%20-%20Mirai%20code%20re-use%20in%20Gafgyt/ 133 KB
135 KB 1279ms
1256ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Q1%202021-%20Blog%20Post%20Images%20-%20Mirai%20code%20re-use%20in%20Gafgyt/Figure%2011_%20Uptycs%20detection%20for%20Gafgyt%20I_.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

04194040d2ed41b6fa04e72d34ec30ebb4d0a175d6ab31831198d4b63fe63911

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-45095027839,FD-45095027791,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ2B66DGDST06FKA
x-amz-server-side-encryption: AES256
edge-cache-tag: F-45095027839,FD-45095027791,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Figure%2011_%20Uptycs%20detection%20for%20Gafgyt%20I_.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "979375516322f06b68cda4c6371a3708"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1618423564009
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: hHbByXDj1pFbDVZIzUdz665W8F.N9evH
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=249440
x-cache: RefreshHit from cloudfront
cache-tag: F-45095027839,FD-45095027791,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 136641
x-amz-id-2: ldbi9/zNPmleUrum+OUVFZmainY4FlWbzedMul2fXCgNMYOUubhfO+qmXu+9Sqezr+plBpJYeYA=
last-modified: Wed, 14 Apr 2021 18:06:05 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8jHVMSx%2BKa50I3Q%2Fa6XKD3lRmljFcEfZHl3GHdMaWkFOsQfrehOjnyZECKds%2BU2nbFNM4%2BOqlXR1CyLS4jIKhgs59cl79Z63%2By920tTtFSjkqSQGhqEFSu5wt1CbXoPx2dGu0hGxKwIZeXes"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392ebd3a68-FRA
x-amz-cf-id: 7bIlz23GRzUWj6ZiFdpUYEJuupyZX-evvjv3Kf6UHYv2pyvJz9ItZg==

GET
H3 200 IcedID%20-%20Image%209.png
www.uptycs.com/hubfs/Blog%20post%20-%20Q1%202021-%20IcedID/ 15 KB
16 KB 1288ms
1265ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Blog%20post%20-%20Q1%202021-%20IcedID/IcedID%20-%20Image%209.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cd6a63c2c250cf3c06089db933a644a99afab58922b4d75d572c720d1f00748

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-44545646485,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: YCNSPA48EZ2A0HDH
x-amz-server-side-encryption: AES256
edge-cache-tag: F-44545646485,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="IcedID%20-%20Image%209.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "5932ac6858fade5c5c8e3458dbea8f31"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1617730400332
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 1vh5.WRBs.x2ctkiZbhBw2bw32mcTiB_
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=22362
x-cache: RefreshHit from cloudfront
cache-tag: F-44545646485,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 15354
x-amz-id-2: j833EI8HDAMkl0fziuU/8l9BkzfZksUK6E5qEl5zIrHFil1iNAjTwLUBxcmmhwaRjPk3JrBLcqE=
last-modified: Tue, 06 Apr 2021 17:34:27 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=opxXDYVRk8An6OQeSp8mM97yWaYVSVWt5nHxjC2taAKn4Ie1oXMPOUsA8k5N4R%2Bm74Vev8OY1adMMHKT6HnsYNuByVGbk98iSEFmQt4aCkASqdT7VkOIv89wl2vAJLujOxcNpMlnJ1U0PotL"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392ebe3a68-FRA
x-amz-cf-id: I8qkTH1C4saywvFy3ti1uatPAuWBL9o7z-UO7r0Lijko-pLXhWoYzg==

GET
H3 200 aws-access-key.png
www.uptycs.com/hubfs/ 51 KB
53 KB 1288ms
1266ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/aws-access-key.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

df1b8bb1d8e1634b1313cf0de0c5180a1d7887d5a5c23ec8f02ca8dae273a878

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-44249777922,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ20XW23YGGDVEHQ
x-amz-server-side-encryption: AES256
edge-cache-tag: F-44249777922,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="aws-access-key.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "362ceaf01ac3995786868ccedad45f90"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1617233471051
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: QPGxq8EkAP3OXVgCsoJdbdVp70E6mzBl
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=114603
x-cache: RefreshHit from cloudfront
cache-tag: F-44249777922,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 52652
x-amz-id-2: doZElmzjm4kIXb4zPg7ZrIRp5iuFqjSW1Xl853uBNKk9rycXYpd6OsRGHIPli5zV5EnzMOzJ34Y=
last-modified: Wed, 31 Mar 2021 23:31:12 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HSeNeObqhYuCrwMURcIs8OzxFi8MCG0P7JLf3TWJsfm%2BatPFl08lrrDgxWz90J8SP%2F9ThUqLMfFHEEmJr%2FzACfpvYcPNo1EOJXr0ampEeng%2BBE7COB2Tw8s24lcjME24z2cQOYsG1Q8hEBxL"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392ebf3a68-FRA
x-amz-cf-id: Uvx8uFNy6Q5lpfRBqpaIZ-fl-TFCa7RxysoMSZ290w-8rT_-6KiKvA==

GET
H3 200 CSPM%20Core%20Capabilities%20Diagram.png
www.uptycs.com/hubfs/ 26 KB
28 KB 1291ms
1269ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/CSPM%20Core%20Capabilities%20Diagram.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d5c54489238cdd20a08b4787a6c22c8c13fdc223d735d552de5793c7d562362

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-43273766763,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: YCNQM7TW6Z73HBPW
x-amz-server-side-encryption: AES256
edge-cache-tag: F-43273766763,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="CSPM%20Core%20Capabilities%20Diagram.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "c80e17c71247b551941491e6250737d2"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1615988056519
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: zZ9DM51OMcTbvbUczQDv7jYnWjYCYFo3
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=55076
x-cache: RefreshHit from cloudfront
cache-tag: F-43273766763,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 26886
x-amz-id-2: M72U0KwrxllvL4xlSfVMDO6lzU1xa6tiVyfh+f1m7lWkElH9OM/vt5Cj6NJ4tj9ysyXVa+VWLNA=
last-modified: Wed, 17 Mar 2021 13:40:44 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cjgy29zbiH%2FFDIw3P7dbck1UmbZ3JoOF%2B9riBthGIzV8uDkliTGh7c7noM0ijT3h%2BJOXHjd0pJGzhzWvmPmdAGOdUIkARi%2BKQsTQp8RXZiBYj8n%2B7rjxdtattMmR6Le%2F4ObG1NfCp9jJJTyb"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392ec03a68-FRA
x-amz-cf-id: WB6GxuLYq2uvrk84PxfycmUhKtvTpgZ1djxPpHzocEWCzRmGEQQ3gQ==

GET
H3 200 cwpp-featured-1280x720.jpg
www.uptycs.com/hubfs/ 53 KB
55 KB 1292ms
1270ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/cwpp-featured-1280x720.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f805cedb8940202c801773f94654bfc94cb04e9b541d4df9f93f42c175376ef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-42313929018,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ21EDEJWXZ0CD85
x-amz-server-side-encryption: AES256
edge-cache-tag: F-42313929018,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="cwpp-featured-1280x720.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "a6ba1fc715c57089c29a53c1ea314719"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1614688586382
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: k994UhmdXiK6VPv9H8eOXyQlKWJ4_Egv
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=99977
x-cache: RefreshHit from cloudfront
cache-tag: F-42313929018,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 54618
x-amz-id-2: 5GVtQFMm3fXH0DZWJ5kN7uGV2GjemcxlC6dIGgyXgq+HB+8f59Qrg1ukhQtx2IaIMJ11LqUG3bE=
last-modified: Tue, 02 Mar 2021 12:36:27 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2FJ7wMQoSOjJHIKX9gJrphJ6e5xrYNkuUVWONw5IijKwHQohpon1CE46VEjWNZJZABrrbhm5f4DZk%2F4XnrUoq8OJAC1FysKB9S37bD8dl1U8dfcwKhANJ0tPXHwBv8dsVUOQ4CIo44XLVYoM"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392ec13a68-FRA
x-amz-cf-id: kBkgN-W0nQ5Aa1a2B3rVtzGDPqzi-7rN-7-mAM47JzW61rOwvIpTbg==

GET
H3 200 fargate-asset-1280x720-featured.jpg
www.uptycs.com/hubfs/ 58 KB
60 KB 1295ms
1273ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/fargate-asset-1280x720-featured.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbd32f807292140733f453c8f417b434edb02accf7398493821f03fdad1bb4a6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-42548288428,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ29BZX01Q67Y1H7
x-amz-server-side-encryption: AES256
edge-cache-tag: F-42548288428,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="fargate-asset-1280x720-featured.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "2283e78d9c04c54b2b2e92b33141af5b"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1614975689872
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: A6QA8ldPFDqUl6TtpgveQgQK22hvWNBa
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=125264
x-cache: RefreshHit from cloudfront
cache-tag: F-42548288428,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 59592
x-amz-id-2: itElMrVEYVKfz8UfQ4MefNjAufMRbvewgxOE1Qs0NBsrJGBjtAzVTicVq4ENyYodtUI+A5e4qIc=
last-modified: Fri, 05 Mar 2021 20:21:30 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mVMAlNhjVilUL0dyhOkKFnmhki1e23iBIL5x6v3N6FlwfVRqm3hjwQ1pcSqIyCitHgHg3Ex1%2BxpJrH1qz2NZQiqBsJTcZN2nl9RErfTvmNqYKx%2B7gC%2B%2BPpyVkul1YTkwRP8BzN1is%2BrFf2%2B7"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392ec33a68-FRA
x-amz-cf-id: y_8VuOTcnJdqOJ42SdiCPnE1ATqedKTlYPoEpxAqqAJ2VJoNbl7E9w==

GET
H3 200 1-list_of_signals-1280x720-featured.png
www.uptycs.com/hubfs/ 14 KB
15 KB 1358ms
1336ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/1-list_of_signals-1280x720-featured.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbfc0950b48287841b007a69a8484bd2c02221e9a70da3fc7b278be590835b79

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-41982731611,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ29655X02BZM9JB
x-amz-server-side-encryption: AES256
edge-cache-tag: F-41982731611,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="1-list_of_signals-1280x720-featured.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "2c6ee3ea1390db37677166cf8594fe10"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1614268355093
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: gIdMuoubY8WTN1XgRAtjd3OE7p2POYwa
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=19990
x-cache: RefreshHit from cloudfront
cache-tag: F-41982731611,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 14052
x-amz-id-2: IybvB9wwRkLB6+n3tMJ4pkY1eJYzQmdJ6R3C+yQ6NICk4+AXbdyWRUYwTypwGoWw6B5a/krDUs8=
last-modified: Thu, 25 Feb 2021 15:52:36 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uyMpnox9hzkbS2mWkNw%2FcATVYQsqVQ3pGCQe6LyRdVVY1m3CruMoOqbT6QpsvofYNUQoTBxBA4hvV%2FCGTQ36uYa4zfuC7EZDwo6VQmaqSbKGjvVvHapXdo82S5kj2drEKI6BAqhZZCth%2BFrc"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392ec43a68-FRA
x-amz-cf-id: ngvzDvTPBcae-CchIvLO3cBkYkurd_OhmIl5YwUc1HWe1MwT0OJW1Q==

GET
H3 200 1-silver-sparrow-1280x720-featured.png
www.uptycs.com/hubfs/ 32 KB
33 KB 1841ms
1819ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/1-silver-sparrow-1280x720-featured.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e71db21912b421c89aef558da5b3ac3075a04a1cbc38db955a30d36da9c1a5d3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-41933844372,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ20CPRWSKQG8VYB
x-amz-server-side-encryption: AES256
edge-cache-tag: F-41933844372,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="1-silver-sparrow-1280x720-featured.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "cd7e641c5a1b4cdf192dd5e27fe13490"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1614199151635
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: f6E6IrQoE2guLAx4s0tCCb5oLkgASeid
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=40063
x-cache: RefreshHit from cloudfront
cache-tag: F-41933844372,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 32608
x-amz-id-2: 1k0bqly4CW8DUszEqiPqQT/QUOZ8/e/cxeL+CFhrH8amHSkdmQxhfoJCpjUr7p7e61W2Pzzw4Uk=
last-modified: Wed, 24 Feb 2021 20:39:12 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jIOkSctPSZMG9tZxjUSW3cawxiSymTrRf8PHcsuILammpQwjV2L%2FfkDI7PPFYOEQd8Fxv6v2fbSrZiEcNOBsWSsRyEmz2tl5C3dKxl6DBV8TtBOrHJjNpW9TP5GpbJMUanbLEq9XSnNL2rky"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392ec53a68-FRA
x-amz-cf-id: gDxWa_2dXhkJy2iN49W7n1WjMEPzy-LWTHkpD-K9CCZWqbuS2wGeZQ==

GET
H3 200 malicious-documents-featured-1280x720-2.png
www.uptycs.com/hubfs/ 31 KB
33 KB 1845ms
1823ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/malicious-documents-featured-1280x720-2.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

64c7b5f36d8cf4e279f699961f7c5622502d1dc33bc5d4590d7be4675a5f7beb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-41473405360,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ2CGDR0EX5H7KVH
x-amz-server-side-encryption: AES256
edge-cache-tag: F-41473405360,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="malicious-documents-featured-1280x720-2.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "9b955eaaf908cccba721773df395a1a8"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1613049048150
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: mA_JvmiTsmji29OAeHUSpekiiFGk7tGJ
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=38964
x-cache: RefreshHit from cloudfront
cache-tag: F-41473405360,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 32230
x-amz-id-2: dQK0YHrKvZFpa+XFknGZT7odKGX9qzz7OcP8yYcAZ8GmCsFUWbdzMrEwTsK8rvEF0OnZqNh+fQQ=
last-modified: Thu, 11 Feb 2021 13:10:49 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F89zZJNG6eL914uc%2BtbniGeVQwO91nb45r1ihBA5xyEhn5Ib0WaIonZAC%2FwcLM1raRGFZQnBwzVmOS%2FnztVZRy%2BwQ%2FZsQxA4qxkgKiFKSf5Z3uGjHPdhrNJ33isIdm0Vldy4Jcp8jZhspAu5"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b392ec63a68-FRA
x-amz-cf-id: j13v0MGEt5F2ln-Di320-OykogEYBep4s1YD2MwNFMqaagNBDOgPpQ==

GET
H3 200 container-1280x720.jpg
www.uptycs.com/hubfs/ 128 KB
129 KB 1846ms
1824ms Image
image/jpeg 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/container-1280x720.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c1c33bcbcee66801e1a9e7ea42be36ed745cdb76de4a372f0a4941dc3aaec1f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-41269864206,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ210JKAG9JFR05G
x-amz-server-side-encryption: AES256
edge-cache-tag: F-41269864206,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "2e7e3542eedf611dbcfd6ae07525d40e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1612467836622
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 56317bf75183e752b06c880e8a1e502a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: wM658Djs4bTTVphzcho4rSA3ASY_nidd
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origSize=131680, status=webp_bigger
x-cache: RefreshHit from cloudfront
cache-tag: F-41269864206,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 130683
x-amz-id-2: VzaEq2Xrkbvx3EY/ht6dsFrAGx9LpDZUzi9MG5u4UkLwzMTXW2R1PSjyVYoDEjuwgOFi/HfeUFI=
last-modified: Thu, 04 Feb 2021 19:43:57 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QN1zGxjZmzUqHWjKVNN2puAYv902CE2gLuFsiLvmz8j0%2BpewSQ0WkUYBDL71hSYdGlh5NA99VD95a%2B88zTcuT3nvJb24UxjMZmsiGhXRoTbKs66coUKVpXrua4k%2FGbz%2B2O7QPKOQqTweNM5u"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394ec83a68-FRA
x-amz-cf-id: jkwtAOCIBP6V-8adT5f69sb9s7tJtj-B5dEUSKOa5CsttlcTBEk43A==

GET
H3 200 cloudquery-1280x720.png
www.uptycs.com/hubfs/ 23 KB
24 KB 1851ms
1829ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/cloudquery-1280x720.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cde938d89353e3bfa6a34b7c9221284a27ddb100c43ae2b3c999db478977170d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-41186779051,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ2922G8Q15YHSZC
x-amz-server-side-encryption: AES256
edge-cache-tag: F-41186779051,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="cloudquery-1280x720.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "8e08133f4bd0a473cab6b801560e6ad1"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1612268396487
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 45144f4effc6db6c846de623ab8b639a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: fypgg5PLJ8zEZAJaVh05ccJ5gbkUzo9Z
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=28606
x-cache: RefreshHit from cloudfront
cache-tag: F-41186779051,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 23298
x-amz-id-2: pEVIH4+ILHwK1hYYyVW5F513Vi202t7dat41a52j8ii64h73rRSYdMolNkafSUWSe++PPWih7vLPNl4htFa1pg==
last-modified: Tue, 02 Feb 2021 12:19:57 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EjFiTIKW1YtS8R6TavB5LoQyf0NQE4J%2F01SvIOuU36FHvzxlYcnWI9jt3c1Bib8iaqqYmz6%2F%2BA278AlZCkp4w1Y7drAj3S6%2FmV5dacqLqod9uEXczQnUZpV71Ocu%2BXfl5VSrKT0ZsQxCnRic"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394ec93a68-FRA
x-amz-cf-id: P_XXyY_qGeYgE2sE9L-uE9vCV9gV1JXmOVCkzd1HW9Rh8c-gosqgpw==

GET
H3 200 sudo-figure-1_featured-1280x720.png
www.uptycs.com/hubfs/ 86 KB
87 KB 1295ms
1273ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/sudo-figure-1_featured-1280x720.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

19833b1ff976ca0f82ab04432b3de3e6a4c005b3b8bb2eadc1cfbdfbe93b7ccb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-41104037246,P-2617658,FLS-ALL
age: 19450
x-amz-request-id: DQ26M5P3NHPG180B
x-amz-server-side-encryption: AES256
edge-cache-tag: F-41104037246,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="sudo-figure-1_featured-1280x720.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "2645763026f0e13498244af7dac36198"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1611944433567
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: cQT1Ev3OSdedQCLr7Uflolwhuum3iLGB
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=100725
x-cache: RefreshHit from cloudfront
cache-tag: F-41104037246,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 87850
x-amz-id-2: qWYV80VBIRRWMVw25pjfrF5tp/hDQxsOBgq1c1SUO3xNXNbQtva7umvksUD8nuQ68N7KlGKu/gA=
last-modified: Fri, 29 Jan 2021 18:20:34 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dRpa%2FYVaQvfXdWmabno6QaB14Iy6S1TRQK5oJ74snRHBae5LxUWWp8gt7kERAqdH2DQC1XpBOjkXddMDLFSf1Z1GVr6ZuZyObNR4vY9oJsmYfAnV7gbrEYCdFgq1XLAmjGIHpQj4WiJzlSiV"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394eca3a68-FRA
x-amz-cf-id: MTyFsXCCofYDVnTcQSSBlgMPgHgzT0-ozgY3fLQ9C8g_GTKNLe2UgQ==

GET
H3 200 kubequery-and-osquery-deployment-1280x720.png
www.uptycs.com/hubfs/ 28 KB
29 KB 1359ms
1338ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/kubequery-and-osquery-deployment-1280x720.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cfcc6a0aba191141c3d8c42d370ede361f4acdc730013c1b299841d80e734bb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-41074749459,P-2617658,FLS-ALL
age: 19450
x-amz-request-id: DQ20TH46Z3GBPYRH
x-amz-server-side-encryption: AES256
edge-cache-tag: F-41074749459,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="kubequery-and-osquery-deployment-1280x720.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "aca594cea7aef4bd128557e6e917a2e9"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1611866288663
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: M_mRd_IS8o8Dp3ORQSa.O0F9ES7.3OLa
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=37167
x-cache: RefreshHit from cloudfront
cache-tag: F-41074749459,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 28802
x-amz-id-2: E8efKAssM+I/wR+Ja8R5qR/DZdTbANfs7Fz1dGIW6j8rl/R0deap+3trpLF+lIgfz9RzD7pvkAw=
last-modified: Thu, 28 Jan 2021 20:38:09 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7HSU%2BQrk%2FuHSmmvHetLaJnqNekNj6ix%2F7Bv4qjlFH6qxM800VQvKqFah4vEx38yQ7U4UDTgsretVMMpgzQ2gB2yZyrDoelMltWIMjP%2FQvVj4eKZ6AeSHoip9F07nn1sdwcNyc9AenKRQfpNj"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394ecb3a68-FRA
x-amz-cf-id: Zl7CfpNC9gHNeP0w9DYYbE65RVbRS5O_6-CJTPRTlDLFdu5jrXYPpQ==

GET
H3 200 Figure-3_lateral_movement_featured.png
www.uptycs.com/hubfs/ 23 KB
25 KB 1631ms
1609ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Figure-3_lateral_movement_featured.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c8cc90960480d2f19365d2a121a93c02f0cc0cc3002ead55e9babf83b44ce03

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-41031060815,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ20M6M0SPMJE6R8
x-amz-server-side-encryption: AES256
edge-cache-tag: F-41031060815,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Figure-3_lateral_movement_featured.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "67af1d67d56a1023d797ce2f414c5451"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1611761438625
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 1o95XlcsPyofsOkT.Kuadd.p9Fdr.Ba2
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=30359
x-cache: RefreshHit from cloudfront
cache-tag: F-41031060815,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 24052
x-amz-id-2: 5WQ5cwfEHLMoH+SVNe6MJ4i4nThqv/oNn6tue9R3hOIAt2fxgRX6fiTM9m3D5VQI+oUO2mjcXZU=
last-modified: Wed, 27 Jan 2021 15:30:39 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5yF7z7sKexuibdgs4ciJh%2ByQj%2B9D9MjsVBNF0esB%2BN%2B9k4JTkqYSDlgM58VJ1LlJhHRDC1PfArpRpwUptBoc2rRRcKF95O5xgTm%2FAA%2ByLEnIq88neu0Z7EGzzPO6v8r5xdFPdaHb%2BRSwlFfS"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394ecc3a68-FRA
x-amz-cf-id: tEatsH9O0sfZz7CzqKr35Xi2PhnhXo3d_BXANKUGOjClIpXj4csyhQ==

GET
H3 200 open-road-crop.jpg
www.uptycs.com/hubfs/ 125 KB
126 KB 1633ms
1611ms Image
image/jpeg 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/open-road-crop.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bea1e25ccce900b3717bc6148ea52e6e873a7e18e5bb838bdb9e717a75e2cc9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-40866529524,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ2CCR90YW4ZPWA8
x-amz-server-side-encryption: AES256
edge-cache-tag: F-40866529524,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "87c6f253f2b3471ed7cbdcc2d210418f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1611232178880
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: sSwCPBu8uuGO.DKy6KgYlxQRlwMxh_H7
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origSize=131926, status=webp_bigger
x-cache: RefreshHit from cloudfront
cache-tag: F-40866529524,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 128236
x-amz-id-2: qkuvyIE2lJv1Ev6UF6Jo9RQFzKwK2vccb0Nn5JJJrAdx1SZoxCjT3YNGHY/FOVFF+/X8UljhILw=
last-modified: Thu, 21 Jan 2021 12:29:39 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z9bvNS9ZmSzwXWyAiqGk%2FfvIyV3PaI5ixM4Ga1mY9u0CTa6b2KID9z1GyYjllEAKOvq0tjE7Xd%2BYPd5mRAA627Khv9jCZQ3z6L6Y8zg1my7FIuGOEwa6pgUzfxuKjTPEq0pwJhp7iV4%2F7Tjg"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394ecd3a68-FRA
x-amz-cf-id: 6tj5uVUwBnaCBSZ98iwdJhK9dCWzqVpCXte6KH0TZez19vuMSEBiUw==

GET
H3 200 74_IMDSv2-event-rule-featured.png
www.uptycs.com/hubfs/ 26 KB
28 KB 1642ms
1620ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/74_IMDSv2-event-rule-featured.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a8e0e178f570b9494b98e8ad6a76ab3c74ca5393e0f968fa26b00bd43c30536

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-40736355462,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ27BBPK93RR4CFG
x-amz-server-side-encryption: AES256
edge-cache-tag: F-40736355462,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="74_IMDSv2-event-rule-featured.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "127da5282d16979229286699c0804dc0"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1610747716556
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: FLDTUG0giEU.rK42__eWCoKwQwb.a7IX
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=55034
x-cache: RefreshHit from cloudfront
cache-tag: F-40736355462,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 26996
x-amz-id-2: 9hhbnfxmJ2Cgx/Btohw5WYfuejw4FhidBnIHsaIeERJlVE3PfgBXH57/eBvaH8mumP4BbYIJS6I=
last-modified: Fri, 15 Jan 2021 21:55:17 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d7FaH4U5h7zyZoOzOZVAPjVHaWwBGJ0o06VBdUwV0JsffjfTQROurGdpgXKtXwLIETmTaovJkKCOSadqFEaJigjUjbQqSvy6aO6JzDJvM3nhPST1WghZ01aaWgSagyyw6jK3J3otDDJ0n1t9"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394ece3a68-FRA
x-amz-cf-id: mdAvaMbqE5xYljx_32Y2X8_VZI0D8ylyuDnRjtEnADUQ6Z8fLmU2gw==

GET
H3 200 image-2-73_cloud-compliance-overview-crop.png
www.uptycs.com/hubfs/ 28 KB
30 KB 1430ms
1409ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/image-2-73_cloud-compliance-overview-crop.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

05011eb8794ce11a911b68020efb0c16dadf03256b9d71869d518c1ab7d29436

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-40601096674,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ278MSAJXXVJ7J4
x-amz-server-side-encryption: AES256
edge-cache-tag: F-40601096674,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="image-2-73_cloud-compliance-overview-crop.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "78ed728862063187134dc19cffd77ca5"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1610396179854
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: Ae94K4vugPQwxaGtAvMF8Ydzp31VMD.C
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=35441
x-cache: RefreshHit from cloudfront
cache-tag: F-40601096674,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 29144
x-amz-id-2: k9/TT99xAs7Z1wVPZXoMEOWIbM2Fc6SpQZlx/klhm48/7DqWLtb/5NT8NBl8j0OmDt4kumA3H94=
last-modified: Mon, 11 Jan 2021 20:16:20 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P7IxbDN4nGWd%2BGKOfUMr7p%2B%2BGeGnp1PXVTYObFBfYVb9Z5722dlkH3RDM%2F%2FxnyEJtoOeVaGEBYvy7zfj2DzDGcPG5%2FampX0MsJ5QmbIaDbFVUus6xx%2BwO1eDP3UgWjgvOutOli%2FVDBY%2BGrrb"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394ecf3a68-FRA
x-amz-cf-id: YdXJ7AEAt7bHh35hU6i8GLjqoENzdVERTX2HaVEvKpeIApMtCDzKSg==

GET
H3 200 Figure-2-1280x720.jpg
www.uptycs.com/hubfs/ 30 KB
31 KB 1858ms
1837ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Figure-2-1280x720.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

be6a0480cfbdbf9b0fa8ec29edc283bec6d920b2d09081b19438f15d0c944962

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-40641129078,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ2AQKMGB6KXXS5N
x-amz-server-side-encryption: AES256
edge-cache-tag: F-40641129078,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Figure-2-1280x720.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "81b9c07e107ed46604e4ce33814c47b6"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1610470715410
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: vK1p0UCbNcaKktsPdKiXAJtWn31DOFkd
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=51978
x-cache: RefreshHit from cloudfront
cache-tag: F-40641129078,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 30316
x-amz-id-2: ASq8TYXcLRhvsAJvO/+AdlKBqheTqZpuvs8Z34XxeA8IXHxXbayEOOO5PfmeRaIt8c5Vv4Y0w2o=
last-modified: Tue, 12 Jan 2021 16:58:36 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ot3w1w7X6ikUOO7ypwnihZQwmnQ%2FiFgLfQ%2Bgcsjmoiii7VoI0NggRx8AcD6c3E4HwhU%2BFzZ5uI1lin7BHFj50kEPEdI%2BWHxuhRE1zmOQRm1Q9PzfVcNN2xu%2Bf7pZTopl9t5i5PWdgHwBaWEr"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394ed03a68-FRA
x-amz-cf-id: gC7l3WBzro1-wmWrijwWZRaKc5PwiC7g-zks7MyDALvk4wkQl-B0fg==

GET
H3 200 figure16.png
www.uptycs.com/hubfs/ 83 KB
84 KB 1603ms
1581ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/figure16.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

af9ef0792004f7b6880fade9bb4fdca820947123ccee13488b44b3782660e8a7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-39309786970,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ2BPW9F4J097728
x-amz-server-side-encryption: AES256
edge-cache-tag: F-39309786970,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="figure16.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "5451d1a7ef97668c5ddcf7ba0b2d742d"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1609252167198
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: .J5MfrHjwo1E1fc6hg2yIugWSBBvrebk
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=140025
x-cache: RefreshHit from cloudfront
cache-tag: F-39309786970,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 84870
x-amz-id-2: EsyFZj68MvHk1Uq3FC/+XZG7jYhuSgOtI6ZFyyWaFgDcGMY0+tfeLkYZA13rvkPaQHInNRYFar4=
last-modified: Tue, 29 Dec 2020 14:29:28 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRWJqlIPpkFOxlqto5Ecai9e6kDXKgN9j32cYVirUSZ%2FwOlBrUk3S%2BRgEexRw32AqETP7rAsYdHsUgjol%2FIhPc9gl7OEKOsIkVE6bMgXgn%2FKoxd%2FCNfjif3Gpik2C1Aehzzf%2FXpguzGp%2FzlV"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394ed23a68-FRA
x-amz-cf-id: HSJ8itq86KXvdhjhVwH7wrmqRSezP-d9SDtN39W2ZGnR2rWXvHr_nQ==

GET
H3 200 solarwinds-supply-chain-attack.jpg
www.uptycs.com/hubfs/ 102 KB
104 KB 1432ms
1410ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/solarwinds-supply-chain-attack.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff83d2d031c4a5286d3bf27c673cf534bad0171e59b9236b4e079ac62826f6e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-38906589773,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ24Z717WEM3GWKC
x-amz-server-side-encryption: AES256
edge-cache-tag: F-38906589773,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="solarwinds-supply-chain-attack.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "60f736298bfd21879d478dd84f3580c4"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1608211295762
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 08dCJol_L8lA.HD4arlBPYDCxL05hxWc
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=131550
x-cache: RefreshHit from cloudfront
cache-tag: F-38906589773,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 104642
x-amz-id-2: lTE799LgMSOtkXy5AmuwWm1g5hmcd4fufsLLpG3AyII5zCB5ibPHczrc21HIClZmj0i5++0OoAM=
last-modified: Thu, 17 Dec 2020 13:21:36 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qTpMo2puDWD8HN317bE9%2FEofEFlavCb1%2BcPMo48UqabDkURhAfIflZWWNFdt%2BtJcP7wOL%2FA0RQGIU%2BYAf31UWqYPj8xs9BPaHZtOTFqXqMyaXFXdY8vPaYBTp%2FPWilmNzdxnj0FH%2FW8keZx0"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394ed33a68-FRA
x-amz-cf-id: 7nBmM4skn2pxFLZ2upRC3VCq5sY3jbL9-AalYM6RmLm_n1YMTVOh6g==

GET
H3 200 osquery-pillar-page-image1-1280x720.jpg
www.uptycs.com/hubfs/ 90 KB
91 KB 1435ms
1413ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/osquery-pillar-page-image1-1280x720.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

173170988a4d8e3db2ebced2582ee1509f6095501c248945e2ec03fb0e1ff849

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-37909158192,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: J4ZWH2F5BP21KYD7
x-amz-server-side-encryption: AES256
edge-cache-tag: F-37909158192,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="osquery-pillar-page-image1-1280x720.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "1ea845e02305a64873bcc65f8d574800"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1606142679438
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: njpWQmFRHt4GaFl1EY7qg025EsYQI7Bu
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=111757
x-cache: RefreshHit from cloudfront
cache-tag: F-37909158192,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 92250
x-amz-id-2: 2OYPW7GdeFyJwuiiypOUH+EQ+QFzD/ypfqM/W5l0hYSvyX4p0RQ8s8ZW85fw+u/Wa3zJNq+T350=
last-modified: Mon, 23 Nov 2020 14:44:40 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pb9Xocze%2FcW6HOGC%2BOO%2Blt%2FocXxJsSNAcu1Uas%2F4zTzCRgXSSxt2fMkEDMTMZ1XuDuhz2cbUPLksYEwE%2BLCD6Af6CZkBMQwE%2BiV4ZrIQiyuwuR8qVUIypptPZc1e4e0XdlQ6deQ1sQT0L8oq"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394ed63a68-FRA
x-amz-cf-id: MzDEaYS4sgLtjEHQm3RZliZKNofNSQktJXQJbIM8hlh7KZYVwLgbWQ==

GET
H3 200 cameras-on-pole-crop.jpg
www.uptycs.com/hubfs/ 25 KB
27 KB 1438ms
1417ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/cameras-on-pole-crop.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c86b75c3a9224cf5a03f74a7222293ffb9c84f83213411148d5f93465c303d0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-38216155232,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ23N28EDC6N6VAJ
x-amz-server-side-encryption: AES256
edge-cache-tag: F-38216155232,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="cameras-on-pole-crop.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "1cfbef0faa9c1722c1e5d47b36427d74"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1606832527165
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 45144f4effc6db6c846de623ab8b639a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: Rn4XuAMFLICCNQf.ZltMUB462GMpWH.u
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=87833
x-cache: RefreshHit from cloudfront
cache-tag: F-38216155232,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 26050
x-amz-id-2: I+90gBubp5c1TX0nlOyQq0/pgtF1s2FxOFcr2h+bftLFAG6PLIpRp6PoV62yq4Rlg5Be9rEj7Qc=
last-modified: Tue, 01 Dec 2020 14:22:08 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yZLEPCEtXE3u8mcxSyBr94hk21VcvFM5L59nlxq%2FWnF%2FWzvCIkSXVg1ew71n2sK0NbGLl%2FKScr4a344iX8V035tRN6gRS3DCrZA4Kd1NSYnTiPNkzlRD77DIGB5Q3odkQTsbPbdfzIx1L1K5"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394ed53a68-FRA
x-amz-cf-id: _-7qNIXRtckDoMmBlTAruz-92MBW6A4d2kdz2NjoPsthFQi-N5U2zw==

