www.appgate.com Open in urlscan Pro
50.19.203.144 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
Submission: On November 19 via api (November 19th 2020, 2:47:07 pm UTC) from US

Summary HTTP 60 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 22 IPs in 5 countries across 21 domains to perform 60 HTTP transactions. The main IP is 50.19.203.144, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.appgate.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 3rd 2020. Valid for: a year.

This is the only time www.appgate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	50.19.203.144 50.19.203.144	14618 (AMAZON-AES) (AMAZON-AES)
2 6	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:818::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
1 3	3.220.33.83 3.220.33.83	14618 (AMAZON-AES) (AMAZON-AES)
2	2a02:26f0:eb:... 2a02:26f0:eb:386::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	52.205.8.225 52.205.8.225	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	199.232.52.157 199.232.52.157	54113 (FASTLY) (FASTLY)
1 4	52.44.242.176 52.44.242.176	14618 (AMAZON-AES) (AMAZON-AES)
1 1	65.9.96.39 65.9.96.39	16509 (AMAZON-02) (AMAZON-02)
12	54.192.229.43 54.192.229.43	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
1 3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	99.83.219.81 99.83.219.81	16509 (AMAZON-02) (AMAZON-02)
1	54.192.229.74 54.192.229.74	16509 (AMAZON-02) (AMAZON-02)
60	22

8 50.19.203.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-203-144.compute-1.amazonaws.com

www.appgate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:7daf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.220.33.83 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-33-83.compute-1.amazonaws.com

tracking.leadlander.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:eb:386::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.205.8.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-8-225.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.52.157 (United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.44.242.176 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-242-176.compute-1.amazonaws.com

track.leadlander.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lltrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.96.39 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.192.229.43 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-229-43.waw50.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.83.219.81 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.229.74 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-229-74.waw50.r.cloudfront.net

static.intercomassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	intercomcdn.com js.intercomcdn.com	492 KB
8	appgate.com www.appgate.com	169 KB
6	cookielaw.org cdn.cookielaw.org	95 KB
6	unpkg.com 2 redirects unpkg.com	51 KB
5	stackadapt.com tags.srv.stackadapt.com	7 KB
5	leadlander.com 1 redirects tracking.leadlander.com track.leadlander.com	25 KB
3	facebook.com 1 redirects www.facebook.com	593 B
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	1 KB
3	intercom.io 1 redirects widget.intercom.io api-iam.intercom.io	4 KB
3	google-analytics.com www.google-analytics.com	19 KB
2	lltrck.com 1 redirects lltrck.com	520 B
2	facebook.net connect.facebook.net	91 KB
2	licdn.com snap.licdn.com	3 KB
1	intercomassets.com static.intercomassets.com	746 B
1	google.de www.google.de	107 B
1	google.com www.google.com	115 B
1	t.co t.co	170 B
1	twitter.com analytics.twitter.com	284 B
1	doubleclick.net stats.g.doubleclick.net	70 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googletagmanager.com www.googletagmanager.com	66 KB
60	21

	Domain	Requested by
12	js.intercomcdn.com	widget.intercom.io js.intercomcdn.com www.appgate.com
8	www.appgate.com	www.appgate.com
6	cdn.cookielaw.org	www.googletagmanager.com cdn.cookielaw.org
6	unpkg.com	2 redirects www.appgate.com
5	tags.srv.stackadapt.com	www.appgate.com tags.srv.stackadapt.com
3	www.facebook.com	1 redirects connect.facebook.net
3	tracking.leadlander.com	1 redirects www.appgate.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	api-iam.intercom.io	js.intercomcdn.com
2	lltrck.com	1 redirects
2	px.ads.linkedin.com	1 redirects
2	track.leadlander.com	www.appgate.com
2	connect.facebook.net	www.appgate.com connect.facebook.net
2	snap.licdn.com	www.appgate.com snap.licdn.com
1	static.intercomassets.com
1	www.google.de
1	www.google.com
1	www.linkedin.com	1 redirects
1	t.co
1	analytics.twitter.com	static.ads-twitter.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	widget.intercom.io	1 redirects
1	static.ads-twitter.com	www.appgate.com
1	www.googletagmanager.com	www.appgate.com
60	24

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
twitter.com
www.facebook.com
www.youtube.com
onetrust.com

Subject Issuer	Validity	Valid
*.appgate.com DigiCert SHA2 Secure Server CA	`2020-09-03` - `2021-10-05`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-02` - `2021-08-02`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.leadlander.com Go Daddy Secure Certificate Authority - G2	`2020-04-28` - `2022-04-28`	2 years	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.srv.stackadapt.com Gandi Standard SSL CA 2	`2018-11-05` - `2020-12-29`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.intercomcdn.com Amazon	`2020-03-29` - `2021-04-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh
www.google.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
lltrck.com Go Daddy Secure Certificate Authority - G2	`2020-09-23` - `2021-09-23`	a year	crt.sh
*.intercom.com Amazon	`2020-05-13` - `2021-06-13`	a year	crt.sh
intercomassets.com Amazon	`2020-08-15` - `2021-09-14`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
Frame ID: 75DF5DD5731A9E1DBE8D9E46D3006431
Requests: 49 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.ffe9299b.js
Frame ID: 144E667F028F6B4F24759A7259FFEF0D
Requests: 9 HTTP requests in this frame

Frame: https://js.intercomcdn.com/fonts/proximanova-regular.a7942249.woff
Frame ID: C0BEB5B6945138EB579AA799140B2505
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/images/dismiss.249568e7.png
Frame ID: CCF9BEA900FB2917C0474CAB1A60E465
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

60
Requests

100 %
HTTPS

52 %
IPv6

21
Domains

24
Subdomains

22
IPs

5
Countries

1025 kB
Transfer

3421 kB
Size

0
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.linkedin.com/cws/share?url=https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/appgate-security/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/AppgateSecurity
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AppGate-106982557542101/
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC-8GvxcZbm-R3EJNl8jYjiQ
Title:

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://unpkg.com/axios/dist/axios.min.js HTTP 302
https://unpkg.com/axios@0.21.0/dist/axios.min.js

Request Chain 7

https://unpkg.com/vue-multiselect@2.1.0 HTTP 302
https://unpkg.com/vue-multiselect@2.1.0/dist/vue-multiselect.min.js

Request Chain 23

https://widget.intercom.io/widget/63982d58ffa65dff581108e175da192af9fb498a HTTP 302
https://js.intercomcdn.com/shim.latest.js

Request Chain 31

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1900577&url=https%3A%2F%2Fwww.appgate.com%2Fnews-press%2Fappgate-labs-analyzes-new-family-of-ransomware-egregor&time=1605797211589 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1900577%26url%3Dhttps%253A%252F%252Fwww.appgate.com%252Fnews-press%252Fappgate-labs-analyzes-new-family-of-ransomware-egregor%26time%3D1605797211589%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1900577&url=https%3A%2F%2Fwww.appgate.com%2Fnews-press%2Fappgate-labs-analyzes-new-family-of-ransomware-egregor&time=1605797211589&liSync=true

Request Chain 40

https://www.facebook.com/tr/?id=540195559918242&ev=PageView&dl=https%3A%2F%2Fwww.appgate.com%2Fnews-press%2Fappgate-labs-analyzes-new-family-of-ransomware-egregor&rl=&if=false&ts=1605797211662&sw=1600&sh=1200&v=2.9.28&r=stable&ec=0&o=30&fbp=fb.1.1605797211661.687739703&it=1605797211577&coo=false&rqm=GET HTTP 302
https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fwww.appgate.com%2Fnews-press%2Fappgate-labs-analyzes-new-family-of-ransomware-egregor&ec=0&ev=PageView&fbp=fb.1.1605797211661.687739703&id=540195559918242&if=false&it=1605797211577&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1605797211662&v=2.9.28

