Submitted URL: http://cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Effective URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Submission: On December 03 via api from DE — Scanned from JP

Summary

This website contacted 25 IPs in 7 countries across 16 domains to perform 123 HTTP transactions. The main IP is 2606:4700:10::ac43:18d6, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.cyfirma.com.
TLS certificate: Issued by WE1 on October 7th 2024. Valid for: 3 months.
This is the only time www.cyfirma.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 176.32.65.193 16509 (AMAZON-02)
86 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 104.18.95.41 13335 (CLOUDFLAR...)
1 18.65.207.72 16509 (AMAZON-02)
3 2a04:4e42::485 54113 (FASTLY)
1 104.17.25.14 13335 (CLOUDFLAR...)
3 2404:6800:400... 15169 (GOOGLE)
1 142.250.198.4 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
3 172.217.175.99 15169 (GOOGLE)
1 142.251.222.35 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
2 142.250.196.136 15169 (GOOGLE)
2 2600:140b:a00... 20940 (AKAMAI-AS...)
2 2620:1ec:bdf::46 8075 (MICROSOFT...)
3 5 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 2606:4700:440... 13335 (CLOUDFLAR...)
1 13.107.42.14 8068 (MICROSOFT...)
1 172.217.175.46 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 142.250.198.3 15169 (GOOGLE)
2 4.153.72.49 8075 (MICROSOFT...)
1 2a01:4f8:1c17... 24940 (HETZNER-A...)
1 2 52.231.230.148 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
123 25
Apex Domain
Subdomains
Transfer
87 cyfirma.com
cyfirma.com
www.cyfirma.com
4 MB
7 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 333
www.linkedin.com — Cisco Umbrella Rank: 676
px4.ads.linkedin.com — Cisco Umbrella Rank: 7032
4 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 625
i.clarity.ms — Cisco Umbrella Rank: 8052
c.clarity.ms — Cisco Umbrella Rank: 1269
30 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
525 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
22 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
242 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
35 KB
3 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3147
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
35 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
td.doubleclick.net — Cisco Umbrella Rank: 182
545 B
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 831
16 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
analytics.google.com — Cisco Umbrella Rank: 142
996 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 205
772 B
1 cleantalk.org
moderate4.cleantalk.org — Cisco Umbrella Rank: 740666
265 B
1 google.co.jp
www.google.co.jp — Cisco Umbrella Rank: 25693
63 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
960 B
1 fw-cdn.com
in.fw-cdn.com — Cisco Umbrella Rank: 175424
96 KB
123 16
Domain Requested by
86 www.cyfirma.com www.cyfirma.com
5 px.ads.linkedin.com 3 redirects snap.licdn.com
5 www.googletagmanager.com www.cyfirma.com
www.googletagmanager.com
www.google-analytics.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 fonts.gstatic.com fonts.googleapis.com
3 cdn.jsdelivr.net www.cyfirma.com
2 c.clarity.ms 1 redirects
2 i.clarity.ms www.clarity.ms
2 www.clarity.ms www.cyfirma.com
www.clarity.ms
2 snap.licdn.com www.googletagmanager.com
snap.licdn.com
2 challenges.cloudflare.com 1 redirects www.cyfirma.com
1 c.bing.com 1 redirects
1 moderate4.cleantalk.org www.cyfirma.com
1 www.google.co.jp www.cyfirma.com
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 px4.ads.linkedin.com www.cyfirma.com
1 www.linkedin.com 1 redirects
1 www.gstatic.com www.google.com
1 fonts.googleapis.com www.cyfirma.com
1 www.google.com www.cyfirma.com
1 cdnjs.cloudflare.com www.cyfirma.com
1 in.fw-cdn.com www.cyfirma.com
1 cyfirma.com 1 redirects
123 25

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
Subject Issuer Validity Valid
www.cyfirma.com
WE1
2024-10-07 -
2025-01-05
3 months crt.sh
*.fw-cdn.com
Amazon RSA 2048 M03
2024-11-23 -
2025-12-21
a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3
2024-07-30 -
2025-08-31
a year crt.sh
cdnjs.cloudflare.com
WE1
2024-11-26 -
2025-02-24
3 months crt.sh
*.google-analytics.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.gstatic.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2024-12-02 -
2025-12-01
a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2024-09-04 -
2025-09-04
a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2024-10-14 -
2025-04-14
6 months crt.sh
*.g.doubleclick.net
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.doubleclick.net
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.google.co.jp
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08
2024-06-23 -
2025-06-18
a year crt.sh
*.cleantalk.org
Sectigo RSA Domain Validation Secure Server CA
2024-09-12 -
2025-09-24
a year crt.sh

This page contains 2 frames:

Primary Page: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Frame ID: CE2BE88F7D53C7F9F542B03C5C55C35C
Requests: 121 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-KBLXRB4PTX&gacid=25288213.1733234749&gtm=45je4bk0v897044746z8852032066za200zb852032066&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=494461983
Frame ID: F090128FF888CA660D446DCF31680393
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

ELPACO-team Ransomware: A New Variant of the MIMIC Ransomware Family - CYFIRMA

Page URL History Show full URLs

  1. http://cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/ HTTP 307
    https://cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/ HTTP 301
    https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /particles(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

123
Requests

97 %
HTTPS

52 %
IPv6

16
Domains

25
Subdomains

25
IPs

7
Countries

4872 kB
Transfer

7805 kB
Size

29
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/ HTTP 307
    https://cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/ HTTP 301
    https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/a6e12e96a2d5/api.js
Request Chain 108
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4091476&time=1733234749390&li_adsId=b57bb092-876d-4082-8f31-d2970ecbc299&url=https%3A%2F%2Fwww.cyfirma.com%2Fresearch%2Felpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4091476&time=1733234749390&li_adsId=b57bb092-876d-4082-8f31-d2970ecbc299&url=https%3A%2F%2Fwww.cyfirma.com%2Fresearch%2Felpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4091476%26time%3D1733234749390%26li_adsId%3Db57bb092-876d-4082-8f31-d2970ecbc299%26url%3Dhttps%253A%252F%252Fwww.cyfirma.com%252Fresearch%252Felpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4091476&time=1733234749390&li_adsId=b57bb092-876d-4082-8f31-d2970ecbc299&url=https%3A%2F%2Fwww.cyfirma.com%2Fresearch%2Felpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family%2F&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4091476&time=1733234749390&li_adsId=b57bb092-876d-4082-8f31-d2970ecbc299&url=https%3A%2F%2Fwww.cyfirma.com%2Fresearch%2Felpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family%2F&cookiesTest=true&liSync=true&e_ipv6=AQKX578z-kxxuQAAAZOM13KkTI_PNYg_N5EnREavhsIUTvbnOlZMR3Fve2ej4WLdqt2F6g
Request Chain 119
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=5200B4FB94854F01B48C1420DF0AE01B&RedC=c.clarity.ms&MXFR=31BBE9A8FB9C62BF0367FCE2FF9C6C0B HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5200B4FB94854F01B48C1420DF0AE01B&MUID=2F8A48DD29C964EB2B985D97283B6563

123 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Redirect Chain
  • http://cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
  • https://cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
  • https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
136 KB
41 KB
Document
General
Full URL
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9975cafc79e8fdeba2b64d5b8adc230ab7e936380248df1f84cc0b738844bbe
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://www.cyfirma.com/
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8ec41d13196c7344-NRT
content-encoding
br
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
content-type
text/html; charset=UTF-8
date
Tue, 03 Dec 2024 14:05:48 GMT
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://www.cyfirma.com/wp-json/>; rel="https://api.w.org/" <https://www.cyfirma.com/wp-json/wp/v2/out-of-band/35631>; rel="alternate"; type="application/json" <https://www.cyfirma.com/?p=35631>; rel=shortlink
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

content-length
134
content-type
text/html
date
Tue, 03 Dec 2024 14:05:47 GMT
location
https://www.cyfirma.com:443/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
server
awselb/2.0
api.js
challenges.cloudflare.com/turnstile/v0/b/a6e12e96a2d5/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js
  • https://challenges.cloudflare.com/turnstile/v0/b/a6e12e96a2d5/api.js
47 KB
16 KB
Script
General
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/a6e12e96a2d5/api.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H3
Server
104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c61e2e1347b9aca3d8f0c9725490470651a1f6c02841ff71f90305ea391ca6d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/

Response headers

cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8ec41d1bef4cd766-NRT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 21 Nov 2024 17:58:42 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
location
/turnstile/v0/b/a6e12e96a2d5/api.js
cross-origin-resource-policy
cross-origin
cf-ray
8ec41d1bcf18d766-NRT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 03 Dec 2024 14:05:48 GMT
vary
Accept-Encoding
server
cloudflare
970201.js
in.fw-cdn.com/31855454/
353 KB
96 KB
Script
General
Full URL
https://in.fw-cdn.com/31855454/970201.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.207.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-207-72.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0d6cbfad423f414457e84247076eaeea86b8272c22ac17ffac2bc9456cf6bdd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/