GET
H3 200 Figure-13-Uptycs-Detection.png
www.uptycs.com/hubfs/ 63 KB
65 KB 1440ms
1418ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Figure-13-Uptycs-Detection.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec034c981ffaa07c496671745972b1c2b0156a2a81e9603a7bd906c3dc36c3db

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-37968894582,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ22BR1XNX9CPBN4
x-amz-server-side-encryption: AES256
edge-cache-tag: F-37968894582,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Figure-13-Uptycs-Detection.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "9d19b6a0e0a5e99d5a25881f9c187887"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1606239897053
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: wNNKIU3OAyf0jTFaK00HEAklYSQHxmHK
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=109864
x-cache: RefreshHit from cloudfront
cache-tag: F-37968894582,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 64910
x-amz-id-2: nYM+nbRjxQ6+fkLd/8kJJG6ElWco+0M+U/nwCnoVIqJSlDs9/dwFFP+LnxW/8nUuXHljP0r4bOKhbDrk56ZV7IsqlH+kP+zL
last-modified: Tue, 24 Nov 2020 17:44:58 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bd28TvzbqAkUfhUwwrKiEI2v4HkX6xrljkBN9jBvpXskUrilm1Fqb95T%2BV3A0%2BcSAelGBL1s5NPIbfUc9q2nWYItWzx3Rwx5hXRvV9Epe422Mgamf%2F9wp%2BlKCousHIjENlkuCFdkE1kg80eS"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394ed93a68-FRA
x-amz-cf-id: E-YiwBaRX3Ru2tnR9kV447PCxbWDD8tSosBupcxSMpR0aA6lDe2BLQ==

GET
H3 200 process-graph-1280x720-featured.png
www.uptycs.com/hubfs/ 46 KB
47 KB 1441ms
1420ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/process-graph-1280x720-featured.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

39049429cf97402a28f5ba8690850a3bf748e68181ac7822c59b37543fe9b29a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-37666647634,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ2CQZ0JF7TM6VDP
x-amz-server-side-encryption: AES256
edge-cache-tag: F-37666647634,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="process-graph-1280x720-featured.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "594efea52115a6aacf306ec19ad2712f"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1605613491277
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 7PL917QU6GVyAgnIzc.ucKQDEJEAtjcz
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=57575
x-cache: RefreshHit from cloudfront
cache-tag: F-37666647634,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 47258
x-amz-id-2: p7QPUZtKkoY/SJs4q6iH6XqUgOLIj9t4auYs98QZD2PwmUtaiVz1BE/9JfUr+bw2xXsWnQS12h2EY/ZU3/U4KlzR2VeP3vka0pyLpP593w8=
last-modified: Tue, 17 Nov 2020 11:44:52 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H01MeoaNBN0uazBYJEDI3axl%2Bfu1Qyvs8KxP%2Fq7XHKJW3oRpJig30%2FZjQNitP5JaBGUFm2k5m2TmwM4W8FoaGIZRXWhfQc%2FIfwnMYugn%2FvFv3YJf8uBvN%2BjN8TqPufXcxCWHvbfCVYucvm%2B5"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394ed73a68-FRA
x-amz-cf-id: K5BpKXqTekcM7vSCP7OVYBJRfHlhkSNC8XOEuy5p9-G-8sTONbD0vQ==

GET
H3 200 uptycs-process-graph.png
www.uptycs.com/hubfs/ 188 KB
190 KB 1446ms
1424ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/uptycs-process-graph.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a335b144d00c328cbbc9dd396a2e2f3b9b48bd280da59649c0a842aa595f28c8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-37314693778,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ2AEKY7TCRDFHSN
x-amz-server-side-encryption: AES256
edge-cache-tag: F-37314693778,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="uptycs-process-graph.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "0687d1d04c5334869b32fc00de233584"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1604955073078
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: M8FuDxva4FvLPuLrG6M_dYFqb5MCPzcm
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=315166
x-cache: RefreshHit from cloudfront
cache-tag: F-37314693778,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 192864
x-amz-id-2: LDj0DIv7VE8ldGGFB1tzXebRqph+4wfPVdyIhFq9S9kCd9IsVvdu7RAjK+aZwKCQapUFcRKvpZQ=
last-modified: Mon, 09 Nov 2020 20:51:14 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=94gXhiBeJ%2Foo0ro5KzxCWKJJaa5mCHbE6QctjQpKiizGe0%2FYleu%2FXgZSTYF8riJ8HD7SE4nlTgA79YIMpYHSKUG%2BD6nWv1Qxx6ClWdEBGJMuLc57BDeieR%2BhXG8A%2Bj8msVsynEoDoShui4N%2F"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394ed83a68-FRA
x-amz-cf-id: 3kRTv0DwyAYFISUF7pLwpjMkcFstV3MccJRLfCXJCDqZJoX8JI8McA==

GET
H3 200 100120-osquery-tutorial-augeas-crop.jpg
www.uptycs.com/hubfs/ 105 KB
107 KB 1449ms
1427ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/100120-osquery-tutorial-augeas-crop.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4992fadaf01ef989d22b0cecfbb34db2ce2ad2444eb0857f5be338c28c594952

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-35584071396,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ22BSAF50XKBBED
x-amz-server-side-encryption: AES256
edge-cache-tag: F-35584071396,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="100120-osquery-tutorial-augeas-crop.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "f51958f807e5b5bbd5022ba0af1755c5"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1601558252000
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 40Yehn87s4OJMeZzNBy3queqkRypzITu
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=131852
x-cache: RefreshHit from cloudfront
cache-tag: F-35584071396,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 108026
x-amz-id-2: 86eQ3YHagWA7OoiPG9qJKYPGj99HOjyk/8ZC197sW9J9RL9UKRNrKNysADiVMxJPg0wFwQBXup0=
last-modified: Thu, 01 Oct 2020 13:17:33 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VasJaoaBFIwtfoD%2BE9x7QzuNZ%2FKseUOA9bi3YIRqQ%2BH5g2IstswoqH6Do3p4MI9Ohm2wX8Uk6LUiTVmxlFwZwuLA2SGb%2BFPSmdKYDb%2BOGAIQvaHAJHZECJR73RznmVlXOcfjDshtsQCZJ9hW"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394eda3a68-FRA
x-amz-cf-id: NXA4kfn5NPGneaSZBpLSVcmwWkryzNtQZzaXWOPoz_UkLqnwnYB6tg==

GET
H3 200 090120-osquery-tutorial-disk-encryption-crop.jpg
www.uptycs.com/hubfs/ 59 KB
60 KB 1454ms
1433ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/090120-osquery-tutorial-disk-encryption-crop.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e5a87ff6e5e5ebb4e598a54fe6f64d4432bd4ed6c3b5c8900246ebaf698d08d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-34317801388,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ23ACDKQ8GT12FT
x-amz-server-side-encryption: AES256
edge-cache-tag: F-34317801388,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="090120-osquery-tutorial-disk-encryption-crop.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "53091ab8a64cc67095e033b4be10c01c"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1598897517122
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 45144f4effc6db6c846de623ab8b639a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 96BR5lDSExW4Iz4zePLfJsaMAcj2qNk8
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=78706
x-cache: RefreshHit from cloudfront
cache-tag: F-34317801388,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 60282
x-amz-id-2: CgGmwL/4dgcEUzHKXVxchITL6yLWurm/IP6qWnVkclhEvlKFolmLQs16AndSHcqUe9EuQusJLhY=
last-modified: Mon, 31 Aug 2020 18:11:58 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=naUYdvH4yFOA3%2BWCMaW5COldlZ00Yy5zlDijAVUwikcYluckweTRRo0GOddqukJzebu2JVLe7GzKphaiJBaL1vNKxYxRknKfdorCEr%2Fz5gqNibizEioNOXsO0s1s9RrXqpiZYBeQEBvyWRhc"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394edb3a68-FRA
x-amz-cf-id: J2x71oi-cb2VjolCXrfdfxGWaBetqpDA41ChveDE7Ytz7_CR-B7DfA==

GET
H3 200 0820-osquery-tutorial-chrome-extension-permissions-crop.jpg
www.uptycs.com/hubfs/ 93 KB
94 KB 1457ms
1436ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/0820-osquery-tutorial-chrome-extension-permissions-crop.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e9dacacbbf797470a88840bbbdf87376281e132b395049252ea0c184c80d0d9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-33573443551,P-2617658,FLS-ALL
age: 19450
x-amz-request-id: DQ22NJ5YPMMK6QZT
x-amz-server-side-encryption: AES256
edge-cache-tag: F-33573443551,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="0820-osquery-tutorial-chrome-extension-permissions-crop.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "e84a4cb21a8c76f7c4781d8f275a7fc8"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1597325536141
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 099a327961f82798658bf21aa210d4a0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: HJJrKNX5RXI5OcC6qpeAgn6YMnWjZ9dM
x-amz-cf-pop: FRA56-P7
cf-polished: qual=85, origFmt=jpeg, origSize=118301
x-cache: RefreshHit from cloudfront
cache-tag: F-33573443551,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 95394
x-amz-id-2: BpQ5FHks7v6cEM8xt46dSeTxZG4WxSO9P2TcxczW9hGI/em5hLk90ft43Liv6scJwr2O7jEMxmkr2PyuCz6AfljmtWR1/NM/bx0Uqe/IKSc=
last-modified: Thu, 13 Aug 2020 13:32:17 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KxCHKdTr10iHh5c98QX471QcIL18OY5XYA4aIv53oW2IeiU4Z1cc1gWpbJhCkSm9WrycpKeBNLmp63U7jKO3TkusoEOvZV8sBZbDzfQomFiAvhBPjFYa%2FM9Gn46%2FIW2OqmZv4QeDPF7n0Tuv"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394edd3a68-FRA
x-amz-cf-id: _vPm632if2QS7mMV3PL5DFiomZA6MMuc3VY-W431AAuZKg2sOfnHBQ==

GET
H3 200 bootprint-crop.jpg
www.uptycs.com/hubfs/ 196 KB
197 KB 1459ms
1437ms Image
image/jpeg 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/bootprint-crop.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee7300b05f07a37859f820b11921b472aafd6ad11dbca94445f4f73bf2beeb01

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-33345695852,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ2480NC7H55G8RT
x-amz-server-side-encryption: AES256
edge-cache-tag: F-33345695852,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "78b48cc28a460f3d040e74c0cf0a5808"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1596737776091
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: d2Ef46gsFW._OX6FVgv76gWw0iZopVNY
x-amz-cf-pop: FRA56-P7
cf-polished: origSize=207141, status=webp_bigger
x-cache: RefreshHit from cloudfront
cache-tag: F-33345695852,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 200318
x-amz-id-2: fbGjamUO8yoKAsf39WjM9yta7cjow75BrfaLoEmzYkUJP/Yz5fjqPJrLDyxfARD1/kHTMZXbNqM=
last-modified: Thu, 06 Aug 2020 18:16:17 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1LeQ85XkqabJI%2BgRbp9lF%2Fqk1n%2BD2IYHgdrnNOwGfQBAVkpm3%2FaobZne8tMAudr8ux7fqvxOILd7ehY4GWsXV2uPF2vIBxJYFZvxmh1wKLMG8ODQHdw5Zs8Vp7pNvayULPD8pxBZVUlbWOl5"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394edf3a68-FRA
x-amz-cf-id: dPmNC-zj6-lswoJE6MMZwLXU_f_uJxAuga_Qf25oxfcdY89jimUtZw==

GET
H3 200 4-tenets-integrated-security-crop.jpg
www.uptycs.com/hubfs/ 34 KB
35 KB 1469ms
1447ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/4-tenets-integrated-security-crop.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8201a3c0f567064ae54c12ccb0121e8bd59dc31f1cbd9f2ab2044a69ed41317d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-33075468297,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ287CQNCJZTDKJ5
x-amz-server-side-encryption: AES256
edge-cache-tag: F-33075468297,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="4-tenets-integrated-security-crop.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "dd20a37628b02846161fa7466e642c54"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1596130713742
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 7u9Zi1qm80kZr4KAwTwZyxDaJXPiwNWW
x-amz-cf-pop: FRA56-P7
cf-polished: qual=85, origFmt=jpeg, origSize=40883
x-cache: RefreshHit from cloudfront
cache-tag: F-33075468297,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 34804
x-amz-id-2: BGN2aq402N3EBGctVv6+URGxO8A6+JxNkWQnTlCFFFvUezbksVTG1g/He4u7kBobYJ40ECct2DI=
last-modified: Thu, 30 Jul 2020 17:38:34 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fVcydcvqQwEBTKSFZPUsyG8qSP%2FQu0qi1YYDpxzFUVhJKRSRTrFqnSF8e6g0JId5owHodduCz91KmdPs8%2B7zLv9XC12HYjyRhnpR%2Fy5zyObao2h9Sb670RaEat0lv8vVRcHV27svj8%2B17DxN"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394edc3a68-FRA
x-amz-cf-id: dBS3N97SWecAJyL2TpoF_9dwjkT--xALmsLsM4z1kcMVKXWLLYJg3g==

GET
H3 200 osquery-tutorial-gather-software-crop.jpg
www.uptycs.com/hubfs/ 153 KB
154 KB 1471ms
1450ms Image
image/jpeg 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/osquery-tutorial-gather-software-crop.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fd66e5f3cd89390e3ef75d130ae2b4b113a1f378aada6c5037b351af051b88c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-32650434338,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: YCNKABSB2AGX5EDB
x-amz-server-side-encryption: AES256
edge-cache-tag: F-32650434338,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "eb76a2a4aea531acd86578e219d6b4df"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1595352406881
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: dZ7Wo1MY8Lt8kT.YivTIhB6W2MXduL7i
x-amz-cf-pop: FRA56-P7
cf-polished: origSize=162189, status=webp_bigger
x-cache: RefreshHit from cloudfront
cache-tag: F-32650434338,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 156655
x-amz-id-2: r4Afkp+8IT4YsoYohgAdhYffMe56zPLtsDkkEU8Eces8q5FIN6bCrUh9OSP/3jT3e/+px/HQ0nM=
last-modified: Tue, 21 Jul 2020 17:26:47 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rj4dNXQ4BDIJFYtmks19f7rFtffFex8pNoODNhaFfOOtO532%2FanczVAgaD9PrwkkEn46Xl3%2BlnDbfPcrnjsZlQB1L%2F%2BkuWRVFa7Ysa55QVUEHR4iM2GH7Kct0NQJDQXAKtWTIxkg%2Fc2fmSQk"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394ee13a68-FRA
x-amz-cf-id: DcTm69toZYKOP1BY0X3fDXlHDcWJ8P2gIwUYfNMF6QjAsRVq44pEOQ==

GET
H3 200 windows-dns-server-vuln.jpg
www.uptycs.com/hubfs/ 182 KB
183 KB 1478ms
1457ms Image
image/jpeg 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/windows-dns-server-vuln.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

264a34cc1caf68382b11967483288e61e20cecb6883983e69370c8ad9dddd7be

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-32448411845,P-2617658,FLS-ALL
age: 19450
x-amz-request-id: DQ27841T0PBBYDB7
x-amz-server-side-encryption: AES256
edge-cache-tag: F-32448411845,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "297d00ad5cee2b7761c1df34481fb713"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1594919600789
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: gvkcvzNkecGxZh8AUcnoLVFtcieZ6f3.
x-amz-cf-pop: FRA56-P7
cf-polished: origSize=190816, status=webp_bigger
x-cache: RefreshHit from cloudfront
cache-tag: F-32448411845,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 186577
x-amz-id-2: jLYUhHvn5arvL+xGJz638yhAj1s5o143OpsULEUcy0MocYbRmnSaXeautK37ADAaRloKrp7bwLY=
last-modified: Thu, 16 Jul 2020 17:13:21 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJrbuU4hVOZq0h%2FHxbzu96Gkwr3ex4828kspS6mkpELpBnuHG0UXZE%2BKbTRDpCQCCZKJPY0x9sFqDz54n5izp71TJRCSg2NNSzWMP%2FamdDv%2Fx65EVscb24RPL%2FaPoAeBlJT%2F%2BOcNGfHWO9fH"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394ee03a68-FRA
x-amz-cf-id: f6cKZ8qXoJc3kj14Airv0xGR6KF-psyyYEbDnjnCr6DChOxVyWy9hw==

GET
H3 200 osquery-compliance-lg-1.jpg
www.uptycs.com/hubfs/ 184 KB
185 KB 1488ms
1467ms Image
image/jpeg 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/osquery-compliance-lg-1.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d219a93679dd31fc9e316d6b059228beb19aea63be49ccebc20dd057a4c6dac1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-32077996955,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ2FA9YST82K23M1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-32077996955,P-2617658,FLS-ALL
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "b98584991f66dbaeedeb360fc519a6dc"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 7ZBqfk5KB7phhTGuB0BIEIlvdOTnddcL
x-amz-cf-pop: FRA56-P7
cf-polished: origSize=193099, status=webp_bigger
x-cache: RefreshHit from cloudfront
cache-tag: F-32077996955,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 188417
x-amz-id-2: UGfMM5BB2dkfkoBzG8Wp3yLcHXZzn0PtHYH8LZnk2hF0WOTJv5YbLlq/zBmE+ZS9ZfOQBP2s+lg=
last-modified: Wed, 08 Jul 2020 20:03:54 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zPMhPCtN2HXfkPmd4I9bmefTGzZbKsBj6gcxV7Ep216MQNYCdgP6hd5TOCxBCQiCZWgJVsS8l3Q3I0m1eUXnMqFp0%2BqW8LvHOeDnwBCIcTngmxmFdQ6Z1yGp%2F1YxjC9WOnZShpEhxA9LWWd9"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394ee33a68-FRA
x-amz-cf-id: B5M0DhuFy6bm2g4ovoWDNBrYrxds_iLn0gB3tqsczr5PF7DTDHIz8Q==

GET
H3 200 goquery-uptycs-flow-revised.png
www.uptycs.com/hubfs/ 16 KB
18 KB 1492ms
1470ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/goquery-uptycs-flow-revised.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

81ca5b2534d7575e7ed95abd8708d2bb4f2f40f983cd8c79fd0a3b01f319dcd4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-30973627683,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ2DWEGFC3B27FN4
x-amz-server-side-encryption: AES256
edge-cache-tag: F-30973627683,P-2617658,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="goquery-uptycs-flow-revised.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "648f75182bd06aa6c9f9890b2b0814d2"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: UvyP0Lm0fuMKzN4pJFUR7uHAkBtLSbOm
x-amz-cf-pop: FRA56-P7
cf-polished: origFmt=png, origSize=48644
x-cache: RefreshHit from cloudfront
cache-tag: F-30973627683,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 16756
x-amz-id-2: 1tqfoCv0zeQQEXb7yRhndNqTBH1BllcpF+KEF82EDV4Oed+I44YYh4BFDnJJQDFgEubDX3uPssFZamE7DPCrufGb7zhTUu47pYIMHPTTIOg=
last-modified: Fri, 19 Jun 2020 15:19:35 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BzPBzMDf8HS8bizJAoP4pEJSRkp%2BjvEGkDnWdyRU%2FfGUMdPHriKB0Ok6vNqD56ZGCK9d6wBQ0ME8nltMtqFJw7qd%2FHoDmzX9WyAz0bqJ09Sihgba5thSRpY9qNk6qmDzIbtLBTQItC%2FZH6jp"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394ee23a68-FRA
x-amz-cf-id: hpnBtNYv-MCRYl4oYRGL_d8I0a_L5MCqmpmr0NKKCOgR8qBeumxb3Q==

GET
H3 200 uptycs-funding-announcement.png
www.uptycs.com/hubfs/ 165 KB
166 KB 1493ms
1471ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/uptycs-funding-announcement.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4e504e70aef8546bedac7c061f01528b56e2c1dba8f153d1bb99862e83d7f79

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-30799376053,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ2AYENBE1E4BP9F
x-amz-server-side-encryption: AES256
edge-cache-tag: F-30799376053,P-2617658,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="uptycs-funding-announcement.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "7b0179bc51ac79009d293a86f4093aad"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: kHKOPr9M5BPNEW5IaMvJx7J5MAc4_BLy
x-amz-cf-pop: FRA56-P7
cf-polished: origFmt=png, origSize=230830
x-cache: RefreshHit from cloudfront
cache-tag: F-30799376053,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 168860
x-amz-id-2: wdXa7vmx4Ag3fA6HYTMlrsALeq6rJBbBXC9K5SLt7WIQDSS+dcD7KgsCZhn4HAmufNnqbnMK+LM=
last-modified: Tue, 16 Jun 2020 11:59:43 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nhC4cVtSYa%2BnFpBV%2B%2Byf2f2JGazLb0FxFKK2LWEfpY6BEzrglQIrGD7kfahy82%2BbGVh7kRo5nELITxcTDs72K0te8hCEsSBFMOg4dulpOcJOyScP1JjsSZTMfdU3TtfpIk6OHWlTsjAY7p3a"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394ee73a68-FRA
x-amz-cf-id: zbDNQZiMSBA_ziWi1QMPX9jVxb7RB755lYTMWDg_yFObZZTcwHwCYg==

GET
H3 200 Blog_%20Detecting%20Malicious%20Encrypted%20Connections%20Locally-1.png
www.uptycs.com/hubfs/ 684 KB
685 KB 1504ms
1482ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Blog_%20Detecting%20Malicious%20Encrypted%20Connections%20Locally-1.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

01146cec2002108cf0a630227cdab54aaf75745bc5f7175229d75c366e070e48

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-30009634946,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: X5FEQ5NVV3HB9WX0
x-amz-server-side-encryption: AES256
edge-cache-tag: F-30009634946,P-2617658,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="Blog_%20Detecting%20Malicious%20Encrypted%20Connections%20Locally-1.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "d620d9ab0abb96fb35110a19bdec6e77"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 45144f4effc6db6c846de623ab8b639a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: ZmmwHQpAGGvkerVO_dJja5fJzUyOPazK
x-amz-cf-pop: FRA56-P7
cf-polished: origFmt=png, origSize=922165
x-cache: RefreshHit from cloudfront
cache-tag: F-30009634946,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 700122
x-amz-id-2: qQ74+1lIxZ9j44mo0nfilg88JeZ6RjdgIVatFdooujpY9UYQL1r7IrHHuRCH9LR20Yj/8vskn/4=
last-modified: Tue, 02 Jun 2020 11:57:30 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2brkNxlCADpXIwVSF0yxFAkObzhzAaFhxcc7fHrWa5p%2FQIHctqKCgqbu8MBA0sQCk07NeP48%2BaCA2jj3zsbrxmRoeXs5bv%2B%2Fdb32WVw2HlG3p%2FOpRwphpQvOxumO3r7UKdvwva28YZa%2Fir0G"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394ee43a68-FRA
x-amz-cf-id: 6QYnnvFEHBvfwrehW_VJunmQp23p4f707sZxnlA-TFEU8RWwSM1Jlw==

GET
H3 200 Blog_AWS%20Nitro%20%20Encrypt%20internod%20kuber%20%281%29.png
www.uptycs.com/hubfs/ 329 KB
330 KB 1536ms
1514ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Blog_AWS%20Nitro%20%20Encrypt%20internod%20kuber%20%281%29.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

92863b5f16cc49bcfcf971f68ce525e19ec4c3ee881051724af62228db936d70

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-29611073143,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ240CR9BAEDW0M1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-29611073143,P-2617658,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="Blog_AWS%20Nitro%20%20Encrypt%20internod%20kuber%20%281%29.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "26d8600ceda7593fbe9786af6efb43cd"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: eOrJ0Zn3GK50sQnP5iRDyZZCDM2zAzFw
x-amz-cf-pop: FRA56-P7
cf-polished: origFmt=png, origSize=496202
x-cache: RefreshHit from cloudfront
cache-tag: F-29611073143,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 336990
x-amz-id-2: UQxDn036dS2KYkfiyksCfxfRT4lLgc4sUUCOMqxEAh1cW42BRhQJmOsJvYXTEDEHo1j2uT6TlP0=
last-modified: Wed, 20 May 2020 23:27:36 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DToNEJDiEajVW3P5%2FVPaAB%2Br8v4yoycF%2BhDxP69KEsPDfo84mrbFCyNnRRWRi1LR5j%2BQURImgAEts86%2Frb0VT4KWGwfXMkWaU2mMD4yjKA0OpEmGaatoOoC1HWYPKjHh%2B32u59iNiJT5ji8A"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394ee53a68-FRA
x-amz-cf-id: XtdxIgifHdsvBxEdoXtd_kxm1e4rZYRjk0Fgol2w6yu-NxfEvSRoug==

GET
H3 200 soc-2-compliance-requirements-essential-knowledge-for-security-audits-uptycs.jpg
www.uptycs.com/hubfs/Nectafy/Blog/ 113 KB
114 KB 1549ms
1527ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Nectafy/Blog/soc-2-compliance-requirements-essential-knowledge-for-security-audits-uptycs.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2966087f902bdad034c2c55a6d82a084502b3bb1c41d53881cd6df930812658

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-29065627778,FD-13014685658,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ2B139FEM0NKPWB
x-amz-server-side-encryption: AES256
edge-cache-tag: F-29065627778,FD-13014685658,P-2617658,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="soc-2-compliance-requirements-essential-knowledge-for-security-audits-uptycs.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "73abe042ca9e7881a3699d75f5277943"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: S8m7rBoEwDG6YHQOCmbilJbGt1woAY6w
x-amz-cf-pop: FRA56-P7
cf-polished: qual=85, origFmt=jpeg, origSize=231385
x-cache: RefreshHit from cloudfront
cache-tag: F-29065627778,FD-13014685658,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 115752
x-amz-id-2: fpjw8loWnuRTlPb71dANdW12IXdx02LgfsrtRpCjtVNXhl4FoZm6t0C5F95qdQ0VXdF3kSDYqw8=
last-modified: Tue, 05 May 2020 14:54:35 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OI6qtscvpfsDh4T%2F3c8Qwy2Ocg%2BzWLAy%2FM2mvt%2FTCpzhDzC8ervbbrxo4RwbC2LkQneoYlug7aOC23PZxM3qB4tYeVtauWKwV9q%2FIwG1MPG%2BFJy9YdHh1k5eVa5gX4Db7I3eFd%2BQa51lzbYP"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394ee83a68-FRA
x-amz-cf-id: LSekLqs_kpIC5mzOL0GEXv03N3PH6ZYZTMDjJSEYwv05yr0vLwyAZg==

GET
H3 200 OSX_Bundlore%20Blog%20Featured%20Image.png
www.uptycs.com/hubfs/ 144 KB
145 KB 1553ms
1531ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/OSX_Bundlore%20Blog%20Featured%20Image.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

10b823f7e1c9fbe5a77c8c2e86c730127f85762a1a5cacd4ef73efa3ad8145fb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-28340171688,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ28W7Y9K8G9HAPF
x-amz-server-side-encryption: AES256
edge-cache-tag: F-28340171688,P-2617658,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="OSX_Bundlore%20Blog%20Featured%20Image.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "ec746e4f652647f14547ff6214d10ce0"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: .rAoG.wO3haWIGEd48qRjSfVcxd9FJFq
x-amz-cf-pop: FRA56-P7
cf-polished: origFmt=png, origSize=357736
x-cache: RefreshHit from cloudfront
cache-tag: F-28340171688,P-2617658,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 147686
x-amz-id-2: UrD8qmka2DNb3yk01e8DwQmC9DMf6DZiXtSUmxFxigNDaGyxwFoQxhBKJ5TBNnE3Ig1N2WjMNUU=
last-modified: Tue, 14 Apr 2020 15:03:09 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Timp9Xtwg28i9nGt8V%2BUi0JZ6hgA79wKwDdaNQZvS1we%2B%2Fchy%2F%2FpYNIoGVgsVpF0COS17DSSSf1vSVzYJR1In6LnWTIrq6ibpa8U0p%2BFvt2bZdwctsxQ9wN1tN1dF4vI%2FcUckjrFd%2B9d7Rth"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394ee93a68-FRA
x-amz-cf-id: HUT3cAPBXLLYTY8LNuzFIZEHPlyNdg3txRO0MfOMox1MKfH0psH6bQ==

GET
H3 200 Blog%20Featured%20Image%20Detecting%20Docker%20Container%20Malware%20using%20osquery.png
www.uptycs.com/hubfs/ 426 KB
428 KB 1557ms
1535ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Blog%20Featured%20Image%20Detecting%20Docker%20Container%20Malware%20using%20osquery.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

12c58523e2031b463a50d97ed314bb543a2aa0ac5ac4dce760a91019088abc26

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-28294875144,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ26BF1NBJEJEJM4
x-amz-server-side-encryption: AES256
edge-cache-tag: F-28294875144,P-2617658,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="Blog%20Featured%20Image%20Detecting%20Docker%20Container%20Malware%20using%20osquery.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "762f8f52d659458e8353208212149a18"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: RoF0EoLdZqhD2Xwj1BLJxk8h5Zny_mc4
x-amz-cf-pop: FRA56-P7
cf-polished: origFmt=png, origSize=950637
x-cache: RefreshHit from cloudfront
cache-tag: F-28294875144,P-2617658,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 436668
x-amz-id-2: 9Su4aJLwfOkyyRIZZ7FTkEFxwFi1wQB1P3OK2UC0GANfsUd/ZuxS32p3oj+f1Sz8D3vATR7MkW3he7Ba2UoGrOiRBpsl6SP9GjTWOf9m328=
last-modified: Mon, 13 Apr 2020 15:48:07 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1iBpYZdVCUv%2FQq84BCG6B5B%2B4jHZTrhTxYGzO6rNLlnSIPhvL3hpEyt2TT%2BZf97mifL1mYd9%2FyqRDoy4sfumeasZ%2Fl8acd546BZZ3erlacm4TSDQw8B6P388SxmZPPIwlCGt0cJJsHrkkL3E"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394eea3a68-FRA
x-amz-cf-id: 4OCowwKxOntkFcsdigzNtSgUi3mad5Vd-dwaZ1f0z_s2E8jWqOpoXg==

GET
H3 200 8-docker-security-best-practices-to-optimize-your-container-system-uptycs.jpg
www.uptycs.com/hubfs/Nectafy/Blog/ 53 KB
54 KB 1568ms
1546ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Nectafy/Blog/8-docker-security-best-practices-to-optimize-your-container-system-uptycs.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d3b01c6b440bb12044cbaf755bff205000bd7b582540bce2e29d68617e3479f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-28245878150,FD-13014685658,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ2F8RDQ0P03FD3X
x-amz-server-side-encryption: AES256
edge-cache-tag: F-28245878150,FD-13014685658,P-2617658,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="8-docker-security-best-practices-to-optimize-your-container-system-uptycs.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "732fac028ba8d6c3c8490d0ce6d89a1f"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 56317bf75183e752b06c880e8a1e502a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: ez8FCttEe7pNsygTsHIKhNR__L.SQiBh
x-amz-cf-pop: FRA56-P7
cf-polished: qual=85, origFmt=jpeg, origSize=116250
x-cache: RefreshHit from cloudfront
cache-tag: F-28245878150,FD-13014685658,P-2617658,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 54206
x-amz-id-2: 9mwVNGorRX38NRGTcCZo5hCVe54udVfoczgjS1tNmP/RMqIqDreO5oApRrhNa65n/hZP86ueIRY=
last-modified: Fri, 10 Apr 2020 14:30:04 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J7VWsxs1ly4upGIPHeb7VPdAsefkLL7WZmqYq6S6O5eYDVouUgKE0RUK12O922BbFLBn09eg3m0D0REigl3%2BlZwNHa0LsJ40m2MKqwtZIzYbVOmMMGH3NnBnAFLNsplD49VNg8Ge1jyvXniu"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394eeb3a68-FRA
x-amz-cf-id: aneapdAo1PqGTuMS3rUkrrTIiIEC4-MT23RXqVy9BFLtawC0c7Pbug==

GET
H3 200 How%20To%20Use%20Anomaly%20Detection%20for%20Application%20Whitelisting%20-%20Uptycs.jpg
www.uptycs.com/hubfs/Nectafy/Blog/ 197 KB
199 KB 1570ms
1548ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Nectafy/Blog/How%20To%20Use%20Anomaly%20Detection%20for%20Application%20Whitelisting%20-%20Uptycs.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

af3a700379df32ab151f229ec5c8b02e8a57fe2080da39ac40595077f599630c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-27898965365,FD-13014685658,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ23XJPCNRAC8NT6
x-amz-server-side-encryption: AES256
edge-cache-tag: F-27898965365,FD-13014685658,P-2617658,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="How%20To%20Use%20Anomaly%20Detection%20for%20Application%20Whitelisting%20-%20Uptycs.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "50f0c1518dced368808f404d97753b4e"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: N7eKMIt2tsCPoOphOcv_DNHQF_lzLFHb
x-amz-cf-pop: FRA56-P7
cf-polished: qual=85, origFmt=jpeg, origSize=210464
x-cache: RefreshHit from cloudfront
cache-tag: F-27898965365,FD-13014685658,P-2617658,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 202094
x-amz-id-2: 47YkwjAoxdkpHSG5h3GU8NZ7tsHZcLai6GamJJyEA/pv56CEsQh1fjNj+h1mWCzYyYp43to3hjg=
last-modified: Thu, 02 Apr 2020 14:13:41 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aRf134q2a53KbAxMvjI3bchR8wCK4tpMaFQHec%2BfG3CQLgK2qmF4KFEvg7VokGz6kWSm0fR1gDRxUkscDv6qLfiTS%2BSUOD0TnyDDawyzWsJ5rdPRXDiuLpArLjzXJIqq7arVFBmQTMJ4nRG8"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394eec3a68-FRA
x-amz-cf-id: aNnSLuby87eHRSP5Mtnr3EBWUFc-TWl1jzB8Ow2UjFIlHZUT6Tt9pA==