Request Chain 42

https://lltrck.com/api/tracking?accountId=33288&page=https%3A%2F%2Fwww.appgate.com%2Fnews-press%2Fappgate-labs-analyzes-new-family-of-ransomware-egregor&referer=&fp=&uuid=ls67644c-5ade-405a-9d83-f7a49a5cc41b&cl=0 HTTP 302
https://lltrck.com/tracking.png

Request Chain 46

https://tracking.leadlander.com/api/tracking?accountId=33288&page=https%3A%2F%2Fwww.appgate.com%2Fnews-press%2Fappgate-labs-analyzes-new-family-of-ransomware-egregor&referer=&fp=7fe850233a9dba8d28e74b09104d56e1 HTTP 302
https://tracking.leadlander.com/tracking.png

60 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request appgate-labs-analyzes-new-family-of-ransomware-egregor Show response
www.appgate.com/news-press/ 47 KB
10 KB 2455ms
2454ms Document
text/html 50.19.203.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.19.203.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-19-203-144.compute-1.amazonaws.com
Software: Apache 2.x /
Resource Hash: 460d3bb059b8eab933b4bc33bedb22c2138828208908451d8fd4cd6a75c96835

Request headers

Host: www.appgate.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 19 Nov 2020 14:46:48 GMT
Server: Apache 2.x
X-Robots-Tag: all
Link: <https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor>; rel='canonical'
Referrer-Policy: no-referrer-when-downgrade
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10137
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK Akkurat.woff2
www.appgate.com/fonts/ 20 KB
21 KB 112ms
111ms Font
application/octet-stream 50.19.203.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.appgate.com/fonts/Akkurat.woff2
Requested by: Host: www.appgate.com
URL: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.19.203.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-19-203-144.compute-1.amazonaws.com
Software: Apache 2.x /
Resource Hash: 2a23132025b4590c6b7a9007a47d9a6145e73afe3e2db988e8e75d3cb73a5897

Request headers

Origin: https://www.appgate.com
Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.appgate.com
Date: Thu, 19 Nov 2020 14:46:51 GMT
Last-Modified: Wed, 18 Nov 2020 14:03:31 GMT
Server: Apache 2.x
Accept-Ranges: bytes
ETag: "5168-5b462138792c0"
Content-Length: 20840

GET
H/1.1 200
OK Akkurat-Bold.woff2
www.appgate.com/fonts/ 14 KB
14 KB 113ms
112ms Font
application/octet-stream 50.19.203.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.appgate.com/fonts/Akkurat-Bold.woff2
Requested by: Host: www.appgate.com
URL: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.19.203.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-19-203-144.compute-1.amazonaws.com
Software: Apache 2.x /
Resource Hash: 0aebbe3c19408b68e84e6c5175d7000ad95ec1e43a2a056507841dbcf71f5381

Request headers

Origin: https://www.appgate.com
Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.appgate.com
Date: Thu, 19 Nov 2020 14:46:51 GMT
Last-Modified: Wed, 18 Nov 2020 14:03:31 GMT
Server: Apache 2.x
Accept-Ranges: bytes
ETag: "37a0-5b462138792c0"
Content-Length: 14240

GET
H/1.1 200
OK SharpGroteskSmBold25.woff2
www.appgate.com/fonts/ 51 KB
51 KB 109ms
109ms Font
application/octet-stream 50.19.203.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.appgate.com/fonts/SharpGroteskSmBold25.woff2
Requested by: Host: www.appgate.com
URL: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.19.203.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-19-203-144.compute-1.amazonaws.com
Software: Apache 2.x /
Resource Hash: 3d390a89315ed95b2b16e59143fb4f00cd7f58c617667d8f036b18527f20f20b

Request headers

Origin: https://www.appgate.com
Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.appgate.com
Date: Thu, 19 Nov 2020 14:46:51 GMT
Last-Modified: Wed, 18 Nov 2020 14:03:31 GMT
Server: Apache 2.x
Accept-Ranges: bytes
ETag: "cc04-5b462138792c0"
Content-Length: 52228

GET
H/1.1 200
OK style.css
www.appgate.com/ 95 KB
15 KB 113ms
111ms Stylesheet
text/css 50.19.203.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.appgate.com/style.css
Requested by: Host: www.appgate.com
URL: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.19.203.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-19-203-144.compute-1.amazonaws.com
Software: Apache 2.x /
Resource Hash: 33594f7827e6a194749d8cf2c718ee0a14b2ef2d2a2c77d0a53c56d0b07bdd64

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 19 Nov 2020 14:46:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Nov 2020 14:03:31 GMT
Server: Apache 2.x
ETag: "17df6-5b462138792c0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Content-Length: 15500

GET
H2 200 vue-multiselect.min.css
unpkg.com/vue-multiselect@2.1.0/dist/ 7 KB
2 KB 319ms
317ms Stylesheet
text/css 2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/vue-multiselect@2.1.0/dist/vue-multiselect.min.css

Requested by

Host: www.appgate.com
URL: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddffc1fb5857d5643c0113e624d013e677a00538184616877dbce212abbbfc41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 14:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1417189
vary: Accept-Encoding
cf-request-id: 06829204ce0000177e8bb8d000000001
last-modified: Sun, 18 Mar 2018 17:24:25 GMT
server: cloudflare
etag: W/"1c46-REXhA/xTGnqKrQ6n7ISPoCcwNxc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: f148ca5c685788dfd7cd92c889a4c77f
cache-control: public, max-age=31536000
cf-ray: 5f4ab91a9fe0177e-FRA

GET
H2 200 vue.min.js Show response
unpkg.com/vue@2.6.12/dist/ 91 KB
33 KB 272ms
270ms Script
application/javascript 2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/vue@2.6.12/dist/vue.min.js

Requested by

Host: www.appgate.com
URL: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29296ccacaa9ed35ed168fc51e36f54fd6f8db9c7786bbf38cc59a27229ba5c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 14:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 904904
vary: Accept-Encoding
cf-request-id: 06829204c10000177eba01b000000001
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"16de6-5V3x99bCiO5z1Dm6sm3QBv/uevM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: e6a63c82a369d0d2a761e5d1ffa75554
cache-control: public, max-age=31536000
cf-ray: 5f4ab91a9fe5177e-FRA

GET
H2

200

axios.min.js Show response
unpkg.com/axios@0.21.0/dist/
Redirect Chain

https://unpkg.com/axios/dist/axios.min.js
https://unpkg.com/axios@0.21.0/dist/axios.min.js

14 KB
5 KB

31ms
31ms

Script
application/javascript

2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/axios@0.21.0/dist/axios.min.js

Requested by

Host: www.appgate.com
URL: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38f9f561f70487d5b6a701758924bec83934f7db588fea654ab092e84b1af4d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 14:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 664702
vary: Accept-Encoding
cf-request-id: 06829205400000177ef3946000000001
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"379d-OlRa4MjtGXtBYRzsitdxTSE6gs0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: c76e938e04a0a1676c513f66f95f3870
cache-control: public, max-age=31536000
cf-ray: 5f4ab91b99e1177e-FRA