Response headers

vary
accept-encoding, Origin
cache-control
max-age=120
content-encoding
br
x-amz-version-id
QMPtZwGwOQ6UmruY2iNVtyStDwkBquXG
etag
W/"aa59d3c45a045910d82fc8e43be99664"
age
112
via
1.1 f4001dc39ba666b4723dc72f2c6a9d40.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
aOcIjXxphu0evSc8rBT8bdui9D0TonyGOsgadqF8T__doYfyRF7fNw==
date
Tue, 03 Dec 2024 14:03:56 GMT
content-type
text/javascript; charset=utf-8
last-modified
Sat, 15 Jun 2024 05:17:48 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P3
x-amz-server-side-encryption
AES256
style.min.css
www.cyfirma.com/my_includes/css/dist/block-library/
108 KB
14 KB
Stylesheet
General
Full URL
https://www.cyfirma.com/my_includes/css/dist/block-library/style.min.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"1ae43-610b7775e6b00-gzip"
age
7110
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
text/css
last-modified
Tue, 06 Feb 2024 14:33:48 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1bca017344-NRT
accept-ranges
bytes
content-length
14501
x-xss-protection
1; mode=block
server
cloudflare
styles.css
www.cyfirma.com/apps/contact-form-7/includes/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://www.cyfirma.com/apps/contact-form-7/includes/css/styles.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"b4e-610b79c9f2940-gzip"
age
7110
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
text/css
last-modified
Tue, 06 Feb 2024 14:44:13 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1bca037344-NRT
accept-ranges
bytes
content-length
1015
x-xss-protection
1; mode=block
server
cloudflare
wpcf7-redirect-frontend.min.css
www.cyfirma.com/apps/wpcf7-redirect/build/css/
316 B
233 B
Stylesheet
General
Full URL
https://www.cyfirma.com/apps/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c0647c53dde19cd56b2dfd0626db41f3db20c92984e1e6a4d469c19e4823adf
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"13c-610b733b7b140-gzip"
age
7110
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
text/css
last-modified
Tue, 06 Feb 2024 14:14:53 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1bca057344-NRT
accept-ranges
bytes
content-length
124
x-xss-protection
1; mode=block
server
cloudflare
cleantalk-public.min.css
www.cyfirma.com/apps/cleantalk-spam-protect/css/
2 KB
878 B
Stylesheet
General
Full URL
https://www.cyfirma.com/apps/cleantalk-spam-protect/css/cleantalk-public.min.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f2c1f098f7a28dbab913d292da562c06b45d6495ec9a60e6cbc6b99564ef5e4
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"876-61295c58c5780-gzip"
age
7110
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
text/css
last-modified
Fri, 01 Mar 2024 09:12:14 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1bca067344-NRT
accept-ranges
bytes
content-length
768
x-xss-protection
1; mode=block
server
cloudflare
cf7msm.css
www.cyfirma.com/apps/contact-form-7-multi-step-module/resources/
99 B
215 B
Stylesheet
General
Full URL
https://www.cyfirma.com/apps/contact-form-7-multi-step-module/resources/cf7msm.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
503f9aa8675e396e6feec3369148a12f5c863c5068d573e72a3f2f4d217ac0d3
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"63-610b72be8ca80-gzip"
age
7110
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
text/css
last-modified
Tue, 06 Feb 2024 14:12:42 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1bca097344-NRT
accept-ranges
bytes
content-length
107
x-xss-protection
1; mode=block
server
cloudflare
style.min.css
www.cyfirma.com/apps/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/
2 KB
708 B
Stylesheet
General
Full URL
https://www.cyfirma.com/apps/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/style.min.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aeb9107928bb523947c28e17358efb50a07b942e15ed0a72259a5794ea2ca96
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"6b4-610b6dbdc3cc0-gzip"
age
7110
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
text/css
last-modified
Tue, 06 Feb 2024 13:50:19 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1bca0a7344-NRT
accept-ranges
bytes
content-length
535
x-xss-protection
1; mode=block
server
cloudflare
uacf7-frontend.css
www.cyfirma.com/apps/ultimate-addons-for-contact-form-7/assets/css/
72 B
200 B
Stylesheet
General
Full URL
https://www.cyfirma.com/apps/ultimate-addons-for-contact-form-7/assets/css/uacf7-frontend.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb159f0e64f868842c4076aa1bad566f788936364cd8766e60e63c61f7b5d88e
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"48-61295c6ccc6c0-gzip"
age
7110
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
text/css
last-modified
Fri, 01 Mar 2024 09:12:35 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1bca0c7344-NRT
accept-ranges
bytes
content-length
92
x-xss-protection
1; mode=block
server
cloudflare
font-awesome.min.css
cdn.jsdelivr.net/npm/font-awesome@4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/font-awesome@4.7.0/css/font-awesome.min.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"7918-USx9eQM+MCipvmG1QM8aaHDIlvg"
age
2865522
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-etou8220042-FRA, cache-nrt-rjtf7700041-NRT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
6643
x-jsd-version
4.7.0
all.min.css
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5.15.4/css/
58 KB
13 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5.15.4/css/all.min.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"e7a9-pX7mjRFgGw/Y5QN/wkH/ZadURzw"
age
3650444
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-eddf8230072-FRA, cache-nrt-rjtf7700041-NRT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
13056
x-jsd-version
5.15.4
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/
99 KB
19 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.min.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01b035efb5dfa529c512f82962ed633328222da6f33c224244806d4798c67349
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"630e6e62-4900"
age
382205
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=st5FVNck9Xum71xScOzRPqao1cmQZn6fCUCO%2FDKbT2B6DLiUVdKjOdoXSaVhr3rxvaM%2BmrGvLoXa2KKaRUAb3Y33y%2BnCA8d7yrWK24s1a1Ap2MNqoea3jB5k4EuJa7GJzbPTK8lR"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 23 Nov 2025 14:05:48 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 30 Aug 2022 20:09:06 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8ec41d1bcd618a8c-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
18688
server
cloudflare
remixicon.css
cdn.jsdelivr.net/npm/remixicon@3.2.0/fonts/
117 KB
15 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/remixicon@3.2.0/fonts/remixicon.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f317ff168377c5b94d740f17e27e8859d4f89abd2ff2416c0041684adcfa1004
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"1d55c-0a0+Yx2s2C7k3XacPCH2+Iflc94"
age
2590411
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-eddf8230069-FRA, cache-nrt-rjtf7700041-NRT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
15081
x-jsd-version
3.2.0
skin.css
www.cyfirma.com/template/
0
88 B
Stylesheet
General
Full URL
https://www.cyfirma.com/template/skin.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

cf-cache-status
HIT
etag
"0-5e56a3f9b7500"
age
726
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
text/css
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1bca0d7344-NRT
accept-ranges
bytes
content-length
0
x-xss-protection
1; mode=block
server
cloudflare
blocks.css
www.cyfirma.com/template/assets/css/
8 KB
2 KB
Stylesheet
General
Full URL
https://www.cyfirma.com/template/assets/css/blocks.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
738d4cf265345f71cce17d9a69eb8f20df5de1fa2a6e5be1c6ca76824cf8745a
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"1e35-5e56a3f9b7500-gzip"
age
7110
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
text/css
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1bca0f7344-NRT
accept-ranges
bytes
content-length
1447
x-xss-protection
1; mode=block
server
cloudflare
bootstrap.min.css
www.cyfirma.com/template/assets/css/
156 KB
23 KB
Stylesheet
General
Full URL
https://www.cyfirma.com/template/assets/css/bootstrap.min.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b23a5e62bb16bd36bfa1555d3f741821201496ac4b6d2cc974549568adadec88
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"26eee-5e56a3f9b7500-gzip"
age
7110
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
text/css
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1bca107344-NRT
accept-ranges
bytes
content-length
23649
x-xss-protection
1; mode=block
server
cloudflare
fontawesome.min.css
www.cyfirma.com/template/assets/css/
55 KB
12 KB
Stylesheet
General
Full URL
https://www.cyfirma.com/template/assets/css/fontawesome.min.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
425a515894a7215256e54706cc640acbb4fb34fd17eb29b374846d8b106e6f8e
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"da62-5e56a3f9b7500-gzip"
age
7110
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
text/css
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1bca117344-NRT
accept-ranges
bytes
content-length
12157
x-xss-protection
1; mode=block
server
cloudflare
all.css
www.cyfirma.com/template/assets/css/
77 KB
16 KB
Stylesheet
General
Full URL
https://www.cyfirma.com/template/assets/css/all.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4948aa9fd1875b6f894bf7ac085914baf38bc27d8b0699864a849c7b7f233ca7
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"135ba-5e56a3f9b7500-gzip"
age
7110
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
text/css
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1bca127344-NRT
accept-ranges
bytes
content-length
16190
x-xss-protection
1; mode=block
server
cloudflare
jquery.fancybox.css
www.cyfirma.com/template/assets/css/
14 KB
3 KB
Stylesheet
General
Full URL
https://www.cyfirma.com/template/assets/css/jquery.fancybox.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cf8b2588497dcd12fa96a75731c6ec327491f8d55f18da0af72b70afa6713af
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"382f-5e56a3f9b7500-gzip"
age
7110
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
text/css
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1bda147344-NRT
accept-ranges
bytes
content-length
3486
x-xss-protection
1; mode=block
server
cloudflare
slick.css
www.cyfirma.com/template/assets/css/
1 KB
577 B
Stylesheet
General
Full URL
https://www.cyfirma.com/template/assets/css/slick.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c1f806310322c848c4c996ca568a03b3b16cf9487cbccf09aef3cf17e2c643d
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"534-5e56a3f9b7500-gzip"
age
7110
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
text/css
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1bda167344-NRT
accept-ranges
bytes
content-length
490
x-xss-protection
1; mode=block
server
cloudflare
jquery.mCustomScrollbar.css
www.cyfirma.com/template/assets/css/
42 KB
4 KB
Stylesheet
General
Full URL
https://www.cyfirma.com/template/assets/css/jquery.mCustomScrollbar.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40790d44e3deecffafb17b8cdd23a754eabb0faee9c6dfeb3a3b7b17c2fbaa6a
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"a8a2-5e56a3f9b7500-gzip"
age
7110
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
text/css
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1bda177344-NRT
accept-ranges
bytes
content-length
3989
x-xss-protection
1; mode=block
server
cloudflare
custom-style.css
www.cyfirma.com/template/assets/css/
92 KB
16 KB
Stylesheet
General
Full URL
https://www.cyfirma.com/template/assets/css/custom-style.css?v=11.73
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c40ab757e586668e665046ee7b65fadb360379607677de549111d1eb412096fd
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"171f5-61593c0a9e740-gzip"
age
7110
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
text/css
last-modified
Mon, 08 Apr 2024 11:03:17 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1bda1b7344-NRT
accept-ranges
bytes
content-length
15874
x-xss-protection
1; mode=block
server
cloudflare
new-custom-style.css
www.cyfirma.com/template/assets/css/
257 B
254 B
Stylesheet
General
Full URL
https://www.cyfirma.com/template/assets/css/new-custom-style.css
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8e5aea71b92d5bc2e05586277048d2b3b558e75aa7df216a28e4b77bceecc8d
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"101-5e7ed8a4b2840-gzip"
age
7110
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
text/css
last-modified
Mon, 05 Sep 2022 12:51:37 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1bda1c7344-NRT
accept-ranges
bytes
content-length
145
x-xss-protection
1; mode=block
server
cloudflare
responsive.css
www.cyfirma.com/template/assets/css/
37 KB
8 KB
Stylesheet
General
Full URL
https://www.cyfirma.com/template/assets/css/responsive.css?v=12.14
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
734eb66ec42044d294644d6e06b73eb7723ec74db2f6dd89c5bc98f0775695cf
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"93da-612e6cc157400-gzip"
age
7110
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
text/css
last-modified
Tue, 05 Mar 2024 09:52:16 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1bda1d7344-NRT
accept-ranges
bytes
content-length
7610
x-xss-protection
1; mode=block
server
cloudflare
jquery.min.js
www.cyfirma.com/template/assets/js/
87 KB
30 KB
Script
General
Full URL
https://www.cyfirma.com/template/assets/js/jquery.min.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"15d84-5e56a3f9b7500-gzip"
age
7110
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
application/javascript
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1bda1e7344-NRT
accept-ranges
bytes
content-length
30910
x-xss-protection
1; mode=block
server
cloudflare
devtools-detect.js
www.cyfirma.com/apps/wp-hide-security-enhancer/assets/js/
1 KB
646 B
Script
General
Full URL
https://www.cyfirma.com/apps/wp-hide-security-enhancer/assets/js/devtools-detect.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aa4c3d21c2a86169948b5acc1bf4a8589bd4898c5bca6f46a20ae8727b30179
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"59f-610b7385de0c0-gzip"
age
7110
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
application/javascript
last-modified
Tue, 06 Feb 2024 14:16:11 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1bda1f7344-NRT
accept-ranges
bytes
content-length
536
x-xss-protection
1; mode=block
server
cloudflare
apbct-public-bundle.min.js
www.cyfirma.com/apps/cleantalk-spam-protect/js/
68 KB
17 KB
Script
General
Full URL
https://www.cyfirma.com/apps/cleantalk-spam-protect/js/apbct-public-bundle.min.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b70afed08e44bc1907904f7e27c6bdd98b8808d18295b603fa173aecbf3a6964
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"1107a-61295c58c5780-gzip"
age
7110
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
application/javascript
last-modified
Fri, 01 Mar 2024 09:12:14 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1bda207344-NRT
accept-ranges
bytes
content-length
17668
x-xss-protection
1; mode=block
server
cloudflare
script.min.js
www.cyfirma.com/apps/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/
409 B
767 B
Script
General
Full URL
https://www.cyfirma.com/apps/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/script.min.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7bb442b06bfb13ecfee3c3ec2b6b19440a33e080ca9378f8d6f161281bd01ed
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"199-610b6dbdc3cc0-gzip"
age
7110
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
application/javascript
last-modified
Tue, 06 Feb 2024 13:50:19 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1bda227344-NRT
accept-ranges
bytes
content-length
274
x-xss-protection
1; mode=block
server
cloudflare
js
www.googletagmanager.com/gtag/
223 KB
80 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-80179732-4
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
447a666f538d391a24c9d83e9778f600b08fa82527438e7b8420f93811783aa2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 03 Dec 2024 14:05:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 03 Dec 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
81400
x-xss-protection
0
server
Google Tag Manager
CyfirmaLogoWhite.svg
www.cyfirma.com/media/2022/08/
18 KB
7 KB
Image
General
Full URL
https://www.cyfirma.com/media/2022/08/CyfirmaLogoWhite.svg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07ce60e24df059952c6c4f6a82cdb94603280a563a2c2e467f71dc712d0892a7
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"465e-5e5b3d02bee80"
age
7110
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
image/svg+xml
last-modified
Mon, 08 Aug 2022 05:08:58 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1bda237344-NRT
x-xss-protection
1; mode=block
server
cloudflare
selfassessment.png
www.cyfirma.com/media/2024/03/
2 KB
2 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/03/selfassessment.png
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f0bf6c7c4247fa5a2100058e45c6fe238c225fd1b73233a7dc30281c521926c
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