GET
H3 200 Endpoint%20Visibility_%205%20Best%20Practices%20To%20Optimize%20Your%20Security%20-%20Uptycs.jpg
www.uptycs.com/hubfs/Nectafy/Blog/ 164 KB
165 KB 1575ms
1553ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Nectafy/Blog/Endpoint%20Visibility_%205%20Best%20Practices%20To%20Optimize%20Your%20Security%20-%20Uptycs.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a561bff6c38dd210c66d3da2c273ea3aebeafdd9aa80515327d49667e91ed5bf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-27816290885,FD-13014685658,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ21NRESZHAW175B
x-amz-server-side-encryption: AES256
edge-cache-tag: F-27816290885,FD-13014685658,P-2617658,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="Endpoint%20Visibility_%205%20Best%20Practices%20To%20Optimize%20Your%20Security%20-%20Uptycs.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "e598a1c9e65404c983a9b8a894dc64a7"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: ud86DWJPzX8jtFAVshEt_DfYyd_fQwqQ
x-amz-cf-pop: FRA56-P7
cf-polished: qual=85, origFmt=jpeg, origSize=201943
x-cache: RefreshHit from cloudfront
cache-tag: F-27816290885,FD-13014685658,P-2617658,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 167430
x-amz-id-2: nKVSoqCR1qw+u+aND3ris8TWtefuiFy0AXb5DdZtx5YNl7wNWo73ixy7tDa0e8qvaAR/3uZqK8M=
last-modified: Tue, 31 Mar 2020 12:43:34 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6v3egKuMU4gphc7SjPF7TcQE2e5ywE8otiEkfmaWVxXXDDe%2BQD59CVHCZ2TosiRVM6a%2BRNWD2RO4K8Wo9INPov5DaUSstkYGb0cSP2ZIugdXhwH6eri7R900vf2KjLd7n96HxdJk6gy8W1np"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394eed3a68-FRA
x-amz-cf-id: HBzfg1K1GUsJf4NEHASfg7Xzcg7ul--siV-z-wnFqEFH4hcB557vLQ==

GET
H3 200 Should%20we%20blacklist%20newly%20registered%20domains%3F-2.png
www.uptycs.com/hubfs/ 38 KB
39 KB 1584ms
1562ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Should%20we%20blacklist%20newly%20registered%20domains%3F-2.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0bd016d025a1e57c922e585f52f7f3fa683224e87d818aae7af3147d54748b8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-27462627241,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: 7FSBKEXC24PBAB04
x-amz-server-side-encryption: AES256
edge-cache-tag: F-27462627241,P-2617658,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="Should%20we%20blacklist%20newly%20registered%20domains%3F-2.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "306a433b66914b4d7d3b6312683d1b86"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: Xav.xUB3Xkkawmy8I5UduNWNnKqWnsiV
x-amz-cf-pop: FRA56-P7
cf-polished: origFmt=png, origSize=95283
x-cache: RefreshHit from cloudfront
cache-tag: F-27462627241,P-2617658,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 38994
x-amz-id-2: YJ3J7lbCzKJWO695RitRLejolRmusgt0L34XqMPJH8bauuQyaUBjlc7lbJnlZm4XMSz4+L+zzPg=
last-modified: Tue, 24 Mar 2020 11:58:19 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6PJYScGHlfTNd0edA%2BJzxoFxO3%2FZUX%2F2psT%2Fp%2BYQoQ6pdFPo5fDD9rmcf4U0u7SiUIOFrv8nJlfGK9JHxfnyWzUfYQ%2FxkYy4SIipPMSjn3YUrtJIFPyjE7VL92E39mlxunz2YmogQ6JM7Ggw"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394eee3a68-FRA
x-amz-cf-id: It0tAYArle0L2K0eBCuohuvnUv7gMCkjSCTOKWRERmOnx-PeVbrdQQ==

GET
H3 200 How%20to%20Achieve%20PCI-Compliant%20FIM%20and%20Endpoint%20Security%20with%20One%20Tool%20-%20Uptycs.jpg
www.uptycs.com/hubfs/Nectafy/Blog/ 97 KB
98 KB 1585ms
1563ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Nectafy/Blog/How%20to%20Achieve%20PCI-Compliant%20FIM%20and%20Endpoint%20Security%20with%20One%20Tool%20-%20Uptycs.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4dc23d4009b37e109f94fa490050a55b81e2fefb47842dc09a1b5e775af683d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-26883259052,FD-13014685658,P-2617658,FLS-ALL
age: 19450
x-amz-request-id: DQ215DK75MQ0MGM6
x-amz-server-side-encryption: AES256
edge-cache-tag: F-26883259052,FD-13014685658,P-2617658,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="How%20to%20Achieve%20PCI-Compliant%20FIM%20and%20Endpoint%20Security%20with%20One%20Tool%20-%20Uptycs.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "722fc194dd782e2e5eb461affbede50d"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: kuit4bZseByZOrqD571NWyib.1CrX_y8
x-amz-cf-pop: FRA56-P7
cf-polished: qual=85, origFmt=jpeg, origSize=137061
x-cache: RefreshHit from cloudfront
cache-tag: F-26883259052,FD-13014685658,P-2617658,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 99434
x-amz-id-2: 2l8ZhLez97L+heWNgTSqnrhfucxY0dgh5lf2bIBs7PhMA3ywEK8MagjMpuYsqwFR8oIecqds+V8Jo+rA+Fs24ib0FI/Hknzx
last-modified: Tue, 10 Mar 2020 19:59:21 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u9LNuT6lRzyqanAIWgSAJE1aUPmmo6boQDWZhKr7FejwYAhaEC5kcIR5LdD73mVkfJu0YEitj8IZm%2B%2FyB%2Fb5p24DJBeJ5cu5u6w16vWkPifS3WVKhh6o%2Fk8TdUFpSUiUFoUnX2MGnu1u33Wg"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394eef3a68-FRA
x-amz-cf-id: zGvX0OM03W0OduzLiIQiLaDKXo_nNOMRYdm5TsheF7AFrANwAt2jhg==

GET
H3 200 Why%20You%20Need%20To%20Embrace%20User-Focused%20Security%20-%20Uptycs.jpg
www.uptycs.com/hubfs/Nectafy/Blog/ 32 KB
33 KB 1587ms
1565ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Nectafy/Blog/Why%20You%20Need%20To%20Embrace%20User-Focused%20Security%20-%20Uptycs.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

abe68f8862826e530edacb57fd5f467a8adc0c2fad5d85503cebfcdcd17f5feb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-25829550818,FD-13014685658,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ2CV40DAC429R1H
edge-cache-tag: F-25829550818,FD-13014685658,P-2617658,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="Why%20You%20Need%20To%20Embrace%20User-Focused%20Security%20-%20Uptycs.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "b09415b62114e9127281df3542137296"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 1Jag1Hzl4OtQj2VkXijdMFBixqtxkJE_
x-amz-cf-pop: FRA56-P7
cf-polished: qual=85, origFmt=jpeg, origSize=58547
x-cache: RefreshHit from cloudfront
cache-tag: F-25829550818,FD-13014685658,P-2617658,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 32370
x-amz-id-2: SItD5V5yZf+qxHQTS8lTONhF4Bb7fgXOkY+AR882Goi7SVAMPaN47+9HmWjs39o1SDCqKp8dmRc=
last-modified: Thu, 13 Feb 2020 20:55:38 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xSlwKmNZnRXRZ5JqTtS538JQUDaKv3IVWfqXOQYntsQSNykGVoUIaE3NBgF2e7Yxn8p1vS6pN2ngg539c4IuELHMl6sbhc5fRMnzGDBCRkrnUKpOLQwa8bKJpT%2FrSA0ByPcZlRRICQ6%2FWINk"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394ef33a68-FRA
x-amz-cf-id: l6-h-imb549MrMa7YVMlraqZf6vc7LDF81krKpdkUco-sMeLvPCZCg==

GET
H3 200 Screen%20Shot%202020-02-13%20at%209.07.39%20AM.png
www.uptycs.com/hubfs/ 87 KB
88 KB 1587ms
1565ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Screen%20Shot%202020-02-13%20at%209.07.39%20AM.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

391e7bd40de1fc0e0d471e74939c015d7b146cc32feb395d4c3cab4344680407

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-25818546362,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ2AN889VMPRTZRW
edge-cache-tag: F-25818546362,P-2617658,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="Screen%20Shot%202020-02-13%20at%209.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "cffd0e6e183619db4e08422714bab91e"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: bPBJY.ks3XF6n.D_kZQgTE5h5wwpIYcx
x-amz-cf-pop: FRA56-P7
cf-polished: origFmt=png, origSize=191787
x-cache: RefreshHit from cloudfront
cache-tag: F-25818546362,P-2617658,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 88984
x-amz-id-2: ecANMhY2WnxKfrKMNO57QVkL3qVHiBLpMwewXMovBZ+7zpA1i/ZBCBUMkxwY2/Czp+QpzxEcikCdP/CXblO0qbXMqHjKoYZD1y+TEBkmLbY=
last-modified: Thu, 13 Feb 2020 14:07:53 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cagJepEoTUJUgfpWzaIJeRXVddvyTKQKvEycCg0t5zdPKCM4YR9sDQ%2Fsyoo241bbf6chmqYNDBeRN8TXdk8r3qmMOjeU1R%2FAA%2FyD%2F58I6XPvgbKUIPpAvGaEixbuHUWkeSZKmxFPLoC40LMW"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394ef53a68-FRA
x-amz-cf-id: Qc3pWDVoX7DaufscgfucfdR9m_XjkJkMjR-yypp5-pt3W0GIufm-CA==

GET
H3 200 Best%20Intrusion%20Detection%20Techniques%20In%20Cloud%20Computing%20-%20Uptycs.jpg
www.uptycs.com/hubfs/Nectafy/Blog/ 50 KB
51 KB 1592ms
1571ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Nectafy/Blog/Best%20Intrusion%20Detection%20Techniques%20In%20Cloud%20Computing%20-%20Uptycs.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddc55320c2dab27775fe7f37b1a4ef0bf1880c94778c07750a99a0fd55fdca63

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-25349593038,FD-13014685658,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ27HZJVNZANW470
edge-cache-tag: F-25349593038,FD-13014685658,P-2617658,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="Best%20Intrusion%20Detection%20Techniques%20In%20Cloud%20Computing%20-%20Uptycs.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "b54b9bc3c52cdd9ab0b08bd3a91122c6"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: UYi7sdZSF6vcHL3MaH0N7ZwdUQwERs.3
x-amz-cf-pop: FRA56-P7
cf-polished: qual=85, origFmt=jpeg, origSize=71517
x-cache: RefreshHit from cloudfront
cache-tag: F-25349593038,FD-13014685658,P-2617658,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 51228
x-amz-id-2: 4Mj4HfBgDuBNDasPgeBLggLBNqg3dFQmptN/vMwU+ozYg/ti53cQN3iNYthBcWyDFrYKdW2hTNU=
last-modified: Thu, 06 Feb 2020 12:52:01 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sRwjEV2d1z2xGg1Xf2dOtSGe4F%2FEjCSX%2F8FtQ8SpMzRgNJRzX%2FYbNrmqFDjaPJA8dXpPAHUrndbJW1gIMDRjL3ZppMv7Hhk3EczBuZiHdJaEreU%2FEuf3k0W8i0B7cAMlSc57ek%2FwiQwbqRXM"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394ef13a68-FRA
x-amz-cf-id: E4D3kq7ERnCS80woSmDV9nN2-xKdprdQQuKo4cioPteKUIVq_HkEQg==

GET
H3 200 21%20Best%20Linux%20Resources%20For%20Infrastructure%20Security%20-%20Uptycs.jpg
www.uptycs.com/hubfs/Nectafy/Blog/ 125 KB
127 KB 1603ms
1581ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Nectafy/Blog/21%20Best%20Linux%20Resources%20For%20Infrastructure%20Security%20-%20Uptycs.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

402ffbcdd4576d2e1848c2cf7527d802173ea5b52f38bb51f7ae38e561aabd04

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-25103704035,FD-13014685658,P-2617658,FLS-ALL
age: 19451
x-amz-request-id: DQ24T1Q17J9W9RYT
edge-cache-tag: F-25103704035,FD-13014685658,P-2617658,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="21%20Best%20Linux%20Resources%20For%20Infrastructure%20Security%20-%20Uptycs.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "1ea7c18228dbeeffcaee47a5791de77f"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: pBu.wgtMD6wnY_8VElStFE7zPWuN2Ijx
x-amz-cf-pop: FRA56-P7
cf-polished: qual=85, origFmt=jpeg, origSize=157883
x-cache: RefreshHit from cloudfront
cache-tag: F-25103704035,FD-13014685658,P-2617658,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 128378
x-amz-id-2: mZZRq66SUM/fpL90vQwE8PRPulk/7TgPaELWfvNJi2qU3xlQldsYELZhR3qDTGVRuCwjRb827fI=
last-modified: Fri, 31 Jan 2020 17:10:45 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZQGIYUvkMAof7G3OUIK7yjfztL%2B7tpRBeNHo0kro%2BKei8XsO6yZBoNsnW8x%2FVyxlUdVTdHpkSOC8C6brK2ral1K05NswV%2FhhZ9wLPzdkonaIBs%2FE2%2F2jgPJaf4jaaX%2B%2Bib9eHzzJ2i8mqhG"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394ef73a68-FRA
x-amz-cf-id: mRpOwqIuQzT8_9e3RB1Txu1Kxpp5awJIrtyZkf5-uQGTDy-icKgN9g==

GET
H3 200 AWS%20Security%20Software_Graphic%20Badge_v2.svg
www.uptycs.com/hubfs/ 43 KB
17 KB 1607ms
1585ms Image
image/svg+xml 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/AWS%20Security%20Software_Graphic%20Badge_v2.svg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a068741b8418ff3a57e863dc542f2fb242ad23952c11ebb09fbfb5a278cc1f9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-110862303490,P-2617658,FLS-ALL
age: 24344
x-amz-request-id: 839A9S5TX9T7YBMR
x-amz-server-side-encryption: AES256
edge-cache-tag: F-110862303490,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
etag: W/"5c7713ac6c702752bd2d8d4546136e86"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1681411495582
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: O14gPj9vtC53vkK.xD_20UXgU69xsJpW
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-110862303490,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 2JLT4Blz7dl5avtVF/k9+X+uyo0JmLWQoFt0f336HE/gRixSEkdjBtRuDvnz51UgaEH2UatHCPg=
last-modified: Thu, 13 Apr 2023 18:44:56 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cW0VD%2BVrFfMmLhhtTiUQnmm52uDxDVhtrQcVruhVCoGZWddGeH2fm4h8FhcKqvNCiVx4ChKlhkx%2FCaWGN92XoTAJhVYWHZPSccPcMQM5btEYUFFgLEaXulS3QcM8CWlP8O9Rez6zdBkoafGX"}],"group":"cf-nel","max_age":604800}
cf-ray: 7d355b394ef63a68-FRA
x-amz-cf-id: 4coAD9Y3ldhcBKjPExpDzihqvnE89obgJxOJSn4w5xTMNUzK3MGWHg==

GET
H3 200 AWS_Graphic%20Badge_v2.svg
www.uptycs.com/hubfs/ 14 KB
7 KB 1608ms
1586ms Image
image/svg+xml 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/AWS_Graphic%20Badge_v2.svg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

21f25c0486d370e7c9ecb62c96685617fb254fd8ba3ea4985f0f600cce68e317

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-110862969410,P-2617658,FLS-ALL
age: 24344
x-amz-request-id: 839FJ26NKZJNECAW
x-amz-server-side-encryption: AES256
edge-cache-tag: F-110862969410,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
etag: W/"8789a631dcf92ab685140976716c3a41"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1681411458012
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: B1w4d.KCrpqFqJXOdCMvcHU9xG2Xq05_
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-110862969410,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 8puv4EMQ4mSLOiGBSRXpOyZItTNonGQGxeWn40qnWoPxE61aPecgrezxb8INQGTxy0IQk/fkdQE=
last-modified: Thu, 13 Apr 2023 18:44:19 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNmBQjzvKZMj0qAre8GuHQfIcLP65vbnC4Bgeh%2FucOrAvssxivofaBmMGMvJ%2B%2F5XTSxwmUENS8V%2FCISMdvP8L0sI6XNjeV3vESmHrboPkEFM8%2BLimx7GpGdltDrt0qP362FbrCZCU2qENu52"}],"group":"cf-nel","max_age":604800}
cf-ray: 7d355b394ef93a68-FRA
x-amz-cf-id: qoNkCarZ8lkaz-NMd9MjT_rW64HaUBGD5ciN76UJAaey176q_ZaJMw==

GET
H3 200 AICPA_Graphic%20Badge_v2.svg
www.uptycs.com/hubfs/ 110 KB
78 KB 1609ms
1587ms Image
image/svg+xml 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/AICPA_Graphic%20Badge_v2.svg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ba9ebd0651f0396e50654d49d9cca8139b25f32952b08cee61b00057874bb2c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-111058676253,P-2617658,FLS-ALL
age: 24344
x-amz-request-id: DQ2DP8X5DTRTZT1G
x-amz-server-side-encryption: AES256
edge-cache-tag: F-111058676253,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
etag: W/"de419b008fb61b889a87e70d1439419e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1681508342508
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: ZgnebF6aJMQ66jLGNJzVMieq7GwP6Cdk
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-111058676253,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: uMFXMC4XxlR2t4ZUqt5eweqxKRR2WzKaGkG6EKfyB2qa0SXA8SnM1lTFelok7fFEswiqf/eTx2E=
last-modified: Fri, 14 Apr 2023 21:39:03 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X0TKUImlI5Bo3JJxIAa3qsUEw6gns7uLoUe%2FZoniA1Sr3uweppYFWEDij61mqBO%2BIkbx%2FLLEqfSYdt6Nhzz0H20JDw3SMP3FmR3WoN3rCL0l1q29pRtqQ7DIOtwwWJoFLEMgUUp%2BcUmhBahv"}],"group":"cf-nel","max_age":604800}
cf-ray: 7d355b394ef83a68-FRA
x-amz-cf-id: gjvQgKKqiFUyieb6fB0oTjKiLKuwKJPyVePGeO8RnM5gRPy5W3gF7w==

GET
H2 200 embed.js Show response
static.hsappstatic.net/content-cwv-embed/static-1.240/ 11 KB
5 KB 58ms
15ms Script
application/javascript 2606:4700::6812:8b65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/content-cwv-embed/static-1.240/embed.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8b65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7944796ddd5fcfea5a16d0a01e0179972a31c071aa2fda7ba986323a6790752

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:01 GMT
x-amz-version-id: 2PIZat4k7iqlwfOTJtCspFj5G31rDKpK
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 1834762
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 May 2023 19:59:44 GMT
server: cloudflare
etag: W/"bf8f264c31eb93db41268dd04256be85"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7RiFxP%2FfV%2BNcH4EsUSkDAJjBC9GL5kt8Gx00yMn9BCmO%2FHi8aB3ST1ooRow3Hd50xa8IxCqBLk7l7p%2BBVgXjReRosJRF9g0AVq2AIsgYpB%2BPQ1EOAgEpGYLrDcWupMEfgAS3JPyZO2KTaIBdIdU1mT%2FucLo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7d355b3a2a662bea-FRA
x-amz-cf-id: SKXtZwAAETvmtg2bhQzg4IeLXZCqlP_PkgOS936pk-E9K3QyFnYCVg==
expires: Thu, 06 Jun 2024 02:10:01 GMT

GET
H3 200 Plugin-script.min.js Show response
www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/109250214765/1680515510267/Uptycs_Theme_2023/js/ 359 KB
95 KB 47ms
47ms Script
application/javascript 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/109250214765/1680515510267/Uptycs_Theme_2023/js/Plugin-script.min.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

16a71983d829c9a944751c1a412fd15ca9a24c61f5482d866ae2b92ebad42160

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 50
x-amz-request-id: 0BNZRSDQZ6617KTT
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener: listener_https
etag: W/"199ad667f08f5b1de55b888b095b3cc4"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1680515512531
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 14d757a67b913f1bc93427e69819362c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: qlz.yfFtRSzAsAB9pJbHBa4DE8TB.iD7
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 137
alt-svc: h3=":443"; ma=86400
x-amz-id-2: TQ/eHa9NLPycXkcxhQnqISKa/dTksrO6gJsdUYnaxc5eNJe5tPZrlhb6klpfSxKO+kkiuRENieQ=
x-evy-trace-route-configuration: listener_https/all
x-request-id: ba1aadfd-f055-4ef6-bf68-6bb169941d86
last-modified: Mon, 03 Apr 2023 09:51:53 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Fw9WxoYW%2FusZvPB72mif4kkOnDjCZpLwkDHVbZncVMz8%2B26sgKCeZOrIG%2Fs36aTJluWcgRsq38oldrj11dra4n0HJ%2FkXTSpEDKtqozBV8UYuCsYuInZrICHBOQPk26merGjxbjO90kicIAU"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-65b9b6b744-w6tv2
access-control-allow-credentials: false
cf-ray: 7d355b38bdf43a68-FRA
x-amz-cf-id: -duPwP1gYqmfd-xV2sLJaEFIOqsvmvT1xrZrGHd8zlbtGnURBiJz9A==

GET
H3 200 main.min.js Show response
www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237812090/1681370928509/Uptycs_Theme_2023/js/ 48 KB
14 KB 1685ms
1684ms Script
application/javascript 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237812090/1681370928509/Uptycs_Theme_2023/js/main.min.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

269ecb0a4ca3a19ea5356891a708984db842b1a1b9015b0f023935799ad64512

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: 87E1DA0AM5DA0S9J
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener: listener_https
etag: W/"d4ca1cc9ec67ab024c5bf417414d27a6"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1681370929116
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 5195de19cbc5ce842ac6538e9a6850ca.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: CdWFwEhFb1JhTKKtc6Sio8uOx8de.vlR
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 172
alt-svc: h3=":443"; ma=86400
x-amz-id-2: i5tM2wLnAm3eEg00arkbmOWTVLulG8JZFFMVjCJyt9mbqt7Xji2PkhQeI+5+TJW3RvHp1SwA2as=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 6093dcf9-7f58-4296-a8e6-45392547b46a
last-modified: Thu, 13 Apr 2023 07:28:50 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6PW9A4us8%2BLRH%2BYGfxUSOacsXXGyS6xvw9O42s%2BIhdWXlnSLsAG0e7cvhb1jd2eQr%2B5aTCb1EmqptrvRckKs4DnyQVYQ3Dn3mzeJsvw56tXKJ8W22Jfr23W5PSOXC7z%2BykvT%2BRSVDOZEdDA3"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-65b9b6b744-vrvh9
access-control-allow-credentials: false
cf-ray: 7d355b38cdf83a68-FRA
x-amz-cf-id: yg01z9ofv3oLIO0EN8p7gRAJiJefpxuK70LVyt7c3aQLGwOSP_TfxQ==

GET
H3 200 module_109011094577_Related_Post_-_2023.min.js Show response
www.uptycs.com/hs-fs/hub/2617658/hub_generated/module_assets/109011094577/1684434692842/ 1 KB
2 KB 164ms
163ms Script
application/javascript 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/module_assets/109011094577/1684434692842/module_109011094577_Related_Post_-_2023.min.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7dc2b5603e9fd4e9cece7a7e43c9efffadc80b18adf6f64bb164c67a49baaa4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: 3027625J4FJGWKS8
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener: listener_https
etag: W/"8ce155faf88618461792b102aa2b308e"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1684434692842
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 f6860256b1898079de872f02c7f7a03c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 7uYYu7z0hb.8dKXM0XHwicVbnbdbqpni
x-amz-cf-pop: IAD12-P2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 118
alt-svc: h3=":443"; ma=86400
x-amz-id-2: tr4PqjjziJHI/9W+hgnGpC+uKzqAU1r52Vqd1zySSrTIJzfo0IqD4nglJZtEz+W1gSwrm4hns+M=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 1d8a6a4d-ba29-4a22-b82d-aee6aa76328a
last-modified: Thu, 18 May 2023 18:31:33 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wdm7gK3HH4OqGtbEC%2F5VVQgxGp3vrxespnjV189wAJ2%2BNmrbpHovnxM3XOU%2BVX3Q8cHDdaZa%2BJy4%2FrY66fUCe6gc9RkkYA6r52uw6as6odbxlwO5ZYAHYrn1cI06mO6yZq%2FhnO3U7%2FAaKB0m"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-ph7zk
access-control-allow-credentials: false
cf-ray: 7d355b38de0d3a68-FRA
x-amz-cf-id: CLsidQrKCa1hGNkkXETY0We32oFcAqFXLyJufQOxsD5YwIYTJ2vxWA==

GET
H3 200 2617658.js Show response
www.uptycs.com/hs/scriptloader/ 2 KB
1 KB 1611ms
1590ms Script
application/javascript 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs/scriptloader/2617658.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b39681dd3f4ed0735e47dac7ba6537cb7bde322d22386292da18fdb3ea11ec9b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: bd074b03-63ab-436f-86db-5794a1f2dcb3
x-envoy-upstream-service-time: 9
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: db28bd78-7d07-4bc7-84d0-6d4f1ead127b
last-modified: Tue, 06 Jun 2023 20:45:51 GMT
server: cloudflare
x-trace: 2B8ADF217979D287FED94C2F4309A8336A4287DD15000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.uptycs.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-lp48s
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KA3mxY5QVUucyCB9SRXr9TxVSVZiOYIqhjXca5vxpSOFf9VqorHvFratfKlLkSxrQdo8kRXCuUyiy8JZiGvWVWIQi5GMvPerxg1dzn4hJRlRLPRTIfpCH0%2FbM%2Bo0W%2FwZCkVv6zFZYtVLZfXA"}],"group":"cf-nel","max_age":604800}
cf-ray: 7d355b394efa3a68-FRA
expires: Wed, 07 Jun 2023 02:11:02 GMT

GET
H2 200 c42c9a8680c89010c1c5214aa9b2bbbca8b38118.js Show response
my.hellobar.com/ 2 KB
1 KB 346ms
274ms Script
text/javascript 2606:4700:10::6816:e17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hellobar.com/c42c9a8680c89010c1c5214aa9b2bbbca8b38118.js
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:e17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a3d560d9f4c1e4452668a4968840bde3b32761835ef7b198397db1d552088df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:02 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Tue, 06 Jun 2023 07:21:37 GMT
server: cloudflare
x-amz-request-id: SNGMA99MFYPKDT8H
etag: W/"dab25f963ee439db737edaba873bf9c2"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=86400, must-revalidate, proxy-revalidate, s-maxage=10
cf-ray: 7d355b3abb4c1e60-FRA
x-amz-id-2: 017hhG7QTrddbGiZNwKFztuyYZCcdDBGCfmPHtsfdbp0xvtRTk/bEXIqr0H5Fsa/3Yj7NpQEdWs=

GET
H2 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 1 KB
712 B 14ms
13ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.css

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237648739/1682460993713/Uptycs_Theme_2023/css/theme-overrides.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237648739/1682460993713/Uptycs_Theme_2023/css/theme-overrides.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2321857
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 394
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-559"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ScJQXDeGi0eklE57uIpAuFeW%2B8ULwY9Uo8H5zETbgz7Ntf5aEVGMezNGmffw5u5x8%2FPqbRtHv17o60U6lUv%2BFnRffob%2F71m52xc%2FiTRZT0XTMFeBhjKi33ZPhbqN8eI4NRILZjc427YeBPcqz0MAFHdE"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d355b38c9d51c03-FRA
expires: Mon, 27 May 2024 02:10:01 GMT

GET
H2 200 slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 2 KB
1000 B 13ms
13ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237648739/1682460993713/Uptycs_Theme_2023/css/theme-overrides.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237648739/1682460993713/Uptycs_Theme_2023/css/theme-overrides.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 9552745
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 657
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-956"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=obpCu89lM0bmNZQXBvnAfGH%2FFFqz3qBOPH%2F%2Bv48Bb7MJy3c5NYlPfmUpPRhBCFJbT4f5wtD2r0KB7Blqyu%2BfvRvzbsi9ul6jBa9wu4BCFa4mpRDhyqddXx1qXe2umCXOLgpLtHdg2%2BmDiP1aolLHgh5G"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d355b38c9d61c03-FRA
expires: Mon, 27 May 2024 02:10:01 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 12ms
11ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237648739/1682460993713/Uptycs_Theme_2023/css/theme-overrides.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237648739/1682460993713/Uptycs_Theme_2023/css/theme-overrides.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1822211
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x977Ad%2BagRzpjHr%2Bj1pr5IrxiJn%2FwLjPvXBfABSSP6kXJK1TU6D6fWIRxihV5IuQMKZFU2WNLUtUWNMUVoAmsHmYL5I4JD5C6npfNMp7toLJTc0swvCtcnWuCba0L7wmmfiW1fZKN6nhj8mpZulaffNF"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d355b38c9d71c03-FRA
expires: Mon, 27 May 2024 02:10:01 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 231 KB
80 KB 41ms
39ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P663XDQ

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

45fcd252abfc58017072ef49f95e34314a0e311078cb6e3325561b8239763f7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81702
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 01:19:19 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Jun 2023 02:10:01 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0b10fcb00f54ff132f2ba46b0b68959a4fabf769d6eaffd73e7c55186ea81f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4a2698c9b28f0e6053921e4832c8c7d14c8847fa0bea29985d3fbb5b2511ad8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Dazzed-SemiBold.woff2
2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Uptycs%20Theme%20-%202023/Fonts/ 35 KB
35 KB 137ms
68ms Font
application/font-woff2 2606:4700::6812:e0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Uptycs%20Theme%20-%202023/Fonts/Dazzed-SemiBold.woff2
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237648739/1682460993713/Uptycs_Theme_2023/css/theme-overrides.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7d73ae35c3412dd12292590b041a66f83a14f7766041b8d523fadf78c8d7daa

Request headers

Referer: https://www.uptycs.com/
Origin: https://www.uptycs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-105405778095,FD-105405778080,P-2617658,FLS-ALL
age: 607046
x-amz-request-id: 5W2RK4R6MXE0M6KM
x-amz-server-side-encryption: AES256
edge-cache-tag: F-105405778095,FD-105405778080,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
etag: "2d0d0de050f8833c2853af07a440a4ee"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1678191122420
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
via: 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: IEWlA03LFNsvE9C7Xc.pkI3DfKgTQ7bF
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
cache-tag: F-105405778095,FD-105405778080,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 35588
x-amz-id-2: qakeffiGzNUAdZpQwuHt5f1T4y49Y0RIz9MYKmptRhg1lAw9olzbabmGZ18IsE8VL/8a/NzkIwk=
last-modified: Tue, 07 Mar 2023 12:12:03 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 7d355b396e4f9b2b-FRA
x-amz-cf-id: jqkr0oH4EnKHjW84S7Y_036IqfxYgha01y7ZCdOO_SMYtByLcCiHKw==

GET
H2 200 Dazzed-Medium.woff2
2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Uptycs%20Theme%20-%202023/Fonts/ 34 KB
34 KB 140ms
71ms Font
application/font-woff2 2606:4700::6812:e0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Uptycs%20Theme%20-%202023/Fonts/Dazzed-Medium.woff2
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237648739/1682460993713/Uptycs_Theme_2023/css/theme-overrides.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c431b7004f2def447ab4b6b2e63e694f322c65162a22e689f91a69e391241df4

Request headers

Referer: https://www.uptycs.com/
Origin: https://www.uptycs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-105405968195,FD-105405778080,P-2617658,FLS-ALL
age: 1416072
x-amz-request-id: 6AX0JMDWEM1CV5TB
x-amz-server-side-encryption: AES256
edge-cache-tag: F-105405968195,FD-105405778080,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
etag: "91c0cd4d25d2ea71e8826f69b4497c6c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1678191122410
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: A6Y2_MG70jGC4aeahpXKuceRQH2hp.YW
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-105405968195,FD-105405778080,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 34664
x-amz-id-2: OXuLCM04CHsQLHdJFrUdLn7rRONkUzU/vT4b7/W46n30kMnIz+eSyBOCgl1WJk3keOysK5EAvL27mOHu6fnSARUH7N3QdoNvRLxkdf/LCU0=
last-modified: Tue, 07 Mar 2023 12:12:03 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 7d355b396e539b2b-FRA
x-amz-cf-id: RriV1VEPnCl2NQ3mk6N22H9crl01_ebBt2K6B-i8DWQ7PEnCVpf94w==

GET
H2 200 Dazzed-Regular.woff2
2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Uptycs%20Theme%20-%202023/Fonts/ 34 KB
35 KB 131ms
63ms Font
application/font-woff2 2606:4700::6812:e0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Uptycs%20Theme%20-%202023/Fonts/Dazzed-Regular.woff2
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237648739/1682460993713/Uptycs_Theme_2023/css/theme-overrides.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b48a0510a39e949184e762267407b9d7292b4fd69dcbf953b657c1e9cfc4cc61

Request headers

Referer: https://www.uptycs.com/
Origin: https://www.uptycs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-105405778092,FD-105405778080,P-2617658,FLS-ALL
age: 1455342
x-amz-request-id: SBGJDGR3GG6YSX1F
x-amz-server-side-encryption: AES256
edge-cache-tag: F-105405778092,FD-105405778080,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
etag: "504d899b185471166fa525f6154e224f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1678191122391
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
via: 1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: Z950va749GesENoMyecGaQOgk36GpyAD
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-105405778092,FD-105405778080,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 34732
x-amz-id-2: DlAsp8qdZf4IKLe7H224OolZWoxJ80dSsibLqYsAhDsNNuhLhgmDam0l0PRnohLs6zaQObBaQMo=
last-modified: Tue, 07 Mar 2023 12:12:03 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 7d355b396e549b2b-FRA
x-amz-cf-id: vjAzDy6lgRGC_evy6cb3uuonYgY3asXTmVR1eFaF1Uuoa1BJgBrbMQ==

GET
H3 200 Uptycs%20Live%20-%20The%20Golden%20Thread%20-%20Reg%20Now%20-%20216x100.jpg
www.uptycs.com/hs-fs/hubfs/ 5 KB
5 KB 1601ms
1582ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hs-fs/hubfs/Uptycs%20Live%20-%20The%20Golden%20Thread%20-%20Reg%20Now%20-%20216x100.jpg?width=216&height=100&name=Uptycs%20Live%20-%20The%20Golden%20Thread%20-%20Reg%20Now%20-%20216x100.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