Redirect headers

date: Thu, 19 Nov 2020 14:46:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14
vary: Accept, Accept-Encoding
content-length: 53
cf-request-id: 06829204c30000177ef5138000000001
server: cloudflare
location: /axios@0.21.0/dist/axios.min.js
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: a482794c38133fe8a4f9035a5de12393
cache-control: public, s-maxage=600, max-age=60
cf-ray: 5f4ab91a9fe8177e-FRA

GET
H2

200

vue-multiselect.min.js Show response
unpkg.com/vue-multiselect@2.1.0/dist/
Redirect Chain

https://unpkg.com/vue-multiselect@2.1.0
https://unpkg.com/vue-multiselect@2.1.0/dist/vue-multiselect.min.js

42 KB
12 KB

62ms
62ms

Script
application/javascript

2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/vue-multiselect@2.1.0/dist/vue-multiselect.min.js

Requested by

Host: www.appgate.com
URL: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59b0bbf4d5fdd2a27bef073f20ec0c280e6edcdde137548c68ad4fc42455bd6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 14:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1329226
vary: Accept-Encoding
cf-request-id: 068292050b0000177ef3941000000001
last-modified: Sun, 18 Mar 2018 17:24:25 GMT
server: cloudflare
etag: W/"a84c-RSKsyhYCLX3X6OcrVxJUOe8dII4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 5798659542495179612e704a7d23aa60
cache-control: public, max-age=31536000
cf-ray: 5f4ab91b3926177e-FRA

Redirect headers

date: Thu, 19 Nov 2020 14:46:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1242885
vary: Accept, Accept-Encoding
content-length: 72
cf-request-id: 06829204c90000177ec5abe000000001
server: cloudflare
location: /vue-multiselect@2.1.0/dist/vue-multiselect.min.js
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: b20412592baf35b95bd1d8154b47d147
cache-control: public, max-age=31536000
cf-ray: 5f4ab91a9feb177e-FRA

GET
H/1.1 200
OK iframeResizer.min.js Show response
www.appgate.com/ 13 KB
6 KB 110ms
109ms Script
application/javascript 50.19.203.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.appgate.com/iframeResizer.min.js
Requested by: Host: www.appgate.com
URL: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.19.203.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-19-203-144.compute-1.amazonaws.com
Software: Apache 2.x /
Resource Hash: 4db5836169f2f1fecef943071081074422d372aed3d8d21b57c2865d1892e7f2

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 19 Nov 2020 14:46:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Nov 2020 14:03:31 GMT
Server: Apache 2.x
ETag: "34f8-5b462138792c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Content-Length: 5392

GET
H/1.1 200
OK main.js Show response
www.appgate.com/ 205 KB
50 KB 126ms
124ms Script
application/javascript 50.19.203.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.appgate.com/main.js
Requested by: Host: www.appgate.com
URL: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.19.203.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-19-203-144.compute-1.amazonaws.com
Software: Apache 2.x /
Resource Hash: cec0275d8b6aa5551d8a01357d217cc2ba430d70f2376e1bf2a3c47c0cd6c12e

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 19 Nov 2020 14:46:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Nov 2020 14:03:31 GMT
Server: Apache 2.x
ETag: "334ad-5b462138792c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Content-Length: 50864

GET
H/1.1 200
OK style.js Show response
www.appgate.com/ 4 KB
1 KB 218ms
107ms Script
application/javascript 50.19.203.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.appgate.com/style.js
Requested by: Host: www.appgate.com
URL: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.19.203.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-19-203-144.compute-1.amazonaws.com
Software: Apache 2.x /
Resource Hash: 4291cf8670ad74e3f5e6418f4fb66962f1cb55481b1a1a81bf9f2f746b07d8da

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 19 Nov 2020 14:46:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Nov 2020 14:03:31 GMT
Server: Apache 2.x
ETag: "1075-5b462138792c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Content-Length: 1185

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 465 KB
66 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLVHC2S

Requested by

Host: www.appgate.com
URL: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

62b57da949ac2de23bdebff31055d49412d34d9ce454da09e04fe88e6ca24de0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 14:46:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67863
x-xss-protection: 0
last-modified: Thu, 19 Nov 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 19 Nov 2020 14:46:51 GMT

GET
DATA 200
OK truncated
/ 348 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96c5c56ac7f37aca317cb87f1feca56d2b91f9bf908f6716cdc9fcee6fe99a51

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1af3347561ed0676f114eeea475f30845d9a4cbbe584b090fa3e9569b3f05d55

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLVHC2S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 5463
date: Thu, 19 Nov 2020 13:15:48 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Thu, 19 Nov 2020 15:15:48 GMT

GET
H2 200 lt.min.js Show response
tracking.leadlander.com/ 17 KB
17 KB 104ms
104ms Script
application/javascript 3.220.33.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.leadlander.com/lt.min.js

Requested by

Host: www.appgate.com
URL: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.220.33.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-220-33-83.compute-1.amazonaws.com

Software

Kestrel /

Resource Hash

5df7be00fc6004e7cb398488ad628bbea14bfa2865273c0742913ce148642add

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 14:46:51 GMT
last-modified: Thu, 06 Aug 2020 14:28:30 GMT
server: Kestrel
etag: "1d66bfddb0d3fe6"
strict-transport-security: max-age=2592000
content-type: application/javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 17638
expires: -1

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 965 B
761 B 7ms
7ms Script
application/x-javascript 2a02:26f0:eb:386::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.appgate.com
URL: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:eb:386::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 19 Nov 2020 14:46:51 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=83712
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 448

GET
H/1.1 200
OK events.js Show response
tags.srv.stackadapt.com/ 13 KB
5 KB 324ms
110ms Script
text/javascript 52.205.8.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: www.appgate.com
URL: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.8.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-8-225.compute-1.amazonaws.com
Software: /
Resource Hash: a6e5ae66b2afad72863d15ea597cd1e35bebfec8aac4afd1b864bf9fb8d8d503

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 19 Nov 2020 14:46:51 GMT
Content-Encoding: gzip
Cache-Control: max-age=30
Content-Length: 4298
Connection: keep-alive
Content-Type: text/javascript

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 89 KB
23 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.appgate.com
URL: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4620c7cc7faa4ded84a43c1c0a8623d2fa293fe1b821790911229aa02601f7c0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23272
x-xss-protection: 0
pragma: public
x-fb-debug: oE+IFMcNNTCdZZO4xs4KNF7rOYnw1w0kP21uX8/36amUTliScNdUSxWNGtlvXVEXcrcQTFpQKaEorHEqVJA9ew==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Thu, 19 Nov 2020 14:46:51 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 13 KB
4 KB 12ms
12ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLVHC2S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d0d33ff3cbe6054d46a549c75a09323fc711113b82fde575003df837cb9f4e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 19 Nov 2020 14:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: lztHLkvcGPqUR1UL9im3jQ==
age: 3241
vary: Accept-Encoding
content-length: 4134
cf-request-id: 068292059c00000eaba4b6f000000001
x-ms-lease-status: unlocked
last-modified: Tue, 17 Nov 2020 19:25:07 GMT
server: cloudflare
etag: 0x8D88B2E7DF4E3F2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3658e2b1-901e-0035-491b-bd76b3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f4ab91c2a820eab-FRA

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 27ms
27ms Script
application/javascript 199.232.52.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.appgate.com
URL: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.52.157 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 14:46:51 GMT
via: 1.1 varnish
last-modified: Wed, 21 Oct 2020 21:46:56 GMT
age: 62052
etag: "a4cc3f907681b24a3efd540acd5d2996+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1958
x-timer: S1605797212.560615,VS0,VE0
x-served-by: cache-man4140-MAN

