malware.news Open in urlscan Pro
2606:4700:20::ac43:4a41 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://malware.news/t/akira-ransomware-continues-to-evolve/87667
Submission: On October 22 via api (October 22nd 2024, 11:26:58 am UTC) from IN — Scanned from DE

Summary HTTP 44 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 44 HTTP transactions. The main IP is 2606:4700:20::ac43:4a41, located in United States and belongs to CLOUDFLARENET, US. The main domain is malware.news. The Cisco Umbrella rank of the primary domain is 923402.
TLS certificate: Issued by WE1 on September 8th 2024. Valid for: 3 months.

This is the only time malware.news was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
38	2606:4700:20:... 2606:4700:20::ac43:4a41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:fbef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
44	7

38 2606:4700:20::ac43:4a41 (United States)

ASN13335 (CLOUDFLARENET, US)

malware.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:fbef (United States)

ASN13335 (CLOUDFLARENET, US)

blog.talosintelligence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	malware.news malware.news — Cisco Umbrella Rank: 923402	2 MB
2	talosintelligence.com blog.talosintelligence.com — Cisco Umbrella Rank: 438496	104 KB
1	google.de www.google.de — Cisco Umbrella Rank: 11271	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136	552 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4401
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	93 KB
44	6

	Domain	Requested by
38	malware.news	malware.news
2	blog.talosintelligence.com	malware.news
1	www.google.de	malware.news
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.googletagmanager.com	malware.news
44	6

This site contains links to these domains. Also see Links.

Domain
blog.talosintelligence.com
na.eventscloud.com
nvd.nist.gov
www.cisco.com
www.veeam.com
www.cisa.gov
sec.cloudapps.cisco.com
www.microsoft.com
duo.com
meraki.cisco.com
umbrella.cisco.com
signup.umbrella.com
signup.duo.com
www.snort.org
discourse.org

Subject Issuer	Validity	Valid
malware.news WE1	`2024-09-08` - `2024-12-07`	3 months	crt.sh
*.google-analytics.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
talosintelligence.com WE1	`2024-09-24` - `2024-12-23`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.google.de WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://malware.news/t/akira-ransomware-continues-to-evolve/87667
Frame ID: 063EBF817594F4F5B9BBBA5D90FE18D1
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Akira ransomware continues to evolve - Malware News - Malware Analysis, News and Indicators

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

44
Requests

100 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

7
IPs

3
Countries

2481 kB
Transfer

14979 kB
Size

3
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.talosintelligence.com/blackbyte-blends-tried-and-true-tradecraft-with-newly-disclosed-vulnerabilities-to-support-ongoing-attacks/
Title: one of the most prevalent

Search URL Search Domain Scan URL

URL: https://na.eventscloud.com/website/76470/#Agenda
Title: ‘GoGo Ransom Rangers: Diving into Akira’s Linux Variant with ATT&CK’

Search URL Search Domain Scan URL

URL: https://nvd.nist.gov/vuln/detail/CVE-2024-40766
Title: CVE-2024-40766

Search URL Search Domain Scan URL

URL: https://nvd.nist.gov/vuln/detail/CVE-2020-3259
Title: CVE-2020-3259

Search URL Search Domain Scan URL

URL: https://nvd.nist.gov/vuln/detail/CVE-2023-20263
Title: CVE-2023-20263

Search URL Search Domain Scan URL

URL: https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-asaftd-info-disclose-9eJtycMB.html
Title: Cisco Adaptive Security Appliance

Search URL Search Domain Scan URL

URL: https://nvd.nist.gov/vuln/detail/CVE-2023-48788
Title: CVE-2023-48788

Search URL Search Domain Scan URL

URL: https://www.veeam.com/kb4424
Title: CVE-2023-27532

Search URL Search Domain Scan URL

URL: https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-109a
Title: CVE-2023-20269

Search URL Search Domain Scan URL

URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ravpn-auth-8LyfCkeC
Title: authentication, authorization, and accounting

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/security/blog/2024/07/29/ransomware-operators-exploit-esxi-hypervisor-vulnerability-for-mass-encryption/
Title: CVE-2024-37085

Search URL Search Domain Scan URL

URL: https://www.veeam.com/kb4649
Title: CVE-2024-40711

Search URL Search Domain Scan URL

URL: https://duo.com/decipher/ransomware-groups-exploit-vmware-esxi-flaw
Title: VMWare’s ESXi

Search URL Search Domain Scan URL

URL: https://www.cisco.com/c/en/us/products/security/amp-for-endpoints/index.html?ref=cisco-talos-blog
Title: Cisco Secure Endpoint

Search URL Search Domain Scan URL

URL: https://www.cisco.com/c/en/us/products/security/amp-for-endpoints/free-trial.html?utm_medium=web-referral%3Futm_source%3Dcisco&%3Butm_campaign=amp-free-trial&%3Butm_term=pgm-talos-trial&%3Butm_content=amp-free-trial&ref=cisco-talos-blog
Title: here.