549a7dea917b3193a7a62eba99bab99f88e6ceff6287cd942881645399063db5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-114075853093,P-2617658,FLS-ALL
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
content-length: 4810
cf-resized: internal=ok/h q=0 n=9+0 c=0+7 v=2023.5.0 l=4810
last-modified: Wed, 03 May 2023 16:28:30 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfwdJA0IGruPhS3jpwTWoJQjDozJW-gvNEtlHRmME9DQ:fa09eb3a40a53b880b62ab25585c8f53"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gdLPjD9cBsg9%2FCNyqi6Ad%2BGgQzhtRXYHVyxDPLnEb6QNJ%2BKj%2F9PCYTTLJ%2FMEYe668uPtsFpIFJicFVjZB0PItgqjz1KHcYa3TkrWP4%2FqzsVcoHVtW0G12ej8gwNwlDzW%2BtKa%2B3zI6y1%2Bearb"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7d355b394efc3a68-FRA

GET
H3 200 Logo-Shield_Padded_400x400.png
www.uptycs.com/hubfs/ 5 KB
6 KB 1567ms
1566ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Logo-Shield_Padded_400x400.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

20ef92addd5e9f9495b402e54ff6f74e3b9d87933745b89ad0deaf7736ab68a7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-98273713033,P-2617658,FLS-ALL
age: 19441
x-amz-request-id: DQ23EVT8HMJNQ3AG
x-amz-server-side-encryption: AES256
edge-cache-tag: F-98273713033,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Logo-Shield_Padded_400x400.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "9dc86353e444c47b96f3bb4939d2d633"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1673542291546
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: Qvfmuxdc6Tx7LaOeuxyeMUJK4hCmPZyX
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=9676
x-cache: RefreshHit from cloudfront
cache-tag: F-98273713033,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 4688
x-amz-id-2: RXlTYJ69NwZozXLVVHblP8DDYwkr7JYAH5lZOh47QFJCOPvqS1KolY0cj4IllKn+p6fc8oksPzU=
last-modified: Thu, 12 Jan 2023 16:51:32 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fHFtu7bYdJpCaXDOhl44iO%2FqYmS0phMxbu7d8mVtceNie1I08K7kOJ4gJS22asCC65QKly6My53eGvt1IYptNeDdjuP4%2BdcTUx8aVhWDZyGDzbgVyYt6kJBrtO%2FM6UlVgVwjX%2FXl7c5JgJDW"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b394efe3a68-FRA
x-amz-cf-id: E5w5q90Tdr6uAwX9-eJLHpJCVN7BWP3tyrYtWKKJIhmcBZtPOeJuBw==

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1024db20df71903f3bd673cc9e99ce16ea9dc5489260baa0647b88674937d75b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab704f205aaea113a0687d8a4bd57bf4d0c0697a230c98b64e7638b46b422c47

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81068a2885d4089db7fe0f548674e8b93e80ae7d20023b5dd1d64099e9d66eaa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 870 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7e8cbed7218afa426f892f79e64736c528e55a524926d61e833f314f4381814

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 852 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8266d39729b51a3fa3dae41c0983ab5c60a604b31ab3014eac7a7ddd1a6966c4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 Laura%20Kenner%20Headshot.png
www.uptycs.com/hubfs/ 261 KB
262 KB 1555ms
1552ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Laura%20Kenner%20Headshot.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4a4bde6034070447282fb73be8f241da543276b2e48f5aa4e1bc2e3ac795522

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-106474309703,P-2617658,FLS-ALL
age: 19441
x-amz-request-id: DQ275CYXVM46YCAF
x-amz-server-side-encryption: AES256
edge-cache-tag: F-106474309703,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Laura%20Kenner%20Headshot.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "269d832078b7c20fc62004a01f5280b4"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1678811926006
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: AsehcKPmH0tt5hWnCvPyghmNY5BqCg1h
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=471868
x-cache: RefreshHit from cloudfront
cache-tag: F-106474309703,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 266950
x-amz-id-2: 7l3tz9Wz9+TYTEuT7yd8DVj4ATZM4WUbJdt8QBdsaY61jIXAZpdWzKtKU8keoLUkMc+r1a06quSmUB0SJCZMug==
last-modified: Tue, 14 Mar 2023 16:39:04 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=in9bUbjNOIPg%2BaG1kSPvqDf%2F9KoS5HtkllB7Zd%2FeGqx2%2Bz5hu6PJXDSEsonJOpaofmkX24Q7csdmikXUMSdaP8%2F1TxQQ50uZKJG%2FvIveuc5Xr9egUia%2BltMISwtlaEXPhjcoGn%2B0xtADgSZh"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b396f013a68-FRA
x-amz-cf-id: x4Dc2RR-uxLI9uawSSBzGeHtJx20RekCKB0Y53cVFnnCkETUNaVn4A==

GET
H3 200 Mark%20Bliss%20Headshot.png
www.uptycs.com/hubfs/ 135 KB
136 KB 1802ms
1799ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Mark%20Bliss%20Headshot.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a416e75f43fb801dc96b5bb4a7c4f1cad3d263f54197c4ca11bdab9fdafe1d91

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-108937602906,P-2617658,FLS-ALL
age: 19441
x-amz-request-id: DQ212MNYKZPMKWD1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-108937602906,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Mark%20Bliss%20Headshot.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "510180cdec5f421d07040213252d1633"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1680208421968
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: DzrHU0qbTLHYhjj4A8gOjNMCA5rSFMJ7
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=248871
x-cache: RefreshHit from cloudfront
cache-tag: F-108937602906,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 137892
x-amz-id-2: XA+ypj9Try31kd/cMRuyjIQt7uTSCc5bGBJbjjbC6iAiNql5Q6tBRIYYshIoVoVIyppixxzI5y0=
last-modified: Thu, 30 Mar 2023 20:33:43 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hUM1%2BWGwLy6hVBamivO%2FETpzhd%2BVQe8dxiuBW205HBh%2FL4Tx2T783xw1%2BMKy5%2Bd4H7LladsZbMTIynEuZcmKNLpXQqHFYAHDBSfxHJ8jTJUQVlfFJuvGGq8sAxWAXWlx5%2BmnTcCoLsJGmzel"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b396f023a68-FRA
x-amz-cf-id: i5v9VMrNMcoRDLwoaOvmLjY3iTFwUGcXTjsFHEqprJxiShLSPk9wIA==

GET
H3 200 Ganesh_Headshot.jpeg
www.uptycs.com/hubfs/ 2 KB
3 KB 1812ms
1809ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Ganesh_Headshot.jpeg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b03d7c8130b00310764853be1c2ab391120e890ed80a3799f5e694aa1c4a692e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-5886082710,P-2617658,FLS-ALL
age: 19441
x-amz-request-id: DQ25KTMCMGTF3C9H
edge-cache-tag: F-5886082710,P-2617658,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="Ganesh_Headshot.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "00984005dbecc2db30ee8d647a6d4845"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: _eSuuzu1Q9Jvxp23PkvSrgqwBAwu7Ah1
x-amz-cf-pop: FRA56-P7
cf-polished: qual=85, origFmt=jpeg, origSize=3966
x-cache: RefreshHit from cloudfront
cache-tag: F-5886082710,P-2617658,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 2382
x-amz-id-2: xIci+52+XlnCM8E8Xcrqz6g48wqvWrI+ryNU/sYqeedXAc8ZCcxy3jA1BU41/eeZi3YUCIfdmrK3BJLO7xPhzoDCUtsjAwPycSspVEqR9IU=
last-modified: Tue, 02 Apr 2019 19:59:08 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5OOGUQmJVPmIA6Cb9EY1%2B6Jgt9xEnIWQRuFoVPuXHlkIhF4gz3C6%2BL5Vi3FKXXNq%2F4zzRUmkTy7SbbhCHd3NUPUiocJ0wDgDvIZoyHE6ACzgvlJVO1HmuIPY4UcXkFV9FqGe5K%2FYZjUlrmx%2F"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b396f033a68-FRA
x-amz-cf-id: sf4jw9q_R_Ypes5q59KyF9l3Tck1f6YBBcyrhM7zS6VHgaWiiTntBg==

GET
H3 200 siban%20headshot.jpg
www.uptycs.com/hubfs/ 15 KB
16 KB 1813ms
1810ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/siban%20headshot.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cf83e7b0b48ea775eefcccbbbc2fe2ac3bef94b4cc5d48ce78ac9be0086aeb4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-109546950752,P-2617658,FLS-ALL
age: 19441
x-amz-request-id: DQ20FG8EVW8GH2AG
x-amz-server-side-encryption: AES256
edge-cache-tag: F-109546950752,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="siban%20headshot.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "f6e94e1dc057e0fe8aa243e154670604"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1680644415644
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: I2u4MIxDTud5PMsfK4gCkc5HLknbG_yx
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=28351
x-cache: RefreshHit from cloudfront
cache-tag: F-109546950752,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 14862
x-amz-id-2: bJp1J+BXWFWpQF3OM8sX46PY4bbCO7veNTQsaDlTwvwqw5skubuS+SIQlWIqupQkDYAdUaGYPx0=
last-modified: Tue, 04 Apr 2023 21:40:16 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gj8Ii8i%2B0wrwF%2BlDJXl091vRZFoYJLjTCI41HR6xOlZjfRht0HizyK5RwSGDpaGArekT5tknXswWKbSCTC6n2mrZhqISn8k3WmYwAP4QdtW80OB3ShKoB2oNFZOmQAntzxcVg0TSXmt6gW6D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b396f043a68-FRA
x-amz-cf-id: lQ_5knfAFxuXFJkrFr_p7_Q0uFeXXxSRFSKbY0aqGaAFLkZb7aQKnA==

GET
H3 200 Tasha%20Holloway%20200x200.png
www.uptycs.com/hubfs/ 38 KB
39 KB 1814ms
1811ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Tasha%20Holloway%20200x200.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

52b7a2e5ff4b88c7d0449f3981da71000b155d4a90d1db941dc90410e276fcb4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-115072669221,P-2617658,FLS-ALL
age: 19440
x-amz-request-id: DQ272W8YBXWBZ082
x-amz-server-side-encryption: AES256
edge-cache-tag: F-115072669221,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Tasha%20Holloway%20200x200.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "e34c4f204f3cc239b3d3920e379f2e2a"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1683751775309
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: QiRh9MZmFFUVp_bDdjVgDYkQkTRzXb9.
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=65490
x-cache: RefreshHit from cloudfront
cache-tag: F-115072669221,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 39008
x-amz-id-2: //3lqSkmBFn2IuA90eIJ0xqLz2AZCyg7XaEnB+HKqKfdjM6Ywko568//+cPnR0wEOthQmaq6Be8=
last-modified: Wed, 10 May 2023 20:49:36 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i6G1pZHJlp6WksLGSp80qglu%2B7UCq%2BBQA4qJTJNtxEH6yCKEdZp9uO5%2Fjh9X0E%2Bc29w%2F%2B7YT3I7Z2IOkykJWJTNCR4xssrHCz95LNP3uPOEbEI6kE44iPHBN7Rj1227Zj50o40%2Bfv0q4me0H"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b396f053a68-FRA
x-amz-cf-id: 1eYQJcmcwalWNhW0AkMYYmCxPMjMQVs65G9-nvsnK5-HGr9_3_w2bw==

GET
H3 200 Craig%20Chamberlain%20100x100%20%20%281%29.png
www.uptycs.com/hubfs/ 5 KB
7 KB 1817ms
1814ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Craig%20Chamberlain%20100x100%20%20%281%29.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9d0753ba6612b20af78e370d54b09f67f43b3bc48cf266f407276e077b35838

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-102634000466,P-2617658,FLS-ALL
age: 19441
x-amz-request-id: DQ29XNFW6Y0ADF1A
x-amz-server-side-encryption: AES256
edge-cache-tag: F-102634000466,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Craig%20Chamberlain%20100x100%20%20%281%29.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "77b4ebc3b31ba4464ec44684da94fcaf"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1676479788552
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: NkIe4V3fiVcaiDb2HxaaZy4UfkAPPpqX
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=10958
x-cache: RefreshHit from cloudfront
cache-tag: F-102634000466,P-2617658,FLS-ALL
x-amz-meta-index-tag: none
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 5342
x-amz-id-2: iTrsl8gkMopZl7eK0X4RI4VkefjiWp8EzvKhCvzm7aFav1jt93loLpD+blGq9e8wQinBrf15s0M=
last-modified: Wed, 15 Feb 2023 16:49:49 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fnux4Sp9yd%2FFe6ya1R8MQm3teuroxerlhtyh4vc6Aafqwc1vns9Mi0A9GqwpTai1YG4b%2F63sSQi6r6R1N%2BJKRFScN087EqQleB9Bh9z4zBcxRzOTwTHAWa6C0oaaoTWtVu8aAU2OfWYpy5MK"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b396f073a68-FRA
x-amz-cf-id: Ain9RtGHcU1Is7y7hpnpZxvQEwaxcn69J849vbaz3YC6iIso6Mw0EA==

GET
H3 200 Tejaswini%20Head%20Shot.jfif
www.uptycs.com/hubfs/ 15 KB
17 KB 1817ms
1815ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Tejaswini%20Head%20Shot.jfif

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

aae2b1e338611989cde7244a67eb6e5de56cf18b81044f4cafdf6cd2f6629b44

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-106365523320,P-2617658,FLS-ALL
age: 19441
x-amz-request-id: DQ20SG2BCHNQZK7N
x-amz-server-side-encryption: AES256
edge-cache-tag: F-106365523320,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Tejaswini%20Head%20Shot.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "6be17c72264cae1d94b070b6cf354aca"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1678742444722
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: P8hNlTqmeDUCHBplK9nQQKk0ARvc40ei
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=28497
x-cache: RefreshHit from cloudfront
cache-tag: F-106365523320,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 15832
x-amz-id-2: UIYkMutqpDO+CyGXnPZpffocFrGIXLsUsWVJN8oI2RVAuZeZQgDwK4gvZkuvWu1FyrNzUMJa/++oAC6l/FkxN5K1gIUzDguTsiuXqiKI9Bk=
last-modified: Mon, 13 Mar 2023 21:21:35 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lYENhsVEMoBtW3Q4cPJ%2B%2BTapxOoYv4CrluMXQjYZqb%2Bcd9p27bU4KlsrSo5pJRETjEDaiUui12oZYFoKhj%2BaD6MFZC4jKFcpdEitaHwum0cfDw2aSeuVIy%2BJ1DsNCmv4gutgRZKYQtUV0Pq%2F"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b396f0a3a68-FRA
x-amz-cf-id: Xg4HFhsMhS8NXL_T2ytrmprCg3THQ9B-cG81V6BNiD7EpVzOlDePnA==

GET
H3 200 Jeremy%20Colvin.jpeg
www.uptycs.com/hubfs/ 41 KB
42 KB 1817ms
1815ms Image
image/jpeg 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Jeremy%20Colvin.jpeg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

02b49f77333f067dfe414f0f2313f9b47e1633e3ecbbb9126ca2e61373eef9ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-89288986522,P-2617658,FLS-ALL
age: 19441
x-amz-request-id: YCNGB1P71R2BQAYM
x-amz-server-side-encryption: AES256
edge-cache-tag: F-89288986522,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "2c7e541a2a42aec076bf3922104bca57"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1666626235888
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 45144f4effc6db6c846de623ab8b639a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: yT6CxT_7LF40df9K.UydyVjwVkTiU8gU
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: degrade=85, origSize=64474, status=webp_bigger
x-cache: RefreshHit from cloudfront
cache-tag: F-89288986522,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 42193
x-amz-id-2: pi4iODkKLPYn6W7mTD6TzRk9Y7FUqYSiMWqeUrvTIt1EP7fqgFmBNSyhd8ZIAOrhkKxdHLvDUH0=
last-modified: Mon, 24 Oct 2022 15:43:56 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JYB2I2XbIXZPUGbHfJjkNta1e4jJt4vPyvbOiCcJcTtS1zcjuy6fvSROOKwz8oyZrbIdMi10k1ZxxJLLZuUEam8LXiqGBQMoBpiwj1C04UtXL4b%2BcJWvGs7Tuzl6b5iinN8%2Bi2ZizNE1naSD"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b396f0c3a68-FRA
x-amz-cf-id: shO1vXKWaj7XbOROlKe3Zjzj3RAhlno0hzjjgbXsfvpuDiqUCm_NQg==

GET
H3 200 image%20%284%29-1.png
www.uptycs.com/hubfs/ 121 KB
123 KB 1819ms
1817ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/image%20%284%29-1.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

898376cfd753cf8cb86319d3f5ecaf5c59b8ab38d90894a2c8d5225fafce80f8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-110395039638,P-2617658,FLS-ALL
age: 19440
x-amz-request-id: DQ248FRCEMHYJT33
x-amz-server-side-encryption: AES256
edge-cache-tag: F-110395039638,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="image%20%284%29-1.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "c9c886c0de4cc5a8e9010c3ed81e329e"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1681161931985
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: igVuafEPFFtxPQpHDkO25L9bq34VYKhZ
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=180426
x-cache: RefreshHit from cloudfront
cache-tag: F-110395039638,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 124214
x-amz-id-2: iEoIUlmrTmNvv+48OsX1Ec9gvNc+bh/FhqvfKGNbRWxVLwJXwO7sBRK1vfuZDshJXTKzG6o95f8=
last-modified: Mon, 10 Apr 2023 21:25:33 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tDfEohOKNvjZfRGD11hsJJ5269TO14GHtcENT5u1oUZGCw%2Bx20TeW9MxFCnHpLWMq%2FFxweVk5E9BMPKfAjWamsYL0mFbNdwYGj4Z%2B5Pv1kZGfcrczPE3cYLPbccFFffySzOzLCA5PvpTzABg"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b396f0e3a68-FRA
x-amz-cf-id: z7VnTS4fUOeaKlmq0_h0T7FSWT6gTIXAVTF7BZCxItiual8Sbo49iw==

GET
H3 200 Jack%20Roehrig%20headshot.jpeg
www.uptycs.com/hubfs/ 15 KB
16 KB 1826ms
1824ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Jack%20Roehrig%20headshot.jpeg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

01178e75912397dcbfaebd986ded988b32fedc279af0da58a5f1115a03200c63

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-94383647284,P-2617658,FLS-ALL
age: 19441
x-amz-request-id: DQ2BE1P4TC8NFRYG
x-amz-server-side-encryption: AES256
edge-cache-tag: F-94383647284,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Jack%20Roehrig%20headshot.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "4fef8e5d76869d8cd53a16d4cc6a5364"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1670364764930
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: Gnhiax8GbCa8mr2yc63hrq4CcdR6k_yp
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=23101
x-cache: RefreshHit from cloudfront
cache-tag: F-94383647284,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 15514
x-amz-id-2: OQd9PU2BZw139EnLsUtd48gjH6J8AlZ+ekmssVGxVRDKter+qWRxCD7RRMyIi8hq3lqnjNFNQx4=
last-modified: Tue, 06 Dec 2022 22:12:45 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8W9hdVZJs%2BtHrNoTQ1tAFCNKGCVL%2Boiw4bx0gRwE88CYtbw%2FdHnqR0apF6DbxCwOKpGg2GodDaex3%2FoacT5DvX9t0fqssiEe0DnIsZ7a0nS7tDcIVVXF42KNf8ZoztwXLVeYpoKJ64zSQes6"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b396f0f3a68-FRA
x-amz-cf-id: pdaLRCpIlNoj6uTKq1pApMJrNHkEqFVPNH6-z34bXUcp9xPq8Eu1Uw==

GET
H3 200 Shilpesh%20Trivedi.png
www.uptycs.com/hubfs/ 106 KB
108 KB 1827ms
1825ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Shilpesh%20Trivedi.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

81e83ff9e57b6dab6a2bebb900c93ba1d0124eb27b0cecd9fd983bb335790d52

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-99587021602,P-2617658,FLS-ALL
age: 19441
x-amz-request-id: DQ2891R9D3F20RP0
x-amz-server-side-encryption: AES256
edge-cache-tag: F-99587021602,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Shilpesh%20Trivedi.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "581b9930eb32d879e5c956ea248b3ce0"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1674495540763
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: FKFljajiUijKNzSYyQK4LVnAjGo_pknu
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=205972
x-cache: RefreshHit from cloudfront
cache-tag: F-99587021602,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 109032
x-amz-id-2: ztq+TUPsDjqt1TukPVvNK8F+la1/jbjczV6AV+xVPNxGQtri8rMFj7qiyRz5BWThvBj/0RZNsks=
last-modified: Mon, 23 Jan 2023 17:39:01 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XcyFeip3QFGjZYC2kkuQYuB2nhsYEAh5aAsb0XPvIKerd9G6BMZj8XK6wYUajP0gVFCWYseJCwGOUgJ9D4j7QS27g0DFd7a6cVWev24%2FZwoUM83%2B4wKByYnH1N2xOxa4AWmlwivhRvINpiE2"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b396f113a68-FRA
x-amz-cf-id: Mv9o0Q0eQaqXVA-GFj6XB9-DTe4oY14R-x1MH3hY4GxiH-33nbpwXQ==

GET
H3 200 Crystal_LinkedIn_Photo.jfif
www.uptycs.com/hubfs/ 15 KB
17 KB 1834ms
1831ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Crystal_LinkedIn_Photo.jfif

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cf9c9e906235815bf8ed2d9b9b3c4b211fdcb676e58eeb617ec055521aa60ed

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-107387451050,P-2617658,FLS-ALL
age: 19441
x-amz-request-id: DQ2CC0F1BF5PHY6N
x-amz-server-side-encryption: AES256
edge-cache-tag: F-107387451050,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Crystal_LinkedIn_Photo.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "040bec82aacca20bf32ddd85914a5663"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1679421443055
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: fAahOOQE3rfZPhFDGNEJRhVWhMlSbWra
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=28121
x-cache: RefreshHit from cloudfront
cache-tag: F-107387451050,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 15546
x-amz-id-2: /ApaEb4s3SrMUjdqECg2qykY2gz5iIG2bBiOZyXUpfNa60MOCSeBZRIs/wfV7ids2tcf2eaHfs8=
last-modified: Tue, 21 Mar 2023 17:57:24 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QFMB6xjiPsGz7%2FubOAAQ1JCCMzM3S7n6x0esv%2FRbopozlbOgiRh65dFEoWehQ8XDxi6RMgxK7mzt6CFjooY2muluWke%2FGKnNcy5iy0VFWEdJIY5x8ZnDsv%2F0avA5GkVs9r8%2FQ%2FjQbm1MRP5I"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b396f123a68-FRA
x-amz-cf-id: 7cLlufCr8ucULlINAmFcZRLm12tiYHngUmq-EOdWeY7GgsBFcYdpVg==

GET
H3 200 RTM%20Locker%20Ransomware%20as%20a%20Service%20-%20Featured%20Image.png
www.uptycs.com/hs-fs/hubfs/ 140 KB
141 KB 1780ms
1777ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hs-fs/hubfs/RTM%20Locker%20Ransomware%20as%20a%20Service%20-%20Featured%20Image.png?width=512&height=268&name=RTM%20Locker%20Ransomware%20as%20a%20Service%20-%20Featured%20Image.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b5dc9b51b59dd4b8074da124cb0d662deddb17a65712122bad13db214b28f42

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 56317bf75183e752b06c880e8a1e502a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-112780881495,P-2617658,FLS-ALL
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
content-length: 143598
cf-resized: internal=ok/m q=0 n=884+0 c=2+334 v=2023.5.0 l=143598
last-modified: Wed, 03 May 2023 16:05:11 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfPeqWFPI6Ijqri2Td1-1S1FWc_YvTXtmF1RCqePlhDQ:ae4f50f058e6f3d0afae80cba9852111"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IfuHw9BgvZ3iof3rnNYmZjWSwGRO3%2Bdw1srw%2BsIyV8vxx14XRDFFv5A05LUaJMeVU4TvBQ9BFgKhejDMfv%2F0LnMpxH1VnZDI0GVrRez9D6zzTqDWAHLQlGl2Ty8LgZZaJvr%2FxXn7eTbt9FWK"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7d355b39bf4d3a68-FRA

GET
H3 200 Gartner%20Security%20%26%20Risk%20Management%20Summit%202023%20216x100.jpg
www.uptycs.com/hs-fs/hubfs/ 5 KB
6 KB 1789ms
1786ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hs-fs/hubfs/Gartner%20Security%20%26%20Risk%20Management%20Summit%202023%20216x100.jpg?width=216&height=100&name=Gartner%20Security%20%26%20Risk%20Management%20Summit%202023%20216x100.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9fcabeef08f6373ebb801a4e39e571cffd0c1234b8318b919d42b1072ca0867

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-114080184475,P-2617658,FLS-ALL
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
content-length: 5072
cf-resized: internal=ok/m q=0 n=841+0 c=0+7 v=2023.5.0 l=5072
last-modified: Wed, 03 May 2023 16:31:02 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cf0ubJPOi9P1J9INABNkoyIIAlzJW-gvNEtlHRmME9DQ:accfde8c08692887bad551a53db0d23b"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dCZHO8jfF%2BqN4jvR3iCMSRT0N5VfTPHzxdHIe9jGbuiDls4Jom%2B6tfzyBmse%2B8gyYB2zQdomJya6KaGtRY4veqD42z4xgqG%2FWA3V5z7APeICPfAe%2FUZ8p1xuiI85cnWTcPSjThb8NoXEtdFV"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7d355b39cf593a68-FRA

GET
H3 200 press-release-test_v2.png
www.uptycs.com/hs-fs/hubfs/ 9 KB
9 KB 1789ms
1787ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hs-fs/hubfs/press-release-test_v2.png?width=1200&height=676&name=press-release-test_v2.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

51a503209526dd0bcd104926559bb8e255b8587f06edf792e8b11df1c9ed2fda

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-112315880211,P-2617658,FLS-ALL
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
content-length: 8730
cf-resized: internal=ok/m q=0 n=867+88 c=0+0 v=2023.5.0 l=8730
last-modified: Fri, 21 Apr 2023 19:35:13 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cf8v_RHaHdWob5dk_1WBh-_H5RkW7g4BWfuO-jRiYCDQ:feaf9f79c04580ffdc21b5147a7ed37e"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tin5QwBlh7BYtpqyWV81GuueFXczVBSlpbpzI7nNsW7tIMpTiKONAF4g9IBssy7uLDWjin9LcMlfa2EReaeYcnJ87zJ%2FWgWaKuyyftEguO9Vo%2BFGWpUXmWrO3sO4xVQ2kXxW3mzLsqr88r1j"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7d355b39cf5c3a68-FRA

GET
H3 200 Fig1.jpg
www.uptycs.com/hs-fs/hubfs/ 90 KB
91 KB 1789ms
1787ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hs-fs/hubfs/Fig1.jpg?width=1076&height=507&name=Fig1.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf6f4daa876b8b86305acd241e9f4db721fba2a9627e13a6f601c767589f9539

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-118750194187,P-2617658,FLS-ALL
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
content-length: 92012
cf-resized: internal=ok/m q=0 n=906+185 c=0+0 v=2023.5.0 l=92012
last-modified: Sun, 04 Jun 2023 17:01:06 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfmMfZhq7yaf04n6pROrESYTk9xwuvQgTkBMI0SsY6DQ:5e8063bc36048b43d6fd731a54ef2728"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RzxlhyqCWmX4a09xPvP2CiMsHbVEbcea3S9lLhOlE8BMDBD%2BWQweO3yNkDMFNm4nP%2FApKjAxYJwu8vUj3FUQE2SlEPkL0pNUEM48IVxT3vv53TTGAk14B8QYTZexgH%2FyplXtk%2BZbEcSOH4lE"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7d355b39cf5d3a68-FRA

GET
H3 200 Fig2.jpg
www.uptycs.com/hs-fs/hubfs/ 27 KB
27 KB 1790ms
1789ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hs-fs/hubfs/Fig2.jpg?width=1764&height=691&name=Fig2.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

309da76a0b0fc705f59bda88be9ac85ee3784b1a4975aa437f402105a28eee76

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 45144f4effc6db6c846de623ab8b639a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-118750899380,P-2617658,FLS-ALL
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
content-length: 27146
cf-resized: internal=ok/m q=0 n=872+256 c=0+0 v=2023.5.0 l=27146
last-modified: Sun, 04 Jun 2023 17:04:56 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfVW4jLzuF_o1YeUG4NX61-vXvAGfyiCfGkx9f0SqlDQ:dc1d460f2b9ca607ff5f7cd9a02d1463"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7qOhmILjAcbkzgAHOA1a7tvP0kJEZwoWSf5flTZ%2B5T9YTzwzEA2myoMltusr%2BwbYQ7MQDbJwDUwH7wfeaX5oYi%2F0w19HJBIuXI5OfcSUNgA%2BhpwVHvncerES%2FUk4TYjSR7N5YBvUies2b8nL"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7d355b39cf5f3a68-FRA

GET
H3 200 Fig3%20(1).jpg
www.uptycs.com/hs-fs/hubfs/ 34 KB
35 KB 1791ms
1789ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hs-fs/hubfs/Fig3%20(1).jpg?width=1764&height=691&name=Fig3%20(1).jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d482de483f2af3d37d1abe50db90607df7de7226cd4b809d06e7e2ffd3403171

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-118750415243,P-2617658,FLS-ALL
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
content-length: 34538
cf-resized: internal=ok/m q=0 n=824+101 c=0+0 v=2023.5.0 l=34538
last-modified: Sun, 04 Jun 2023 17:06:52 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cf6kvmqQ3pSe_LwsRUbSyswnKCAGfyiCfGkx9f0SqlDQ:f4767bd99b7fdc0c2cdc3dd53433318f"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LwjV8qldU3rZp45kUKyUahawWdHMU99j4YANkqVVJKcD%2F6mD7vhFFmY6VQ8xDDSIPrei2aIm9GpnIezdRKgpK1nuuKEoVByVeWZCSlMtRtCky9zra0MnYyF3RkMma55V3alT21Vrs5MGFxmg"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7d355b39cf613a68-FRA

GET
H3 200 Fig4.jpg
www.uptycs.com/hs-fs/hubfs/ 49 KB
50 KB 1793ms
1792ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hs-fs/hubfs/Fig4.jpg?width=967&height=504&name=Fig4.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe138a2d81c1409180b6036cb3e8fedbd65f725150f08afba8d6cea0a8e9d506

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-118750415269,P-2617658,FLS-ALL
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
content-length: 50492
cf-resized: internal=ok/m q=0 n=823+0 c=2+189 v=2023.5.0 l=50492
last-modified: Sun, 04 Jun 2023 17:09:35 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfUTkASWYbN0AEnztR0ADxo-aPtTPTZjdOXFGVdYkNDQ:d8107dcb885c4856951549ed412f9f00"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dOuDvFrXP6ErKuu4plNI0a%2FC1e3u36twaxY2QJffxRmd5QHx8FXuAeb3VIbsHVcGIyD99xf7JdfnnLM5ucSFRSCdUFFF0G2d6dZWijms7tzT2myxUXJ5dBwHCGpDTfYVOcLC%2BN6FBqP5Gee4"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7d355b39cf623a68-FRA

GET
H3 200 Fig5%20(1).jpg
www.uptycs.com/hs-fs/hubfs/ 5 KB
6 KB 1800ms
1798ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hs-fs/hubfs/Fig5%20(1).jpg?width=1920&height=588&name=Fig5%20(1).jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c409d69a33dc16e7bf3b649e148fa83553ad1856f044b449d1bc737c0f185eb5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-118751140170,P-2617658,FLS-ALL
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
content-length: 5020
cf-resized: internal=ok/m q=0 n=877+146 c=0+0 v=2023.5.0 l=5020
last-modified: Sun, 04 Jun 2023 17:11:26 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfn6LAjydXUzjRlCDsir3mcW0ycctCTIBenf0lN3ygDQ:bd13a92a4bee3d1a49063d818c4cd1fb"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XeQneZanpr4Pn4H3s9pJNnfY8J9cv2%2B3sShOedQd6fjoCtpnUp%2FoT5vvTYI8kwHhdSwSJm3qzyQczbospYffJ0Pi8EFmvLSqpXGtjtFuP4mvoe%2B%2BxJsweNZ%2BlVq5N9hUYPDs1ZO0E3wwxYSE"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7d355b39cf633a68-FRA

GET
H3 200 cyclops-ransomware-stealer-combo
www.uptycs.com/blog/ 516 KB
516 KB 1776ms
1773ms Image
text/html 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
content-encoding: br
content-security-policy: upgrade-insecure-requests
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
edge-cache-tag: CT-118749292421,CG-2617658,CG-5593128451,P-2617658,CW-105369588578,CW-105720709649,CW-109011094577,E-105237096759,E-105237648739,E-105237674790,E-105237778736,E-105237810298,E-105237812090,E-105237812106,E-105237812592,E-109250214765,E-118532473678,PGS-ALL,SW-0,B-5593128451,GC-106292852859,GC-106293388626,GC-106405915759,GC-106405924729,TS-105237743018
x-hs-https-only: worker
x-hs-prerendered: Tue, 06 Jun 2023 23:49:27 GMT
x-hs-cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
x-hs-content-id: 118749292421
x-hs-cache-config: BrowserCache-5s-EdgeCache-180s
referrer-policy: no-referrer-when-downgrade
x-hs-cache-control: s-maxage=10800, max-age=0
last-modified: Tue, 06 Jun 2023 23:49:27 GMT
server: cloudflare
x-hs-hub-id: 2617658
x-hs-content-campaign-id: 0dda784b-30ea-4a42-bc02-c3472e373b7d
etag: W/"a69b621ed9255b795827e7e645b36cee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JiDWOVNlHmDdcbrwXyYritfe33U6nG6Lub5QnEVjx%2FCFujvfXGBiCgxzjHmCT7IruiNpY24MQ8Ftkm0DStuk%2BuqXcEHleOhDUW2VYyZHmAuPM9X91djuJCVgsygu5cjNRYYC4GNE%2FWBPKF%2B6"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: s-maxage=10800, max-age=0
cf-ray: 7d355b39ef843a68-FRA
link: </hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js>; rel=preload; as=script,</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script,</_hcms/forms/v2.js>; rel=preload; as=script