cf-cache-status
HIT
etag
"6a4-613c359382490"
age
7110
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
image/png
last-modified
Sat, 16 Mar 2024 08:59:56 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1bda247344-NRT
accept-ranges
bytes
content-length
1700
x-xss-protection
1; mode=block
server
cloudflare
en.png
www.cyfirma.com/media/flags/
1012 B
1 KB
Image
General
Full URL
https://www.cyfirma.com/media/flags/en.png
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b82368a28809e066c7a394775e69bc6ce1ca857317222b8b0ea4ffe53ae5b5f3
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

cf-cache-status
HIT
etag
"3f4-5e952de8e2180"
age
7110
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/png
last-modified
Fri, 23 Sep 2022 07:10:14 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfb6d7344-NRT
accept-ranges
bytes
content-length
1012
x-xss-protection
1; mode=block
server
cloudflare
elpaco19-fe.jpg
www.cyfirma.com/media/2024/11/
406 KB
407 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/11/elpaco19-fe.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a8fd0a7da56b75d76f8b708b040a9fbf9f5050b7e42d303989f7d57f6a5c36c
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

cf-bgj
h2pri
etag
"65997-62743e3ee99c8"
age
3032
cf-cache-status
HIT
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
image/jpeg
last-modified
Tue, 19 Nov 2024 13:20:00 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1c1a647344-NRT
accept-ranges
bytes
content-length
416151
x-xss-protection
1; mode=block
server
cloudflare
elpaco19-1.jpg
www.cyfirma.com/media/2024/11/
67 KB
68 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/11/elpaco19-1.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ce1aed4aaf6ba85baeb99d0541d9987f0f430b4397ee3feef778b90e588420f
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

cf-bgj
h2pri
etag
"10d4c-62743e3c52480"
age
725
cf-cache-status
HIT
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
image/jpeg
last-modified
Tue, 19 Nov 2024 13:19:57 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1c3a7c7344-NRT
accept-ranges
bytes
content-length
68940
x-xss-protection
1; mode=block
server
cloudflare
elpaco19-2.jpg
www.cyfirma.com/media/2024/11/
43 KB
43 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/11/elpaco19-2.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7a34d55ad4b1fb9a4cc7392361d29186993fdbea01844081b5741f8ab507d0e
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

cf-bgj
h2pri
etag
"aa64-62743e3adf6e8"
age
726
cf-cache-status
HIT
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/jpeg
last-modified
Tue, 19 Nov 2024 13:19:56 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfb737344-NRT
accept-ranges
bytes
content-length
43620
x-xss-protection
1; mode=block
server
cloudflare
elpaco19-3.jpg
www.cyfirma.com/media/2024/11/
61 KB
62 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/11/elpaco19-3.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1686542a8edf7b12c822b2146fc0bbb84416b17eaca874b57755e870b721dc12
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

cf-bgj
h2pri
etag
"f5b8-62743e38db130"
age
725
cf-cache-status
HIT
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/jpeg
last-modified
Tue, 19 Nov 2024 13:19:54 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfb7b7344-NRT
accept-ranges
bytes
content-length
62904
x-xss-protection
1; mode=block
server
cloudflare
elpaco19-4.jpg
www.cyfirma.com/media/2024/11/
128 KB
128 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/11/elpaco19-4.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5302e4e90d5b1d7c013385eb633c4e85277d2f6bf0560ed191bc997d83fee991
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

cf-bgj
h2pri
etag
"1ffff-62743e36f7300"
age
726
cf-cache-status
HIT
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/jpeg
last-modified
Tue, 19 Nov 2024 13:19:52 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfb7c7344-NRT
accept-ranges
bytes
content-length
131071
x-xss-protection
1; mode=block
server
cloudflare
elpaco19-5.jpg
www.cyfirma.com/media/2024/11/
20 KB
20 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/11/elpaco19-5.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d9eb3021ed5c95cdf912f53f58fa91721034f503a2eebdd3690ba90a5de7f2a
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

cf-bgj
h2pri
etag
"50fc-62743e34f7780"
age
725
cf-cache-status
HIT
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/jpeg
last-modified
Tue, 19 Nov 2024 13:19:50 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfb7e7344-NRT
accept-ranges
bytes
content-length
20732
x-xss-protection
1; mode=block
server
cloudflare
elpaco19-6.jpg
www.cyfirma.com/media/2024/11/
43 KB
43 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/11/elpaco19-6.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd3f2e687c390ee80bca8007544b44ba12a4e801283822a0d838a1fb977c34af
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

cf-bgj
h2pri
etag
"aa1e-62743e336ea58"
age
726
cf-cache-status
HIT
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/jpeg
last-modified
Tue, 19 Nov 2024 13:19:48 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfb807344-NRT
accept-ranges
bytes
content-length
43550
x-xss-protection
1; mode=block
server
cloudflare
elpaco19-7.jpg
www.cyfirma.com/media/2024/11/
75 KB
75 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/11/elpaco19-7.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7423eea2fb126f7a09e7986d7baf0c301cda79f45dc56aacfd47c87fb4afafa6
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

cf-bgj
h2pri
etag
"12b13-62743e31aa410"
age
726
cf-cache-status
HIT
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/jpeg
last-modified
Tue, 19 Nov 2024 13:19:46 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfb817344-NRT
accept-ranges
bytes
content-length
76563
x-xss-protection
1; mode=block
server
cloudflare
elpaco19-8.jpg
www.cyfirma.com/media/2024/11/
34 KB
34 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/11/elpaco19-8.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94d8a7230291f9bcc40773e1423f1185a8073fb2cc368e882c75bf5f2f8772ba
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

cf-bgj
h2pri
etag
"8734-62743e2fb5c40"
age
726
cf-cache-status
HIT
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/jpeg
last-modified
Tue, 19 Nov 2024 13:19:44 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfb827344-NRT
accept-ranges
bytes
content-length
34612
x-xss-protection
1; mode=block
server
cloudflare
elpaco19-9.jpg
www.cyfirma.com/media/2024/11/
183 KB
183 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/11/elpaco19-9.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a17aa2e50d151709bd4e00ac39e129c4fbd56b4946a7af1b91384608500ad894
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

cf-bgj
h2pri
etag
"2dc26-62743e2df2d68"
age
725
cf-cache-status
HIT
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/jpeg
last-modified
Tue, 19 Nov 2024 13:19:42 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfb847344-NRT
accept-ranges
bytes
content-length
187430
x-xss-protection
1; mode=block
server
cloudflare
elpaco19-10.jpg
www.cyfirma.com/media/2024/11/
29 KB
29 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/11/elpaco19-10.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
011a5d93bd41409d46cc89f925848015f6f9858551814e0079bcc8c40f1fb77b
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

cf-bgj
h2pri
etag
"7567-62743e2a4eb58"
age
726
cf-cache-status
HIT
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/jpeg
last-modified
Tue, 19 Nov 2024 13:19:39 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfb867344-NRT
accept-ranges
bytes
content-length
30055
x-xss-protection
1; mode=block
server
cloudflare
elpaco19-11.jpg
www.cyfirma.com/media/2024/11/
175 KB
176 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/11/elpaco19-11.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdac42bc339e6f8fcb3c162ed84bdd34118e4d18c5e39c22a5817995400030d8
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

cf-bgj
h2pri
etag
"2bd21-62743e28a23e0"
age
725
cf-cache-status
HIT
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/jpeg
last-modified
Tue, 19 Nov 2024 13:19:37 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfb887344-NRT
accept-ranges
bytes
content-length
179489
x-xss-protection
1; mode=block
server
cloudflare
elpaco19-12.jpg
www.cyfirma.com/media/2024/11/
214 KB
215 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/11/elpaco19-12.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b12525627b4ec6b889dfe8cd7f2a756369a339b2aee7948437881e2b50af3a75
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

cf-bgj
h2pri
etag
"359b3-62743e26bed80"
age
726
cf-cache-status
HIT
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/jpeg
last-modified
Tue, 19 Nov 2024 13:19:35 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfb897344-NRT
accept-ranges
bytes
content-length
219571
x-xss-protection
1; mode=block
server
cloudflare
elpaco19-13.jpg
www.cyfirma.com/media/2024/11/
188 KB
189 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/11/elpaco19-13.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ea16b5ce41dcada4e192317633c254a323069fb30adf6180d6cb1b5eacf0257
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

cf-bgj
h2pri
etag
"2f0e4-62743e24c3468"
age
726
cf-cache-status
HIT
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/jpeg
last-modified
Tue, 19 Nov 2024 13:19:33 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfb8a7344-NRT
accept-ranges
bytes
content-length
192740
x-xss-protection
1; mode=block
server
cloudflare
elpaco19-14.jpg
www.cyfirma.com/media/2024/11/
154 KB
154 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/11/elpaco19-14.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70675dd518a9c9be09c59647002b6868a6ab1caff0d5f5d8adaab45a6ae803fe
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

cf-bgj
h2pri
etag
"26715-62743e22c6bb0"
age
726
cf-cache-status
HIT
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/jpeg
last-modified
Tue, 19 Nov 2024 13:19:31 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfb8d7344-NRT
accept-ranges
bytes
content-length
157461
x-xss-protection
1; mode=block
server
cloudflare
elpaco19-15.jpg
www.cyfirma.com/media/2024/11/
106 KB
106 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/11/elpaco19-15.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2524d3676536f34e5f5f01362fdc505d630530c29e6fe45fb1b97ca073e3c387
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

cf-bgj
h2pri
etag
"1a82c-62743e20aab10"
age
726
cf-cache-status
HIT
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/jpeg
last-modified
Tue, 19 Nov 2024 13:19:28 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfb8e7344-NRT
accept-ranges
bytes
content-length
108588
x-xss-protection
1; mode=block
server
cloudflare
elpaco19-16.jpg
www.cyfirma.com/media/2024/11/
237 KB
238 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/11/elpaco19-16.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
836beac43a701fb0ad1467f1cffcea990151c98897441a838bdd88f222dcfcf8
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

cf-bgj
h2pri
etag
"3b537-62743e1e2fae8"
age
726
cf-cache-status
HIT
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/jpeg
last-modified
Tue, 19 Nov 2024 13:19:26 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfb927344-NRT
accept-ranges
bytes
content-length
242999
x-xss-protection
1; mode=block
server
cloudflare
elpaco19-17.jpg
www.cyfirma.com/media/2024/11/
205 KB
206 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/11/elpaco19-17.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79ca25b1fc9f1e82df98a3d3ac9b79968d496224abacca5061bf97780c760045
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

cf-bgj
h2pri
etag
"335f3-62743e1c15988"
age
726
cf-cache-status
HIT
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/jpeg
last-modified
Tue, 19 Nov 2024 13:19:24 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfb957344-NRT
accept-ranges
bytes
content-length
210419
x-xss-protection
1; mode=block
server
cloudflare
elpaco19-18.jpg
www.cyfirma.com/media/2024/11/
38 KB
38 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/11/elpaco19-18.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee96feba388ee1ec20ecae6fd38e4700c10921b8a1c9585261a97c81a1daf4f1
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

cf-bgj
h2pri
etag
"9729-62743e19f98e8"
age
726
cf-cache-status
HIT
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/jpeg
last-modified
Tue, 19 Nov 2024 13:19:21 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfb987344-NRT
accept-ranges
bytes
content-length
38697
x-xss-protection
1; mode=block
server
cloudflare
elpaco19-19.jpg
www.cyfirma.com/media/2024/11/
86 KB
86 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/11/elpaco19-19.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
127ab3c246ae277cad68e9f9e649bbda81dd4bfbd45aaf4cbc1a8dfac59c5aea
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