GET
H2 200 lt-v2.min.js Show response
track.leadlander.com/ 936 B
1 KB 106ms
106ms Script
application/javascript 52.44.242.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://track.leadlander.com/lt-v2.min.js

Requested by

Host: www.appgate.com
URL: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.44.242.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-242-176.compute-1.amazonaws.com

Software

Kestrel /

Resource Hash

5860771fcd971f0550e445042c677ee63ad53bd617e271ec7dd3fb0f8a5698d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 14:46:51 GMT
last-modified: Thu, 12 Nov 2020 12:26:44 GMT
server: Kestrel
etag: "1d6b8ef14d1d9a8"
strict-transport-security: max-age=2592000
content-type: application/javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 936
expires: -1

GET
H2 200 formalyze.js Show response
track.leadlander.com/scripts/ 5 KB
5 KB 110ms
110ms Script
text/javascript 52.44.242.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://track.leadlander.com/scripts/formalyze.js?llid=33288

Requested by

Host: www.appgate.com
URL: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.44.242.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-242-176.compute-1.amazonaws.com

Software

Kestrel /

Resource Hash

86af905bc5bac7afc4100ab3e93978745f11893387c4f8a2a6557bbbcc0a3b9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 14:46:51 GMT
cache-control: public, max-age=172800
server: Kestrel
content-length: 5448
strict-transport-security: max-age=2592000
content-type: text/javascript

GET
H2

200

shim.latest.js Show response
js.intercomcdn.com/
Redirect Chain

https://widget.intercom.io/widget/63982d58ffa65dff581108e175da192af9fb498a
https://js.intercomcdn.com/shim.latest.js

12 KB
5 KB

42ms
41ms

Script
application/javascript

54.192.229.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/shim.latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.229.43 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-229-43.waw50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 430d4eb53b965efd9ea36e89fc6a964818acedc13b73632bf3f6c6f0a4db3848

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 19 Nov 2020 14:46:42 GMT
content-encoding: gzip
last-modified: Wed, 18 Nov 2020 17:11:37 GMT
server: AmazonS3
age: 10
etag: "962823996174d3fd8efc81ca01592cdf"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 aa9873ca0eff886ad72852b2bde57831.cloudfront.net (CloudFront)
cache-control: max-age=300, s-maxage=300, public
x-amz-cf-pop: WAW50-C1
accept-ranges: bytes
content-length: 4372
x-amz-cf-id: 9WL-jffLDd-Aqscfnm0nnpGFV39kTGT5hyYUayFzxm2DeKICCgOrzw==

Redirect headers

date: Thu, 12 Nov 2020 10:03:47 GMT
via: 1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
server: AmazonS3
age: 621785
x-cache: Hit from cloudfront
location: https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop: PRG50-C1
content-length: 0
x-amz-cf-id: KQ953QKM7qbqdPmRdVdCC645jYDtIUs0aLOLACubd-3qJqSE2Yu7-w==

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
48 B 13ms
13ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=137123499&t=pageview&_s=1&dl=https%3A%2F%2Fwww.appgate.com%2Fnews-press%2Fappgate-labs-analyzes-new-family-of-ransomware-egregor&ul=en-us&de=UTF-8&dt=Appgate%20%7C%20Appgate%20Labs%20Analyzes%20New%20Family%20of%20Ransomware%E2%80%94%20%E2%80%9CEgregor%E2%80%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=161435184&gjid=1841042647&cid=1241646326.1605797212&tid=UA-154308004-1&_gid=396849096.1605797212&_r=1&gtm=2wgb41TLVHC2S&z=797825027

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 14:46:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.appgate.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 3 KB
2 KB 19ms
19ms Script
application/x-javascript 2a02:26f0:eb:386::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:eb:386::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 19 Nov 2020 14:46:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Sep 2020 20:29:41 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=37604
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H2 200 540195559918242 Show response
connect.facebook.net/signals/config/ 235 KB
69 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/540195559918242?v=2.9.28&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

57b63811b6019e075d7acd2f5f7d2628d0e5e4fa1cc6666848202334d4c6da63

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70076
x-xss-protection: 0
pragma: public
x-fb-debug: kubE0PotlT26RIQyqaG4Wo4zyimaBluc1hWyBvyxe0lgl1rBQIFk6FzofT2bbwFXSc4jP+9Q30Fd6+qKB76Fmg==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Thu, 19 Nov 2020 14:46:51 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 b711a54c-0be6-48e2-85d8-489fc5494d10.json Show response
cdn.cookielaw.org/consent/b711a54c-0be6-48e2-85d8-489fc5494d10/ 2 KB
1 KB 15ms
14ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/b711a54c-0be6-48e2-85d8-489fc5494d10/b711a54c-0be6-48e2-85d8-489fc5494d10.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f397d084483921114e6b35cd8f908f1566503eb3fefb00eedd5f35890916d9b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 19 Nov 2020 14:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: odSKC/6Rc8uqSPllZc+0Lg==
age: 342
vary: Accept-Encoding
content-length: 1026
cf-request-id: 06829205be0000c2db0428e000000001
x-ms-lease-status: unlocked
last-modified: Fri, 04 Sep 2020 13:47:13 GMT
server: cloudflare
etag: 0x8D850D907A182EE
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: e970a23e-001e-011d-71b7-b14759000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f4ab91c6f3dc2db-FRA

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 13ms
12ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-154308004-1&cid=1241646326.1605797212&jid=161435184&gjid=1841042647&_gid=396849096.1605797212&_u=YEBAAEAAAAAAAC~&z=1552423025

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 19 Nov 2020 14:46:51 GMT
content-type: text/plain
access-control-allow-origin: https://www.appgate.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
284 B 135ms
134ms Script
application/javascript 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=o34w9&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.appgate.com%2Fnews-press%2Fappgate-labs-analyzes-new-family-of-ransomware-egregor

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 14:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 111
pragma: no-cache
last-modified: Thu, 19 Nov 2020 14:46:51 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 1fc06f0bd6b6f6ef1ebf6e70c27b9888
x-transaction: 00b5be4b00193fc8
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
170 B 137ms
136ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=o34w9&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.appgate.com%2Fnews-press%2Fappgate-labs-analyzes-new-family-of-ransomware-egregor

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 14:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 113
pragma: no-cache
last-modified: Thu, 19 Nov 2020 14:46:51 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 23726a5dd27c32c8ced2df9c671d7477
x-transaction: 0040320e003cda59
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1900577&url=https%3A%2F%2Fwww.appgate.com%2Fnews-press%2Fappgate-labs-analyzes-new-family-of-ransomware-egregor&time=1605797211589
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1900577%26url%3Dhttps%253A%252F%252Fwww.appgate.com%252Fnews-press%252Fappgate-la...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1900577&url=https%3A%2F%2Fwww.appgate.com%2Fnews-press%2Fappgate-labs-analyzes-new-family-of-ransomware-egregor&time=1605797211589&liSync=true