GET
H3 200 Elias%20Terman.jpeg
www.uptycs.com/hubfs/ 11 KB
12 KB 1780ms
1777ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Elias%20Terman.jpeg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2d5c679a038bac7f7eda37d56570e9ffdc2fbd79e19a44b9d9de7b2bf62ef1c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-81461992790,P-2617658,FLS-ALL
age: 19440
x-amz-request-id: DQ25250RQ67SCDJN
x-amz-server-side-encryption: AES256
edge-cache-tag: F-81461992790,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Elias%20Terman.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "2b3182b913c4b0efc4530f9f59d7184b"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1659996783740
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: hvvMlcoAg3CgfsNia6xWuZ0hYiKdQJDz
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=21229
x-cache: RefreshHit from cloudfront
cache-tag: F-81461992790,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 10894
x-amz-id-2: jGqWQu2UPQGagahl2d5F66vjUSFEBSctajIqSiOrzS79DaWvSmSrM8bD54MIGFTeW9dhV/quAEg=
last-modified: Mon, 08 Aug 2022 22:13:04 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ve741QrEYT%2BD4Mssnv003QBpxcEslwDjIfwLQdx7%2BF2Ch7WMOyrcZdX7aT8UgcYaOrm%2FRDfNmWS829iuBIrQSDZrjVAnQ31LAgFqRB%2BE%2FFIptMV0WmnDpotJJ%2Bx1bqnUSZSQlSg3i%2Fl7Rl%2BT"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b39ef863a68-FRA
x-amz-cf-id: MtU82Y8STMAyvvETEhPM9XFvGprdstAhFJRw-dsk0DIQyhZthjTflg==

GET
H3 200 Siddartha%20Malladi%20Headshot%20400x400.png
www.uptycs.com/hubfs/ 147 KB
148 KB 1779ms
1777ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Siddartha%20Malladi%20Headshot%20400x400.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc08a124c16c25ff3b71fa636c2ee94d1720aa56bd8b255813c5028e22fb37f7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-102031828300,P-2617658,FLS-ALL
age: 19441
x-amz-request-id: DQ2651Q2AQBMQ7ST
x-amz-server-side-encryption: AES256
edge-cache-tag: F-102031828300,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Siddartha%20Malladi%20Headshot%20400x400.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "190316fa987f788003eb96029e3d77db"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1676059947520
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: K589bc9HzRbdihjxvcrYE5IZEmIhfgJD
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=273649
x-cache: RefreshHit from cloudfront
cache-tag: F-102031828300,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 150342
x-amz-id-2: dCjJ/8C0i12TdFWFuGJBl1VlWK3ITU/iUAzs8Q01fgVPrwOqewqpTN4B6O4fJHYG4b6WtWnJYZo=
last-modified: Fri, 10 Feb 2023 20:12:28 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FUszyvN2y%2FCknBD7%2F80fd1dVm21qcNYZOGtkvlV0T4uCqx7nGXHT1nPn%2BuYppNnFX%2BDt4NnnLrBvkKsJixAOhKPZogs0dRE01O4R%2Beb9xaAhLM4xm6bvJXMrPOAeRZj%2FB9WfbE5LQCltPwJd"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b39ef873a68-FRA
x-amz-cf-id: SIzewMiY2ivtQZj1986F8gI3DHxwyPbDsF-Rmuyxo2F-fSUv0vNsJA==

GET
H3 200 karthick_photo_icon%20%281%29.png
www.uptycs.com/hubfs/ 151 KB
153 KB 1788ms
1786ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/karthick_photo_icon%20%281%29.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0207219f37ee173551903855b6526d64a72471c3093b60e11ff98098f5c15ef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-98446123078,P-2617658,FLS-ALL
age: 19441
x-amz-request-id: M0AGTRJ0CXJCVG03
x-amz-server-side-encryption: AES256
edge-cache-tag: F-98446123078,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="karthick_photo_icon.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "db667df3e16fa06cc0352b878a9562f5"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1673625488896
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: OjH8gb4B4QXHoLpMWPYYCHCeyKmFpkjb
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=285880
x-cache: RefreshHit from cloudfront
cache-tag: F-98446123078,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 155020
x-amz-id-2: gX5TLXmgBhVV/uqLTLEK+LU8LXL/S3md1X7Kvm1gPxCKy6zJPm5a5RpQtXrn1kVVUt3BLVDyeU4=
last-modified: Fri, 13 Jan 2023 15:58:18 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4gSVDqYk8uQun2JhyBWQXLOhvvirkZaVOAvby3Sdnw0su0I%2FWN%2FK4UOMVd1%2FBgzWntg6Laduo%2FfLNywSu%2BzkCYq4O%2BN%2Bh5Xki0JhInosgEsW4IBJs5Iq4odKYb%2F2M%2Ffxa4XrO0cf3llyhr8D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b39ef893a68-FRA
x-amz-cf-id: La-otgq47qBYGdvfvJe_IJ7CB97IBb1A_2PvpoazGta39vHr1Z3OuQ==

GET
H3 200 T1PASAU59-U03LEUG965U-64e9589cad0d-72.jfif
www.uptycs.com/hubfs/ 2 KB
3 KB 1795ms
1793ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/T1PASAU59-U03LEUG965U-64e9589cad0d-72.jfif

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

806ead6b109b15c7a232abc2fe40677459e022ad2b6e828a2d99fa0e198473e2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-99774833486,P-2617658,FLS-ALL
age: 19440
x-amz-request-id: DQ21VTNE9EVQCKH2
x-amz-server-side-encryption: AES256
edge-cache-tag: F-99774833486,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="T1PASAU59-U03LEUG965U-64e9589cad0d-72.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "41479c673e0d9fd5f9cb2668896ef19b"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1674599763324
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: kJlsQs4bMxsZzCtFzJb9YKdk_IzfFT11
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=2758
x-cache: RefreshHit from cloudfront
cache-tag: F-99774833486,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 1722
x-amz-id-2: Ir1pF8xaKzXmHEJqeXkvsLZUoexvgzE6uRHIU1v0Slxg9GgeKX1MamVbVwvodnDH8wm4TKD5Z14=
last-modified: Tue, 24 Jan 2023 22:36:04 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bwd3LgXqXTF4eUe9XGYmcmynq1DbLW67MJRQPjtcBJk%2FOJAUpQta0y1Vym3DT6bJZHxqGd4D3oVF3RhEk2eHkGBM1zIv%2FWaF%2B%2FXkRccLclIwE%2BIRO7wp3khgjrDsYhPa73nrJrAtYd8xx%2FZy"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b39ef8a3a68-FRA
x-amz-cf-id: BjUlNm2zYfWQJzD9r7ND4IXjoXjeabvRdAc5N0n3__I-3ZEH306B2w==

GET
H3 200 Arpit%20Kataria.png
www.uptycs.com/hubfs/ 107 KB
108 KB 1795ms
1793ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Arpit%20Kataria.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a7a5cac2c210993a6a5ac6174ea03902219b5c639c9278b0310495f6c60384e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-99029134699,P-2617658,FLS-ALL
age: 19440
x-amz-request-id: DQ2B5C0QF0T6YTFZ
x-amz-server-side-encryption: AES256
edge-cache-tag: F-99029134699,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Arpit%20Kataria.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "ed9a2bfc7de692026e91eebeb22a3f35"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1674062501560
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: CjwKfMMdqwdVs7gNJTXA8JzBlcNn5Xgu
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=202002
x-cache: RefreshHit from cloudfront
cache-tag: F-99029134699,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 109710
x-amz-id-2: M+Ysipz6jHNWzwWy/fWXihXxt0/LUpHgswB1hQ1vggJ9oFudUfhrjznKKhbNJfK+7YtBOgsRzCg=
last-modified: Wed, 18 Jan 2023 17:21:42 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nfeYcDYRvzSQ5NqPqrkOQJ1cjFAnAl6AAWMnAdJpyQ2Z7I7SwQ7s%2BJl9G1okfjStMgjBx%2B1hUeswhepNcP1FNIQA45Y0BVV9qw2fjh1nUJM0eBMCYinVqLurT7L93PnKa9jUV0pufvtfcLV5"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b39ef963a68-FRA
x-amz-cf-id: kO4dMdR4LOyMKPagSHO2Co7VSOs0Sd7i1VH8uanvprPbrp6zhHkiug==

GET
H3 200 Tyson%20Supasatit.jpg
www.uptycs.com/hubfs/ 128 KB
129 KB 1799ms
1796ms Image
image/jpeg 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Tyson%20Supasatit.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6508717bf45e6397b67ab097bbc967fa06b8a46f40358ba610318bf7623ac651

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-36572824231,P-2617658,FLS-ALL
age: 19440
x-amz-request-id: DQ21ZXXB5P4072EE
x-amz-server-side-encryption: AES256
edge-cache-tag: F-36572824231,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "e54595cf432776790e91899263ed639a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1603457578417
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: fIZ_S.2dXHRq2Wn5pNvqY1wRsZdYBHcc
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origSize=134504, status=webp_bigger
x-cache: RefreshHit from cloudfront
cache-tag: F-36572824231,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 130985
x-amz-id-2: +u9+r9hslKms7oxeJsN4Wro9Xf4RL/4ZbLvet7hkaoY6l/TNr8FoaTrEqjmaCbP3SIxaCf/1pxs=
last-modified: Fri, 23 Oct 2020 12:53:21 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4DOPSG3wyLVF6X%2FN2CA8oxDjVlSlNfF4LkHN1AuNLVZ4AaQ%2Bkjw6YXcLJllwacd9ZVAGw9OQ9GZtonyhwVUfCmUwN14MzHnomaEJepcKn5MSiCf0XNYfiI442qlkR7jtm99U9tDvqWtBxrA5"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b39ef9a3a68-FRA
x-amz-cf-id: vveQUlhnUgIwVx8zv9MSZs0-1iuu60XqtVbUpKD7idOIPKw-Lp1QLg==

GET
H3 200 Screenshot%202022-11-17%20at%2010.40.52%20AM.png
www.uptycs.com/hubfs/ 2 MB
2 MB 1807ms
1805ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Screenshot%202022-11-17%20at%2010.40.52%20AM.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

45cd97fc92948a5dc5682a1fe6ed038d12eccb12705d736514579caf24dd0cb0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-92066466171,P-2617658,FLS-ALL
age: 19441
x-amz-request-id: DQ217694TKQVA00H
x-amz-server-side-encryption: AES256
edge-cache-tag: F-92066466171,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Screenshot%202022-11-17%20at%2010.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "f3641fb87dea84ebe02bf1a588ae7fe5"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1668706875149
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: WWfEqViHGyOueKciNWPm4b3pBDqukARF
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=4132594
x-cache: RefreshHit from cloudfront
cache-tag: F-92066466171,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 2223306
x-amz-id-2: DkvrIglzugFwGxTMgXM1VY7YLBR3Zf2s5Wc53rj5oJ/ryj5QandPEvhmC/pGYbp66i6auJyORRQy6mn4kDDcxGjMikKNH21lKMHFUbDZ2+Q=
last-modified: Thu, 17 Nov 2022 17:41:16 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OJ%2FeBCQBqvCTe%2FgYodAjTWpPudH2hU3SjadfTivGnZ4ftbQg7M49wdCT9VDiZvI8i5tCpw6xkIPcRXqIgjg3g8pUeqj%2BtAtG3pYLdYwF2cHHGaKwnfnMCfvqPvSqQL4sJiiMVdAclOWPTZgL"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b39ef9e3a68-FRA
x-amz-cf-id: g_mf_4XwPLVZTVDdoRwBrZqUz7Q7hrL4-lEUu_42evImdsUN-gjJyA==

GET
H3 404 Uptycs-Stacked-Logo-500x500-blog-author-pic.png
www.uptycs.com/hubfs/ 102 B
102 B 1995ms
1993ms Image
text/html 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Uptycs-Stacked-Logo-500x500-blog-author-pic.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b06e4f9701667cbfb2c27b4955dfb26ad87cf2d410df01289c744f17a1a0257

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA56-P7
x-amz-version-id: oQ5g.LoAEFK3mdk3M1pWALQQ6oLrzuy3
content-encoding: br
x-cache: Error from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 19 Feb 2019 20:12:00 GMT
server: cloudflare
etag: W/"f6e4b6cdb45684ca8239a8161901d7ad"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nCncOgbRaMbWA9dnZU7xCVfnVbZeK%2FmgUAi%2FzFJyweMnJo65QJ0CL4zNRDPOVyXkt2FzBXJK26lIteY2unK7k9yQcdWIc1Z%2BnQi6IrYyDv1Fb1j7pv0KpcbnL%2BVJSYn4wLZqttTBiAbFq9Za"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=300, max-age=600
cf-ray: 7d355b39ef9f3a68-FRA
x-amz-cf-id: _FhhsOjM0CzLgnpvQOmUKeq6PdmfJy3zJhV_hzsYsDQlf6eodipr7g==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20

GET
H3 200 Screenshot%202022-11-03%20at%209.00.30%20AM.png
www.uptycs.com/hubfs/ 427 KB
429 KB 1996ms
1994ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Screenshot%202022-11-03%20at%209.00.30%20AM.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3d79b62944fe63e1478387db96f294c05c173c36d97173a02e5c8cea7400f79

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-90401755174,P-2617658,FLS-ALL
age: 19440
x-amz-request-id: DQ26D2VZW9FHKBYB
x-amz-server-side-encryption: AES256
edge-cache-tag: F-90401755174,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Screenshot%202022-11-03%20at%209.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "80b9c9d2cca67e339ea8c8e57526dda7"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1667487650653
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: mtgcFRTPogUbWzh_5njoDJwMa4_63Qos
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=873066
x-cache: RefreshHit from cloudfront
cache-tag: F-90401755174,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 437628
x-amz-id-2: 1/iDKD2Gu27G9vtxI8AupNhgOXXSrodKVgmtAjCgQTBT1sI/1kbGSvu48MOka0nCrNXTaEOuNGs=
last-modified: Thu, 03 Nov 2022 15:00:51 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DuJk3Go8QxFH3zbqki4ZznkGqaGjrkQr1M5Jv2EW4iRClColOGZia1YLdaD9BikVr1f5CBekvxdT8UOrSHPTAG7V9jiFX1TPMMYkGMuhQRHH7i3oB38H8KXZVvYdOrFPPMqVonW4%2ByxtB5vH"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b39efa03a68-FRA
x-amz-cf-id: p5Pkynk4CSitAjyEqVdVTF-9LUq9HAms8cOMH-4sjWzgCDGcMakGzg==

GET
H3 200 Cropped%20Headshot.png
www.uptycs.com/hubfs/ 368 KB
369 KB 1661ms
1657ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Cropped%20Headshot.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

05dc484a7571871d354a9311a8007f740388f285f188c5f4520a6f87c5ff3db4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-6488955308,P-2617658,FLS-ALL
age: 19441
x-amz-request-id: DQ27FCQE87ZXP8MP
edge-cache-tag: F-6488955308,P-2617658,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="Cropped%20Headshot.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "b700c82b6018be57c007233934944ca8"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 df327bd0c8709a81ade8602ac9ef16e0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: XWId9.SiH_DpO3tKoHOwWpAiuIdpv579
x-amz-cf-pop: FRA56-P7
cf-polished: origFmt=png, origSize=791140
x-cache: RefreshHit from cloudfront
cache-tag: F-6488955308,P-2617658,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 376364
x-amz-id-2: jDJRT55dWs8nTTZHdPRS61eUPISMvpT7lyy+0xdGFpXOnuA8SSZEh9HJX1vZJI4mrMFe1Ekz3wc=
last-modified: Tue, 02 Apr 2019 20:10:03 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZLHXu2d4pvaknLixriR5JJCRDMo5bXh9gN8RV4lYHuxkY4wda8amVYeu4B88cK5W2gzFGwGMaJBHbcehrqI%2BVqwswl0vBYbrYhrjdWKFAcQCzfsmH0sn7d1V6e1g5pkg6NJCSAnVc%2FVRJYLz"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b3c28f13a68-FRA
x-amz-cf-id: ra9R7Se3oc08J3tWj2O8fCDuPS55fw96PQwy1x0uMIOKGuyVvYuoag==

GET
H3 200 seshu-pasam.jpg
www.uptycs.com/hubfs/ 55 KB
57 KB 1668ms
1651ms Image
image/jpeg 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/seshu-pasam.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6877a19dc0e1a666316819677f11f16581cffa181f12914d519495148df158e5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-33362943636,P-2617658,FLS-ALL
age: 19441
x-amz-request-id: DQ21JKSZDS2N42DZ
x-amz-server-side-encryption: AES256
edge-cache-tag: F-33362943636,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "c4d2a966c243a8ebd563cf1ae46231b8"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1596737939331
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: E9ZmfRR2cUAXmtrLLGbXQnh_V1_69iWH
x-amz-cf-pop: FRA56-P7
cf-polished: origSize=59328, status=webp_bigger
x-cache: RefreshHit from cloudfront
cache-tag: F-33362943636,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 56717
x-amz-id-2: 3GO6HkhT9/Fm5Xu8XRDIoBvwHSLN8EnDo57C7BJCdEyr2Pa+DTtO4Aohsg1+1QlJdF3Nm1gCklM=
last-modified: Thu, 06 Aug 2020 18:19:00 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1rBQRGeNrdG6FHhQQeDGRMjPxhzI8ZsDeZhVk2dMBwru4xr4Xttr%2F%2Bnkjeg9kLmGJ4Nah%2B6XFBvuwcqSe0mkMhRrIO6T9GV%2FgDm3QcKYTXcy1pVXn1EoJqbOs2eIk%2Fmu%2FXFmAV37m2l5A5O7"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b3c49083a68-FRA
x-amz-cf-id: yJQkUmxqNnWlUgFi5fHqZ9Vuxz5qyBPHQNOW0HCKgSUpRnbGTVL72w==

GET
H3 200 Uma%20Reddy%20Headshot.jpeg
www.uptycs.com/hubfs/ 3 KB
4 KB 1669ms
1655ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Uma%20Reddy%20Headshot.jpeg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b92b720b7b27c984ae2b60d01e42295d5fdf44feec18ea8947e3509afe602e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-5654497589,PAyyI,FLS
age: 923438
x-amz-request-id: DHM7K1C82D5JC41S
edge-cache-tag: F-5654497589,PAyyI,FLS
x-hs-https-only: worker
content-disposition: inline; filename="Uma%20Reddy%20Headshot.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "949ca9e596a068a223b539b0aa8d673f"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 6f32a39163a1e36ace7a71a85e2d2884.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: mCZa3I2yjswHtFigEbKsbOJq3vfrsTkN
x-amz-cf-pop: FRA56-P7
cf-polished: qual=85, origFmt=jpeg, origSize=5609
x-cache: RefreshHit from cloudfront
cache-tag: F-5654497589,PAyyI,FLS
alt-svc: h3=":443"; ma=86400
content-length: 2944
x-amz-id-2: nbQm2cg+krdw1O2xXLePqQALcICsiPItrreCkWcDup49XnOuR9PtsG4UPf5PzNdnSb0Bn9aJG+MFtiQ1JOvZMLIUzioMfOPGV6Iq6c76VhE=
last-modified: Tue, 02 Apr 2019 20:17:19 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D8RZfxx2tTb%2Fxb5764t%2FoW9RYxEEoYC7YHWN4sMv%2BoRTVYVXdcR6NIak3xVnkhEQQF7%2F%2FWXNNqs6EcF7ZKzjLaWd5WNKPO4BN0BFeSy7zvlsblbRzQjN2MbFMepeQktFkiOCB37G6exTELI5"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b3c49093a68-FRA
x-amz-cf-id: Pg4lutln5HwLedDRL5UV8p4Wuzu47fFIXp15JVgV4cpcXGoqMBS8rQ==

GET
H3 200 Siddarth%20Sharma%20Uptycs%20Threat%20Team.jpeg
www.uptycs.com/hubfs/ 28 KB
29 KB 1672ms
1657ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Siddarth%20Sharma%20Uptycs%20Threat%20Team.jpeg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

871b03652a0008600f2a50dd60eec80229b86b7ebc5ceb4a8bf4e092e734c67b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-45093554200,P-2617658,FLS-ALL
age: 19441
x-amz-request-id: DQ2DGD8BAGH857F2
x-amz-server-side-encryption: AES256
edge-cache-tag: F-45093554200,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Siddarth%20Sharma%20Uptycs%20Threat%20Team.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "95f050e4c4b25295e3cbbe0c2d507b0b"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1618421556458
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: EbsyeSnV_dtuqvbC2CcpMGLpq7u6bFQr
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=53653
x-cache: RefreshHit from cloudfront
cache-tag: F-45093554200,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 28476
x-amz-id-2: EGndFOi3ZQivTuKW4nm18z/1YMmKp0GYB9AD/pLaQPvEn1hWYr7+1db98DP3Or4vL2GWLRoToL8=
last-modified: Wed, 14 Apr 2021 17:32:37 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NuzTX13P9WIduCT%2BMV8UGA%2FWJltKPcN00ZK4L862cKtu%2B3%2B0BxwGbTTjcWNQmpqaguECXN5bHNeV7JBmmTtBeo%2FO5YpYKtwyvyCtn3Gc5kRR4fArvC7VmqI9x2XQ7F9ck0evgLyxiwAhvIPc"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b3c490b3a68-FRA
x-amz-cf-id: kClzmL1Qz58Vz813uJvQq_sUyZX8WZD329JUKcNnApnkTwMOipvluA==

GET
H3 200 ryan-mack-1400x1400.jpg
www.uptycs.com/hubfs/ 105 KB
106 KB 1672ms
1659ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/ryan-mack-1400x1400.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

383ac1ac279ddb81b1d99db09742cbedf5471a3ab1e7511285fe3bdc5081e46d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-35537062557,P-2617658,FLS-ALL
age: 19441
x-amz-request-id: DQ27XG7KEM9EVRVN
x-amz-server-side-encryption: AES256
edge-cache-tag: F-35537062557,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="ryan-mack-1400x1400.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "67ad2a8e2b27ca5d856f0901de2bc16e"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1601465871769
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 45144f4effc6db6c846de623ab8b639a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: eXp4BabHYyQrTckv5RYQfBUFr5W4OCke
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=132676
x-cache: RefreshHit from cloudfront
cache-tag: F-35537062557,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 107170
x-amz-id-2: yvXYsPg/mMOfQ4aB+pUJOY1aAGOM62GTxsVTXznBlaz2nAqB/Wk3oyNTwfRJWrbGL5DCEK1+TTY=
last-modified: Wed, 30 Sep 2020 11:37:52 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NJ29Jb9NpUvaWQHdbFlOAv%2FNmV%2F47xm%2B5rZH2b9nznnAfdBNwXmls8C0Xg17GydhyvVWbhSo5Z8o7jU0xDnYXzXyWgbjDLpSJf6nJJv2XC1HQMbvxO1Xq6eXtztyN8UpI7ppMGJyoPdHb4eE"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b3c490c3a68-FRA
x-amz-cf-id: eH6WANIeTSjK0FWkiymCeo1HLv-x9mjtbCktch9MQW_lgstdF1LeHA==

GET
H3 200 ashwin-vamshi.jpg
www.uptycs.com/hubfs/ 56 KB
58 KB 1672ms
1665ms Image
image/jpeg 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/ashwin-vamshi.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

be2bf63948323229931c41d2f3482782e3dd88b7895fb87b21e92750232f5aaa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-40640693518,P-2617658,FLS-ALL
age: 19441
x-amz-request-id: DQ2DM8ND686SB80M
x-amz-server-side-encryption: AES256
edge-cache-tag: F-40640693518,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "2312f844a91a3f845b11a248c85fab71"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1610468981155
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: B2M0ZDh0sypCuV.vVNyfl0TrmbxQKIxI
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: degrade=85, origSize=178763, status=webp_bigger
x-cache: RefreshHit from cloudfront
cache-tag: F-40640693518,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 57599
x-amz-id-2: p1v5XnL614wYWg1eZnLxVt0JzwA3ochW9CxQet38NgoSSXSNDXfKZ7rcDt2Jp/VJtfQ52YRybMFHRppI4pYGLGfKNHzWO33y
last-modified: Tue, 12 Jan 2021 16:29:42 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tk4TWeZhOl0oDDSoVaHwM37Ho%2BObqDge6HwlElVAokb63ckXvMqiIFHBKOWaQRkbzw5qwR%2B1EpizTVK9G%2F3zxtAQAYRBKD7hr85daXqb2YwdAjU8aEAthRG%2FKb54dNh9nsApdxp%2FXlRr%2BjpI"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b3c490f3a68-FRA
x-amz-cf-id: iZ9oUIGVprJlckkFKE8Fne8KEEeDsC_3yKqWJaHDsH5IekWPDfhNAw==

GET
H3 200 LinkedinPhoto.jpeg
www.uptycs.com/hubfs/ 23 KB
24 KB 1673ms
1667ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/LinkedinPhoto.jpeg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a62483dcc7ded7389deaa0348e8151190b8ece8eba2f45b956e1d4356ce2f265

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-48270827581,P-2617658,FLS-ALL
age: 19441
x-amz-request-id: DQ20GN66VQEES6BE
x-amz-server-side-encryption: AES256
edge-cache-tag: F-48270827581,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Sudarsan%20Kannan%20Headshot.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "7c869fb3cf1b0ea0ca5ec3815925136d"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1622645179029
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: .OFgYGt14TK4qiD.vQKaFIeGo5_NxK0F
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=50338
x-cache: RefreshHit from cloudfront
cache-tag: F-48270827581,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 23398
x-amz-id-2: DZ8raMQzqqDbW1VngXWjkiioS/RRMG9iS3K1NUPRBuAttgoaf9H+06rXHTd57HSFTp5T2eMxNxU=
last-modified: Thu, 03 Jun 2021 15:05:41 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U8rFGkknB6APEWwVcLN6cd3emua8AP8l7dr2TUidbReevxpviahDyc1rAxA33QRIZOOFRToaiYxMto1QyijN6HpS23PPa%2FY%2FFiLIRBJCAdlkpSKhLTn0sE264h6FYg2yT73Zgt%2FGHL9639m8"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b3c49103a68-FRA
x-amz-cf-id: yPUD9ZmA8zXiTsLHEjM1larPQbhpgi7qTRHAVKkGkUG4bw5EfQtTjQ==

GET
H3 200 20210504_161736-03.jpeg
www.uptycs.com/hubfs/ 199 KB
200 KB 1676ms
1669ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/20210504_161736-03.jpeg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3afedeaa6430fd324d45bdb3eaad02844843fc7ea2dd2a37eff7e15f6ee094f4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-46683132941,P-2617658,FLS-ALL
age: 19441
x-amz-request-id: DQ22YGSZM45R8DX7
x-amz-server-side-encryption: AES256
edge-cache-tag: F-46683132941,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="20210504_161736-03.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "e7fdc234ff12eba62a1979646b5a8d68"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1620395378418
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 3aUJjvJmcbQtw564kuoApGfRPQsOxE89
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=676716
x-cache: RefreshHit from cloudfront
cache-tag: F-46683132941,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 203444
x-amz-id-2: WohhTm/isOiwD8efQ4z7XZ8E7ip799qJ6VCS8mMcbHXdQ+Yr7u+5NG3PQSFB/rEkT1zAUG82A08=
last-modified: Fri, 07 May 2021 13:49:39 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tUY3DsFPdsEuQytfHw8G9%2F%2FOgJfh4ClFSapkpWHk7FjFwWjI66Orx%2FQ3mJg0BgcXUKSzPeNtbZdMNgN%2F3Q8huuEXpN%2F1ggiXIvtX5lDaKDBvX5kiPzEFHfS1A653tz5dLwReWxzPjDIp8YFM"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b3c59123a68-FRA
x-amz-cf-id: Vh4JCiviaeI1HDy1BCSeOm_7IrnRBBafwAIJ8xVDfaIiUrQ-eTR40A==

GET
H3 200 ben-montour.png
www.uptycs.com/hubfs/ 1 MB
1 MB 1685ms
1677ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/ben-montour.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1748f35e9fc0fb639c8a8a3b2467c5ba7ada3100bf082c6ecfe3292091f9304

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-41930860188,P-2617658,FLS-ALL
age: 19441
x-amz-request-id: DQ20WDZEFB45KSWB
x-amz-server-side-encryption: AES256
edge-cache-tag: F-41930860188,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="ben-montour.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "c8f59349f77979efcf1eb66c01b99820"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1614192016185
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: ztf7ZhukoJ1IMw.0gq37EI0WqBa.pgFC
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=1823901
x-cache: RefreshHit from cloudfront
cache-tag: F-41930860188,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 1103868
x-amz-id-2: G8ZOG+8HAvqupiqO/E/WdRTzUf1swCJ7Wzr0Gvx848sojvds5P8W4sCDkUyCpTBBt4ktQFUJ7p0=
last-modified: Wed, 24 Feb 2021 18:40:17 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2OtRzvLspMERM1u%2Bgbulr6OZGvKNXIWC9cYuz8AEpxz3LWOCQayf5cY2f9bK2SutQULCIvLEVnmEUJ0KFBDNsri50k91pQ2ebFSq%2FdK77rZGQ6sHI%2BYu6nqOLcz6tnrCsPgt73CUs%2F9PRHz5"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b3c59143a68-FRA
x-amz-cf-id: brBRwe4AlEr5FBGONsLE6gUNB8wwlN5Pf5fudBVLjQl-Cok2NGlW9w==

GET
H3 200 adhokshaj-mishra.jpg
www.uptycs.com/hubfs/ 19 KB
21 KB 1770ms
1764ms Image
image/jpeg 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/adhokshaj-mishra.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c636d2bb6213b1d42aa3f49a592a1315fe1f2ee74fa34e8d3abeb8422960ba49

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-41969128948,P-2617658,FLS-ALL
age: 19441
x-amz-request-id: DQ24ETXKFQ7XKXN8
x-amz-server-side-encryption: AES256
edge-cache-tag: F-41969128948,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "1938532291b0a254dd01aebbc420fadd"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1614254385793
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: S7niNfg9LmQbDFQYWaNIVnygzqd2CeBq
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origSize=20990, status=webp_bigger
x-cache: RefreshHit from cloudfront
cache-tag: F-41969128948,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 19818
x-amz-id-2: poHnAC7i+Ooibqnr3r+5axMCCfrQA6o3iSGf5sNaJStATeSH4RlIOkvVHcGyxwicg1Gzzcc9B4gc6lqvVvvqXg==
last-modified: Thu, 25 Feb 2021 11:59:46 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tdqk0cQCBn1%2FqBVgjJDhidqVcaRzgvmI1hF2TB3LSCm%2BW8nDuN%2BzRbdUCz9fU4aQ8JhFEvwxxuEq%2FIZb7BsBMvEelYxytPSMloj1GcAcW2dHf0%2FjRWwUz5cQh5R1qs9WOHMH91OJzj%2F3VTNE"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b3c59153a68-FRA
x-amz-cf-id: YFlSZQCKNa8LUvRSF4yK1L9SuHTw-Kv5xhuMZfZErk1ninmXWRh5AQ==

GET
H3 200 amol-patil-lg.jpeg
www.uptycs.com/hubfs/ 53 KB
55 KB 1773ms
1767ms Image
image/jpeg 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/amol-patil-lg.jpeg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

00f17737bc51f35701098d94fd13765cacb25e7b824e981a9daf538b495f93ba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-41162406392,P-2617658,FLS-ALL
age: 19441
x-amz-request-id: DQ231MXYA90CR9CS
x-amz-server-side-encryption: AES256
edge-cache-tag: F-41162406392,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "108bbed36b0b283cc13e2f58de6b479e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1612201564220
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: rSrzYxtVMbhXO2K.nZWqE9K_kEO9roOw
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: degrade=85, origSize=84568, status=webp_bigger
x-cache: RefreshHit from cloudfront
cache-tag: F-41162406392,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 54622
x-amz-id-2: Btv7orLU8uPdBuWiWNkji9HntRzg+GF96Ic7yTkj3COW9ucak/z+/WSrd70B3AG8njWYkaNIQns=
last-modified: Mon, 01 Feb 2021 17:46:05 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EH1r487UlXufs271Nj4PTQxszMAd1%2FkWBFwuVRgQtItFkcBACxdlScOPoIDesnw2W6eI8r%2FvaEPw5wrIHNA3%2BHaIn4igz%2B3Lbo37V%2F2dAwOigRwQ%2Bc2KPvIKHTdvxsNXVyVYDUAdDjFxLG3S"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b3c59173a68-FRA
x-amz-cf-id: PLQdLzL63w9O_PrNcYvrTzyzXEqGk7Z6vSAmOX4-k3si289zBxA9qQ==

GET
H3 200 amit-malik-crop.jpg
www.uptycs.com/hubfs/ 39 KB
40 KB 1774ms
1768ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/amit-malik-crop.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

895b899e9398eb9b3452e91c112ead04a3a146eb4a8ff44648159bb5f596241a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-33873371029,P-2617658,FLS-ALL
age: 19441
x-amz-request-id: DQ290CV5NVDXKRH0
x-amz-server-side-encryption: AES256
edge-cache-tag: F-33873371029,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="amit-malik-crop.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "d4c4e0d1534becd1939df4269b83092a"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1597863999876
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 099a327961f82798658bf21aa210d4a0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: vwsB_tu5HyYG71RFrbb0BQSwErT5DDGQ
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=109145
x-cache: RefreshHit from cloudfront
cache-tag: F-33873371029,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 39504
x-amz-id-2: Dy1K8sy8ynRIdpUZ06wnKJvygJ/G7nAvKHqdnWp+szVchIvjo7bcsBYd6xmHlf6wm0z2OtyGn8g=
last-modified: Wed, 19 Aug 2020 19:06:40 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wxzc88GUP5kX554XY%2BFRR%2B73xGh7OD%2Byfr20c2CDufQYrsf9SEYPIvL6JOUAHnZd79lb%2FY9sy7d4m1hYWpIpqdGWkYakXGNQ7kz1rjFx%2BNDhh2DFKapsihtFoFJ9sijExnWqW62ZYkddnuhn"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b3c59183a68-FRA
x-amz-cf-id: GAruqk5vfJ8PzKL6SV5FHr0p503ZAisR3vZvfvY_DZsNi5Q3a1CVCQ==