cf-bgj
h2pri
etag
"15740-62743e18b1ad0"
age
726
cf-cache-status
HIT
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/jpeg
last-modified
Tue, 19 Nov 2024 13:19:20 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfb997344-NRT
accept-ranges
bytes
content-length
87872
x-xss-protection
1; mode=block
server
cloudflare
elpaco19-20.jpg
www.cyfirma.com/media/2024/11/
145 KB
145 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/11/elpaco19-20.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
033e57dfbfe326d530de582fa31aa8bebcfac4c113100ff7f002cc97906f67b4
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

cf-bgj
h2pri
etag
"2423a-62743e174b470"
age
726
cf-cache-status
HIT
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/jpeg
last-modified
Tue, 19 Nov 2024 13:19:19 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfb9a7344-NRT
accept-ranges
bytes
content-length
148026
x-xss-protection
1; mode=block
server
cloudflare
elpaco19-21.jpg
www.cyfirma.com/media/2024/11/
100 KB
100 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/11/elpaco19-21.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c733479b5df186906adef1d6370aa65bb743785265cad0a34416b45280ebb5e
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

cf-bgj
h2pri
etag
"18ee4-62743e15d6b80"
age
726
cf-cache-status
HIT
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/jpeg
last-modified
Tue, 19 Nov 2024 13:19:17 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfba17344-NRT
accept-ranges
bytes
content-length
102116
x-xss-protection
1; mode=block
server
cloudflare
elpaco19-22.jpg
www.cyfirma.com/media/2024/11/
190 KB
191 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/11/elpaco19-22.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2a0bae8353e77051ca4155f8aac9bae56c9ff6bbe75dfbd87fca5d54bb768dd
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

cf-bgj
h2pri
etag
"2f8b9-62743e13c6278"
age
726
cf-cache-status
HIT
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/jpeg
last-modified
Tue, 19 Nov 2024 13:19:15 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfba37344-NRT
accept-ranges
bytes
content-length
194745
x-xss-protection
1; mode=block
server
cloudflare
elpaco19-23.jpg
www.cyfirma.com/media/2024/11/
69 KB
69 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/11/elpaco19-23.jpg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b393b9848efbec8176f4a20889afce9eb6ee1d9c6bb01eb916e3d38e7cad525b
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

cf-bgj
h2pri
etag
"11259-62743e11b45e8"
age
726
cf-cache-status
HIT
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/jpeg
last-modified
Tue, 19 Nov 2024 13:19:13 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfba57344-NRT
accept-ranges
bytes
content-length
70233
x-xss-protection
1; mode=block
server
cloudflare
email-decode.min.js
www.cyfirma.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
808 B
Script
General
Full URL
https://www.cyfirma.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"6740aaeb-4d7"
x-content-type-options
nosniff
cf-ray
8ec41d1c8acd7344-NRT
expires
Thu, 05 Dec 2024 14:05:48 GMT
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
application/javascript
last-modified
Fri, 22 Nov 2024 16:01:47 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
DENY
linkedin-in.svg
www.cyfirma.com/media/2024/03/
692 B
555 B
Image
General
Full URL
https://www.cyfirma.com/media/2024/03/linkedin-in.svg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc3b59c278627cdb29d8975817ed927204ced9233e8776df01625d775637d226
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"2b4-6149f439e8de0"
age
7111
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/svg+xml
last-modified
Wed, 27 Mar 2024 07:22:07 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfba77344-NRT
x-xss-protection
1; mode=block
server
cloudflare
facebook-f.svg
www.cyfirma.com/media/2024/03/
563 B
473 B
Image
General
Full URL
https://www.cyfirma.com/media/2024/03/facebook-f.svg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a11f55caea154cdc5bb990fbc8cfcca5bacdde16cc1fb7bcd6d594576d65a812
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"233-6149f4381b710"
age
7111
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/svg+xml
last-modified
Wed, 27 Mar 2024 07:22:05 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfbaa7344-NRT
x-xss-protection
1; mode=block
server
cloudflare
x-twitter.svg
www.cyfirma.com/media/2024/03/
564 B
459 B
Image
General
Full URL
https://www.cyfirma.com/media/2024/03/x-twitter.svg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3eede500590266592b52e0bb9b9ce990674d3c692e6291f19fa2ed2973789cd
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"234-6149f435ee8e8"
age
7111
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/svg+xml
last-modified
Wed, 27 Mar 2024 07:22:02 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfbac7344-NRT
x-xss-protection
1; mode=block
server
cloudflare
Singapore.svg
www.cyfirma.com/media/2022/08/
2 KB
734 B
Image
General
Full URL
https://www.cyfirma.com/media/2022/08/Singapore.svg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c57362794ada29200eaf4fe57394ee81787ad537dc2bf73eae86954954b9beb3
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"637-5e6cec945ce80"
age
7111
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/svg+xml
last-modified
Mon, 22 Aug 2022 06:44:58 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfbad7344-NRT
x-xss-protection
1; mode=block
server
cloudflare
IN.svg
www.cyfirma.com/media/2022/08/
1 KB
1 KB
Image
General
Full URL
https://www.cyfirma.com/media/2022/08/IN.svg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2134b4b272bc464e6e24c4349d5ad4b2046234f8dc1291e8127e4c52d6c1723
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"566-5e6cec945ce80"
age
7111
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/svg+xml
last-modified
Mon, 22 Aug 2022 06:44:58 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfbae7344-NRT
x-xss-protection
1; mode=block
server
cloudflare
JP.svg
www.cyfirma.com/media/2022/08/
459 B
342 B
Image
General
Full URL
https://www.cyfirma.com/media/2022/08/JP.svg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4ca6310bab0846e407ba41ba9664c5a1e35ec39abaf980849ea7eb101416499
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"1cb-5e6cec945ce80"
age
7111
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/svg+xml
last-modified
Mon, 22 Aug 2022 06:44:58 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfbb07344-NRT
x-xss-protection
1; mode=block
server
cloudflare
US.svg
www.cyfirma.com/media/2022/08/
2 KB
999 B
Image
General
Full URL
https://www.cyfirma.com/media/2022/08/US.svg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84cc57d3cc87630aa3180ee548f38d33ea73969ff46765d7446e07df029abfd3
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"8be-5e6cec95510c0"
age
7111
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/svg+xml
last-modified
Mon, 22 Aug 2022 06:44:59 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfbb17344-NRT
x-xss-protection
1; mode=block
server
cloudflare
DE.svg
www.cyfirma.com/media/2022/08/
882 B
540 B
Image
General
Full URL
https://www.cyfirma.com/media/2022/08/DE.svg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5d082a8a8042007ac2f3b4e5e0eee1f0b24d8d5c1fbf304275ef72d87a11d07
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"372-5e6cec95510c0"
age
7111
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/svg+xml
last-modified
Mon, 22 Aug 2022 06:44:59 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfbb37344-NRT
x-xss-protection
1; mode=block
server
cloudflare
KR.svg
www.cyfirma.com/media/2024/03/
3 KB
1 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/03/KR.svg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
759975539752ee86c2b252c115886ddf8ec8b9eaefd05dfb858db0f8f4a042a5
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"b80-613c99c0290c0"
age
7111
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/svg+xml
last-modified
Sat, 16 Mar 2024 16:28:07 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfbb47344-NRT
x-xss-protection
1; mode=block
server
cloudflare
AU.svg
www.cyfirma.com/media/2024/03/
3 KB
2 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/03/AU.svg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b905e0fbcc7a6ad1c69672ccd6782c66b23f9393b79de7b58f24eb631cc1dccf
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"b3c-613c99b9c3d70"
age
7111
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/svg+xml
last-modified
Sat, 16 Mar 2024 16:28:00 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfbb67344-NRT
x-xss-protection
1; mode=block
server
cloudflare
TW.svg
www.cyfirma.com/media/2024/03/
1 KB
738 B
Image
General
Full URL
https://www.cyfirma.com/media/2024/03/TW.svg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b37d315dcea0fbeea45df259f6e857e674da51c9618efc9928b6cd5205189da
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"599-613c99bdda3a0"
age
7111
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/svg+xml
last-modified
Sat, 16 Mar 2024 16:28:04 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfbbb7344-NRT
x-xss-protection
1; mode=block
server
cloudflare
VN.svg
www.cyfirma.com/media/2024/03/
663 B
499 B
Image
General
Full URL
https://www.cyfirma.com/media/2024/03/VN.svg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dcab65b9993e052b1144e982a61f761add74cd404b717830a3449d7f2d4c522
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"297-613c99b857568"
age
7111
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/svg+xml
last-modified
Sat, 16 Mar 2024 16:27:58 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfbbe7344-NRT
x-xss-protection
1; mode=block
server
cloudflare
AE.svg
www.cyfirma.com/media/2024/03/
961 B
576 B
Image
General
Full URL
https://www.cyfirma.com/media/2024/03/AE.svg
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a98855ff9dd707b642bd4510039182325edbd4a1bf745eccde5a0a1d15b5b783
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"3c1-613c99bbfbf48"
age
7111
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/svg+xml
last-modified
Sat, 16 Mar 2024 16:28:02 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfbc07344-NRT
x-xss-protection
1; mode=block
server
cloudflare
iso-27001.png
www.cyfirma.com/media/2023/12/
51 KB
51 KB
Image
General
Full URL
https://www.cyfirma.com/media/2023/12/iso-27001.png
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86e08c2b8e9027640e44408d0840e35f8d3ea353352aeed3aa390f78ad96d23b
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

cf-cache-status
HIT
etag
"cad1-60d909f2bee20"
age
7111
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/png
last-modified
Thu, 28 Dec 2023 11:57:37 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfbc27344-NRT
accept-ranges
bytes
content-length
51921
x-xss-protection
1; mode=block
server
cloudflare
eugdpr.png
www.cyfirma.com/media/2024/02/
78 KB
78 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/02/eugdpr.png
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4e4572b48ee33a09c5296563555166ea2bedc103f79e046748d39ab86dc8591
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

cf-cache-status
HIT
etag
"13635-61049b2b42398"
age
7111
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/png
last-modified
Thu, 01 Feb 2024 03:36:17 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfbc57344-NRT
accept-ranges
bytes
content-length
79413
x-xss-protection
1; mode=block
server
cloudflare
iso4001-w.png
www.cyfirma.com/media/2024/02/
16 KB
16 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/02/iso4001-w.png
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
108def0528b188d78212d66957bd99f7bef9309a3e697f78c8a0255fa10fec87
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

cf-cache-status
HIT
etag
"3f17-6104a41a5a130"
age
7111
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/png
last-modified
Thu, 01 Feb 2024 04:16:15 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfbc77344-NRT
accept-ranges
bytes
content-length
16151
x-xss-protection
1; mode=block
server
cloudflare
AICPASOC.png
www.cyfirma.com/media/2024/05/
78 KB
78 KB
Image
General
Full URL
https://www.cyfirma.com/media/2024/05/AICPASOC.png
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a9166d49e739e0f1b735aa60f31faf2f7efd09b50101d9bac4a255ba17724ef
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