0
64 B

178ms
178ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1900577&url=https%3A%2F%2Fwww.appgate.com%2Fnews-press%2Fappgate-labs-analyzes-new-family-of-ransomware-egregor&time=1605797211589&liSync=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 14:46:52 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: ZSAQcw7wSBYAkdKZtCoAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options: nosniff
linkedin-action: 1
content-length: 0
x-li-uuid: Jpp8ag7wSBaQckcw6ioAAA==
pragma: no-cache
x-li-pop: afd-prod-esv5
x-msedge-ref: Ref A: 40817A116CF34CE6A10F2CCFA161C1A0 Ref B: FRAEDGE1414 Ref C: 2020-11-19T14:46:51Z
x-frame-options: sameorigin
date: Thu, 19 Nov 2020 14:46:51 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1900577&url=https%3A%2F%2Fwww.appgate.com%2Fnews-press%2Fappgate-labs-analyzes-new-family-of-ransomware-egregor&time=1605797211589&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.5.0/ 325 KB
68 KB 14ms
13ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d139c3756ba4ea4e4672c12645de4977faa9ba7e0d550931d2086338fd72dfe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 19 Nov 2020 14:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: AvbD4VHYe4H/QnyU6j8v5w==
age: 967353
vary: Accept-Encoding
content-length: 69711
cf-request-id: 06829205ce00000eab5e972000000001
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:22 GMT
server: cloudflare
etag: 0x8D84A3B58DE8819
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2475bc65-c01e-0004-31b6-b52d64000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f4ab91c7b1d0eab-FRA
expires: Fri, 27 Nov 2020 14:46:51 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
115 B 29ms
29ms Image
image/gif 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-154308004-1&cid=1241646326.1605797212&jid=161435184&_u=YEBAAEAAAAAAAC~&z=766943801

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 14:46:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 32ms
31ms Image
image/gif 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-154308004-1&cid=1241646326.1605797212&jid=161435184&_u=YEBAAEAAAAAAAC~&z=766943801

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 14:46:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/b711a54c-0be6-48e2-85d8-489fc5494d10/8d5fa1ca-c703-4bc4-933b-ca533c30a7d5/ 27 KB
7 KB 12ms
12ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/b711a54c-0be6-48e2-85d8-489fc5494d10/8d5fa1ca-c703-4bc4-933b-ca533c30a7d5/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1175e87b32895358e3fdd4537578d996103606694a571d9d7b4ab38ef3a37ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 19 Nov 2020 14:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: wkQtvmmXdkRkn6yu8toUJw==
age: 341
vary: Accept-Encoding
content-length: 7239
cf-request-id: 06829205e70000c2db12171000000001
x-ms-lease-status: unlocked
last-modified: Fri, 04 Sep 2020 13:47:15 GMT
server: cloudflare
etag: 0x8D850D908593494
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 40d0ef25-c01e-014f-305d-b25aab000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f4ab91cafa5c2db-FRA

GET
H2 200 frame-modern.ffe9299b.js Show response
js.intercomcdn.com/ Frame 144E 233 KB
63 KB 98ms
98ms Script
application/javascript 54.192.229.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/frame-modern.ffe9299b.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/63982d58ffa65dff581108e175da192af9fb498a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.229.43 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-229-43.waw50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 919e0a7826e19e86038d7d1bce3b3606171e026443dd83811972635e9039ed9d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 19 Nov 2020 13:11:40 GMT
content-encoding: gzip
last-modified: Wed, 18 Nov 2020 16:59:42 GMT
server: AmazonS3
age: 5712
etag: "504ae37ec5347b3bd519bce3f59bd8f1"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 aa9873ca0eff886ad72852b2bde57831.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: WAW50-C1
accept-ranges: bytes
content-length: 64527
x-amz-cf-id: hqM5EMzoe-oaq8mufvljOlE5TOxZZdad_kQHi75G4vxyG1wKPRA2oQ==

GET
H2 200 vendor-modern.f585e527.js Show response
js.intercomcdn.com/ Frame 144E 123 KB
38 KB 204ms
203ms Script
application/javascript 54.192.229.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendor-modern.f585e527.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/63982d58ffa65dff581108e175da192af9fb498a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.229.43 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-229-43.waw50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f2115d67889ef9ee779fd47c169d0057c076767844771a2eb6fe918f09760e61

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 19 Nov 2020 14:34:53 GMT
content-encoding: gzip
last-modified: Fri, 13 Nov 2020 12:27:33 GMT
server: AmazonS3
age: 719
etag: "2c1810c9975fbb7cd99a94721133cd02"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 aa9873ca0eff886ad72852b2bde57831.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: WAW50-C1
accept-ranges: bytes
content-length: 38295
x-amz-cf-id: qLVB1nAd4fUlVY9mw3NcBcFBTlRYyHOKmVxMRO4VkTEOBVttKKpqgw==

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.5.0/assets/ 12 KB
3 KB 13ms
13ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 19 Nov 2020 14:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: NgHQTHCGWwGmNE0ie37G8A==
age: 980203
vary: Accept-Encoding
content-length: 3248
cf-request-id: 06829206040000c2db552e2000000001
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:16 GMT
server: cloudflare
etag: 0x8D84A3B556B9C39
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 6d3212fc-301e-001a-5598-b5f789000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f4ab91cdff1c2db-FRA
expires: Fri, 27 Nov 2020 14:46:51 GMT

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/6.5.0/assets/v2/ 42 KB
11 KB 23ms
23ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e767ae101e0f675e800b3c78bcce8b95658524a3b1df6d9d3f1931f41e31f09a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 19 Nov 2020 14:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 8O+MrA5l6uZAF8rA//NRFA==
age: 1406937
vary: Accept-Encoding
content-length: 11144
cf-request-id: 06829206080000c2db8a233000000001
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:19 GMT
server: cloudflare
etag: 0x8D84A3B56BE267C
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: fbc9fdeb-501e-000a-7fb7-b1c16f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f4ab91cdff6c2db-FRA
expires: Fri, 27 Nov 2020 14:46:51 GMT

GET
H2

200

/
www.facebook.com/tr/
Redirect Chain

https://www.facebook.com/tr/?id=540195559918242&ev=PageView&dl=https%3A%2F%2Fwww.appgate.com%2Fnews-press%2Fappgate-labs-analyzes-new-family-of-ransomware-egregor&rl=&if=false&ts=1605797211662&sw=1...
https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fwww.appgate.com%2Fnews-press%2Fappgate-labs-analyzes-new-family-of-ransomware-egregor&ec=0&ev=PageView&fbp=fb.1.1605797211661.687739703&id=54...

44 B
123 B

6ms
5ms

Image
image/gif

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fwww.appgate.com%2Fnews-press%2Fappgate-labs-analyzes-new-family-of-ransomware-egregor&ec=0&ev=PageView&fbp=fb.1.1605797211661.687739703&id=540195559918242&if=false&it=1605797211577&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1605797211662&v=2.9.28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 14:46:51 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 19 Nov 2020 14:46:51 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Nov 2020 14:46:51 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
location: /tr/?coo=false&dl=https%3A%2F%2Fwww.appgate.com%2Fnews-press%2Fappgate-labs-analyzes-new-family-of-ransomware-egregor&ec=0&ev=PageView&fbp=fb.1.1605797211661.687739703&id=540195559918242&if=false&it=1605797211577&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1605797211662&v=2.9.28
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
expires: 0

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

tracking.png
lltrck.com/
Redirect Chain

https://lltrck.com/api/tracking?accountId=33288&page=https%3A%2F%2Fwww.appgate.com%2Fnews-press%2Fappgate-labs-analyzes-new-family-of-ransomware-egregor&referer=&fp=&uuid=ls67644c-5ade-405a-9d83-f7...
https://lltrck.com/tracking.png

68 B
296 B

108ms
107ms

Image
image/png

52.44.242.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lltrck.com/tracking.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.44.242.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-242-176.compute-1.amazonaws.com