GET
H3 200 abhijit-mohanta.png
www.uptycs.com/hubfs/ 96 KB
98 KB 1775ms
1768ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/abhijit-mohanta.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f84bb2319f46811986bd36d443b6cae0001c98ec5ec536a37e5eb9dcd720af1c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-37956248559,P-2617658,FLS-ALL
age: 19441
x-amz-request-id: DQ22CT8C7EH43Z3J
x-amz-server-side-encryption: AES256
edge-cache-tag: F-37956248559,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="abhijit-mohanta.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "887df0061abca031aca727a58165f7f0"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1606226729111
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: bQcOLt8iAqbyXbPPAIu.1Na6VZIKLGS8
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=174728
x-cache: RefreshHit from cloudfront
cache-tag: F-37956248559,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 98614
x-amz-id-2: nbnOGMs4pMtafcgCOusG+fwWUmmIx+1FqNch07wL+JxLj8lC7uSoOWGEk7h4BDcpDfsMNxS40rJB9FKNVcQGjjJe7dnqj6jKHbvXt5kVp+8=
last-modified: Tue, 24 Nov 2020 14:05:30 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UL73KR7zh41JSKzwsg58%2BE0sXuDhsgtsJlyqG4ep53tjPk2EtQ3lsXLfVBkqwHuV%2FGZnHUujmDX5LoH3BTXkSWXXXFhtoQRc4BecGEwKPWvPNX7hhH4tVelZTOfSSGevgs4D5AkQT5hImOGM"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b3c59193a68-FRA
x-amz-cf-id: b_WoDP1rkYa99mzBawD0qLFlQe4lQAZ9WwyXflrssH3YwrBTIZLkhw==

GET
H3 200 mark-knowles.crop.jpg
www.uptycs.com/hubfs/ 408 KB
410 KB 1780ms
1774ms Image
image/jpeg 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/mark-knowles.crop.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

de6019e9456023da3978a28fe996ba36455b75a1031e7c15fd72e9f8fc78c400

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-37909302528,P-2617658,FLS-ALL
age: 19441
x-amz-request-id: EJF26DC3QAG77FNK
x-amz-server-side-encryption: AES256
edge-cache-tag: F-37909302528,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "fa717c0423666bc80642f1e5673bfc08"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1606142656650
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 1rW6nfTmybQYOM9H_B2oVyJqpjV9oriQ
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origSize=435838, status=webp_bigger
x-cache: RefreshHit from cloudfront
cache-tag: F-37909302528,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 418111
x-amz-id-2: E14u1kHAn6Mu8mJYdiUY4yqhzh2acP+YTXfL96XC6T2D4yKPapMJbvpD9bUL6sL067vpEVKoaOI=
last-modified: Mon, 23 Nov 2020 14:44:17 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOXGyXysCNMRdF5T3pToOkbSKFXS6WBKC5Biwr0DpLU%2BtxAoHX5%2FPggmjS6tbu0eoQCHSkKOBps%2FgWMNFIX1bMzyJzXGcGW65J5X4W6KIGiKB3QARstK4XQVbey81eE6pBJlNKbf1N118tFl"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b3c591a3a68-FRA
x-amz-cf-id: 124X_Wew88Yl0QXZ5o9ZHwFRagvPkVIQD8epct4I0WFvNpe4JgKdag==

GET
H2

200

default-80
avatars.hubspot.net/
Redirect Chain

https://app.hubspot.com/settings/avatar/d41d8cd98f00b204e9800998ecf8427e
https://app.hubspot.com/userpreferences/v1/avatar/d41d8cd98f00b204e9800998ecf8427e
https://avatars.hubspot.net/default-80

354 B
1 KB

54ms
15ms

Image
image/webp

2606:4700::6812:cec9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.hubspot.net/default-80
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
Protocol: H2
Server: 2606:4700::6812:cec9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f44a0999dce72299487d3cb56bdfbb90e3f82dd9e501d37a82deec19b482d8ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: J97QDREXBNHXHAVJ
age: 81943
cf-polished: origFmt=png, origSize=635
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 354
x-amz-id-2: rG5Rrjij5x0vBddXOelhJ7TycxnbPNyYAWUuX1mQS522/iPYv5h73eTNMQPzKbXghPGJaIPZu/c=
cf-bgj: imgq:85,h2pri
last-modified: Fri, 18 Sep 2020 15:59:15 GMT
x-amz-meta-s3cmd-attrs: uid:1997735891/gname:staff/uname:jmendelewski/gid:20/mode:33188/mtime:1484768624/atime:1484768624/md5:f9ac484f1e674f1b05ddaf662904d2d3/ctime:1484768628
server: cloudflare
etag: "f9ac484f1e674f1b05ddaf662904d2d3"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74b%2F6PKaE2FxnjNN05vbveW7TtVVDLWA96z6DjkUaXTzFsrpKoBzIEa0ZSATtkqk%2BKJD2g3IAz1V261qGgYiTprXYEa%2FZJiX1OWos2bi8m0RHzksGtBMMsdKkhtuFUOu%2BF7uOx7YU0mQ3OdkPSYknIM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 7d355b40cc8b9136-FRA

Redirect headers

date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-hs-worker-debug-mode: false
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: c3712fa9-f03b-4aae-8203-fbcda3d82a80
x-envoy-upstream-service-time: 5
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=7d355b3f7b089b88&resource=unknown"
x-evy-trace-listener: listener_https
x-request-id: 0b1e9997-5914-4f08-a0a9-ab767deb57b7
server: cloudflare
x-trace: 2B7188FAE1EBFB9C291CAD1912C3808BAD9F0FAC28000000000000000000
vary: origin, Accept-Encoding
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
location: https://avatars.hubspot.net/default-80
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-cxzff
cache-control: max-age=0
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
cf-ray: 7d355b3f7b089b88-FRA

GET
H3 200 Guillaume%20Ross%20Headshot.png
www.uptycs.com/hubfs/ 535 KB
536 KB 1808ms
1803ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Guillaume%20Ross%20Headshot.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

68a66405371ff51949896fc42d0e8ae25494b6958143ac97e928ed5c45919848

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-6488954775,P-2617658,FLS-ALL
age: 19441
x-amz-request-id: DQ2D2ARCXH1THZ8K
edge-cache-tag: F-6488954775,P-2617658,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="Guillaume%20Ross%20Headshot.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "d6e49207b61d6695b81108e9384def66"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: bFm6TQKOLVNM_DaVVPM47WVBVVQmpbaz
x-amz-cf-pop: FRA56-P7
cf-polished: origFmt=png, origSize=1030367
x-cache: RefreshHit from cloudfront
cache-tag: F-6488954775,P-2617658,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 547818
x-amz-id-2: 7ZTIFjdI/MPRKgZIhIoIWBRXX8YF2tsx2vKZA2L1V3XSH2ZQV6tXPsw8N63YH4wvrdBTDVjslNM=
last-modified: Tue, 02 Apr 2019 20:11:39 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hBMyvnZcL9SygCw1MUEVJm0x5WrGgG5eQz9rASvKfx%2BhOVWOmc0yEjHenZB6RRfC6GHC5F9OVVUtZsbMeJDSOuicZxS7T%2BDnL8ln%2Bcl8dTqLIKhd8H4Gof5ABL7KT5IjtOeIyfDClB1eMpOw"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b3c591b3a68-FRA
x-amz-cf-id: 3DJeyacdrC2KDK5Cx0NoNWXBQ8BU2pBf-mzLpDudSugYU4ZakqS9uQ==

GET
H3 200 mac_headshot-web-2.jpg
www.uptycs.com/hubfs/ 57 KB
58 KB 1830ms
1824ms Image
image/jpeg 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/mac_headshot-web-2.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d437ff46c22a64aa5353e11a1c606c167f8558afe74230e2c3097c99053d7682

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-32076967995,P-2617658,FLS-ALL
age: 19441
x-amz-request-id: DQ22JWKPB7RFYFQH
x-amz-server-side-encryption: AES256
edge-cache-tag: F-32076967995,P-2617658,FLS-ALL
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "459a14b8b044c13f15be0ce2e9f83452"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: KY4BGL59p0jqT3.4pwMFi22xj1AnGx8n
x-amz-cf-pop: FRA56-P7
cf-polished: origSize=63397, status=webp_bigger
x-cache: RefreshHit from cloudfront
cache-tag: F-32076967995,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 58191
x-amz-id-2: 9FDZu0cs8jPa8NxT7OZwj7Jbk5FVt1wpkA1SQvkyYTAkrYL0v/1d4qmJAaHB684iMI8ewVtbVFQ=
last-modified: Wed, 08 Jul 2020 19:20:43 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DZFVUMHHcrKiyzGe%2BF%2FI1flBwAUzOChu4ixNFbivuxQJeDGnBEiCwAxtpKEf71HWyEWeTD724kz4VuUY3B%2FWjs1nK3mKZlBefSzpGF8msbfYeXHD1HcHAs5FWJACmbIt3i7cCIv47VJZmg3B"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b3c591c3a68-FRA
x-amz-cf-id: 3KxZgSdbtD38FiAOesGkggwQdd19o0jKWBE8hE2l15eClFDcxygp0g==

GET
H3 200 Carl%20Vincent%20Stripe.png
www.uptycs.com/hubfs/ 349 KB
350 KB 1831ms
1826ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Carl%20Vincent%20Stripe.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d90f2888073bf71f63892b79e25bf1e644a0c736ab9b5d441ae0af11f01210dd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-30866768780,P-2617658,FLS-ALL
age: 19441
x-amz-request-id: DQ23HMCV58RDH3RH
x-amz-server-side-encryption: AES256
edge-cache-tag: F-30866768780,P-2617658,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="Carl%20Vincent%20Stripe.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "abc24e32fe201e09abfcc7a9be388285"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: CuiOddhVRr8XMjhCiP9HibpZ1p1u0ERu
x-amz-cf-pop: FRA56-P7
cf-polished: origFmt=png, origSize=513545
x-cache: RefreshHit from cloudfront
cache-tag: F-30866768780,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 357244
x-amz-id-2: AZXqU/duTU3A018QJyJgRamj48QkZ66h8+UkOCzicwsKnVkPhIGWpCtbmUkoVs2FPoGql6+/coi1l1IqaR+HbA==
last-modified: Wed, 17 Jun 2020 17:50:54 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3gdYBv8VGFMJMP4ZpeH6XizJ2Rcc%2BfXVnA%2FJY6s2drAvfWZQzYAxvyruhCIBflBcXnPJX%2BzUrN2mQarchdZC%2BR9%2BjbWiV0pQnXmf%2FubXZwLCVg45k5iw%2FhZAI%2BilEz5G0ShoY1SM6GacQDEU"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b3c591d3a68-FRA
x-amz-cf-id: 6Qe1FhGjHnAQ-963LTfkw0c0scKvPIssd_aFcvYzzvLpinmv7sUPWg==

GET
H3 200 Untitled%20Design%20%2822%29.png
www.uptycs.com/hubfs/ 996 KB
998 KB 1850ms
1846ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Untitled%20Design%20%2822%29.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b01113fd73bb36f6d070ac007ac2d7135086c66fa39083dc09e68cdc6dd234d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-23186115293,P-2617658,FLS-ALL
age: 19441
x-amz-request-id: DQ2BF0NGD56FATQC
edge-cache-tag: F-23186115293,P-2617658,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="Untitled%20Design%20%2822%29.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "0cdc687b79fa5e0a6e51bddb769555e1"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 099a327961f82798658bf21aa210d4a0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: ZRGWadpBmJB7CKq_eRNn.F0tjZS0.tiM
x-amz-cf-pop: FRA56-P7
cf-polished: origFmt=png, origSize=2370737
x-cache: RefreshHit from cloudfront
cache-tag: F-23186115293,P-2617658,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 1020374
x-amz-id-2: OHxv1ArB2JtPUijfzme+UZmUved20pok7pprox2efKBIY479+nsPnN8byHGuH6dHVXtKggRZ8hE=
last-modified: Mon, 09 Dec 2019 23:32:07 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UxkYytDkHHUYjXBadH7etAA1nrH1W9Cix%2BNdkRzXT1FK4TPBvUT3e%2Bfn3v4IdN1%2BBHVCLHS917LQ8h%2F8HRSxHjPSg7wJcfJRVxmd3NYAEsOqaHm5wHETcUZM%2B4dJw5gxKo9HTiBj2qm75agj"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b3c591e3a68-FRA
x-amz-cf-id: c9uRJ_IYKK0fuqDkG6Zo09d7KFOMRao-NiciidVGn9OMd4jbHCB3Yg==

GET
H3 200 AmberHeadShot.jpg
www.uptycs.com/hubfs/ 31 KB
32 KB 1892ms
1888ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/AmberHeadShot.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

753faf452f97201f01f08f5ce7bd8147e2e7d8f36f89c1b7b0707e610a633d37

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-5638889389,PAyyI,FLS
age: 1358667
x-amz-request-id: K8N9E5A3HNXGPHZ8
edge-cache-tag: F-5638889389,PAyyI,FLS
x-hs-https-only: worker
content-disposition: inline; filename="AmberHeadShot.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "2d5f172761d3b545474c99d516588385"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 079cd4553da15b2329bffae6abe6157e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: ClStIkD_SHhK3JoDsMxhZ41D79qb2X.2
x-amz-cf-pop: JFK50-P6
cf-polished: qual=85, origFmt=jpeg, origSize=37956
x-cache: RefreshHit from cloudfront
cache-tag: F-5638889389,PAyyI,FLS
alt-svc: h3=":443"; ma=86400
content-length: 31790
x-amz-id-2: o+D8IAP7M61Hb3zRNVAZv+acLgvenhtZrJJtVLJur66GP4nwWmm8DQHvY1DcYmmPVVuBguGEuLM=
last-modified: Tue, 02 Apr 2019 19:52:39 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g2opv12OPhK8qEdsTasNt%2BOehZHtZcpCwrtEUuCfdjdRT265S2RtMgdZ2bg61z5Uona47RMs3FUdoGY7AjEyK%2FS8QJp1qQQmb1kL9upqOAqBZBXRNJUIsnsdLyhS4daUkSShmm0mgxLsSdvz"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b3c591f3a68-FRA
x-amz-cf-id: POZKlreNGxXi0RpuFtBBgzw4aScBCjLehwdda5IFGYyXA5RceM2poA==

GET
H3 200 Pat%20Haley.jpeg
www.uptycs.com/hubfs/ 21 KB
22 KB 1894ms
1890ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Pat%20Haley.jpeg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b438a4e09b24c25e0a69e767c2d3d7bccd8a4707cd7a7872b682d4b3d473b981

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-11376931772,P-2617658,FLS-ALL
age: 19441
x-amz-request-id: DQ29SQHXJW5RKY0C
edge-cache-tag: F-11376931772,P-2617658,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="Pat%20Haley.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "bb8ad15524730b8e3b0f5742752882cf"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: tkQZoVmdc8pVeG5mHQD_v2HLPETuk1e3
x-amz-cf-pop: FRA56-P7
cf-polished: qual=85, origFmt=jpeg, origSize=50371
x-cache: RefreshHit from cloudfront
cache-tag: F-11376931772,P-2617658,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 21152
x-amz-id-2: h5AwCemRYt/BjaV6bFimqk5pOoXinlPrOHKYS1xOhyiE/V1LF3nDXnKUmwIReaKZFthak6m8v5o=
last-modified: Thu, 18 Jul 2019 12:24:18 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bfiy9jYMxfXqhCZaaPhlQcqw6LAIM0Lp1ciCYuAbp4q%2FqJd0yUeB4IuJZ8B0dockN%2BtlFSmW9MqTbqUclMuqE%2FXD2p0CCZPKGfjjZgd5ekR0Peoo6w318sfL2gPxuQq3210bq1wI1l74gplf"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b3c59203a68-FRA
x-amz-cf-id: LAuCTXddESMkE9e1P2A3lkJE5RiHCPETnobRulHmzRwvfzG9I9pxbg==

GET
H3 200 Footer%20Shape.png
www.uptycs.com/hubfs/Uptycs%20Theme%20-%202023/Blog%20Page%20-%202023/Design%20Assets/ 747 KB
749 KB 1902ms
1896ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Uptycs%20Theme%20-%202023/Blog%20Page%20-%202023/Design%20Assets/Footer%20Shape.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bad24e105479fb5068a865e3e3d3a2bcaac9a2ba464f9c4cefd5b5c0eb1bdfa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-108181951152,FD-107813354289,P-2617658,FLS-ALL
age: 19441
x-amz-request-id: DQ2FHP732BWY19MK
x-amz-server-side-encryption: AES256
edge-cache-tag: F-108181951152,FD-107813354289,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Footer%20Shape.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "b3d93a318b1f23fa374b7baaa0d1d01e"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1679914929702
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: ugvFJbwUahWJOTsWq1TQa4WMnyI5_qlN
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=929677
x-cache: RefreshHit from cloudfront
cache-tag: F-108181951152,FD-107813354289,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 765320
x-amz-id-2: zVBB+fn5V6XtrpzAHek9RY58Brr+yAsykVqfWXTbCG8IvfyGVXMUbMhm4lMrK5ULk1KG2arOxpA=
last-modified: Mon, 27 Mar 2023 11:08:47 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rLdx8uf469YUIu5PR09pIbZjtOGhHW8Ye%2F%2BbSEf51VaiWTYPQSpk7YBTj0gKrycyF%2Bu67EEANY%2FTdQT4AfrfdNalbdT6r%2BoDZczTVCzVVXzN0qK8EXF%2B0qYddRjI1HOulbwL38vOllnnPsVc"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d355b3c59223a68-FRA
x-amz-cf-id: 4IN3x3HLmrp95NP3PNt0ZZLMOXxi_8hoUfSiUAvT1NewmQcdVNGVyg==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 58ms
19ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FM1R8N7KP8&gtm=45je3650&_p=377012972&gcs=G100&gdid=dZTQ1Zm&cid=1470695902.1686103803&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1686103802&sct=1&seg=0&dl=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fcyclops-ransomware-stealer-combo&dt=Cyclops%20Ransomware%20and%20Stealer%20Combo%3A%20Exploring%20a%20Dual%20Threat&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FM1R8N7KP8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:10:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.uptycs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
455 B 86ms
24ms Ping
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=G100&rnd=1293731543.1686103803&url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fcyclops-ransomware-stealer-combo&gtm=45He3650n81P663XDQ

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P663XDQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:10:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6si.min.js Show response
j.6sc.co/ 35 KB
11 KB 75ms
12ms Script
application/javascript 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

4aec96eddab69454e554bb60664da2e5043c363ebef6921644f619523e7274d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:10:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 May 2023 00:27:16 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "64641f64-8a3f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 11052
expires: Wed, 07 Jun 2023 02:10:02 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 69ms
11ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P663XDQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:02 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230132-FRA

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 69ms
9ms Script
application/x-javascript 2a02:26f0:3500:16::215:148d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P663XDQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=10464
server-timing: ak_p; desc="1686103802872_399430925_134403532_18_557_13_30_146";dur=1
accept-ranges: bytes
content-length: 4777

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 69ms
12ms Script
application/javascript 2a04:4e42:600::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P663XDQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:02 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 23 Jan 2023 21:56:14 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "03d5db9dfd00a5719bb4c9261e6fa1bb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7356

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 291ms
10ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0caf64bbe8954fe9c2166955ec4e1842b2f0780fb0cbb76ed7d60ea0dc59dddd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 07 Jun 2023 02:10:03 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27549
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: PY8cp8KRqm7kE22rsyZNVQSU00ARtJ+QTrwE5H4/wUhPSwulyjiQpVlJPKur6FASuTJjw80YLBTU0vmiaT2XOQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 stat.js Show response
www.clickcease.com/monitor/ 171 KB
54 KB 108ms
27ms Script
application/javascript 2600:9000:20c3:4600:15:a0d3:77c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickcease.com/monitor/stat.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20c3:4600:15:a0d3:77c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4f9687af855e3702920c9feedcf07596807bf43bcd8de0b543ffee66f98e1a22

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://clickcease.com https://*.clickcease.com; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: 6Er2d0GJvgnFniPQXIH7h8kzG7dJBNJf
content-encoding: gzip
via: 1.1 e01f54b21119ff385b2879b6a08078e0.cloudfront.net (CloudFront)
date: Wed, 07 Jun 2023 02:10:02 GMT
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://clickcease.com https://*.clickcease.com; upgrade-insecure-requests;
x-amz-cf-pop: MUC50-C1
age: 2
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 22 Nov 2022 11:31:37 GMT
server: AmazonS3
etag: W/"1c27f449b067550681f23ad3e53988fa"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: microphone 'none'; camera 'none';
x-amz-cf-id: Ear4XFCQ2ZompsYpP8yw-7_la-faGz2LBf71NFx4QWKpysn61LD3Lg==

GET
H2 200 adsct
t.co/i/ 43 B
378 B 172ms
127ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=8b2c02b4-d228-4d0a-84d4-3ef4644881cc&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=966f3f3a-eca3-4d81-89ab-d8fefa1ac2b9&tw_document_href=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fcyclops-ransomware-stealer-combo&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzmp6&type=javascript&version=2.3.29

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-response-time: 119
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 9c293ec049858e83
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 14479d77272713dc7afc0e9215f1e5d68fc090747cbdf090937562d872a67d40
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
396 B 164ms
128ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=8b2c02b4-d228-4d0a-84d4-3ef4644881cc&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=966f3f3a-eca3-4d81-89ab-d8fefa1ac2b9&tw_document_href=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fcyclops-ransomware-stealer-combo&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzmp6&type=javascript&version=2.3.29

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-response-time: 117
date: Wed, 07 Jun 2023 02:10:02 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 9c920cfc7794542b
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 90158a1403d730a4658b14695c1bbc612bdff5f4f5017c33034ad05036a92b18
content-length: 43

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/1252922/domain/uptycs.com/ 36 B
375 B 109ms
42ms XHR
application/json 2600:9000:237d:6200:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/1252922/domain/uptycs.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:6200:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:01 GMT
content-encoding: gzip
via: 1.1 f52fb277cecd3d7de14d996c1f683de2.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 2
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: Kn3x8EQgkEB56HfSuJsGxzF7CmX0rIXD4EabTG350KB8d9ijGjxQCw==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1686103802952&url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fcyclops-ransomware-stealer-combo
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1686103802952&url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fcyclops-ransomware-stealer-combo&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1252922%26time%3D1686103802952%26url%3Dhttps%253A%252F%252Fwww.uptycs.com%252Fblo...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1686103802952&url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fcyclops-ransomware-stealer-combo&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1686103802952&url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fcyclops-ransomware-stealer-combo&cookiesTest=true&liSync=true&e_ipv6=AQLZL7M...

0
264 B

232ms
184ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1686103802952&url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fcyclops-ransomware-stealer-combo&cookiesTest=true&liSync=true&e_ipv6=AQLZL7MpHVHTWgAAAYiTnk-AEinXgcEAorSPUpLA3QVEkWHPWcvfpcVikKRBwXGOAiS-YKaSBrOr
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:05 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: AF69001707264C31B74A19C9B0CC621A Ref B: FRAEDGE1506 Ref C: 2023-06-07T02:10:05Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX9gKJp+dyqYb8ycFF4PA==

Redirect headers

date: Wed, 07 Jun 2023 02:10:05 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 70E105F923FA45BEA886F28FBBA27C18 Ref B: FRAEDGE1514 Ref C: 2023-06-07T02:10:05Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1686103802952&url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fcyclops-ransomware-stealer-combo&cookiesTest=true&liSync=true&e_ipv6=AQLZL7MpHVHTWgAAAYiTnk-AEinXgcEAorSPUpLA3QVEkWHPWcvfpcVikKRBwXGOAiS-YKaSBrOr
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX9gKJmcoA4d0mBzt4klQ==

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
157 B 388ms
100ms Image
image/gif 151.101.65.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1686103802955&id=t2_99fn83o5&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=71971652-8630-477c-9625-bbecdc0772c4&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_65e23bc4
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:03 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 707843366776374 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 67ms
67ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/707843366776374?v=2.9.106&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e2ddc0ec4c7c74a5ecfa9a2cfb17f8df2ede6671ce51d1b2df968b2c3732efcb

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 07 Jun 2023 02:10:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: j0Gal7bmiQxoQYUZFnApC98mYPn/DuQmtJxRnXOtVYhnDxq95Xzmi0Xbnuo8Nj8nAIFrnA+wwqG0M8jpjgDsYw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 json Show response
www.uptycs.com/_hcms/forms/embed/v3/form/2617658/0492e7b1-c029-4110-8042-598f482d9802/ 8 KB
4 KB 388ms
387ms XHR
application/json 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/_hcms/forms/embed/v3/form/2617658/0492e7b1-c029-4110-8042-598f482d9802/json?hs_static_app=forms-embed&hs_static_app_version=1.3300&X-HubSpot-Static-App-Info=forms-embed-1.3300

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/_hcms/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d80ec80341929f02cf08a7d43a1cad7763c0318d093dceab379f258d0490f626

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-origin-hublet: na1
date: Wed, 07 Jun 2023 02:10:05 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 37685eea-a0db-43c6-a9ae-3c10f70e4eba
x-envoy-upstream-service-time: 11
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: abc19df7-875d-468b-884a-ee95b223c5fc
server: cloudflare
x-trace: 2BA229ECBD005F477FB396D51751C0E4A144FEF0CD000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-max-age: 180
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-zlsgj
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lo1H9JFSYY%2BKWWrp7G%2BIeCesj4kA5O09BhJztlS%2B5el0FUClhx3Fs8I9dmtVxFJKpNbLzeeZcli4GDHEneKRE%2BnaHJiddvH1IadBaGzvnpTQasQi%2B20atvU0PRuvLlgsCuajq58dKxRXwi1a"}],"group":"cf-nel","max_age":604800}
cf-ray: 7d355b50fd0f3a68-FRA
access-control-allow-headers: *
x-robots-tag: none

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 75 KB
22 KB 68ms
26ms Script
application/javascript 2606:4700::6811:63ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/hs/scriptloader/2617658.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:63ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a39c3cdbdb987dee562a2de964a1d39e27e889fea5e108c3b4ba49fcea2fdc8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:05 GMT
x-amz-version-id: tpkjbFWgcaEMzfLPc7S4pq7_HxVMVYYE
via: 1.1 d0d53eedec01ac540f737b5fafb16436.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 593
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.13373/bundles/project.js&cfRay=7d354cd85c499054-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 3
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: da6a6d30-551b-4dbe-91fa-43bfb223eff6
last-modified: Fri, 02 Jun 2023 04:38:53 UTC
server: cloudflare
etag: W/"087fd2cd45ce20566625b1ec1f62b5c4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-cxzff
cf-ray: 7d355b514aca904f-FRA
x-amz-cf-id: Dp-q5Xz9mlKLlZHKOL9Hv9JhcWQivjNEdHeHSuHyHcaEUizYqxRVOg==
x-hs-target-asset: conversations-embed/static-1.13373/bundles/project.js

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 153ms
118ms Script
application/javascript 2606:4700::6811:6dc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/hs/scriptloader/2617658.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6dc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e1bce508370a6994bd3e0e67c257f06875e16ca2038c27f498616a0f0d55687

Request headers

Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
Origin: https://www.uptycs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:05 GMT
x-amz-version-id: SGo7xq5b6d1kUu6c8SU5YR.mobmUICUY
via: 1.1 c13d71f8919c23db6bbd1c08a4dfb350.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
content-encoding: br
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.370/bundles/project.js&cfRay=7d355b513fd391e4-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 3
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 27476fd4-acaa-4942-ae7a-6a7667a98828
last-modified: Tue, 09 May 2023 08:44:18 UTC
server: cloudflare
etag: W/"d1b16df440198d59c993c4956b7fded6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-frzj9
cf-ray: 7d355b513fd391e4-FRA
x-amz-cf-id: bJIlzISE0xRjtj9hox9HWEAPOmrFgpUwzmj3yUu-A4ju6bhp3XVwFw==
x-hs-target-asset: collected-forms-embed-js/static-1.370/bundles/project.js

GET
H2 200 2617658.js Show response
js.hs-analytics.net/analytics/1686103800000/ 66 KB
21 KB 67ms
25ms Script
text/javascript 2606:4700::6810:8ace
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1686103800000/2617658.js
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/hs/scriptloader/2617658.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7787c2983c623de7ae0541c2ddcdb7dd628d0b721770b94565704bc3780b611a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:05 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: K0SYBQCADPC4KYPZ
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
age: 3
x-envoy-upstream-service-time: 29
x-amz-id-2: dlkCJtn0aavB9+9cK4/hFosmdxUHX54glA4ks+CRvF64OB7Rl2fXaMiSaUFEVs20XocpZHfKGig=
x-evy-trace-listener: listener_https
x-request-id: 1ecdac87-94eb-4ac6-bf2a-aec2c437bea2
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 31 May 2023 18:50:04 GMT
server: cloudflare
etag: W/"ac11115877ac65a46a2f313873197439"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-9vnjb
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 7d355b51485d9b9e-FRA
expires: Wed, 07 Jun 2023 02:15:02 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 62ms
20ms Script
application/javascript 2606:4700::6810:76be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/hs/scriptloader/2617658.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:76be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eed334d1c96abd8c03aacf86a2a30fb9d391290f27e49b0fa456a7af8f1a1bf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:05 GMT
x-amz-version-id: wXOaVt.1FYp5SJSGbufdokAhWgyD7J.j
via: 1.1 e8eec15d9551dd475d4c478f9fbb5f04.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 274
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.381/bundles/pixels-release.js&cfRay=7d35549e59c11d8e-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2058ad0f-c166-4f93-b802-cd6cd1763d19
last-modified: Mon, 05 Jun 2023 12:31:29 UTC
server: cloudflare
etag: W/"3907b3424cd18a581148905ead09299a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-frzj9
cf-ray: 7d355b514ccf8fca-FRA
x-amz-cf-id: 04Oui8t6GjOMnhuiRiz82Am6lP3GdXtQnZcLqApsjqsHW2RViQ1abQ==
x-hs-target-asset: adsscriptloaderstatic/static-1.381/bundles/pixels-release.js

GET
H2 200 2617658.js Show response
js.hs-banner.com/ 63 KB
16 KB 423ms
374ms Script
text/javascript 2606:4700::6812:18c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/2617658.js
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/hs/scriptloader/2617658.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2b349073b8421ec84bfd334c01132010daabccff2f8975a9d242720a37a7da3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:06 GMT
x-amz-version-id: TuWmOSXJ.1_mSeervlSUXgVEF7VD5cJt
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: A50M1KZP3GA6NNF7
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-envoy-upstream-service-time: 33
x-amz-id-2: ev4MkxKS7Y45QUILm22Xcejmx0x+O/ZRmAE8buSTs+L/4OFyH9H2f/qu+7z3d8krmrWjv4mS+z8bC1GJxuaGJ3UVVb3sAfBygYrlBv3iI+E=
x-evy-trace-listener: listener_https
x-request-id: 7f2e0ce1-6203-4d53-aaaf-69b4e996afda
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 17 Apr 2023 15:07:23 GMT
server: cloudflare
etag: W/"bb0865a36c00349fa7c66c579d630ef2"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.uptycs.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-ns2gd
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7d355b51498a6949-FRA
expires: Wed, 07 Jun 2023 02:15:05 GMT

GET
H2 200 modules-v2.js Show response
my.hellobar.com/ 279 KB
71 KB 24ms
23ms Script
text/javascript 2606:4700:10::6816:e17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hellobar.com/modules-v2.js
Requested by: Host: my.hellobar.com
URL: https://my.hellobar.com/c42c9a8680c89010c1c5214aa9b2bbbca8b38118.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:e17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3be58f53bc92362c1e7bd6fc289f4296cffc07976c51ba1260b0f35b406bc48d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:05 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 29RA6DWE1R65TP53
age: 289
cf-polished: origSize=285916
x-amz-server-side-encryption: AES256
x-amz-id-2: A1XX3MPP5gqB2uwVk33iOFwdKD55P9GXp7ZDNOut19IRLkhtW4exj4jZu7wMtxa7h2jox//x2WA=
cf-bgj: minify
last-modified: Fri, 02 Jun 2023 17:58:17 GMT
server: cloudflare
etag: W/"bcaad440d3d29fbca1cd20b56faa22e5"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 7d355b5108891e60-FRA

GET
H3 204 has-permission Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
755 B 151ms
151ms Script
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=2617658&callback=jsonpHandler

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-hs-worker-debug-mode: false
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 7ab6cb80-a48e-435c-b884-2a877744b53f
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=7d355b5108381957&resource=unknown"
x-evy-trace-listener: listener_https
x-request-id: 8c1685cb-e540-4c3a-92d8-2c1256342af5
server: cloudflare
x-trace: 2B148B11E3E34EC4BAD66381BA4E8FD9FA778B1D8F000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-mm66x
x-evy-trace-virtual-host: all
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 7d355b5108381957-FRA

GET
H2 200 0036b213134bb87d518c56fbdc671d2b.js Show response
ob.segreencolumn.com/i/ 88 KB
33 KB 100ms
43ms Script
text/javascript 2600:9000:20c3:3c00:18:15b9:5a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.segreencolumn.com/i/0036b213134bb87d518c56fbdc671d2b.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P663XDQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:3c00:18:15b9:5a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 2305b84eeefc760662b19144382fe372c3f803de16ff0a50353f9199f3ab8816

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:34:29 GMT
content-encoding: gzip
via: 1.1 56abe0fedc00b031003c08f0306dae62.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: MUC50-C1
age: 23736
etag: "161be-qiPqLbkEkbkOT6geQsho4wk38M0"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 32994
x-amz-cf-id: ASYy5paNEFhAoJuYpn3n_X_m0nqO9EeYunJaLPwpGNETemfHgLMssw==
expires: Wed, 07 Jun 2023 07:34:29 GMT