cf-cache-status
HIT
etag
"13683-6189df8a11bc0"
age
7111
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
image/png
last-modified
Fri, 17 May 2024 03:30:20 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfbc87344-NRT
accept-ranges
bytes
content-length
79491
x-xss-protection
1; mode=block
server
cloudflare
index.js
www.cyfirma.com/apps/contact-form-7/includes/swv/js/
11 KB
3 KB
Script
General
Full URL
https://www.cyfirma.com/apps/contact-form-7/includes/swv/js/index.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"2b6d-610b79c9f2940-gzip"
age
7110
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
application/javascript
last-modified
Tue, 06 Feb 2024 14:44:13 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1c9ad77344-NRT
accept-ranges
bytes
content-length
3212
x-xss-protection
1; mode=block
server
cloudflare
index.js
www.cyfirma.com/apps/contact-form-7/includes/js/
13 KB
5 KB
Script
General
Full URL
https://www.cyfirma.com/apps/contact-form-7/includes/js/index.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"337e-610b79c9f2940-gzip"
age
7110
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
application/javascript
last-modified
Tue, 06 Feb 2024 14:44:13 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1caae77344-NRT
accept-ranges
bytes
content-length
4191
x-xss-protection
1; mode=block
server
cloudflare
wpcf7r-fe.js
www.cyfirma.com/apps/wpcf7-redirect/build/js/
8 KB
2 KB
Script
General
Full URL
https://www.cyfirma.com/apps/wpcf7-redirect/build/js/wpcf7r-fe.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecac4fc801141ce552220be4bb12969e2ee625e2cf08cf0edbac579a279b28f1
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"1f8a-610b733b7b140-gzip"
age
7110
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
application/javascript
last-modified
Tue, 06 Feb 2024 14:14:53 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cdb397344-NRT
accept-ranges
bytes
content-length
1617
x-xss-protection
1; mode=block
server
cloudflare
cf7msm.min.js
www.cyfirma.com/apps/contact-form-7-multi-step-module/resources/
5 KB
2 KB
Script
General
Full URL
https://www.cyfirma.com/apps/contact-form-7-multi-step-module/resources/cf7msm.min.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cba79732c9d0e64aa7a033590990e73fe8bbf3da12e72a0376cd68aeda1acbfb
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"1457-610b72be8ca80-gzip"
age
7110
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
application/javascript
last-modified
Tue, 06 Feb 2024 14:12:42 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfb597344-NRT
accept-ranges
bytes
content-length
2020
x-xss-protection
1; mode=block
server
cloudflare
api.js
www.google.com/recaptcha/
1 KB
996 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.198.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f4.1e100.net
Software
ESF /
Resource Hash
97ffc4402ab8a539ef5c5ab17f8a5a1244a6ba09fa4988a9ccce7a83e5249bcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Tue, 03 Dec 2024 14:05:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Tue, 03 Dec 2024 14:05:49 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
particles.js
www.cyfirma.com/template/assets/js/
22 KB
6 KB
Script
General
Full URL
https://www.cyfirma.com/template/assets/js/particles.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b336cf8710d8097c7de836d5534ff7c803b00c260c9500a4cb4b95f1905230c1
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"591e-5e56a3f9b7500-gzip"
age
7111
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
application/javascript
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfb5c7344-NRT
accept-ranges
bytes
content-length
5721
x-xss-protection
1; mode=block
server
cloudflare
jquery.matchHeight-min.js
www.cyfirma.com/template/assets/js/
3 KB
1 KB
Script
General
Full URL
https://www.cyfirma.com/template/assets/js/jquery.matchHeight-min.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63ab9a2fb6fb65ca5debaa8686408bab41a073db2d5abcf0db248279d944ac51
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"d29-5e56a3f9b7500-gzip"
age
7110
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
application/javascript
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfb5d7344-NRT
accept-ranges
bytes
content-length
1372
x-xss-protection
1; mode=block
server
cloudflare
bootstrap.min.js
www.cyfirma.com/template/assets/js/
58 KB
15 KB
Script
General
Full URL
https://www.cyfirma.com/template/assets/js/bootstrap.min.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
974e81270e14d0829929fe7cf9e20bd0ad6c651a6c4203b6799740b970174a52
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"e6b4-5e56a3f9b7500-gzip"
age
7111
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
application/javascript
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfb5f7344-NRT
accept-ranges
bytes
content-length
15406
x-xss-protection
1; mode=block
server
cloudflare
jquery.custom-scroll.min.js
www.cyfirma.com/template/assets/js/
44 KB
13 KB
Script
General
Full URL
https://www.cyfirma.com/template/assets/js/jquery.custom-scroll.min.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd8027b53a97cbd5782e85c5908e563c39776703ff9279f50658e630927b4167
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"b1a7-5e56a3f9b7500-gzip"
age
7111
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
application/javascript
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfb607344-NRT
accept-ranges
bytes
content-length
12940
x-xss-protection
1; mode=block
server
cloudflare
jquery.fancybox.js
www.cyfirma.com/template/assets/js/
60 KB
19 KB
Script
General
Full URL
https://www.cyfirma.com/template/assets/js/jquery.fancybox.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
539f5ac9dfd20b0944a5dcbf121289df379e4197e9263006b96b931c7bc18c5b
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"f154-5e56a3f9b7500-gzip"
age
7110
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
application/javascript
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfb627344-NRT
accept-ranges
bytes
content-length
19666
x-xss-protection
1; mode=block
server
cloudflare
slick.js
www.cyfirma.com/template/assets/js/
42 KB
10 KB
Script
General
Full URL
https://www.cyfirma.com/template/assets/js/slick.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e55b451621a060d376f1b31af3b370ea3d65ab7532ca82e875e52882deefbae
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"a88a-5e56a3f9b7500-gzip"
age
7110
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
application/javascript
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfb697344-NRT
accept-ranges
bytes
content-length
10485
x-xss-protection
1; mode=block
server
cloudflare
custom.js
www.cyfirma.com/template/assets/js/
5 KB
2 KB
Script
General
Full URL
https://www.cyfirma.com/template/assets/js/custom.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
290dc8deb77632ee52a3e08c01def62f5fb715b5c85fbc4afaa99a3c8b4d1a4e
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"144a-5e8a21454c8c0-gzip"
age
7111
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
application/javascript
last-modified
Wed, 14 Sep 2022 12:15:07 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1cfb6b7344-NRT
accept-ranges
bytes
content-length
1318
x-xss-protection
1; mode=block
server
cloudflare
caeb3130-e8d8-451c-a682-4aec9bfc4929
https://www.cyfirma.com/ Frame
0
0

gtm.js
www.googletagmanager.com/
272 KB
90 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5GT46FN
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
39f5b86b214b0aa5355128d8d4967f13b0c35f0d3982562a927174e10a7935a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 03 Dec 2024 14:05:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 03 Dec 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
91279
x-xss-protection
0
server
Google Tag Manager
css2
fonts.googleapis.com/
5 KB
960 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@200;300;400;500;600;700&display=swap
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/template/assets/css/custom-style.css?v=11.73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9bc1e4d66fae597d1c2c9b0a177332d261cb9f6e66adcaec5a330abe948f9d2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 03 Dec 2024 14:05:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 03 Dec 2024 14:00:44 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
footerbg.png
www.cyfirma.com/template/assets/media/2022/09/
3 KB
3 KB
Image
General
Full URL
https://www.cyfirma.com/template/assets/media/2022/09/footerbg.png
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/template/assets/css/custom-style.css?v=11.73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
008bbd344bacd96b0cc81708dd1e838a5df65db54f7ae728b44ba99cae2d9628
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/template/assets/css/custom-style.css?v=11.73

Response headers

content-encoding
br
cf-cache-status
EXPIRED
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
expires
Wed, 11 Jan 1984 05:00:00 GMT
date
Tue, 03 Dec 2024 14:05:50 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
DENY
link
<https://www.cyfirma.com/wp-json/>; rel="https://api.w.org/"
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800, must-revalidate
pragma
no-cache
cf-ray
8ec41d1d3bcf7344-NRT
access-control-allow-origin
https://www.cyfirma.com/
x-xss-protection
1; mode=block
server
cloudflare
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@200;300;400;500;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s21-in-f3.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.cyfirma.com
Referer
https://fonts.googleapis.com/

Response headers

age
284284
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 30 Nov 2025 07:07:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 30 Nov 2024 07:07:45 GMT
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7884
x-xss-protection
0
server
sffe
fa-light-300.woff2
www.cyfirma.com/template/assets/fonts/
153 KB
154 KB
Font
General
Full URL
https://www.cyfirma.com/template/assets/fonts/fa-light-300.woff2
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/template/assets/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99bbc5cbd07c3d36c28f1a02bc0f1e7e7f3f4423ec93f07a13ffc884b8aa1a34
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.cyfirma.com
Referer
https://www.cyfirma.com/template/assets/css/all.css

Response headers

cf-cache-status
HIT
etag
"26534-5e56a3f9b7500"
age
6048
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
font/woff2
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1d3bd07344-NRT
accept-ranges
bytes
content-length
156980
x-xss-protection
1; mode=block
server
cloudflare
pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@200;300;400;500;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s21-in-f3.1e100.net
Software
sffe /
Resource Hash
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.cyfirma.com
Referer
https://fonts.googleapis.com/

Response headers

age
328158
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 29 Nov 2025 18:56:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 18:56:31 GMT
last-modified
Fri, 22 Mar 2024 00:02:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7840
x-xss-protection
0
server
sffe
fa-solid-900.woff2
www.cyfirma.com/template/assets/fonts/
115 KB
115 KB
Font
General
Full URL
https://www.cyfirma.com/template/assets/fonts/fa-solid-900.woff2
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/template/assets/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47c58e41e2f38d9813c39b6641c96e12408522bf774779cb58973f67303875a7
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.cyfirma.com
Referer
https://www.cyfirma.com/template/assets/css/all.css

Response headers

cf-cache-status
HIT
etag
"1cb70-5e56a3f9b7500"
age
6048
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
font/woff2
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1d3bd27344-NRT
accept-ranges
bytes
content-length
117616
x-xss-protection
1; mode=block
server
cloudflare
fa-brands-400.woff2
www.cyfirma.com/template/assets/fonts/
70 KB
71 KB
Font
General
Full URL
https://www.cyfirma.com/template/assets/fonts/fa-brands-400.woff2
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/template/assets/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3eb2d0caf3502359966882d146b1a75e34bf933cbdace1c286395ea3fd1f567
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.cyfirma.com
Referer
https://www.cyfirma.com/template/assets/css/all.css

Response headers

cf-cache-status
HIT
etag
"119bc-5e56a3f9b7500"
age
6048
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
font/woff2
last-modified
Thu, 04 Aug 2022 13:23:00 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1d3bd47344-NRT
accept-ranges
bytes
content-length
72124
x-xss-protection
1; mode=block
server
cloudflare
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@200;300;400;500;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s21-in-f3.1e100.net
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.cyfirma.com
Referer
https://fonts.googleapis.com/

Response headers

age
441373
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 11:29:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 11:29:36 GMT
last-modified
Fri, 22 Mar 2024 00:01:14 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7748
x-xss-protection
0
server
sffe
recaptcha__ja.js
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/
551 KB
219 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__ja.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.35 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f3.1e100.net
Software
sffe /
Resource Hash
c571c78c049ac06e309cecc0b677067354a3d767995bb717a457472e0a843597
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.cyfirma.com
Referer
https://www.cyfirma.com/

Response headers

content-encoding
gzip
age
19402
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Wed, 03 Dec 2025 08:42:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 08:42:27 GMT
last-modified
Mon, 11 Nov 2024 05:00:22 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
224517
x-xss-protection
0
server
sffe
wp-emoji-release.min.js
www.cyfirma.com/my_includes/js/
18 KB
5 KB
Script
General
Full URL
https://www.cyfirma.com/my_includes/js/wp-emoji-release.min.js
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"4904-610b772012080-gzip"
age
6048
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
application/javascript
last-modified
Tue, 06 Feb 2024 14:32:18 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d1ddc897344-NRT
accept-ranges
bytes
content-length
5039
x-xss-protection
1; mode=block
server
cloudflare
apbct_get_pixel_url
www.cyfirma.com/wp-json/cleantalk-antispam/v1/
80 B
582 B
XHR
General
Full URL
https://www.cyfirma.com/wp-json/cleantalk-antispam/v1/apbct_get_pixel_url
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/apps/cleantalk-spam-protect/js/apbct-public-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5bbdc50a1980b38ae1a5bf5c7b6a2fc60e0d6443f3a07883ae1c8824ec127de
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
X-WP-Nonce
7e8ac0b98b
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

x-robots-tag
noindex
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
content-encoding
br
cf-cache-status
DYNAMIC
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff, nosniff
access-control-allow-methods
OPTIONS, GET, POST, PUT, PATCH, DELETE
expires
Thu, 19 Nov 1981 08:52:00 GMT
x-wp-nonce
7e8ac0b98b
date
Tue, 03 Dec 2024 14:05:50 GMT
content-type
application/json; charset=UTF-8
vary
Origin
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-frame-options
DENY
link
<https://www.cyfirma.com/wp-json/>; rel="https://api.w.org/"
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
allow
POST
cf-ray
8ec41d1ddc8b7344-NRT
access-control-allow-origin
https://www.cyfirma.com
x-xss-protection
1; mode=block
server
cloudflare
js
www.googletagmanager.com/gtag/
377 KB
123 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XN67BK9M7N&l=dataLayer&cx=c&gtm=457e4bk0za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-80179732-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
85eeb59f482c1fe6ed6e290fd25f8ac82e1ea25bb3fa3616ee93a186d6c5b5c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 03 Dec 2024 14:05:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
125882
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-80179732-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/