Software

Kestrel /

Resource Hash

69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 14:46:52 GMT
last-modified: Wed, 26 Sep 2018 16:48:51 GMT
server: Kestrel
etag: "1d455b8cd761bc4"
strict-transport-security: max-age=2592000
content-type: image/png
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 68
expires: -1

Redirect headers

location: /tracking.png
date: Thu, 19 Nov 2020 14:46:51 GMT
server: Kestrel
access-control-allow-origin: *
content-length: 0
strict-transport-security: max-age=2592000

GET
H/1.1 200
OK sa.css
tags.srv.stackadapt.com/ 83 B
310 B 109ms
108ms Stylesheet
text/css 52.205.8.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.8.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-8-225.compute-1.amazonaws.com
Software: /
Resource Hash: 997c35517fd104ebaac85ffcfbea44cbbb4bc01390cb1a7554f429afbb5e8cb4

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 19 Nov 2020 14:46:52 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 83
Content-Type: text/css

GET
H/1.1 200
OK sa.jpeg Show response
tags.srv.stackadapt.com/ 0
881 B 318ms
106ms Fetch
image/jpeg 52.205.8.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.8.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-8-225.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 19 Nov 2020 14:46:52 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 651
Content-Type: image/jpeg

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 144E 5 KB
2 KB 441ms
440ms XHR
application/json 99.83.219.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.ffe9299b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.83.219.81 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8b87a22ce463223.awsglobalaccelerator.com

Software

nginx /

Resource Hash

fdae1f48c41084045a30ed7916575be401f59542c79b62ae5c4407de8eb27cfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 19 Nov 2020 14:46:52 GMT
content-encoding: gzip
x-ami-version: ami-07e59fef58f5e5bfa
status: 200 OK
strict-transport-security: max-age=31556952; includeSubDomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 001j99josl73lnac7sng
x-runtime: 0.326170
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"fdae1f48c41084045a30ed7916575be4"
x-ratelimit-remaining: 19993
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.appgate.com
x-intercom-version: 844d516d6605108c54319e3c3b80553c80d46659
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1605797220
x-ratelimit-limit: 20000
access-control-allow-headers: Content-Type
x-content-type-options: nosniff

GET
H2

200

tracking.png
tracking.leadlander.com/
Redirect Chain

https://tracking.leadlander.com/api/tracking?accountId=33288&page=https%3A%2F%2Fwww.appgate.com%2Fnews-press%2Fappgate-labs-analyzes-new-family-of-ransomware-egregor&referer=&fp=7fe850233a9dba8d28e...
https://tracking.leadlander.com/tracking.png

68 B
296 B

106ms
103ms

Image
image/png

3.220.33.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tracking.leadlander.com/tracking.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.220.33.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-220-33-83.compute-1.amazonaws.com

Software

Kestrel /

Resource Hash

69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 14:46:52 GMT
last-modified: Wed, 26 Sep 2018 16:48:51 GMT
server: Kestrel
etag: "1d455b8cd761bc4"
strict-transport-security: max-age=2592000
content-type: image/png
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 68
expires: -1

Redirect headers

location: /tracking.png
date: Thu, 19 Nov 2020 14:46:52 GMT
server: Kestrel
access-control-allow-origin: *
content-length: 0
strict-transport-security: max-age=2592000

POST
H2 200 /
www.facebook.com/tr/ 0
53 B 7ms
6ms Other
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryZFHgOfsUHjttA4DP

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 19 Nov 2020 14:46:52 GMT
content-type: text/plain
access-control-allow-origin: https://www.appgate.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H/1.1 200
OK saq_pxl Show response
tags.srv.stackadapt.com/ 138 B
442 B 111ms
111ms XHR
text/plain 52.205.8.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=ZFU04cwmqWk8NIT_jGWGmQ&is_js=true&landing_url=https%3A%2F%2Fwww.appgate.com%2Fnews-press%2Fappgate-labs-analyzes-new-family-of-ransomware-egregor&host=https://www.appgate.com&sa_conv_data_css_value=%20%220-432f70c4-209d-458b-7b69-d14cfb4070f2%24ip%24185.212.171.67%22&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd98ea21c3ce4df4aa7487e9a445f77beadb9d4ab43
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.8.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-8-225.compute-1.amazonaws.com
Software: /
Resource Hash: ab290b59590f376082b8e8faf5078f06691f7506e7cf9556700773be73d6ae4c

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 19 Nov 2020 14:46:52 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.appgate.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 138

GET
H/1.1 204
No Content js_tracking Show response
tags.srv.stackadapt.com/ 0
250 B 219ms
107ms XHR
text/plain 52.205.8.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/js_tracking?url=https%3A%2F%2Fwww.appgate.com%2Fnews-press%2Fappgate-labs-analyzes-new-family-of-ransomware-egregor&uid=ZFU04cwmqWk8NIT_jGWGmQ&host=https://www.appgate.com
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.8.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-8-225.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.appgate.com
Date: Thu, 19 Nov 2020 14:46:52 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET

POST
H2 200 match Show response
api-iam.intercom.io/messenger/web/rulesets/10481882/ Frame 144E 3 KB
2 KB 1354ms
1354ms XHR
application/json 99.83.219.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/rulesets/10481882/match

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.ffe9299b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.83.219.81 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8b87a22ce463223.awsglobalaccelerator.com

Software

nginx /

Resource Hash

256dee6f21d951c9a928931b8b1998ba7104d27e3468a80c266156c4c0571ef1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 19 Nov 2020 14:46:53 GMT
content-encoding: gzip
x-ami-version: ami-07e59fef58f5e5bfa
status: 200 OK
strict-transport-security: max-age=31556952; includeSubDomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 001inflbh0qsttphecog
x-runtime: 1.242100
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"256dee6f21d951c9a928931b8b1998ba"
x-ratelimit-remaining: 19992
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.appgate.com
x-intercom-version: 844d516d6605108c54319e3c3b80553c80d46659
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1605797220
x-ratelimit-limit: 20000
access-control-allow-headers: Content-Type
x-content-type-options: nosniff

GET
H2 200 vendors~app-modern.270d76ab.js Show response
js.intercomcdn.com/ Frame 144E 322 KB
97 KB 51ms
51ms Script
application/javascript 54.192.229.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendors~app-modern.270d76ab.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.ffe9299b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.229.43 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-229-43.waw50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ac751543c7066413b763780bc32bec21f67dbdab42fa8f72d6d08bbc4dbd596a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 19 Nov 2020 14:35:56 GMT
content-encoding: gzip
last-modified: Fri, 13 Nov 2020 12:27:33 GMT
server: AmazonS3
age: 658
etag: "c5664ded9e9f21df103af12fdd9fda8e"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 aa9873ca0eff886ad72852b2bde57831.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: WAW50-C1
accept-ranges: bytes
content-length: 98500
x-amz-cf-id: Q84NUaQz8I-m2iLzVty1tsXhAnNuf3gSyQ8-EGBDX4taWtQwcK1CUw==

GET
H2 200 app-modern.f0e3343b.js Show response
js.intercomcdn.com/ Frame 144E 576 KB
142 KB 51ms
51ms Script
application/javascript 54.192.229.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/app-modern.f0e3343b.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.ffe9299b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.229.43 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-229-43.waw50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0a6ee8a9c79697c47ea11d2942917e6054225d83880c09354de60ca6d1127242