GET
H/1.1 200
OK json Show response
pro.ip-api.com/ 165 B
321 B 67ms
15ms Fetch
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json?key=pAcPOWCUJWo5Gcp&fields=status,country,countryCode,regionName,region,city,timezone,mobile
Requested by: Host: my.hellobar.com
URL: https://my.hellobar.com/modules-v2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: 4f80ce380f0f29aa8c1d32c9d3e19f4236c6731ecc6056ec73b3e8e5d4dc02a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 07 Jun 2023 02:10:05 GMT
Content-Length: 165
Content-Type: application/json; charset=utf-8

GET
H3 200 374032967231178 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 64ms
64ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/374032967231178?v=2.9.106&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

919dbd5fb5da7b6aa838f8b2806089863171c576b9e04cbe25814e3489edb8dd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 07 Jun 2023 02:10:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Dr7joeLt+gsmC3SVjESCDEZTPfUvG1efwMWQuzD77UwxYJ/A1voFVrFByVQsLyfOQrd2yxe8YglkJUu6OkPppw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 26ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=707843366776374&ev=PageView&dl=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fcyclops-ransomware-stealer-combo&rl=&if=false&ts=1686103805698&sw=1600&sh=1200&v=2.9.106&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1686103805697.874005971&it=1686103805555&coo=false&rqm=GET

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 07 Jun 2023 02:10:05 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 widget Show response
www.uptycs.com/_hcms/livechat/ 294 B
1 KB 167ms
166ms XHR
application/json 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/_hcms/livechat/widget?portalId=2617658&conversations-embed=static-1.13373&mobile=false&messagesUtk=83b2e262953e4d5abfb68ac11eb5d7bf&traceId=83b2e262953e4d5abfb68ac11eb5d7bf

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6b21b1e732a4a791981eee719954c8f055a2465e0a5bb6e1e8bb26c358d03bc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:05 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 81e2fa17-5306-495b-a2c2-b7fef20c60ab
x-envoy-upstream-service-time: 11
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 40860094-df78-4778-9f0b-942b17a6ad73
server: cloudflare
x-trace: 2B7F1227510F8AFAFC39026CA530BA542DFBAACCEE000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-79ph8
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ajmH9k3y6F7lgbQ1hakpUmVnak2%2F5nlA%2BaJHYji7bjq4kMekjttqYcekbVP8gk%2BtszijWa1xRgUOl8r420FjMOkzCLbURTZgTiVrtOhv7ECOR3J3S0v3XsxCgot%2Bf5OTJ83671NGCDHPL9zP"}],"group":"cf-nel","max_age":604800}
cf-ray: 7d355b51bd7f3a68-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 ct Show response
obs.segreencolumn.com/ 3 KB
1 KB 385ms
139ms Script
text/javascript 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.segreencolumn.com/ct?id=44824&url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fcyclops-ransomware-stealer-combo&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1686103805828&hl=2&op=0&ag=1883347344&rand=140002176711011662700672125871697380684502725813072252002002242710970027251907&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDQ4OTFdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiaW50ZWwgaW5jLlwiLFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjcsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjozNjk4NTE4NzEwLFwic2VjXCI6XCJcIn0iXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVlKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAgICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAgICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAgICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAgIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAgIH1dIl0sWyJjYiIsIjAsMCwwLDAsMCwwLDAsMCwwLDMsMCwxLDksMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMTMsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCJdLFstMSwiLSJdLFstMiwiNSxlY1hHWDE5bm5ydlZPMkpkbE5oeEJLUWtMdlNGZEFRQkNsaDE0VlVWRkFsRjcrQ0FJcVhSQkZDRTE2Rllrb1ZVcEFXaEFTSUQya1o1TnRVKzY5Yi8xKzU4N2N6V1JKQVBsR2w5Il0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJtaGpmYm1kZ2NmamJicGFlb2pvZm9ob2VmZ2llaGphaVwiLFwiaW50ZXJuYWwtbmFjbC1wbHVnaW5cIl0iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTYsIi0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIisiXSxbLTEwLCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIixcIm9nOmRlc2NyaXB0aW9uXCIsXCJvZzp0aXRsZVwiLFwidHdpdHRlcjpkZXNjcmlwdGlvblwiLFwidHdpdHRlcjp0aXRsZVwiXX0iXSxbLTEyLCJudWxsIl0sWy0xMywiLSJdLFstMTQsIi0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjQiXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCItIl0sWy0yMSwiLSJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxbLTI1LCItIl0sWy0yNiwie1widGpoc1wiOjIzMTAwMDAwLFwidWpoc1wiOjE4MjAwMDAwLFwiamhzbFwiOjM3NjAwMDAwMDB9Il0sWy0yNywiWzAsMTAsMCxcIjRnXCIsbnVsbF0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMjksIi0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIsIi0iXSxbLTMzLCItIl0sWy0zNCwiLSJdLFstMzUsIlsxNjg2MTAzODA1ODA2LDBdIl0sWy0zNiwiW1wiNC8zXCIsXCI0LzNcIl0iXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTM4LCJpLC0xLC0xLDAsMCwxLDAsNjYsMTgsNDksLTEsMCw2NjIuMyw2NjIuMyw0NjU2LDQ2NTciXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDQsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4LGZhbHNlLG51bGwsM10iXSxbLTQwLCIzMyJdLFstNDEsIi0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAxMDExMDEwMDAwIl0sWy00NCwiMCwwLDAsNSJdLFstNDUsIjYyMCw2NzcsMCwwLDAsNTYyLDAsMCw2NDgsMCwwLDAsMCwwLDAsMCwwLDAsMCw2ODQsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTQ2LCIwIl0sWy00NywiRXRjL1Vua25vd24sZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFstNTAsIi0iXSxbLTUxLCItIl0sWy01MiwiLSJdLFstNTMsIjEwMCJdLFstNTQsIntcImhcIjpbXCJfM1wiLFwiZW5cIl0sXCJkXCI6W10sXCJiXCI6W1wiXzJcIixcIndpZHRoOiA0MDAwcHg7IHRleHQtc2l6ZS1hZGp1c3Q6IG5vbmU7IHpvb206IDE7XCJdLFwic1wiOjB9Il0sWy01NSwiMSJdLFstNTYsImxhbmRzY2FwZS1wcmltYXJ5Il0sWyJkZGIiLCIwLDUsMCwwLDEsMCwwLDAsMCwxLDAsMCwwLDAsNywwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwxLDAsMCwwLDAsMCwzLDIsMTEsMCwwLDEsMCwwLDAsMCwwLDEsMCwwIl0sWyJibmNoIiw2OF0sWyJhYm5jaCIsNjhdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=J93Ibfho5U&pto=4678&ver=52&gac=-&mei=&ap=&duid=1.1686103805.1qC6S4ErfUckxGT7&suid=1.1686103805.AaNIrlxxqPP2Od46&tuid=1.1686103805.1EpKXOV0Ay77wS5z&fbc=1.1686103805697.874005971&gtm=W10%3D&it=254&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0
Requested by: Host: ob.segreencolumn.com
URL: https://ob.segreencolumn.com/i/0036b213134bb87d518c56fbdc671d2b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 1262e014452ece038ad9015c49467eb6e05c127245a0b097ddacab374fbbc7b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Wed, 07 Jun 2023 02:10:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1180
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 115 B
472 B 142ms
122ms XHR
application/json 2606:4700::6811:6dc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=2617658&utk=
Requested by: Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6dc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6067dcd5dce2a3474610f14be162b671b90e8d916358d4cf324a526fb5e9ac6

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: bde91024-5507-4a25-93b7-86d0348b6c52
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 2
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 06b90eb6-433f-468c-b6a2-77b857ce9f73
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.uptycs.com
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-5flz8
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 7d355b52e8dd91e4-FRA

GET
H3 200 148788590035143 Show response
connect.facebook.net/signals/config/ 377 KB
107 KB 76ms
75ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/148788590035143?v=2.9.106&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1acf813980b6b50d9ca754fc5ada3bbc6716669fc7b5a5a5e3a741bf899a7959

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 07 Jun 2023 02:10:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 4DylVJLhAj2KanlhCSfrVZjI4bxP8TzhOyO5KucxYffPpV1XR7Eqixd9TkD7u7JK5akvsGc+KF+GIH+1P28KkQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 11ms
10ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=374032967231178&ev=PageView&dl=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fcyclops-ransomware-stealer-combo&rl=&if=false&ts=1686103805896&sw=1600&sh=1200&v=2.9.106&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1686103805697.874005971&it=1686103805555&coo=false&rqm=GET

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 07 Jun 2023 02:10:05 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK counters.gif
forms.hsforms.com/embed/v3/ 35 B
983 B 167ms
126ms Image
image/gif 2606:4700::6811:d4f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d4f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 02:10:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-HubSpot-Correlation-Id: 7261631d-9ef7-459d-80b8-5eceb50f2a18
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 2
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 4dcb0063-d7fe-4d13-a821-f669c3fea1c0
Server: cloudflare
X-Trace: 2B504F35D362BBE921C5C023A43254B64C485015B2000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-f4t27
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 7d355b53def137dd-FRA

GET
H2 200 Submit_arrow.svg
2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Uptycs%20Theme%20-%202023/Home%20Page%20Images/ 270 B
1 KB 79ms
57ms Image
image/svg+xml 2606:4700::6812:e0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Uptycs%20Theme%20-%202023/Home%20Page%20Images/Submit_arrow.svg
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237096759/1685718446584/Uptycs_Theme_2023/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7775c3a94d76e47ed6bda5a404bf940ef8f710223ecdd4bfb7f48edb58925430

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-105763674949,FD-105371464374,P-2617658,FLS-ALL
age: 264246
x-amz-request-id: A8KVJPW6EZZEHEYA
x-amz-server-side-encryption: AES256
edge-cache-tag: F-105763674949,FD-105371464374,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
etag: W/"d86c78f19be3b56354776168464f274a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1678357972000
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 07 Jun 2023 02:10:06 GMT
via: 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: jMw4TxEmyrDKjLRp3HsQf.dOAbMI9oJK
x-amz-cf-pop: FRA56-P4
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
cache-tag: F-105763674949,FD-105371464374,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-id-2: GljJyqtL+YZEfDCcCkRTs+AdKvM0/307PyYCB0SYJp5T+8k9PM9+0mwD3Qhofmnj4u/FnArynWc=
last-modified: Thu, 09 Mar 2023 10:32:53 GMT
server: cloudflare
cf-ray: 7d355b53dd7abb86-FRA
x-amz-cf-id: cppzZxYB3r0lm3vvr2JZ85YVA1vdWpqMRVz3kK6rDRl6RU6OCm-41Q==

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 8ms
8ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=148788590035143&ev=PageView&dl=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fcyclops-ransomware-stealer-combo&rl=&if=false&ts=1686103806039&sw=1600&sh=1200&v=2.9.106&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1686103805697.874005971&cs_est=true&it=1686103805555&coo=false&rqm=GET

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 07 Jun 2023 02:10:06 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1 200
OK counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
983 B 170ms
134ms Image
image/gif 2606:4700::6811:d6f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d6f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 02:10:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-HubSpot-Correlation-Id: 6b357ed9-6013-41fb-9d7f-55667d528263
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 2
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 5bfd092a-0d95-487d-a72a-864f34d12212
Server: cloudflare
X-Trace: 2B84977CE5C199784AE27266FD53892D3C2CA3842A000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-zlsgj
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 7d355b540bce1c34-FRA

GET
H/1.1 200
OK counters.gif
forms.hsforms.com/embed/v3/ 35 B
983 B 153ms
132ms Image
image/gif 2606:4700::6811:d4f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d4f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 02:10:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-HubSpot-Correlation-Id: f4ba5242-7e47-4975-bbc1-300848fd0056
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 3
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: efc7a022-c593-49dc-bf67-03e97689d076
Server: cloudflare
X-Trace: 2BF41EB117F6095B12CB6744AE9F31C78378E94AD6000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-j4dtm
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 7d355b53fbe59a35-FRA

GET
H2 200 cf-location Show response
js.hs-banner.com/cookie-banner-public/v1/ 2 B
151 B 32ms
13ms XHR
text/plain 2606:4700::6812:18c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/cf-location
Requested by: Host: js.hs-banner.com
URL: https://js.hs-banner.com/2617658.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: https://www.uptycs.com
date: Wed, 07 Jun 2023 02:10:06 GMT
server: cloudflare
cf-ray: 7d355b545dc835f7-FRA
content-length: 2
vary: Origin, Accept-Encoding
content-type: text/plain;charset=UTF-8

OPTIONS
H2 200 view
js.hs-banner.com/cookie-banner-public/v1/activity/ Frame 0
0 393ms
392ms Preflight
application/octet-stream 2606:4700::6812:18c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.uptycs.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.uptycs.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age: 604800
cf-cache-status: DYNAMIC
cf-ray: 7d355b54cdf935f7-FRA
content-length: 0
content-type: application/octet-stream
date: Wed, 07 Jun 2023 02:10:06 GMT
server: cloudflare
timing-allow-origin: *
vary: origin
x-envoy-upstream-service-time: 0
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-9vnjb
x-evy-trace-virtual-host: all
x-request-id: 587435bb-4b39-4f5c-a8ec-7f97d46c8845

POST
H2 204 view Show response
js.hs-banner.com/cookie-banner-public/v1/activity/ 0
167 B 126ms
126ms XHR
text/plain 2606:4700::6812:18c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Requested by: Host: js.hs-banner.com
URL: https://js.hs-banner.com/2617658.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 07 Jun 2023 02:10:06 GMT
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 34d414d3-eee0-4ac7-8bcb-ddac871d480b
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 22
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 0bfb23db-a6e8-415c-8d05-1a1be8a92069
server: cloudflare
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.uptycs.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
vary: origin
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-ns2gd
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7d355b572fc135f7-FRA

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 8A25 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.uptycs.com
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.uptycs.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 02:10:06 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 tc_imp.gif
obs.segreencolumn.com/tracker/ 43 B
79 B 114ms
114ms Image
image/gif 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.segreencolumn.com/tracker/tc_imp.gif?e=37dfbd8ee84e001362e8c635e94f8a9b9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5a15856f2317071a10acf9f29f674ad38489002d6b18ac2b7455d4328c3396003006229451045c665658cfba384b77be26bb25cb43e2916af05265ac5e24721bd853e946f4c6d7df3abb2807ff7ccaa8556d8e0e3143714493d60264f060b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a4908677a0d8d959ee489d583872aeb9cce4b46d8fd9e16c893008c3e5db6e4d57e56b7daa931530eb8cf8258850ad46b48d1acb49cfcd2ac06e37c09d2e8b6094d0efa29df3f1477fe425bfb9fe2f4d26f9913f82be50eb0102419457459a9796dd8deb9726d32bc1d2b48577a37c753981352a8f959f4335c1a763a80df69e428374bf7a0d5a42cb35b10acc88af72b787358752a789db9b3fdd17047dfa5d055e72092696fd38fa05d58cdf6483b925b3d02c9adabab03d98b3a7073030c8f95940dca7195d12b4b4a274b828c9b24ee5f27dea29e135d5138706cbba62965c7eb3ffd63f6061720938554e0bb8b6dd1f8e5be21b0a3a7deabe5dc28a041ea8eaace6e5399ca99da894f2bdf0554e3af34187b65a6683466312d07d557668f67baa7f1ec3f9dd71c83cc52fe0a830ceba0b85780c283c1f7a139ddcf9dd3c7f49871b4391cfc4b8b6ca4f1898b0bf108add273e818600367bf88fd85029b126855c971ae6219a53a8ce70fccf70b4fedb89d03006e8f22771c133ffd9a2a1049d7235100d92694353b9a35a919d45b4e0d9941c85c6e7530c4813ba3bb919b811f7d83d843851205f3b7b77e75b8e823b55bc71c1d2b54eb1b02b8c053aa8163b4f9aa2c31648ac31a39c1ab16a2d1208f8623e88afcb7a9f067acbf94cf28e99a6df1cb808027b4aac652f5380825809f82eedfdc22493c1ac530c6ea86b3c1a44925542ecc7ab444d8c702e90c4d653c3d5a6dd0661e972a90d341390123f6d8c937d01f98abc85b9eb4db628ac38847982da4f&cri=J93Ibfho5U&ts=419&cb=1686103806247
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Wed, 07 Jun 2023 02:10:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 / Show response
c.6sc.co/ 7 B
193 B 15ms
8ms XHR
text/html 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-100-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:06 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.uptycs.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 23 B
314 B 79ms
10ms XHR
text/html 2a02:26f0:ab00::214:8e70
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ab00::214:8e70 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 9db0f769a6817cb6e7b2b2502034150c1e6191586be0ecd086f11f9b6a1ae8d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:10:06 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.uptycs.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a00:c98:2050:a007:2::5
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1686103806440_34901612_436681792_23_922_7_27_219";dur=1
content-length: 23
expires: Wed, 07 Jun 2023 02:10:06 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 193ms
185ms Image
image/gif 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=7f8bd8662c3cd8304b53ece67c07c07c&svisitor=null&visitor=ce7146ad-27e8-4d37-8587-a4efc3d1d230&session=b9112602-e99c-470f-8ad4-c41bed6489ce&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Wed%2C%2007%20Jun%202023%2002%3A10%3A02%20GMT%22%2C%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2007%20Jun%202023%2002%3A10%3A02%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%227f8bd8662c3cd8304b53ece67c07c07c%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2007%20Jun%202023%2002%3A10%3A02%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2007%20Jun%202023%2002%3A10%3A02%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Uptycs%20threat%20intelligence%20team%20identified%20the%20presence%20of%20a%20Cyclops%20ransomware%2Fstealer%20that%20threatens%20all%20three%20platforms%3A%20Windows%2C%20Linux%2C%20and%20macOS.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cyclops%20Ransomware%20and%20Stealer%20Combo%3A%20Exploring%20a%20Dual%20Threat%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fcyclops-ransomware-stealer-combo&pageViewId=e3bcd0a7-bfb7-4349-8bd6-fccc67553808

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:06 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 zi-tag.js Show response
js.zi-scripts.com/ 8 KB
3 KB 90ms
7ms Script
application/javascript 2600:9000:223e:2800:11:1faa:8080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/zi-tag.js
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:2800:11:1faa:8080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 965216e5aefbff8eb9979708c07a2414392ed6d780dfe53c27c356e317478727

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: kLHcdItHLihWTOne3WThVFFe1AtpHRg8
content-encoding: br
via: 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
date: Tue, 06 Jun 2023 06:50:59 GMT
last-modified: Fri, 28 Apr 2023 05:37:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 69548
etag: W/"d708741896b6af0f1908a95a605b4dec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 1PddLKXyo_kXfdrqHc34KY2GTWxm0bqcpMMHyj3iVm4rtpzWN-UBcw==

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
436 B 406ms
386ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=78086756&v=1.1&a=2617658&pi=118749292421&ct=blog-post&ccu=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fcyclops-ransomware-stealer-combo&cpi=118749292421&cgi=5593128451&lpi=118749292421&lvi=118749292421&lvc=en&pu=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fcyclops-ransomware-stealer-combo&t=Cyclops+Ransomware+and+Stealer+Combo%3A+Exploring+a+Dual+Threat&cts=1686103806434&vi=03b570e98d97ba53f6e491c3e591468d&nc=true&ce=false&pt=1&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 09acdb3c-5e71-4457-bef9-dcf95c3c47e2
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 5
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: d6906f6c-23ec-4250-a83c-570b7746467f
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=33y6v%2B%2FPHp3C1g08We2vEht1mCQ2oPtecR6Kmy3GH6jYp2Yz7DA88xvirgHd7Gu9nx4PMYR4wXdf9Ay5hoGwUBWAdA%2Fu9ps0MHvfSZxSxBBDnuHGhZwpUeKlG%2FY9TPLV98ITd7qH4qTxvMGFzIlm"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-5f6448c676-xcs8t
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7d355b565f5e9b88-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
539 B 414ms
401ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=0492e7b1-c029-4110-8042-598f482d9802&fci=4cb5ae38-56a0-4450-b688-89ab5211d6a4&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=78086756&v=1.1&a=2617658&pi=118749292421&ct=blog-post&ccu=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fcyclops-ransomware-stealer-combo&cpi=118749292421&cgi=5593128451&lpi=118749292421&lvi=118749292421&lvc=en&pu=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fcyclops-ransomware-stealer-combo&t=Cyclops+Ransomware+and+Stealer+Combo%3A+Exploring+a+Dual+Threat&cts=1686103806436&vi=03b570e98d97ba53f6e491c3e591468d&nc=true&ce=false&pt=1&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 1169d6c5-f6e5-4272-84e7-c2c939fc2456
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b51e9c4e-391b-45e6-b2f5-9ee38332da15
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=akATSkuESIOq1DwGBIBVUOI2CDQ3GxozRTIK7yUCGhH986id2YyPmQJbKfHSShrH2oYHBlJ2tF3CrPuO%2Bty8DAyuxYDTbCM9lO4TzFPmG1UtFHJvlHva3%2FkCb9V%2FZ84oThdIGE%2BAkEB7qwut%2Be4O"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-5f6448c676-pwxm2
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7d355b565f5c9b88-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
595 B 144ms
132ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=0492e7b1-c029-4110-8042-598f482d9802&fci=4cb5ae38-56a0-4450-b688-89ab5211d6a4&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=78086756&v=1.1&a=2617658&pi=118749292421&ct=blog-post&ccu=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fcyclops-ransomware-stealer-combo&cpi=118749292421&cgi=5593128451&lpi=118749292421&lvi=118749292421&lvc=en&pu=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fcyclops-ransomware-stealer-combo&t=Cyclops+Ransomware+and+Stealer+Combo%3A+Exploring+a+Dual+Threat&cts=1686103806437&vi=03b570e98d97ba53f6e491c3e591468d&nc=true&ce=false&pt=1&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 5c41728a-fc3e-40d7-9421-d6eac6b110bb
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 6
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ab37720f-b59d-479a-83af-b30f693c9050
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5DWQYwjASl0M1ka7SSdZGoB7JYeeiIKrC9GbQkp13ESomKviyn3gvd1WircF9KiJ3Pfc4ZGdoXIPlOGe95NqMfuK9IoSBUvGcS%2Faz6RE6x0Z7A1iMyk0lzZtThTXVTlc1upAsISpqSDCcq9Bqbhc"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-5f6448c676-86grs
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7d355b565f5f9b88-FRA
x-robots-tag: none

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
624 B 145ms
131ms Image
image/gif 2606:4700::6811:d4f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d4f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: ba53ba4c-4a30-484d-8a17-7609f1773022
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 636d38ef-250a-44e7-9042-62712a8ef94a
server: cloudflare
x-trace: 2BAD4C04B1258EACD9906BA21B1428FF17DC31D881000000000000000000
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-2ls4d
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7d355b5688139b37-FRA

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 213ms
212ms Image
image/gif 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=7f8bd8662c3cd8304b53ece67c07c07c&svisitor=null&visitor=ce7146ad-27e8-4d37-8587-a4efc3d1d230&session=b9112602-e99c-470f-8ad4-c41bed6489ce&event=ipv6&q=%7B%22address%22%3A%222a00%3Ac98%3A2050%3Aa007%3A2%3A%3A5%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Uptycs%20threat%20intelligence%20team%20identified%20the%20presence%20of%20a%20Cyclops%20ransomware%2Fstealer%20that%20threatens%20all%20three%20platforms%3A%20Windows%2C%20Linux%2C%20and%20macOS.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cyclops%20Ransomware%20and%20Stealer%20Combo%3A%20Exploring%20a%20Dual%20Threat%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fcyclops-ransomware-stealer-combo&pageViewId=e3bcd0a7-bfb7-4349-8bd6-fccc67553808

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:06 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 8F45 0
15 B 8ms
7ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.uptycs.com
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.uptycs.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 02:10:06 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 getSubscriptions Show response
js.zi-scripts.com/unified/v1/master/ 172 B
537 B 439ms
438ms Fetch
application/json 2600:9000:223e:2800:11:1faa:8080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:2800:11:1faa:8080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: dd554ca021226758ccabb01a044ada11ceb9ada07704ca3ed5a7eb8da804b0e3

Request headers

Content-Type: application/json
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
accept-language: de-DE,de;q=0.9
Authorization: Bearer 5d799bfd871670447419
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
visited_url: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo

Response headers

date: Wed, 07 Jun 2023 02:10:07 GMT
via: 1.1 a823be133adad65df6d3bf471a742792.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-powered-by: Express
etag: W/"ac-lAbI45RaoMSQ1hFMSrAkYaEd7+8"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
content-length: 172
apigw-requestid: GIEH8hCkvHcEPgQ=
x-amz-cf-id: yc5BkzTb5WGsTnGF9JKnDBXZZ3NSXNNRcIfEhWsDGpOpeUYerPIgrw==

OPTIONS
H2 204 getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame 0
0 456ms
439ms Preflight 2600:9000:223e:2800:11:1faa:8080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:2800:11:1faa:8080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,visited_url
Access-Control-Request-Method: GET
Origin: https://www.uptycs.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 0
apigw-requestid: GIEH3giwPHcEPZQ=
date: Wed, 07 Jun 2023 02:10:06 GMT
vary: Access-Control-Request-Headers
via: 1.1 a823be133adad65df6d3bf471a742792.cloudfront.net (CloudFront)
x-amz-cf-id: iyFsMUa7dwW3MXwurIqgSGGzbDi6G9LUqsR1XKxm_-TA1VNyYNSBkQ==
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
x-powered-by: Express

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 7595 0
15 B 8ms
7ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.uptycs.com
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.uptycs.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 02:10:06 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 mon Show response
obs.segreencolumn.com/ 0
147 B 104ms
103ms XHR
application/json 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.segreencolumn.com/mon
Requested by: Host: ob.segreencolumn.com
URL: https://ob.segreencolumn.com/i/0036b213134bb87d518c56fbdc671d2b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.uptycs.com
date: Wed, 07 Jun 2023 02:10:07 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 213ms
213ms Image
image/gif 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:07 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 formcomplete.js Show response
ws-assets.zoominfo.com/ 56 KB
18 KB 87ms
45ms Script
application/javascript 2606:4700::6810:650c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-assets.zoominfo.com/formcomplete.js
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f03450bb6efbf09d31b7d62bd7b5ebe3e21ca4c132341b929dcfd2d0e21f133e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:07 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 2170
x-guploader-uploadid: ADPycduuB6oFhNvYIJ8K8QA9txXjPaaS5OvD5xmaUJ-QLEuWMUihv_LrVmEpZ6AB6RV163Iv9G5zlupvyPJ6yglUxZXO
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 16 May 2023 09:01:21 GMT
server: cloudflare
etag: W/"98af2c9e21e222c751d8c61f27ca2f67"
x-goog-hash: crc32c=hquDPQ==, md5=mK8sniHiIsdR2MYfJ8ovZw==
x-goog-generation: 1684227681426057
content-type: application/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 57282
cf-ray: 7d355b5cac903a5c-FRA
expires: Wed, 07 Jun 2023 02:33:57 GMT

GET
H3 200 / Show response
ws.zoominfo.com/pixel/6127ecc2d037650015c31617/ 3 KB
2 KB 176ms
164ms Fetch
text/javascript 2606:4700::6810:a852
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/6127ecc2d037650015c31617/?iszitag=true

Requested by

Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

1ee67c75fc7a2338311434923ec299df60f2db78ec323cd2bf6501a6733b9d18

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
_zitok: cd2032d7e489d9a6f7c11686103807
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/javascript

Response headers

date: Wed, 07 Jun 2023 02:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.uptycs.com
access-control-allow-credentials: true
cf-ray: 7d355b5d7855926b-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok
alt-svc: h3=":443"; ma=86400

OPTIONS
H2 200 /
ws.zoominfo.com/pixel/6127ecc2d037650015c31617/ Frame 0
0 164ms
142ms Preflight
text/html 2606:4700::6810:a852
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/6127ecc2d037650015c31617/?iszitag=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: _zitok,content-type
Access-Control-Request-Method: GET
Origin: https://www.uptycs.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok
access-control-allow-origin: https://www.uptycs.com
allow: GET,HEAD
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7d355b5c8e7d907c-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 07 Jun 2023 02:10:07 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express

OPTIONS
H2 200 forms
ws.zoominfo.com/formcomplete-v2/ Frame 0
0 136ms
135ms Preflight
text/html 2606:4700::6810:a852
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/formcomplete-v2/forms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.uptycs.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok
access-control-allow-origin: https://www.uptycs.com
allow: POST
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7d355b5d0ecc907c-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 07 Jun 2023 02:10:07 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express

POST
H3 200 forms Show response
ws.zoominfo.com/formcomplete-v2/ 396 B
634 B 174ms
173ms Fetch
application/json 2606:4700::6810:a852
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/formcomplete-v2/forms

Requested by

Host: ws-assets.zoominfo.com
URL: https://ws-assets.zoominfo.com/formcomplete.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f183a02540b19ddb117ab6e690021755770b5f73784eded85066bab395c7cdab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
accept-language: de-DE,de;q=0.9
Authorization: bearer eb80a034af9a77c4c43d5841044feb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 07 Jun 2023 02:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
etag: W/"18c-UDdq46tNmFhkRcWaR9URtM35s0A"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.uptycs.com
access-control-allow-credentials: true
cf-ray: 7d355b5dd87c926b-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
alt-svc: h3=":443"; ma=86400

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 185ms
185ms Image
image/gif 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:08 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 mon Show response
obs.segreencolumn.com/ 0
39 B 100ms
99ms XHR
application/json 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.segreencolumn.com/mon
Requested by: Host: ob.segreencolumn.com
URL: https://ob.segreencolumn.com/i/0036b213134bb87d518c56fbdc671d2b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.uptycs.com
date: Wed, 07 Jun 2023 02:10:09 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 200ms
200ms Image
image/gif 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:09 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 186ms
185ms Image
image/gif 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:10 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 mon Show response
obs.segreencolumn.com/ 0
39 B 100ms
100ms XHR
application/json 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.segreencolumn.com/mon
Requested by: Host: ob.segreencolumn.com
URL: https://ob.segreencolumn.com/i/0036b213134bb87d518c56fbdc671d2b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.uptycs.com
date: Wed, 07 Jun 2023 02:10:11 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 197ms
197ms Image
image/gif 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/blog/cyclops-ransomware-stealer-combo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:10:11 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.uptycs.com/	1970-01-20 12:21:45	Name: __cf_bm Value: Io1yzyjlWjsD9lmSaP17pLpEYghcMu66JfXZeacSTu4-1686103801-0-AUVn+fwGX8vPoqy+J7eD5TodCddAVaf4vgxIhD2mxei6PzXczIGobMZiqmcXtf9yquo1ks5QSKzjGyXPfOOe+2k=
.www.uptycs.com/	1969-12-31 23:59:59	Name: __cfruid Value: 2702b512a6900323dad60cb6c1d10a3c618a6c71-1686103801
.hubspot.com/	1970-01-20 12:21:45	Name: __cf_bm Value: 2YHgR29h3rxRVy2aU5qr_F_WhjgPQyUl6VsqzcadDyk-1686103802-0-AVWo7M8kJIrSS/94JbjN6alEEKgcBRBLYka8mTjBEAUULpDsBwJ3R0YilXXzkvyim5dH7ZmxaL2ZqyEHvYF6ucU=
.uptycs.com/	1970-01-20 14:31:19	Name: _rdt_uuid Value: 1686103802954.71971652-8630-477c-9625-bbecdc0772c4
.twitter.com/	1970-01-20 21:57:43	Name: personalization_id Value: "v1_WUnj+4/B9J1z4f3JgF0vKQ=="
.t.co/	1970-01-20 21:57:43	Name: muc_ads Value: bab39fb4-37f7-4dbf-87e5-df648b139284
www.uptycs.com/	1970-01-20 12:23:10	Name: ln_or Value: eyIxMjUyOTIyIjoiZCJ9
.linkedin.com/	1970-01-20 14:31:19	Name: li_sugr Value: 8e5e1e65-677e-409b-88ea-7e8dabce033d
.linkedin.com/	1970-01-20 21:07:19	Name: bcookie Value: "v=2&da3af1d9-2b71-4e00-8ae8-841db91f66c7"
.linkedin.com/	1970-01-20 12:23:10	Name: lidc Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2570:u=1:x=1:i=1686103803:t=1686190203:v=2:sig=AQEFGDy6CeHztsgmnL2iuApqYyP-LUJx"
.linkedin.com/	1970-01-20 13:04:55	Name: UserMatchHistory Value: AQKrOAizIw6FgwAAAYiTnk22YIlyuJeQ6SIPMwQcZi4BJ96Sbro-cZlVKtR4wdgcEDDxTROXHyv3Pg
.linkedin.com/	1970-01-20 13:04:55	Name: AnalyticsSyncHistory Value: AQIZRp4GfLwCDwAAAYiTnk22eiwm0kSPmdkXk8XP2GUXxtTFXbQsU8RsMm7K6avbBGqy88ratoJ323wSXObx-A
.uptycs.com/	1970-01-20 14:31:19	Name: _fbp Value: fb.1.1686103805697.874005971
.www.linkedin.com/	1970-01-20 21:07:19	Name: bscookie Value: "v=1&2023060702100572796e63-d3ec-4293-88f2-d3c5a60e5c23AQFunn8kc1lJXca98D_hQVCSmEylCmC_"
.linkedin.com/	1970-01-20 16:40:55	Name: li_gc Value: MTswOzE2ODYxMDM4MDU7MjswMjGGw+eOh8IX/xkh0R4yxjGZ5x8lrA2KYK74o1wixmkvFg==
.uptycs.com/	1970-01-20 14:33:07	Name: _cq_duid Value: 1.1686103805.1qC6S4ErfUckxGT7
.uptycs.com/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1686103805.AaNIrlxxqPP2Od46
obs.segreencolumn.com/	1970-01-20 20:25:34	Name: cg_uuid Value: 3a7071d3bc3ac9caa40317343cb794c4
www.uptycs.com/	1970-01-20 21:57:43	Name: _gd_visitor Value: ce7146ad-27e8-4d37-8587-a4efc3d1d230
www.uptycs.com/	1970-01-20 12:21:58	Name: _gd_session Value: b9112602-e99c-470f-8ad4-c41bed6489ce
.6sc.co/	1970-01-20 21:57:43	Name: 6suuid Value: b464110276311900fee67f64c5020000d566f700
.www.uptycs.com/	1970-01-20 21:57:43	Name: _zitok Value: cd2032d7e489d9a6f7c11686103807
.zoominfo.com/	1970-01-20 12:21:45	Name: __cf_bm Value: XM031NvIx0c4ttCYzGK3pBKgfhIMyPTYxH0XdCgNLLE-1686103807-0-AQuNyZ0/2HMj9CU19FjNomMLREHxZhOWykrasqYChBcyKg9dh6mAg435BXi8FbTyDtOQKi+SG1sW8LDFfo7aE9o=
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: b_t6Op_MLxwXhsZI91jOsrTYb5aLeUO0cWUxVvlUkP0-1686103807504-0-604800000