Response headers

content-encoding
gzip
age
1217
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Tue, 03 Dec 2024 15:45:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 13:45:32 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
js
www.googletagmanager.com/gtag/
323 KB
107 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KBLXRB4PTX&l=dataLayer&cx=c&gtm=45He4bk0v852032066za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GT46FN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
78ed58e64aa5369905723787f825456bb71c68cbea2efaa6bd45ff9a3cce315d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 03 Dec 2024 14:05:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109892
x-xss-protection
0
server
Google Tag Manager
insight.min.js
snap.licdn.com/li.lms-analytics/
2 KB
1 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GT46FN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:e::b81d:8cdf Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
c57865ec6a6956797b18dc7d23a3ade16e7ced5271f4dc0796b2ed0a10f934dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/

Response headers

x-amz-server-side-encryption
AES256
cache-control
max-age=19629
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
796
date
Tue, 03 Dec 2024 14:05:49 GMT
last-modified
Mon, 02 Dec 2024 19:27:08 GMT
vary
Accept-Encoding
x-edgeconnect-midmile-rtt
0
content-type
application/javascript;charset=utf-8
x-edgeconnect-origin-mex-latency
328
jg2ucp2q3y
www.clarity.ms/tag/
689 B
1 KB
Script
General
Full URL
https://www.clarity.ms/tag/jg2ucp2q3y
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
715edd16677e6084bb5b28b48ddc002b35b7cd424850a89f9a7c06cae518a4c2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
689
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
application/x-javascript
x-azure-ref
20241203T140549Z-167dd484d777z8c5hC1TYO2rs40000000w8g00000000dsa9
insight.old.min.js
snap.licdn.com/li.lms-analytics/
40 KB
14 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:e::b81d:8cdf Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
e6b8a90a2870483ace67380ff4a64b39bfecb7952a432393470d76a6614fc62c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/

Response headers

cache-control
max-age=19629
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
14634
date
Tue, 03 Dec 2024 14:05:49 GMT
last-modified
Mon, 02 Dec 2024 19:22:52 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
collect
www.google-analytics.com/j/
1 B
419 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1109266567&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cyfirma.com%2Fresearch%2Felpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family%2F&ul=ja-jp&de=UTF-8&dt=ELPACO-team%20Ransomware%3A%20A%20New%20Variant%20of%20the%20MIMIC%20Ransomware%20Family%20-%20CYFIRMA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1439077439&gjid=1066498128&cid=25288213.1733234749&tid=UA-80179732-4&_gid=2475391.1733234749&_r=1&gtm=457e4bk0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&jsscut=1&z=943023003
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.cyfirma.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 14:05:49 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.cyfirma.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
collect
www.google-analytics.com/j/
15 B
86 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1109266567&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cyfirma.com%2Fresearch%2Felpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family%2F&ul=ja-jp&de=UTF-8&dt=ELPACO-team%20Ransomware%3A%20A%20New%20Variant%20of%20the%20MIMIC%20Ransomware%20Family%20-%20CYFIRMA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=1494110198&gjid=740169512&cid=25288213.1733234749&tid=UA-80179732-4&_gid=2475391.1733234749&_r=1&_slc=1&gtm=45He4bk0n815GT46FNv852032066za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=569772518
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
bb2ccb10404cc6a241da8ff58b2ccb32e483c021f9123c09d4e5f565af4fc718
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.cyfirma.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 14:05:49 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.cyfirma.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
attribution_trigger
px.ads.linkedin.com/
2 B
761 B
XHR
General
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=4091476&time=1733234749390&url=https%3A%2F%2Fwww.cyfirma.com%2Fresearch%2Felpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family%2F
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*
Referer
https://www.cyfirma.com/

Response headers

x-li-pop
afd-prod-lor1-x
content-encoding
gzip
x-fs-uuid
0006285e298dae75dec5585a7c864974
x-msedge-ref
Ref A: E41F423870A64DEC8F6AB502ACD283C3 Ref B: TYAEDGE0915 Ref C: 2024-12-03T14:05:49Z
x-li-fabric
prod-lor1
x-restli-protocol-version
1.0.0
access-control-allow-methods
GET, OPTIONS
x-li-uuid
AAYoXimNrnXexVhafIZJdA==
x-li-proto
http/2
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Tue, 03 Dec 2024 14:05:48 GMT
content-type
application/json
access-control-allow-headers
*
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4091476&time=1733234749390&li_adsId=b57bb092-876d-4082-8f31-d2970ecbc299&url=https%3A%2F%2Fwww.cyfirma.com%2Fresearch%2Felpaco-team-ransomware-a-n...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4091476&time=1733234749390&li_adsId=b57bb092-876d-4082-8f31-d2970ecbc299&url=https%3A%2F%2Fwww.cyfirma.com%2Fresearch%2Felpaco-team-ransomware-a-n...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4091476%26time%3D1733234749390%26li_adsId%3Db57bb092-876d-4082-8f31-d2970ecbc299%...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4091476&time=1733234749390&li_adsId=b57bb092-876d-4082-8f31-d2970ecbc299&url=https%3A%2F%2Fwww.cyfirma.com%2Fresearch%2Felpaco-team-ransomware-a-n...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4091476&time=1733234749390&li_adsId=b57bb092-876d-4082-8f31-d2970ecbc299&url=https%3A%2F%2Fwww.cyfirma.com%2Fresearch%2Felpaco-team-ransomware-a-...
0
486 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4091476&time=1733234749390&li_adsId=b57bb092-876d-4082-8f31-d2970ecbc299&url=https%3A%2F%2Fwww.cyfirma.com%2Fresearch%2Felpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family%2F&cookiesTest=true&liSync=true&e_ipv6=AQKX578z-kxxuQAAAZOM13KkTI_PNYg_N5EnREavhsIUTvbnOlZMR3Fve2ej4WLdqt2F6g
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/

Response headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 1006F3760A0A49D4BAC269280C06DB9A Ref B: TYAEDGE0712 Ref C: 2024-12-03T14:05:50Z
x-li-fabric
prod-ltx1
x-li-uuid
AAYoXimaXuB8ueqcanHLOg==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Tue, 03 Dec 2024 14:05:50 GMT
content-type
application/javascript

Redirect headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4091476&time=1733234749390&li_adsId=b57bb092-876d-4082-8f31-d2970ecbc299&url=https%3A%2F%2Fwww.cyfirma.com%2Fresearch%2Felpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family%2F&cookiesTest=true&liSync=true&e_ipv6=AQKX578z-kxxuQAAAZOM13KkTI_PNYg_N5EnREavhsIUTvbnOlZMR3Fve2ej4WLdqt2F6g
x-msedge-ref
Ref A: 757C008E92F94250AEB04BE26D663C0A Ref B: TYAEDGE1110 Ref C: 2024-12-03T14:05:50Z
x-li-fabric
prod-ltx1
x-li-uuid
AAYoXimXtLa1NhIAuTPcSQ==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Tue, 03 Dec 2024 14:05:49 GMT
js
www.googletagmanager.com/gtag/
381 KB
125 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XN67BK9M7N&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b2202908358c548164843b55c1af23b3ef310c12206e59723797224ebb9975e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 03 Dec 2024 14:05:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
127681
x-xss-protection
0
server
Google Tag Manager
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-XN67BK9M7N&gtm=45je4bk0v9135687612za200&_p=1733234748840&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=25288213.1733234749&ul=ja-jp&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1733234749&sct=1&seg=0&dl=https%3A%2F%2Fwww.cyfirma.com%2Fresearch%2Felpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family%2F&dt=ELPACO-team%20Ransomware%3A%20A%20New%20Variant%20of%20the%20MIMIC%20Ransomware%20Family%20-%20CYFIRMA&en=page_view&_fv=1&_ss=1&tfd=2125
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XN67BK9M7N&l=dataLayer&cx=c&gtm=457e4bk0za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s19-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.cyfirma.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
text/plain
server
Golfe2
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-KBLXRB4PTX&gtm=45je4bk0v897044746z8852032066za200zb852032066&_p=1733234748840&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=25288213.1733234749&ul=ja-jp&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1733234749&sct=1&seg=0&dl=https%3A%2F%2Fwww.cyfirma.com%2Fresearch%2Felpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family%2F&dt=ELPACO-team%20Ransomware%3A%20A%20New%20Variant%20of%20the%20MIMIC%20Ransomware%20Family%20-%20CYFIRMA&en=page_view&_fv=1&_ss=1&tfd=2157
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KBLXRB4PTX&l=dataLayer&cx=c&gtm=45He4bk0v852032066za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.cyfirma.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
545 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KBLXRB4PTX&cid=25288213.1733234749&gtm=45je4bk0v897044746z8852032066za200zb852032066&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KBLXRB4PTX&l=dataLayer&cx=c&gtm=45He4bk0v852032066za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c15::9d Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.cyfirma.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame F090
0
0
Document
General
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-KBLXRB4PTX&gacid=25288213.1733234749&gtm=45je4bk0v897044746z8852032066za200zb852032066&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=494461983
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KBLXRB4PTX&l=dataLayer&cx=c&gtm=45He4bk0v852032066za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cyfirma.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 03 Dec 2024 14:05:49 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.co.jp/ads/
42 B
63 B
Image
General
Full URL
https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KBLXRB4PTX&cid=25288213.1733234749&gtm=45je4bk0v897044746z8852032066za200zb852032066&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=526275612
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.198.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 03 Dec 2024 14:05:49 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
clarity.js
www.clarity.ms/s/0.7.56/
66 KB
28 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.56/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/jg2ucp2q3y
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/

Response headers

x-azure-ref
20241203T140549Z-167dd484d777z8c5hC1TYO2rs40000000w8g00000000dsbt
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DD0EDC462F0477"
x-fd-int-roxy-purgeid
79034942
x-ms-request-id
dc5fbecb-901e-007b-2056-416c47000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Tue, 03 Dec 2024 14:05:49 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 27 Nov 2024 12:08:58 GMT
collect
i.clarity.ms/
0
279 B
XHR
General
Full URL
https://i.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.153.72.49 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://www.cyfirma.com/

Response headers

Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
Access-Control-Allow-Origin
https://www.cyfirma.com
Date
Tue, 03 Dec 2024 14:05:50 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
a77a2ef866fc9d69497c2810c91d0390.gif
moderate4.cleantalk.org/pixel/
43 B
265 B
Image
General
Full URL
https://moderate4.cleantalk.org/pixel/a77a2ef866fc9d69497c2810c91d0390.gif
Requested by
Host: www.cyfirma.com
URL: https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:1c17:6617::1 Gunzenhausen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/

Response headers

X-Server-IP
2a01:4f8:1c17:6617::1
Content-Length
43
Date
Tue, 03 Dec 2024 14:05:50 GMT
Content-Type
image/gif
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
/
px.ads.linkedin.com/wa/
0
195 B
XHR
General
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cyfirma.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*
Content-Type
text/plain;charset=UTF-8