Search URL Search Domain Scan URL

URL: https://www.cisco.com/c/en/us/products/security/web-security-appliance/index.html?ref=cisco-talos-blog
Title: Cisco Secure Web Appliance

Search URL Search Domain Scan URL

URL: https://www.cisco.com/c/en/us/products/security/email-security/index.html?ref=cisco-talos-blog
Title: Cisco Secure Email

Search URL Search Domain Scan URL

URL: https://www.cisco.com/c/en/us/products/security/cloud-mailbox-defense?utm_medium=web-referral&%3Butm_source=cisco&%3Butm_campaign=cmd-free-trial-request&%3Butm_term=pgm-talos-trial&ref=cisco-talos-blog
Title: here

Search URL Search Domain Scan URL

URL: https://www.cisco.com/c/en/us/products/security/firewalls/index.html?ref=cisco-talos-blog
Title: Cisco Secure Firewall

Search URL Search Domain Scan URL

URL: https://www.cisco.com/c/en/us/products/collateral/security/firepower-ngfw-virtual/datasheet-c78-742858.html?ref=cisco-talos-blog
Title: Threat Defense Virtual

Search URL Search Domain Scan URL

URL: https://www.cisco.com/c/en/us/products/security/adaptive-security-appliance-asa-software/index.html?ref=cisco-talos-blog
Title: Adaptive Security Appliance

Search URL Search Domain Scan URL

URL: https://meraki.cisco.com/products/appliances?ref=cisco-talos-blog
Title: Meraki MX

Search URL Search Domain Scan URL

URL: https://www.cisco.com/c/en/us/products/security/threat-grid/index.html?ref=cisco-talos-blog
Title: Cisco Secure Malware Analytics

Search URL Search Domain Scan URL

URL: https://umbrella.cisco.com/?ref=cisco-talos-blog
Title: Umbrella

Search URL Search Domain Scan URL

URL: https://signup.umbrella.com/?utm_medium=web-referral%3Futm_source%3Dcisco&%3Butm_campaign=umbrella-free-trial&%3Butm_term=pgm-talos-trial&%3Butm_content=automated-free-trial&ref=cisco-talos-blog
Title: here

Search URL Search Domain Scan URL

URL: https://www.cisco.com/c/en/us/products/security/firepower-management-center/index.html?ref=cisco-talos-blog
Title: Firewall Management Center

Search URL Search Domain Scan URL

URL: https://signup.duo.com/?utm_source=talos&utm_medium=referral&utm_campaign=duo-free-trial
Title: Cisco Duo

Search URL Search Domain Scan URL

URL: https://www.snort.org/products
Title: Snort.org

Search URL Search Domain Scan URL

URL: https://blog.talosintelligence.com/akira-ransomware-continues-to-evolve/
Title: Akira ransomware continues to evolve 4

Search URL Search Domain Scan URL

URL: https://discourse.org/powered-by
Title: Powered by Discourse

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 87667 Show response
malware.news/t/akira-ransomware-continues-to-evolve/ 161 KB
32 KB 461ms
326ms Document
text/html 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd0466d329188a3df3b93c6a8332e6f82eeb0fa48f613e6112a797049736d421

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'self'; object-src 'none'; script-src 'nonce-JWUUDNkVLlHFQrNGc79kJZYVT' 'strict-dynamic'; frame-ancestors 'self'; manifest-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 8d69227489c3dc68-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests; base-uri 'self'; object-src 'none'; script-src 'nonce-JWUUDNkVLlHFQrNGc79kJZYVT' 'strict-dynamic'; frame-ancestors 'self'; manifest-src 'self'
content-security-policy-report-only: upgrade-insecure-requests; base-uri 'self'; object-src 'none'; script-src 'nonce-JWUUDNkVLlHFQrNGc79kJZYVT' 'strict-dynamic'; frame-ancestors 'self'; manifest-src 'self'
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 22 Oct 2024 11:26:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xb2jXTJ%2BL46HBFdr4br%2FFZIPMuCVad3hCRVH0jANF%2BOB9RvLxW0QXT7mGsmbteBpmGJ%2FDF6SBIE3zfImaPiYlZtOgb%2BTpYF8jjriyrXmlrsCU%2FBHEuCn7g6P26dlpDnZDIssY37ARddMgg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Accept
x-content-type-options: nosniff
x-discourse-cached: true
x-discourse-route: topics/show
x-discourse-trackview: 1
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: b939ff3b-fc25-4e46-aab8-d3c6cd51280c
x-runtime: 0.002175
x-xss-protection: 0