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.uptycs.com/hubfs/Uptycs-Stacked-Logo-500x500-blog-author-pic.png Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2617658.fs1.hubspotusercontent-na1.net
alb.reddit.com
analytics.twitter.com
app.hubspot.com
avatars.hubspot.net
b.6sc.co
c.6sc.co
cdn.linkedin.oribi.io
cdnjs.cloudflare.com
connect.facebook.net
forms-na1.hsforms.com
forms.hscollectedforms.net
forms.hsforms.com
ipv6.6sc.co
j.6sc.co
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hscollectedforms.net
js.usemessages.com
js.zi-scripts.com
lh3.googleusercontent.com
lh4.googleusercontent.com
lh5.googleusercontent.com
lh6.googleusercontent.com
my.hellobar.com
ob.segreencolumn.com
obs.segreencolumn.com
pagead2.googlesyndication.com
pro.ip-api.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
s7.addthis.com
snap.licdn.com
static.ads-twitter.com
static.hsappstatic.net
t.co
track.hubspot.com
unpkg.com
ws-assets.zoominfo.com
ws.zoominfo.com
www.clickcease.com
www.facebook.com
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
www.uptycs.com
104.244.42.133
104.244.42.67
13.107.42.14
146.75.116.157
151.101.65.140
184.30.16.120
2.17.100.184
2001:4860:4802:32::36
2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
2600:9000:20c3:3c00:18:15b9:5a80:93a1
2600:9000:20c3:4600:15:a0d3:77c0:93a1
2600:9000:223e:2800:11:1faa:8080:93a1
2600:9000:237d:6200:2:53b2:240:93a1
2606:2c40::c73c:67e2
2606:4700:10::6816:e17
2606:4700::6810:650c
2606:4700::6810:76be
2606:4700::6810:7caf
2606:4700::6810:8ace
2606:4700::6810:a852
2606:4700::6811:180e
2606:4700::6811:63ac
2606:4700::6811:6dc7
2606:4700::6811:d4f3
2606:4700::6811:d6f3
2606:4700::6812:18c4
2606:4700::6812:8b65
2606:4700::6812:cec9
2606:4700::6812:e0f
2606:4700::6813:9a53
2620:1ec:21::14
2a00:1450:4001:803::2002
2a00:1450:4001:827::2001
2a00:1450:4001:82f::2008
2a02:26f0:3500:16::215:148d
2a02:26f0:ab00::214:8e70
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:600::396
51.77.64.70
00d6bf29c873205f8d626dd698b0cfef89fe0cabeabae24ddb8fb83b5f5a0e1d
00f17737bc51f35701098d94fd13765cacb25e7b824e981a9daf538b495f93ba
01146cec2002108cf0a630227cdab54aaf75745bc5f7175229d75c366e070e48
01178e75912397dcbfaebd986ded988b32fedc279af0da58a5f1115a03200c63
025f1c52285dcd852223dfe74c8889ca3a790bbe9e8ef8c7695cf4f2bd3f83c4
02b49f77333f067dfe414f0f2313f9b47e1633e3ecbbb9126ca2e61373eef9ea
033fe3b5728ce47c95034c13598ee92832dd2607b0d20d142ba18b8c3438bd40
04194040d2ed41b6fa04e72d34ec30ebb4d0a175d6ab31831198d4b63fe63911
05011eb8794ce11a911b68020efb0c16dadf03256b9d71869d518c1ab7d29436
05dc484a7571871d354a9311a8007f740388f285f188c5f4520a6f87c5ff3db4
0683d2c2837b34f8d2a1c3e7e918d3fcdfdbe1537c7b0bdc325f964b8a646739
0a7a5cac2c210993a6a5ac6174ea03902219b5c639c9278b0310495f6c60384e
0bda287c9b9e3f0ae341b440b466d24b39c5ce6fd5f6a143f8f13a2787c9c90d
0bee2d200869493b6a7d7a5453cec13a717ceab674dc4b235078e8839359636c
0c8cc90960480d2f19365d2a121a93c02f0cc0cc3002ead55e9babf83b44ce03
0caf64bbe8954fe9c2166955ec4e1842b2f0780fb0cbb76ed7d60ea0dc59dddd
0f805cedb8940202c801773f94654bfc94cb04e9b541d4df9f93f42c175376ef
1024db20df71903f3bd673cc9e99ce16ea9dc5489260baa0647b88674937d75b
10482743fb0f36a396539ef6d105de5e1822bcb7a14b4af22ea5a53f810b4c42
10b823f7e1c9fbe5a77c8c2e86c730127f85762a1a5cacd4ef73efa3ad8145fb
125141325f226b3bebcb3a4f5e48d16ca4409b0c2ac4fe16da2fbe83ceeae98b
1262e014452ece038ad9015c49467eb6e05c127245a0b097ddacab374fbbc7b7
12c58523e2031b463a50d97ed314bb543a2aa0ac5ac4dce760a91019088abc26
15c98134a7db6b6bdf01c89a7bceb5cc1d2937986d161e5e468475058636428b
167cb332100bce826d24c07b0f765389660052abff884e33186af23eab202079
16a71983d829c9a944751c1a412fd15ca9a24c61f5482d866ae2b92ebad42160
173170988a4d8e3db2ebced2582ee1509f6095501c248945e2ec03fb0e1ff849
181bcece2c56b40da16acba964f68f3865eab2f351f5202c657ddc353bf9467e
185f046d1c26f5cdb94f03ee99715314703ce6749f6616696d42881b4380dd8c
19833b1ff976ca0f82ab04432b3de3e6a4c005b3b8bb2eadc1cfbdfbe93b7ccb
19b66701798932c36f52e2caf58b1f864fd95d7ad2fb44580481d72901999dbe
1aa55a45372916db5b66372e7264879e2d841f7179013b5e30bba0a4ce29048e
1acf813980b6b50d9ca754fc5ada3bbc6716669fc7b5a5a5e3a741bf899a7959
1c582a3753604cf8ce65c1e86c1c85ab7b2c24c7e53b88b72464d77c0a70816a
1ce621824395b9632d5912ac864f9f390835ac19f032873e4b4ab47c615249d7
1cf9c9e906235815bf8ed2d9b9b3c4b211fdcb676e58eeb617ec055521aa60ed
1d3b01c6b440bb12044cbaf755bff205000bd7b582540bce2e29d68617e3479f
1e1bce508370a6994bd3e0e67c257f06875e16ca2038c27f498616a0f0d55687
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
1e9e0178c9a233703cf0e3911e42639b08a2600eeeb90dfc6bcd3ceb71386b34
1ee67c75fc7a2338311434923ec299df60f2db78ec323cd2bf6501a6733b9d18
1fbff42868494cca8f7de3b7149fe4ca0eb0043f9fff74f87cdf0e8145932e83
20ef92addd5e9f9495b402e54ff6f74e3b9d87933745b89ad0deaf7736ab68a7
21f25c0486d370e7c9ecb62c96685617fb254fd8ba3ea4985f0f600cce68e317
2280f2193b242a7f44a1ea6c13e881d98d9873e326fcf4d55d248eb9768e9736
2305b84eeefc760662b19144382fe372c3f803de16ff0a50353f9199f3ab8816
24f64aff27b1368441f0ef15311dc5e2dde4f3b6406d1b9a73cd60525f812bf6
25740c821eaa640f47e09aa3067be10c6cff03038ee6edc2778acfc23234eac1
264a34cc1caf68382b11967483288e61e20cecb6883983e69370c8ad9dddd7be
269ecb0a4ca3a19ea5356891a708984db842b1a1b9015b0f023935799ad64512
26ad18d9d926fef0b77a58ecb16a796ae67026869ed46374635e87782881a018
27e7f50b393d38c6ee48e875b6d649bc88443f105c8cf984b7af4eaa78c8c405
282f0f072527ed5b1802761719061a5d6989d04bd9b5ecaf62db556e96c1f76d
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
2f6b0391239c451fb33725ce2c21fd88af433c256f2928bf479d85fec4cbf8ba
2fc951783cca0a7b96ebd7cad4287432c68e7ed356dca24cb7cd5f379e0d6a5b
309da76a0b0fc705f59bda88be9ac85ee3784b1a4975aa437f402105a28eee76
339bee26a9619577d33dab15ef00cdbddaee9edbd2e0567ed21647f59ed301c0
347b188f7e8cbacd6a78c08bdcd479ee8878e183db0f2686f8271d7bd848771e
35a64c8c2cf505628cac2270e83f8fec18c7fd3ccb6677b0f69d9f23cf078189
364a135e97395201bc9d462d0875b4ac8d4f6dfa8d90ca6805faceabf81b27d4
3799757070241db252436a90cbf25cac68f7e10e7c51580326b01d1a62dc1424
383ac1ac279ddb81b1d99db09742cbedf5471a3ab1e7511285fe3bdc5081e46d
38db9ae5a722e7ce9de054f6b11bc629509253b370ef486bc32c64c312132a1f
39049429cf97402a28f5ba8690850a3bf748e68181ac7822c59b37543fe9b29a
391e7bd40de1fc0e0d471e74939c015d7b146cc32feb395d4c3cab4344680407
3afedeaa6430fd324d45bdb3eaad02844843fc7ea2dd2a37eff7e15f6ee094f4
3be58f53bc92362c1e7bd6fc289f4296cffc07976c51ba1260b0f35b406bc48d
3c5d356794069bfe8be40f47d8e5030a24f70a31c6df0824ecfecf089258a4e6
3c86b75c3a9224cf5a03f74a7222293ffb9c84f83213411148d5f93465c303d0
400e67a02f131bcbbe9f3f1a712c671f8e17befc26eb34d4cbe929e149956c32
402ffbcdd4576d2e1848c2cf7527d802173ea5b52f38bb51f7ae38e561aabd04
41d1476dd2c9d39d825f66917480fcc31de80afb20ffbc464319a9579f6e0962
43bd71ab57ef0a5b7346753c76f7756303f7acfd6860e74eb0cb15ed38779bbc
43dc6750bf9d8e08b0b7e6605050bc0c5d5b8f8adc2b9f5c4ac35607f3a659cc
45cd97fc92948a5dc5682a1fe6ed038d12eccb12705d736514579caf24dd0cb0
45d0d01ddc2a32f97e557e378d859fe6983fced69df35bb7a33b58ec8e8b2b57
45fcd252abfc58017072ef49f95e34314a0e311078cb6e3325561b8239763f7f
46189bb12e231197a9a0231f47e6fc1611a6c8eee3fcd0a4c8db3b16e66dad81
4992fadaf01ef989d22b0cecfbb34db2ce2ad2444eb0857f5be338c28c594952
4a8e0e178f570b9494b98e8ad6a76ab3c74ca5393e0f968fa26b00bd43c30536
4aec96eddab69454e554bb60664da2e5043c363ebef6921644f619523e7274d7
4b6986952de962c8190b4c131528bc626ac3c4b454fca260e69286147f7d1c2c
4b7f97eca5d10cc754596c6cc6fb46b3c2a2ba7aec639988eb4c056ce8677b15
4e9dacacbbf797470a88840bbbdf87376281e132b395049252ea0c184c80d0d9
4f80ce380f0f29aa8c1d32c9d3e19f4236c6731ecc6056ec73b3e8e5d4dc02a1
4f9687af855e3702920c9feedcf07596807bf43bcd8de0b543ffee66f98e1a22
4fff626db979415c4ed29adbc984e1e774939f05eafbeaf0722d2bae77c5db6a
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
513a0196d2e74dc807ffdbd0d5383975e2614946d96ac0699bdf98540f380d23
51a503209526dd0bcd104926559bb8e255b8587f06edf792e8b11df1c9ed2fda
52b7a2e5ff4b88c7d0449f3981da71000b155d4a90d1db941dc90410e276fcb4
531b8e2e19fc6ca9b09f0a73587963b0dbe3b79ea056fb10d0875b91653bbb40
549a7dea917b3193a7a62eba99bab99f88e6ceff6287cd942881645399063db5
57113010b06b98c9f8f45f86da3848be28f4af90e0f6290143955d5d1a947199
597891d43d969c1edea0bccd56d142a0e504d3b2f0fbde3678502917be7bc74f
5b5dc9b51b59dd4b8074da124cb0d662deddb17a65712122bad13db214b28f42
5d88664397af128d5919cc2e1fe36eb5d5d84f25d77eb95db3d2cd18965269da
5e0f35a884a699c2538d2511ec2b8f301d203047e7564e9f7cd9cbce73b5e982
5fd66e5f3cd89390e3ef75d130ae2b4b113a1f378aada6c5037b351af051b88c
61f618abdc510fcbfe4d6e9640ed8ad8b97887eca9624f978800eaa8d87265dd
63435f8e349ab7c51dbf963bd660c8f47085d11e5d1ac14b5cecf94074e9b6b0
6358132966e1b981be9b45cfe3e6b29d36863d44755937fdcb701ebfdcebba0b
64aff949a4c6ff62de62fe273e549a0201ae378a1c1e625f4d354964842b9048
64c7b5f36d8cf4e279f699961f7c5622502d1dc33bc5d4590d7be4675a5f7beb
6508717bf45e6397b67ab097bbc967fa06b8a46f40358ba610318bf7623ac651
66e6da9679e4bdb0c739f19bf129c75f71e6cce3e106f989ea1f0a0297b7b508
6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b
6877a19dc0e1a666316819677f11f16581cffa181f12914d519495148df158e5
68a66405371ff51949896fc42d0e8ae25494b6958143ac97e928ed5c45919848
69a4abdff3c982000a98fed41d42966a478d1f671318328a20c8e33997e2e037
6a068741b8418ff3a57e863dc542f2fb242ad23952c11ebb09fbfb5a278cc1f9
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b01113fd73bb36f6d070ac007ac2d7135086c66fa39083dc09e68cdc6dd234d
6bbf35aafd5e30a0885ba2a5e75a7b9ba6b133a293e149ee6c8178b91d6214d2
6cfcc6a0aba191141c3d8c42d370ede361f4acdc730013c1b299841d80e734bb
6dd890e2f62ba236c4800a6512fde6be77919e66765c318a15c21dcb9d8b3986
6fefedd78f62324de71cde893273b171a83412e653a5f7dbc1128e198c7c29e7
72247706e45f83f7e255885a76aee237f5a77ade4c31fddb48a4564c39079974
723fa11b73a59e983916e2b69eabdcfcc838fddf4bdcf80b3f78d9a866fa27a9
74492769e7a4ae72b969e195cf04027c5da7721a1dcaa822db8fbf6c0eb38679
753faf452f97201f01f08f5ce7bd8147e2e7d8f36f89c1b7b0707e610a633d37
7775c3a94d76e47ed6bda5a404bf940ef8f710223ecdd4bfb7f48edb58925430
7787c2983c623de7ae0541c2ddcdb7dd628d0b721770b94565704bc3780b611a
77a4263576c428ce177182dc24de5156dde9095d3d066cc794d47a1dadcbd6e7
78527320468cfc1d867e2724e5d6f9016b0e041a53a46230b37b1d50983080d4
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a3d560d9f4c1e4452668a4968840bde3b32761835ef7b198397db1d552088df
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7c60a2330c6427ac34384de011a3f9314fac76ce6dac453a392e585ee843e5ab
7cd6a63c2c250cf3c06089db933a644a99afab58922b4d75d572c720d1f00748
806ead6b109b15c7a232abc2fe40677459e022ad2b6e828a2d99fa0e198473e2
81068a2885d4089db7fe0f548674e8b93e80ae7d20023b5dd1d64099e9d66eaa
81ca5b2534d7575e7ed95abd8708d2bb4f2f40f983cd8c79fd0a3b01f319dcd4
81e83ff9e57b6dab6a2bebb900c93ba1d0124eb27b0cecd9fd983bb335790d52
8201a3c0f567064ae54c12ccb0121e8bd59dc31f1cbd9f2ab2044a69ed41317d
82262c011fececb7e8842ce5b332d424a4b770ffc375401f5ac5183510d4e48c
8266d39729b51a3fa3dae41c0983ab5c60a604b31ab3014eac7a7ddd1a6966c4
8526d37cfba05d28de0566a2566b543788c241f791fc10bb2766e5ae15b8ec08
86fb96f7c72af3a732e2a0b6ca2a7466b847b0d38b4444f297d491b74d5e0b35
871b03652a0008600f2a50dd60eec80229b86b7ebc5ceb4a8bf4e092e734c67b
87db1adbfa9997fc7b6655b4fea6ba00e2bb33043fe83186a6241e0d6ad2b2ea
886464fa957e1261e72553b74545fb54123a668a4b7ebe98d27252fcf06b1c1c
895b899e9398eb9b3452e91c112ead04a3a146eb4a8ff44648159bb5f596241a
898376cfd753cf8cb86319d3f5ecaf5c59b8ab38d90894a2c8d5225fafce80f8
8b1b5e2aea7238798fa2c487b50cb4cb7b0416970140f58c403cac0a57a684f5
8b69e6e19b883d8d33f471b99b6ec90e7256d33a0763a3ae9007f230e5960280
8bea1e25ccce900b3717bc6148ea52e6e873a7e18e5bb838bdb9e717a75e2cc9
8c1c33bcbcee66801e1a9e7ea42be36ed745cdb76de4a372f0a4941dc3aaec1f
8cf83e7b0b48ea775eefcccbbbc2fe2ac3bef94b4cc5d48ce78ac9be0086aeb4
8d5c54489238cdd20a08b4787a6c22c8c13fdc223d735d552de5793c7d562362
8d605a66e6a893628f8892b501dce73240ab3490010515086a9d7d47a2b720a8
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
8dfbf4ba923132bfdda3e3c1bba53121024069aed1098249d3e00653c32dec36
8e789d96d7bab02bbed6f04e0ac89e55fab3955b655670971abbc88d5981c7df
8fc9f1facac909542aa513934c6cb47b1d36d50771d1da3368b864ee7bfe029b
907da40b1eef8c8c7e8540f1ed745d3f7d1747f2280195f31515908cd300f84c
90ab7683de64c8c0d9caab3d5b7401cfe1e7aa0b2abffc5465ee3faceeee4073
90c1eab3b4538c8dcab89abc55fd1543863dc9a556ee9d537c0ddb4f954f5bbb
919dbd5fb5da7b6aa838f8b2806089863171c576b9e04cbe25814e3489edb8dd
91fcd16ee338ec3a811b01a394e49fadedb6414173b4e70c1def946e36ed1b96
92863b5f16cc49bcfcf971f68ce525e19ec4c3ee881051724af62228db936d70
92b6882a6f1f89eaea5cd62363f34180267d117487929efc8e050c20cacc5174
94e9a152864f4b99a19e7ce56ecc8d2540d543e0fa637ae201d96b01382e5c70
965216e5aefbff8eb9979708c07a2414392ed6d780dfe53c27c356e317478727
96c81de7da8622e045b41b4fda9e57c0ea8da4df280ff5b8cd86556e620f8de2
97cd6433bbb9681654b1c13ca36a1764768dc0661c7f99c0d2b7c926d2f2c3f7
98012ac2c9a9f159b72ca52a77e83b7006cbf82eb4fe2bd577dd323c97451fc7
9814c6dada27587c1dc8f3add43aab7795d8bfe5bee64a5e6141bc5f2e1fdad0
9815d9ce08d6fc114bb40678ba47b346e231ba0a8c8ad9f7862794b02d63c950
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98c77c9fcb9c3df92f30db7d22a9e2a4dca1c875cdd0a1bfe3557e3e4ae235d7
98f22e1fd4bfab6b9130e484bbac88de2836e759ecc4a55d70f61602977b020d
991143ba81d57e98ed06c053db767df00729e6d62a696d50ef39760c0e789d68
9b06e4f9701667cbfb2c27b4955dfb26ad87cf2d410df01289c744f17a1a0257
9b1f4eeead3f7385f6a6dd9b4ddb4588ff7f3884618bfb7563e47c4804c1bbe2
9b539042f7864598fc7f4fcc269e625aa84f77923e8c78385efd13cb47665d82
9b92b720b7b27c984ae2b60d01e42295d5fdf44feec18ea8947e3509afe602e1
9ba9ebd0651f0396e50654d49d9cca8139b25f32952b08cee61b00057874bb2c
9bad24e105479fb5068a865e3e3d3a2bcaac9a2ba464f9c4cefd5b5c0eb1bdfa
9c02834b47104a96967e32675a202ead928b3a45d9c699f529163021143bb7a0
9c0d5c750948cad9b79602caf943d8d42314b928364c05f7d339f4c8a36b1e5e
9db0f769a6817cb6e7b2b2502034150c1e6191586be0ecd086f11f9b6a1ae8d0
9e323a3bf913040ce64061d772773acb0bb08c19c7e69c056b6fcfbdf12f525f
9e38cbe8e907849635c9ddeb902d6ee1176093d96ce75d7c9e20fc482e0d859c
9e5a87ff6e5e5ebb4e598a54fe6f64d4432bd4ed6c3b5c8900246ebaf698d08d
9e968a2d348e640ffd1efe0835ce50f4ce7e95472260b2a88334adf2a96175e5
9e996d19f55448797d3acca9478535b351b4322b49bdfce0fe52bcb4ceca5f07
9fc2b1e4b03960e1427fe61aba149c3f9aeb1125b1c00f0fb376ec894f84e4b9
a1748f35e9fc0fb639c8a8a3b2467c5ba7ada3100bf082c6ecfe3292091f9304
a335b144d00c328cbbc9dd396a2e2f3b9b48bd280da59649c0a842aa595f28c8
a39c3cdbdb987dee562a2de964a1d39e27e889fea5e108c3b4ba49fcea2fdc8c
a416e75f43fb801dc96b5bb4a7c4f1cad3d263f54197c4ca11bdab9fdafe1d91
a434db462bf3e2ce10111ecbea36d88ec976eb3466f879d2a24d00c61f8bc2cb
a4a2698c9b28f0e6053921e4832c8c7d14c8847fa0bea29985d3fbb5b2511ad8
a4a4bde6034070447282fb73be8f241da543276b2e48f5aa4e1bc2e3ac795522
a561bff6c38dd210c66d3da2c273ea3aebeafdd9aa80515327d49667e91ed5bf
a5a543acd7ab6ed1bbb7e32831aba10a371c74b5b5c5efbc156bddfe32799ad1
a62483dcc7ded7389deaa0348e8151190b8ece8eba2f45b956e1d4356ce2f265
a9e8a21f5e8ff639f82cfe75f3bd2debecfca4ce93e6493ffe5b5ffbad1bcd17
aae2b1e338611989cde7244a67eb6e5de56cf18b81044f4cafdf6cd2f6629b44
ab704f205aaea113a0687d8a4bd57bf4d0c0697a230c98b64e7638b46b422c47
abe68f8862826e530edacb57fd5f467a8adc0c2fad5d85503cebfcdcd17f5feb
abedb392188f303dac70a7c23856dfaef5bed3a2d166f59c5f7ef34bd77ad1a9
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acbc247c6499740853af4443a11e625ee66eb77e475486251faa47a3aef3f158
ae49970411fe1d34b61ff63481dae8dc1d6be4e7797a01c5ee6531ec95fb9aca
af3a700379df32ab151f229ec5c8b02e8a57fe2080da39ac40595077f599630c
af9ef0792004f7b6880fade9bb4fdca820947123ccee13488b44b3782660e8a7
afb0477f93dd3bd75ae28ce2ece49e77babdc9fa24c39cc08ad3474fb3a343bc
afd60f081e93bfdd3ae88f14119219e17d1ce9f48ffdb1bab92fb19fb8993f26
b03d7c8130b00310764853be1c2ab391120e890ed80a3799f5e694aa1c4a692e
b1f8fc3977d8130f942563b9b171c5dce6311407f6e9069e221f7bc7c856f65d
b24cceb36c48c7f116606cc3684976c2f8de8c4338daa464b6f4ebef2c8dc175
b2966087f902bdad034c2c55a6d82a084502b3bb1c41d53881cd6df930812658
b3199e769b342b2d0961b80219c5db5891aa5cc6cf850e929a90b768d9045e93
b39681dd3f4ed0735e47dac7ba6537cb7bde322d22386292da18fdb3ea11ec9b
b3d79b62944fe63e1478387db96f294c05c173c36d97173a02e5c8cea7400f79
b438a4e09b24c25e0a69e767c2d3d7bccd8a4707cd7a7872b682d4b3d473b981
b48a0510a39e949184e762267407b9d7292b4fd69dcbf953b657c1e9cfc4cc61
b4dc23d4009b37e109f94fa490050a55b81e2fefb47842dc09a1b5e775af683d
b4f5e38d67b77eea9860e7b0c715c55887a2a24ff4a7a125e24315c5b56ae9a4
b9a1433f2255340d75e19439b2a337caef50d3ad3f7a8cc907b711db7e2ba935
bc08a124c16c25ff3b71fa636c2ee94d1720aa56bd8b255813c5028e22fb37f7
bd6bc293197999e9a505f41aaf63637517977b0d3a9e5deecad9ca960a8add2e
bd9c2b524477a8b54f804e2f107a83cd38403b0ce63c8daf4f3235b23d8fc7ec
be2bf63948323229931c41d2f3482782e3dd88b7895fb87b21e92750232f5aaa
be6a0480cfbdbf9b0fa8ec29edc283bec6d920b2d09081b19438f15d0c944962
be6e0d9ed2365febfabce590a615d3ff17cd1a5978c2a80356d70268a332b26a
beda9163ca9562766672fd468d2b33345038fb4285a161a9609c05926888878e
beef769731f181afee1e5ef1c0d1832e30c5e8d1e2864b27b0d18198442543b4
bfbeea09eb526908e198e475137c59fb253b93a902c7214f4d4f1d2c6a6bd360
c0bd016d025a1e57c922e585f52f7f3fa683224e87d818aae7af3147d54748b8
c2b349073b8421ec84bfd334c01132010daabccff2f8975a9d242720a37a7da3
c2d5c679a038bac7f7eda37d56570e9ffdc2fbd79e19a44b9d9de7b2bf62ef1c
c409d69a33dc16e7bf3b649e148fa83553ad1856f044b449d1bc737c0f185eb5
c431b7004f2def447ab4b6b2e63e694f322c65162a22e689f91a69e391241df4
c636d2bb6213b1d42aa3f49a592a1315fe1f2ee74fa34e8d3abeb8422960ba49
c7dc2b5603e9fd4e9cece7a7e43c9efffadc80b18adf6f64bb164c67a49baaa4
c860d7ce21c26a7ffda7cc827220cae3a65b123b315d6d3cb62b6323c3de8f86
c9d0753ba6612b20af78e370d54b09f67f43b3bc48cf266f407276e077b35838
c9fcabeef08f6373ebb801a4e39e571cffd0c1234b8318b919d42b1072ca0867
cb8b41e200f78c6a320b4b693fec261f736cace6360bdec556dd3f2714a9c3f9
cba766236206ed7627c08ad6cb79e65212f918b6c151d1ecbd60f6c3cdc60429
cbd32f807292140733f453c8f417b434edb02accf7398493821f03fdad1bb4a6
cbfc0950b48287841b007a69a8484bd2c02221e9a70da3fc7b278be590835b79
cc4b0be7900a697d24ac97c2042dda59ff965530e25be103610587aee4162e8b
cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a
cde938d89353e3bfa6a34b7c9221284a27ddb100c43ae2b3c999db478977170d
cf6f4daa876b8b86305acd241e9f4db721fba2a9627e13a6f601c767589f9539
cf7a489f64cf82675aadf82eddeb5190fb5f6810a3b679b027d11cb71b9f4db8
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cfe54f49db449fb9fed45514921a18f6fa352af4da35f818ab626431dbc85e67
d0207219f37ee173551903855b6526d64a72471c3093b60e11ff98098f5c15ef
d17e6276a8bb6d49c9cafef93a50c1d9c563f3415ab3518ba6d47d2ae765101c
d219a93679dd31fc9e316d6b059228beb19aea63be49ccebc20dd057a4c6dac1
d3c6300ea64aa769c89071145843dc70ac0720161b2c17eac48471aabd0c1ac2
d437ff46c22a64aa5353e11a1c606c167f8558afe74230e2c3097c99053d7682
d482de483f2af3d37d1abe50db90607df7de7226cd4b809d06e7e2ffd3403171
d80ec80341929f02cf08a7d43a1cad7763c0318d093dceab379f258d0490f626
d90f2888073bf71f63892b79e25bf1e644a0c736ab9b5d441ae0af11f01210dd
db4a0289f5d52954c66bffe18aaefcaa2d8ce954f6f7c151034a9f23332731dc
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd554ca021226758ccabb01a044ada11ceb9ada07704ca3ed5a7eb8da804b0e3
dd7a6c710c8054479996fe2bf1b710df713004aeb8e87fa495513b865223e018
ddc55320c2dab27775fe7f37b1a4ef0bf1880c94778c07750a99a0fd55fdca63
de6019e9456023da3978a28fe996ba36455b75a1031e7c15fd72e9f8fc78c400
deb74c4a1729f4e2d90c8616a9837d7e0128d290fcad033e673621dfc08bf61e
df1b8bb1d8e1634b1313cf0de0c5180a1d7887d5a5c23ec8f02ca8dae273a878
e08d5eef0ce4766aab6c3cb19a447fd7b30db98b33b3b47e7e6e6d38194eb23a
e17794f8ad4196da7e61b94425d3264e4393e19e5eb01f1e46916f9b12da1f59
e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6
e2ddc0ec4c7c74a5ecfa9a2cfb17f8df2ede6671ce51d1b2df968b2c3732efcb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e504e70aef8546bedac7c061f01528b56e2c1dba8f153d1bb99862e83d7f79
e52158ca0ed26f8b918eb4486ae7dab42deafc8ff926ba5fc15e194d36ceff5d
e59e37b4497382cb006c541425c768074140e21f18210fe8e3346c9375a33439
e6067dcd5dce2a3474610f14be162b671b90e8d916358d4cf324a526fb5e9ac6
e67a9b92883ef1ff613d10804cbfe272bfd05ea2e3e47d5383e3d74a2221f816
e6b21b1e732a4a791981eee719954c8f055a2465e0a5bb6e1e8bb26c358d03bc
e71db21912b421c89aef558da5b3ac3075a04a1cbc38db955a30d36da9c1a5d3
e7d73ae35c3412dd12292590b041a66f83a14f7766041b8d523fadf78c8d7daa
e7e8cbed7218afa426f892f79e64736c528e55a524926d61e833f314f4381814
e948d524b4c7e8974319a3abe22085503bb05e331f7879628bd0db7b6922362e
eb0a88c1688bc286cc56820f7233e73c0fd8c109c77f3a9f1ad7a8212428ec96
ec034c981ffaa07c496671745972b1c2b0156a2a81e9603a7bd906c3dc36c3db
ec0db20b624721da4885859a24bcf6f66ce06c7d6b174fa6e388e7ce7d8cf4e9
ee7300b05f07a37859f820b11921b472aafd6ad11dbca94445f4f73bf2beeb01
eed334d1c96abd8c03aacf86a2a30fb9d391290f27e49b0fa456a7af8f1a1bf8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f03450bb6efbf09d31b7d62bd7b5ebe3e21ca4c132341b929dcfd2d0e21f133e
f0b10fcb00f54ff132f2ba46b0b68959a4fabf769d6eaffd73e7c55186ea81f4
f183a02540b19ddb117ab6e690021755770b5f73784eded85066bab395c7cdab
f44a0999dce72299487d3cb56bdfbb90e3f82dd9e501d37a82deec19b482d8ad
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f7586df149c56356640efea7482bc3092d1598fdf7826c7c0c239eb23c7f2960
f7944796ddd5fcfea5a16d0a01e0179972a31c071aa2fda7ba986323a6790752
f7e91209b1d7a3b7654fba96853f5a8a76f9e6df777f968497b055bcd601bc5e
f84bb2319f46811986bd36d443b6cae0001c98ec5ec536a37e5eb9dcd720af1c
fae0d60a98d3217d3b7dfd3dc684e69f9a13dd1e3de30f0987a2ae3accac66da
fd5e0c3a0682f03217f201588e51e77bf778d5506224074918f505423f0e25a2
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fe138a2d81c1409180b6036cb3e8fedbd65f725150f08afba8d6cea0a8e9d506
fed1fff45f56f577091f0cc42e24cd5e04d4cf834f00f29f25bbbd1accc462bf
fee9b6b771116a9fb6a250561e8c91101496626b10f3495ab3988e53ce21bd33
ff83d2d031c4a5286d3bf27c673cf534bad0171e59b9236b4e079ac62826f6e1

www.uptycs.com Open in urlscan Pro 2606:2c40::c73c:67e2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

333 Requests

99 %HTTPS

80 %IPv6

35 Domains

48 Subdomains

40 IPs

2 Countries

51284 kBTransfer

54736 kBSize

24 Cookies

9 Outgoing links

Redirected requests

333 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.uptycs.com Open in urlscan Pro
2606:2c40::c73c:67e2 Public Scan

Screenshot
Live screenshot

Full Image

333
Requests

99 %
HTTPS

80 %
IPv6

35
Domains

48
Subdomains

40
IPs

2
Countries

51284 kB
Transfer

54736 kB
Size

24
Cookies

333 HTTP transactions
7 data transactions