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 19 Nov 2020 14:35:58 GMT
content-encoding: gzip
last-modified: Wed, 18 Nov 2020 16:59:42 GMT
server: AmazonS3
age: 656
etag: "25ce632683baac585bcf5d3c970deffb"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 aa9873ca0eff886ad72852b2bde57831.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: WAW50-C1
accept-ranges: bytes
content-length: 144461
x-amz-cf-id: R4s5f4Sp9XM2ikhpiUcMrYGXXRB8CSW2sGnLjRtw7uHHUnumYbKTWQ==

GET
H2 206 operator.2b750c4a.mp3
js.intercomcdn.com/audio/ Frame 144E 27 KB
28 KB 50ms
50ms Media
audio/mpeg 54.192.229.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/audio/operator.2b750c4a.mp3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.229.43 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-229-43.waw50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a89eff3892013214c69fba61e95f78271fceebaf466217a783f1f568eeef71cc

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 19 Nov 2020 14:07:08 GMT
via: 1.1 aa9873ca0eff886ad72852b2bde57831.cloudfront.net (CloudFront)
etag: "2b750c4aa8cd865ec68fb3658f26a7c8"
last-modified: Mon, 09 Nov 2020 15:26:17 GMT
server: AmazonS3
age: 2821
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: audio/mpeg
Content-Range: bytes 0-27824/27825
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: WAW50-C1
accept-ranges: bytes
Content-Length: 27825
x-amz-cf-id: IP7NaKJLogVb1MWBYlhC4ruoI-Nw6KPJdspem3qd8A03JXnomosfAA==

GET
H2 200 vendors~message-modern.bb8373a5.js Show response
js.intercomcdn.com/ Frame 144E 30 KB
9 KB 43ms
42ms Script
application/javascript 54.192.229.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendors~message-modern.bb8373a5.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.ffe9299b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.229.43 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-229-43.waw50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2a840c46ac1b074b6504c2a7d7df6ee036e92813cd7fabe9f494dc92e70148cd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 19 Nov 2020 14:37:49 GMT
content-encoding: gzip
last-modified: Fri, 13 Nov 2020 10:28:53 GMT
server: AmazonS3
age: 546
etag: "f9c4ca5549ece18d5d8bfdae273ad7b7"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 aa9873ca0eff886ad72852b2bde57831.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: WAW50-C1
accept-ranges: bytes
content-length: 9021
x-amz-cf-id: Le6j_jZSM-Ix4e4r8g62iQHG5v1w3vJfEoeXuij6GVt4GqDflM--iQ==

GET
H2 200 message-modern.ad656263.js Show response
js.intercomcdn.com/ Frame 144E 92 KB
24 KB 45ms
45ms Script
application/javascript 54.192.229.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/message-modern.ad656263.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.ffe9299b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.229.43 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-229-43.waw50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b7ac6a684602051d35cf938b6c52d37af2e964813ae685f4605a8d4ace290815

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 19 Nov 2020 14:34:22 GMT
content-encoding: gzip
last-modified: Wed, 18 Nov 2020 16:59:42 GMT
server: AmazonS3
age: 753
etag: "6f9456ede1aa8daee568099286066b51"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 aa9873ca0eff886ad72852b2bde57831.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: WAW50-C1
accept-ranges: bytes
content-length: 24179
x-amz-cf-id: XHkiaQGGzxGsCkArFi0-UWLomcIdk1pd5qgwcCrNZCjM-pl1IPOxSw==

GET
H2 200 proximanova-regular.a7942249.woff
js.intercomcdn.com/fonts/ Frame C0BE 28 KB
29 KB 44ms
44ms Font
font/woff 54.192.229.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/fonts/proximanova-regular.a7942249.woff
Requested by: Host: www.appgate.com
URL: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.229.43 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-229-43.waw50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20

Request headers

Origin: https://www.appgate.com
Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 14:46:28 GMT
via: 1.1 02362f0faae05408640185d927020628.cloudfront.net (CloudFront)
age: 26
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 28960
last-modified: Wed, 18 Nov 2020 16:59:42 GMT
server: AmazonS3
etag: "a7942249ca925ef356c0f2b1dab17ef3"
vary: Origin
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: WAW50-C1
accept-ranges: bytes
x-amz-cf-id: g41szmqcqYSrwH7pFuBUS3vmTvELNm5cIzydN72G8i_xnnJUChHIKw==

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
122 B 6ms
5ms Image
image/gif 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=137123499&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.appgate.com%2Fnews-press%2Fappgate-labs-analyzes-new-family-of-ransomware-egregor&ul=en-us&de=UTF-8&dt=Appgate%20%7C%20Appgate%20Labs%20Analyzes%20New%20Family%20of%20Ransomware%E2%80%94%20%E2%80%9CEgregor%E2%80%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Intercom%20Messenger&ea=Triggered%20Message&el=Custom%20Bot%20ID%3A%20%27169611%27&_u=YFBAAEABAAAAAC~&jid=&gjid=&cid=1241646326.1605797212&tid=UA-154308004-1&_gid=396849096.1605797212&gtm=2wgb41TLVHC2S&z=1885787671

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 10:18:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16109
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dismiss.249568e7.png
js.intercomcdn.com/images/ Frame CCF9 124 B
509 B 43ms
42ms Image
image/png 54.192.229.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js.intercomcdn.com/images/dismiss.249568e7.png
Requested by: Host: www.appgate.com
URL: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.229.43 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-229-43.waw50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3878bc01fed86222528eaaad9dd98fac94e82c88e7d8bf6e5e3750db93f6caa3

Request headers

Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 14:07:31 GMT
via: 1.1 aa9873ca0eff886ad72852b2bde57831.cloudfront.net (CloudFront)
etag: "249568e72cec7bca9d1887e46abe4f74"
last-modified: Fri, 06 Nov 2020 10:50:41 GMT
server: AmazonS3
age: 2364
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: WAW50-C1
accept-ranges: bytes
content-length: 124
x-amz-cf-id: qvEziqSLEQGY_rB0T--KbOTCqSvUNhzTQNKWiTKCVxptmz_K3YZquw==

GET
H2 200 proximanova-semibold.46e3f047.woff
js.intercomcdn.com/fonts/ Frame CCF9 28 KB
29 KB 155ms
155ms Font
font/woff 54.192.229.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/fonts/proximanova-semibold.46e3f047.woff
Requested by: Host: www.appgate.com
URL: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.229.43 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-229-43.waw50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a4f797cc141bbd16a3341cf3f4f482f0ecd00e14c206cbd2f77c5ca7bc9e704

Request headers

Origin: https://www.appgate.com
Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 13:44:48 GMT
via: 1.1 02362f0faae05408640185d927020628.cloudfront.net (CloudFront)
age: 3727
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 28732
last-modified: Wed, 18 Nov 2020 16:59:42 GMT
server: AmazonS3
etag: "46e3f047b6d568624167376a87e01ebd"
vary: Origin
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: WAW50-C1
accept-ranges: bytes
x-amz-cf-id: vcisWYD9zTGD7_yMAsGN7cQTmuTPseAMowCAixG1KjyYuV1LU_kfAg==

GET
H2 200 proximanova-regular.a7942249.woff
js.intercomcdn.com/fonts/ Frame CCF9 28 KB
29 KB 85ms
84ms Font
font/woff 54.192.229.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/fonts/proximanova-regular.a7942249.woff
Requested by: Host: www.appgate.com
URL: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.229.43 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-229-43.waw50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20