Response headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: A0C03D5CECC949E7A7A25C3C28C3D1E7 Ref B: TYAEDGE1110 Ref C: 2024-12-03T14:05:50Z
x-li-fabric
prod-ltx1
access-control-allow-credentials
true
x-li-uuid
AAYoXimc9rMbq7XQnJvqxQ==
x-li-proto
http/2
access-control-allow-origin
https://www.cyfirma.com
x-cache
CONFIG_NOCACHE
date
Tue, 03 Dec 2024 14:05:49 GMT
vary
Origin
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=5200B4FB94854F01B48C1420DF0AE01B&RedC=c.clarity.ms&MXFR=31BBE9A8FB9C62BF0367FCE2FF9C6C0B
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5200B4FB94854F01B48C1420DF0AE01B&MUID=2F8A48DD29C964EB2B985D97283B6563
42 B
442 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5200B4FB94854F01B48C1420DF0AE01B&MUID=2F8A48DD29C964EB2B985D97283B6563
Protocol
H2
Server
52.231.230.148 Busan, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/

Response headers

cache-control
private, no-cache, proxy-revalidate, no-store
pragma
no-cache
etag
"58964c231919db1:0"
accept-ranges
bytes
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
42
date
Tue, 03 Dec 2024 14:05:50 GMT
content-type
image/gif
last-modified
Tue, 08 Oct 2024 00:29:29 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET

Redirect headers

cache-control
private, no-cache, proxy-revalidate, no-store
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5200B4FB94854F01B48C1420DF0AE01B&MUID=2F8A48DD29C964EB2B985D97283B6563
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 56095F04F45941B299B477778611BC15 Ref B: TYBEDGE0606 Ref C: 2024-12-03T14:05:50Z
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
0
date
Tue, 03 Dec 2024 14:05:50 GMT
x-powered-by
ASP.NET
fevicon-black.png
www.cyfirma.com/media/2020/03/
5 KB
5 KB
Other
General
Full URL
https://www.cyfirma.com/media/2020/03/fevicon-black.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47cd1bd50cbb69fd9eb4be85e06efc3fb46d41d0f5ddfe4ff97f96efa99e101a
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.cyfirma.com/research/elpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family/

Response headers

cf-cache-status
HIT
etag
"1444-5e56a38cff480"
age
7109
expect-ct
enforce, max-age=43200, report-uri="https://www.cyfirma.com/report"
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 14:05:50 GMT
content-type
image/png
last-modified
Thu, 04 Aug 2022 13:21:06 GMT
vary
Accept-Encoding
x-frame-options
DENY
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
cache-control
max-age=28800
cf-ray
8ec41d28df737344-NRT
accept-ranges
bytes
content-length
5188
x-xss-protection
1; mode=block
server
cloudflare
collect
i.clarity.ms/
0
279 B
XHR
General
Full URL
https://i.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.153.72.49 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://www.cyfirma.com/

Response headers

Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
Access-Control-Allow-Origin
https://www.cyfirma.com
Date
Tue, 03 Dec 2024 14:05:51 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.cyfirma.com
URL
blob:https://www.cyfirma.com/caeb3130-e8d8-451c-a682-4aec9bfc4929

Verdicts & Comments Add Verdict or Comment

197 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| turnstile object| fwcrm function| jQuery object| freshsales object| ZargetUrlChangeTrigger function| beforeunload boolean| zg_is_new_visitor object| zargetCookie function| zg_selector function| integrations function| zg_projectProps function| runZGHeatmap function| runZGPausedExp object| expEvt function| zarget$ function| fm_$ object| zargetAPI object| FMApi object| triggerHeatmapExperiment object| bulkDetails object| FM object| session object| dataLayer function| turnstileCallbackFunction object| ctPublicFunctions object| ctPublic object| _wpemojiSettings function| $ object| devtools function| ownKeys function| _objectSpread function| _slicedToArray function| _nonIterableRest function| _iterableToArrayLimit function| _arrayWithHoles function| _callSuper function| _possibleConstructorReturn function| _assertThisInitialized function| _isNativeReflectConstruct function| _getPrototypeOf function| _inherits function| _setPrototypeOf function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _typeof function| _classCallCheck function| _defineProperties function| _createClass function| _defineProperty function| _toPropertyKey function| _toPrimitive function| ApbctCore function| ctProcessError function| apbct function| ApbctXhr function| ApbctAjax function| ApbctRest function| ctSetCookie function| ctDetectForcedAltCookiesForms function| ctSetAlternativeCookie function| ctGetCookie function| ctDeleteCookie function| apbct_public_sendAJAX function| apbct_public_sendREST function| apbctGenerateUniqueID object| apbctLocalStorage object| apbctSessionStorage function| apbctOnAnimationStart function| apbctOnInput function| apbctAutocomplete function| apbctCancelAutocomplete number| ctMouseReadInterval number| ctMouseWriteDataInterval function| CTTypoData object| ctDate number| ctTimeMs boolean| ctMouseEventTimerFlag object| ctMouseData object| ctCheckedEmails function| apbct_attach_event_handler function| apbct_remove_event_handler function| ctFunctionFirstKey function| ctFunctionMouseMove function| cronFormsHandler function| restartBotDetectorEventTokenAttach function| ctMouseStopData function| ctKeyStopStopListening function| checkEmail function| ctSetPixelImg function| ctSetPixelImgFromLocalstorage function| ctGetPixelUrl function| ctSetHasScrolled function| ctSetMouseMoved function| restartFieldsListening function| ctStartFieldsListening function| ctStopFieldsListening function| ctFunctionHasInputFocused function| ctFunctionHasKeyUp function| ctSetHasInputFocused function| ctSetHasKeyUp function| ctPreloadLocalStorage function| apbctPrepareBlockForAjaxForms function| apbct_ready function| ctAjaxSetupAddCleanTalkDataBeforeSendAjax function| ctOnsubmitPrevCallExclude function| ctSearchFormOnSubmitHandler function| ctFillDecodedEmailHandler function| apbctAjaxEmailDecodeBulk function| apbctEmailEncoderCallbackBulk function| resetEncodedNodes function| getJavascriptClientData function| removeDoubleJsonEncoding function| ctProcessDecodedDataResult function| ctFillDecodedEmail function| ctShowDecodeComment function| apbct_collect_visible_fields function| apbct_visible_fields_set_cookie function| apbct_js_keys__set_input_value function| apbctGetScreenInfo function| ctParseBlockMessage function| ctSetPixelUrlLocalstorage function| ctNoCookieConstructHiddenField function| ctGetPageForms function| ctGetHiddenFieldExclusionsType function| ctCheckHiddenFieldsExclusions function| ctNoCookieAttachHiddenFieldsToForms function| defaultFetch function| defaultSend function| checkFormsExistForCatching function| isFormThatNeedCatch function| isFormThatNeedCatchXhr function| getNoCookieData function| apbctWriteReferrersToSessionStorage object| cleantalkModal function| ctProtectExternal function| formIsExclusion function| apbctGetFormClass function| apbctProcessIframes function| apbctProcessExternalForm function| apbctProcessExternalFormByFakeButton function| apbctReplaceInputsValuesFromOtherForm function| ctProtectOutsideIframe function| ctProtectOutsideIframeHandler function| catchNextendSocialLoginForm function| blockBtnNextendSocialLogin function| allowAjaxNextendSocialLogin function| forbiddenAjaxNextendSocialLogin function| ctCheckAjax function| isIntegratedForm function| sendAjaxCheckingFormData function| catchDynamicRenderedForm function| catchDynamicRenderedFormHandler function| sendAjaxCheckingDynamicFormData function| apbctVal function| ctCheckInternal function| ctCheckInternalIsExcludedForm object| WPMLLanguageSwitcherDropdown function| gtag object| swv object| wpcf7 object| wpcf7r object| wpcf7_redirect object| cf7msm_posted_data function| renderInvisibleReCaptcha function| pJS function| hexToRgb function| clamp function| isInArray function| requestAnimFrame function| cancelRequestAnimFrame object| pJSDom function| particlesJS object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| bootstrap boolean| mCustomScrollbar object| frontobj object| twemoji object| wp object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id function| clarity object| gaplugins object| gaGlobal object| gaData function| lintrk boolean| _already_called_lintrk object| recaptcha function| onYouTubeIframeAPIReady object| ORIBILI

29 Cookies

Domain/Path Name / Value
www.cyfirma.com/ Name: PHPSESSID
Value: kg3g6rk67govbnje64gdfch6jh
.cyfirma.com/ Name: _fw_crm_v
Value: ac58a525-c3cf-4f0b-8ed9-eabf4b0deb78
www.cyfirma.com/ Name: first_session
Value: %7B%22visits%22%3A1%2C%22start%22%3A1733234748829%2C%22last_visit%22%3A1733234748829%2C%22url%22%3A%22https%3A%2F%2Fwww.cyfirma.com%2Fresearch%2Felpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family%2F%22%2C%22path%22%3A%22%2Fresearch%2Felpaco-team-ransomware-a-new-variant-of-the-mimic-ransomware-family%2F%22%2C%22referrer%22%3A%22%22%2C%22referrer_info%22%3A%7B%22host%22%3A%22%22%2C%22path%22%3A%22blank%22%2C%22protocol%22%3A%22about%3A%22%2C%22port%22%3A80%2C%22search%22%3A%22%22%2C%22query%22%3A%7B%7D%7D%2C%22search%22%3A%7B%22engine%22%3Anull%2C%22query%22%3Anull%7D%2C%22version%22%3A0.4%7D
.cyfirma.com/ Name: _gid
Value: GA1.2.2475391.1733234749
.cyfirma.com/ Name: _gat_gtag_UA_80179732_4
Value: 1
.www.cyfirma.com/ Name: _ga
Value: GA1.3.25288213.1733234749
.www.cyfirma.com/ Name: _gid
Value: GA1.3.2475391.1733234749
.www.cyfirma.com/ Name: _gat_UA-80179732-4
Value: 1
.cyfirma.com/ Name: _ga_XN67BK9M7N
Value: GS1.1.1733234749.1.0.1733234749.0.0.0
.cyfirma.com/ Name: _ga
Value: GA1.1.25288213.1733234749
www.clarity.ms/ Name: CLID
Value: 9ebe836036384306bb64ba46e7a1e897.20241203.20251203
.cyfirma.com/ Name: _ga_KBLXRB4PTX
Value: GS1.1.1733234749.1.0.1733234749.60.0.0
.linkedin.com/ Name: li_sugr
Value: 7667880d-79dd-4a57-9d9c-cad0f1fd6065
.linkedin.com/ Name: bcookie
Value: "v=2&af993835-f15f-405a-8d90-4baad7a46cb0"
.linkedin.com/ Name: lidc
Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3423:u=1:x=1:i=1733234749:t=1733321149:v=2:sig=AQF5s8grNOe_QiTB6Iqud_CFJpa6GKLe"
.cyfirma.com/ Name: _clck
Value: e4tpga%7C2%7Cfre%7C0%7C1798
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.linkedin.com/ Name: UserMatchHistory
Value: AQJHiOGv3iBz0wAAAZOM13Dk8Ed1bqTVzK-4avStT0gGonbMMvV8MYPgaWuK7sVT_hv3v3ly878KYQ
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQIFxgacFfwUxwAAAZOM13DlaZJohGzrPZ--ucInXDg0jAeX9muieZyJr-zlo58rBMlyjtfbtSeGpa6oEuhScA
.www.linkedin.com/ Name: bscookie
Value: "v=1&20241203140549650c4cad-3ec2-432c-8c00-3365f2a3124dAQG2lWLrPndccSzvUWdF1Bthy1g-PFsG"
.linkedin.com/ Name: __cf_bm
Value: 3pgode_PGDxEUjzntQIw94D.WYnpqeNQ1WiP69wbhKM-1733234750-1.0.1.1-KQMNgbuKPhhbNYcjQuvyjztiT6eN6CnzGljUjD2zdR48LGb.OqfAP6tUiME.WOibCQnr9gxqnSv.EtWgTfYHig
.cyfirma.com/ Name: _clsk
Value: r7xdzn%7C1733234750532%7C1%7C1%7Ci.clarity.ms%2Fcollect
.bing.com/ Name: MUID
Value: 2F8A48DD29C964EB2B985D97283B6563
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 2F8A48DD29C964EB2B985D97283B6563
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 2F8A48DD29C964EB2B985D97283B6563
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