Request headers

Origin: https://www.appgate.com
Referer: https://www.appgate.com/news-press/appgate-labs-analyzes-new-family-of-ransomware-egregor
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 14:46:28 GMT
via: 1.1 02362f0faae05408640185d927020628.cloudfront.net (CloudFront)
age: 26
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 28960
last-modified: Wed, 18 Nov 2020 16:59:42 GMT
server: AmazonS3
etag: "a7942249ca925ef356c0f2b1dab17ef3"
vary: Origin
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: WAW50-C1
accept-ranges: bytes
x-amz-cf-id: 2JVbj7V0ePwMPD5moVMOAYGpWFVnc03ahuw8BISWXGO6T4GdJmEgdg==

GET
H2 200 128-10ee062f48e0940906c058aecb8a44c7a02acfc5e35d0fc9a30981611ace0c75.png
static.intercomassets.com/assets/default-avatars/operator/ Frame CCF9 427 B
746 B 38ms
37ms Image
image/png 54.192.229.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.intercomassets.com/assets/default-avatars/operator/128-10ee062f48e0940906c058aecb8a44c7a02acfc5e35d0fc9a30981611ace0c75.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.229.74 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-229-74.waw50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 10ee062f48e0940906c058aecb8a44c7a02acfc5e35d0fc9a30981611ace0c75

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 13:46:01 GMT
via: 1.1 dfc3a7bfbc818f103aa0634d79f28907.cloudfront.net (CloudFront)
last-modified: Thu, 05 Apr 2018 16:05:57 GMT
server: AmazonS3
age: 176454
etag: "23eefadbd16dad88db849d03a9b003b7"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: WAW50-C1
accept-ranges: bytes
content-length: 427
x-amz-cf-id: -TAH3UdC3Q6xXNx2OzG1HBO2DsMflr7OgRP5adfEXsA3S9T7IHJUEg==

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
api-iam.intercom.io
cdn.cookielaw.org
connect.facebook.net
js.intercomcdn.com
lltrck.com
px.ads.linkedin.com
snap.licdn.com
static.ads-twitter.com
static.intercomassets.com
stats.g.doubleclick.net
t.co
tags.srv.stackadapt.com
track.leadlander.com
tracking.leadlander.com
unpkg.com
widget.intercom.io
www.appgate.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
104.244.42.131
104.244.42.133
199.232.52.157
2606:4700::6810:7daf
2606:4700::6810:9540
2620:1ec:21::14
2a00:1450:4001:818::2008
2a00:1450:4001:81a::2004
2a00:1450:4001:820::2003
2a00:1450:4001:824::200e
2a00:1450:400c:c00::9d
2a02:26f0:eb:386::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:f500:11:101::b93f:9005
3.220.33.83
50.19.203.144
52.205.8.225
52.44.242.176
54.192.229.43
54.192.229.74
65.9.96.39
99.83.219.81
0a6ee8a9c79697c47ea11d2942917e6054225d83880c09354de60ca6d1127242
0aebbe3c19408b68e84e6c5175d7000ad95ec1e43a2a056507841dbcf71f5381
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10ee062f48e0940906c058aecb8a44c7a02acfc5e35d0fc9a30981611ace0c75
1af3347561ed0676f114eeea475f30845d9a4cbbe584b090fa3e9569b3f05d55
256dee6f21d951c9a928931b8b1998ba7104d27e3468a80c266156c4c0571ef1
29296ccacaa9ed35ed168fc51e36f54fd6f8db9c7786bbf38cc59a27229ba5c2
2a23132025b4590c6b7a9007a47d9a6145e73afe3e2db988e8e75d3cb73a5897
2a840c46ac1b074b6504c2a7d7df6ee036e92813cd7fabe9f494dc92e70148cd
33594f7827e6a194749d8cf2c718ee0a14b2ef2d2a2c77d0a53c56d0b07bdd64
3878bc01fed86222528eaaad9dd98fac94e82c88e7d8bf6e5e3750db93f6caa3
38f9f561f70487d5b6a701758924bec83934f7db588fea654ab092e84b1af4d0
3d390a89315ed95b2b16e59143fb4f00cd7f58c617667d8f036b18527f20f20b
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
4291cf8670ad74e3f5e6418f4fb66962f1cb55481b1a1a81bf9f2f746b07d8da
430d4eb53b965efd9ea36e89fc6a964818acedc13b73632bf3f6c6f0a4db3848
460d3bb059b8eab933b4bc33bedb22c2138828208908451d8fd4cd6a75c96835
4620c7cc7faa4ded84a43c1c0a8623d2fa293fe1b821790911229aa02601f7c0
4db5836169f2f1fecef943071081074422d372aed3d8d21b57c2865d1892e7f2
57b63811b6019e075d7acd2f5f7d2628d0e5e4fa1cc6666848202334d4c6da63
5860771fcd971f0550e445042c677ee63ad53bd617e271ec7dd3fb0f8a5698d8
59b0bbf4d5fdd2a27bef073f20ec0c280e6edcdde137548c68ad4fc42455bd6d
5df7be00fc6004e7cb398488ad628bbea14bfa2865273c0742913ce148642add
62b57da949ac2de23bdebff31055d49412d34d9ce454da09e04fe88e6ca24de0
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86af905bc5bac7afc4100ab3e93978745f11893387c4f8a2a6557bbbcc0a3b9e
919e0a7826e19e86038d7d1bce3b3606171e026443dd83811972635e9039ed9d
96c5c56ac7f37aca317cb87f1feca56d2b91f9bf908f6716cdc9fcee6fe99a51
997c35517fd104ebaac85ffcfbea44cbbb4bc01390cb1a7554f429afbb5e8cb4
9a4f797cc141bbd16a3341cf3f4f482f0ecd00e14c206cbd2f77c5ca7bc9e704
9d0d33ff3cbe6054d46a549c75a09323fc711113b82fde575003df837cb9f4e0
a6e5ae66b2afad72863d15ea597cd1e35bebfec8aac4afd1b864bf9fb8d8d503
a89eff3892013214c69fba61e95f78271fceebaf466217a783f1f568eeef71cc
ab290b59590f376082b8e8faf5078f06691f7506e7cf9556700773be73d6ae4c
ac751543c7066413b763780bc32bec21f67dbdab42fa8f72d6d08bbc4dbd596a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
b1175e87b32895358e3fdd4537578d996103606694a571d9d7b4ab38ef3a37ff
b7ac6a684602051d35cf938b6c52d37af2e964813ae685f4605a8d4ace290815
cec0275d8b6aa5551d8a01357d217cc2ba430d70f2376e1bf2a3c47c0cd6c12e
d139c3756ba4ea4e4672c12645de4977faa9ba7e0d550931d2086338fd72dfe9
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
ddffc1fb5857d5643c0113e624d013e677a00538184616877dbce212abbbfc41
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e767ae101e0f675e800b3c78bcce8b95658524a3b1df6d9d3f1931f41e31f09a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093
f2115d67889ef9ee779fd47c169d0057c076767844771a2eb6fe918f09760e61
f397d084483921114e6b35cd8f908f1566503eb3fefb00eedd5f35890916d9b2
fdae1f48c41084045a30ed7916575be401f59542c79b62ae5c4407de8eb27cfa

www.appgate.com Open in urlscan Pro 50.19.203.144 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

60 Requests

100 %HTTPS

52 %IPv6

21 Domains

24 Subdomains

22 IPs

5 Countries

1025 kBTransfer

3421 kBSize

0 Cookies

8 Outgoing links

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.appgate.com Open in urlscan Pro
50.19.203.144 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

100 %
HTTPS

52 %
IPv6

21
Domains

24
Subdomains

22
IPs

5
Countries

1025 kB
Transfer

3421 kB
Size

0
Cookies

60 HTTP transactions
3 data transactions