1 Console Messages

Source Level URL
Text
network error URL: https://www.cyfirma.com/template/assets/media/2022/09/footerbg.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob: https://beta05.cyfirma.com https://in.fw-cdn.com https://www.googletagmanager.com https://www.google.com https://www.gstatic.com https://unpkg.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://fonts.googleapis.com https://www.cyfirma.com https://www.youtube.com https://snap.licdn.com https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
cdnjs.cloudflare.com
challenges.cloudflare.com
cyfirma.com
fonts.googleapis.com
fonts.gstatic.com
i.clarity.ms
in.fw-cdn.com
moderate4.cleantalk.org
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
stats.g.doubleclick.net
td.doubleclick.net
www.clarity.ms
www.cyfirma.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.cyfirma.com
104.17.25.14
104.18.95.41
13.107.42.14
142.250.196.136
142.250.198.3
142.250.198.4
142.251.222.35
172.217.175.46
172.217.175.99
176.32.65.193
18.65.207.72
2001:4860:4802:34::178
2001:4860:4802:38::181
2404:6800:4004:820::2002
2404:6800:4004:824::2008
2404:6800:4004:824::200a
2404:6800:4008:c15::9d
2600:140b:a00:e::b81d:8cdf
2606:4700:10::ac43:18d6
2606:4700:4400::6812:2929
2620:1ec:21::14
2620:1ec:bdf::46
2620:1ec:c11::237
2a01:4f8:1c17:6617::1
2a04:4e42::485
4.153.72.49
52.231.230.148
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
008bbd344bacd96b0cc81708dd1e838a5df65db54f7ae728b44ba99cae2d9628
011a5d93bd41409d46cc89f925848015f6f9858551814e0079bcc8c40f1fb77b
01b035efb5dfa529c512f82962ed633328222da6f33c224244806d4798c67349
033e57dfbfe326d530de582fa31aa8bebcfac4c113100ff7f002cc97906f67b4
07ce60e24df059952c6c4f6a82cdb94603280a563a2c2e467f71dc712d0892a7
0a9166d49e739e0f1b735aa60f31faf2f7efd09b50101d9bac4a255ba17724ef
0c733479b5df186906adef1d6370aa65bb743785265cad0a34416b45280ebb5e
0d6cbfad423f414457e84247076eaeea86b8272c22ac17ffac2bc9456cf6bdd7
108def0528b188d78212d66957bd99f7bef9309a3e697f78c8a0255fa10fec87
127ab3c246ae277cad68e9f9e649bbda81dd4bfbd45aaf4cbc1a8dfac59c5aea
1686542a8edf7b12c822b2146fc0bbb84416b17eaca874b57755e870b721dc12
1a8fd0a7da56b75d76f8b708b040a9fbf9f5050b7e42d303989f7d57f6a5c36c
1aa4c3d21c2a86169948b5acc1bf4a8589bd4898c5bca6f46a20ae8727b30179
1aeb9107928bb523947c28e17358efb50a07b942e15ed0a72259a5794ea2ca96
1dcab65b9993e052b1144e982a61f761add74cd404b717830a3449d7f2d4c522
2524d3676536f34e5f5f01362fdc505d630530c29e6fe45fb1b97ca073e3c387
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
290dc8deb77632ee52a3e08c01def62f5fb715b5c85fbc4afaa99a3c8b4d1a4e
39f5b86b214b0aa5355128d8d4967f13b0c35f0d3982562a927174e10a7935a4
3b37d315dcea0fbeea45df259f6e857e674da51c9618efc9928b6cd5205189da
3f0bf6c7c4247fa5a2100058e45c6fe238c225fd1b73233a7dc30281c521926c
40790d44e3deecffafb17b8cdd23a754eabb0faee9c6dfeb3a3b7b17c2fbaa6a
425a515894a7215256e54706cc640acbb4fb34fd17eb29b374846d8b106e6f8e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
447a666f538d391a24c9d83e9778f600b08fa82527438e7b8420f93811783aa2
47c58e41e2f38d9813c39b6641c96e12408522bf774779cb58973f67303875a7
47cd1bd50cbb69fd9eb4be85e06efc3fb46d41d0f5ddfe4ff97f96efa99e101a
4948aa9fd1875b6f894bf7ac085914baf38bc27d8b0699864a849c7b7f233ca7
4d9eb3021ed5c95cdf912f53f58fa91721034f503a2eebdd3690ba90a5de7f2a
4e55b451621a060d376f1b31af3b370ea3d65ab7532ca82e875e52882deefbae
4f2c1f098f7a28dbab913d292da562c06b45d6495ec9a60e6cbc6b99564ef5e4
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
503f9aa8675e396e6feec3369148a12f5c863c5068d573e72a3f2f4d217ac0d3
5302e4e90d5b1d7c013385eb633c4e85277d2f6bf0560ed191bc997d83fee991
539f5ac9dfd20b0944a5dcbf121289df379e4197e9263006b96b931c7bc18c5b
63ab9a2fb6fb65ca5debaa8686408bab41a073db2d5abcf0db248279d944ac51
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ce1aed4aaf6ba85baeb99d0541d9987f0f430b4397ee3feef778b90e588420f
70675dd518a9c9be09c59647002b6868a6ab1caff0d5f5d8adaab45a6ae803fe
715edd16677e6084bb5b28b48ddc002b35b7cd424850a89f9a7c06cae518a4c2
734eb66ec42044d294644d6e06b73eb7723ec74db2f6dd89c5bc98f0775695cf
738d4cf265345f71cce17d9a69eb8f20df5de1fa2a6e5be1c6ca76824cf8745a
7423eea2fb126f7a09e7986d7baf0c301cda79f45dc56aacfd47c87fb4afafa6
759975539752ee86c2b252c115886ddf8ec8b9eaefd05dfb858db0f8f4a042a5
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
78ed58e64aa5369905723787f825456bb71c68cbea2efaa6bd45ff9a3cce315d
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79ca25b1fc9f1e82df98a3d3ac9b79968d496224abacca5061bf97780c760045
7cf8b2588497dcd12fa96a75731c6ec327491f8d55f18da0af72b70afa6713af
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
836beac43a701fb0ad1467f1cffcea990151c98897441a838bdd88f222dcfcf8
84cc57d3cc87630aa3180ee548f38d33ea73969ff46765d7446e07df029abfd3
85eeb59f482c1fe6ed6e290fd25f8ac82e1ea25bb3fa3616ee93a186d6c5b5c2
86e08c2b8e9027640e44408d0840e35f8d3ea353352aeed3aa390f78ad96d23b
8c1f806310322c848c4c996ca568a03b3b16cf9487cbccf09aef3cf17e2c643d
94d8a7230291f9bcc40773e1423f1185a8073fb2cc368e882c75bf5f2f8772ba
974e81270e14d0829929fe7cf9e20bd0ad6c651a6c4203b6799740b970174a52
97ffc4402ab8a539ef5c5ab17f8a5a1244a6ba09fa4988a9ccce7a83e5249bcf
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
99bbc5cbd07c3d36c28f1a02bc0f1e7e7f3f4423ec93f07a13ffc884b8aa1a34
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bc1e4d66fae597d1c2c9b0a177332d261cb9f6e66adcaec5a330abe948f9d2e
9c0647c53dde19cd56b2dfd0626db41f3db20c92984e1e6a4d469c19e4823adf
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
9ea16b5ce41dcada4e192317633c254a323069fb30adf6180d6cb1b5eacf0257
a11f55caea154cdc5bb990fbc8cfcca5bacdde16cc1fb7bcd6d594576d65a812
a17aa2e50d151709bd4e00ac39e129c4fbd56b4946a7af1b91384608500ad894
a3eb2d0caf3502359966882d146b1a75e34bf933cbdace1c286395ea3fd1f567
a5bbdc50a1980b38ae1a5bf5c7b6a2fc60e0d6443f3a07883ae1c8824ec127de
a5d082a8a8042007ac2f3b4e5e0eee1f0b24d8d5c1fbf304275ef72d87a11d07
a98855ff9dd707b642bd4510039182325edbd4a1bf745eccde5a0a1d15b5b783
a9975cafc79e8fdeba2b64d5b8adc230ab7e936380248df1f84cc0b738844bbe
b12525627b4ec6b889dfe8cd7f2a756369a339b2aee7948437881e2b50af3a75
b2134b4b272bc464e6e24c4349d5ad4b2046234f8dc1291e8127e4c52d6c1723
b2202908358c548164843b55c1af23b3ef310c12206e59723797224ebb9975e2
b23a5e62bb16bd36bfa1555d3f741821201496ac4b6d2cc974549568adadec88
b336cf8710d8097c7de836d5534ff7c803b00c260c9500a4cb4b95f1905230c1
b393b9848efbec8176f4a20889afce9eb6ee1d9c6bb01eb916e3d38e7cad525b
b3eede500590266592b52e0bb9b9ce990674d3c692e6291f19fa2ed2973789cd
b70afed08e44bc1907904f7e27c6bdd98b8808d18295b603fa173aecbf3a6964
b7a34d55ad4b1fb9a4cc7392361d29186993fdbea01844081b5741f8ab507d0e
b82368a28809e066c7a394775e69bc6ce1ca857317222b8b0ea4ffe53ae5b5f3
b905e0fbcc7a6ad1c69672ccd6782c66b23f9393b79de7b58f24eb631cc1dccf
bb2ccb10404cc6a241da8ff58b2ccb32e483c021f9123c09d4e5f565af4fc718
bc3b59c278627cdb29d8975817ed927204ced9233e8776df01625d775637d226
bd3f2e687c390ee80bca8007544b44ba12a4e801283822a0d838a1fb977c34af
c40ab757e586668e665046ee7b65fadb360379607677de549111d1eb412096fd
c571c78c049ac06e309cecc0b677067354a3d767995bb717a457472e0a843597
c57362794ada29200eaf4fe57394ee81787ad537dc2bf73eae86954954b9beb3
c57865ec6a6956797b18dc7d23a3ade16e7ced5271f4dc0796b2ed0a10f934dc
c61e2e1347b9aca3d8f0c9725490470651a1f6c02841ff71f90305ea391ca6d2
cba79732c9d0e64aa7a033590990e73fe8bbf3da12e72a0376cd68aeda1acbfb
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cdac42bc339e6f8fcb3c162ed84bdd34118e4d18c5e39c22a5817995400030d8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d4ca6310bab0846e407ba41ba9664c5a1e35ec39abaf980849ea7eb101416499
dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2a0bae8353e77051ca4155f8aac9bae56c9ff6bbe75dfbd87fca5d54bb768dd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e4572b48ee33a09c5296563555166ea2bedc103f79e046748d39ab86dc8591
e6b8a90a2870483ace67380ff4a64b39bfecb7952a432393470d76a6614fc62c
e8e5aea71b92d5bc2e05586277048d2b3b558e75aa7df216a28e4b77bceecc8d
eb159f0e64f868842c4076aa1bad566f788936364cd8766e60e63c61f7b5d88e
ecac4fc801141ce552220be4bb12969e2ee625e2cf08cf0edbac579a279b28f1
ee96feba388ee1ec20ecae6fd38e4700c10921b8a1c9585261a97c81a1daf4f1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f317ff168377c5b94d740f17e27e8859d4f89abd2ff2416c0041684adcfa1004
f7bb442b06bfb13ecfee3c3ec2b6b19440a33e080ca9378f8d6f161281bd01ed
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fd8027b53a97cbd5782e85c5908e563c39776703ff9279f50658e630927b4167