GET
H2 200 start-discourse-c524a8995f2f0cbcea43353efe8e8f269da821ea97c21ef0f04df5fcd916170a.js Show response
malware.news/assets/ 567 B
726 B 47ms
16ms Script
application/javascript 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://malware.news/assets/start-discourse-c524a8995f2f0cbcea43353efe8e8f269da821ea97c21ef0f04df5fcd916170a.js
Requested by: Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c524a8995f2f0cbcea43353efe8e8f269da821ea97c21ef0f04df5fcd916170a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Response headers

cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 581698
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pjZv4k6ibjKW2TgCj13aGaJTS2K%2FReaX2ns78OUreqsNIV5b%2FpgQFcZ6h1DzIMyZalPaBB1EESxXWVCBKVyx%2B54OcctYdtuVSBZjvMAFiMdwc1v%2Bup7Klyz6mF%2FRkTUO1MCKKOzMhOrzAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d692276d82fdc68-FRA
expires: Sat, 13 Sep 2025 23:56:52 GMT
date: Tue, 22 Oct 2024 11:26:49 GMT
content-type: application/javascript
last-modified: Sun, 19 May 2024 17:35:46 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 browser-update-9070f07226d022f68c06506e046ae33f8fe725302ff53955cd3d483f2fc47ff6.js Show response
malware.news/assets/ 2 KB
1 KB 47ms
16ms Script
application/javascript 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://malware.news/assets/browser-update-9070f07226d022f68c06506e046ae33f8fe725302ff53955cd3d483f2fc47ff6.js
Requested by: Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9070f07226d022f68c06506e046ae33f8fe725302ff53955cd3d483f2fc47ff6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Response headers

cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 581698
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E0lZP6ssaI0UOiN39Xst5R1pWU5rq5ADw7BJ2vMhQ3B8HrFz1D%2BvrCWdNlFhSHW4vxgsODFBqMu%2B3yVQNadSXvMJ%2BUaw7QCXHKDIhpGAJbxAeJwwuArWS8i6mI7ORfF3yugD8LCOVmA7Qg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d692276d832dc68-FRA
expires: Sun, 09 Mar 2025 04:07:38 GMT
date: Tue, 22 Oct 2024 11:26:49 GMT
content-type: application/javascript
last-modified: Sat, 09 Mar 2024 04:04:58 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 browser-detect-99f42f91bffa8ca1606d62b70bb92f981d83921e78ccdbd3d9538f07007f27ac.js Show response
malware.news/assets/ 497 B
662 B 41ms
30ms Script
application/javascript 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://malware.news/assets/browser-detect-99f42f91bffa8ca1606d62b70bb92f981d83921e78ccdbd3d9538f07007f27ac.js
Requested by: Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99f42f91bffa8ca1606d62b70bb92f981d83921e78ccdbd3d9538f07007f27ac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Response headers

cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 672741
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Blxzg8xjN%2B4%2FP7XqpDllQzE%2B98GCNmRtRg53sq9Eij7KuLSp67qTcvk8ICfnCIQtO0zs%2B9nMGj0al9v%2F7EcHRWXXV7JA1TpvJFXXfbD5ZFOini%2BZodAV5oBJx1oIZAbvAaxMsNgj2IT6Yg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d6922780baadc68-FRA
expires: Fri, 10 Oct 2025 17:19:16 GMT
date: Tue, 22 Oct 2024 11:26:49 GMT
content-type: application/javascript
last-modified: Sun, 19 May 2024 17:35:46 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 vendor.ff29780b9fed784cce2d843dcb93a803-608f4f77d8437d715d8d39c739c0c8bbe0fe51c9305e55f1ec7d0bee19f5571f.js Show response
malware.news/assets/ 438 KB
123 KB 65ms
54ms Script
application/javascript 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://malware.news/assets/vendor.ff29780b9fed784cce2d843dcb93a803-608f4f77d8437d715d8d39c739c0c8bbe0fe51c9305e55f1ec7d0bee19f5571f.js
Requested by: Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 608f4f77d8437d715d8d39c739c0c8bbe0fe51c9305e55f1ec7d0bee19f5571f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Response headers

cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 672741
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gOq7iAEkK7XJBZOrnwc1EnFO5XQjK288SPzggnN1dLNIXObEOqGDsCfzz4osouFYwty8xT9Swxbq2EQiHvSLavwBVWL%2FjiJ2zhmH83FOr7XbPZFFytTM9Z%2FTzfRBi7yjfx9Dsm1uZw3cBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d6922780baddc68-FRA
expires: Mon, 19 May 2025 17:21:44 GMT
date: Tue, 22 Oct 2024 11:26:49 GMT
content-type: application/javascript
last-modified: Sun, 19 May 2024 17:17:10 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 chunk.6d6a6a17194d67289ef4.d41d8cd9.js Show response
malware.news/assets/ 12 MB
2 MB 52ms
41ms Script
application/javascript 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://malware.news/assets/chunk.6d6a6a17194d67289ef4.d41d8cd9.js
Requested by: Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5566fc85873915364c34914ef9efda42cca8e77faad713da08a9d3d8e8677943

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Response headers

cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 666366
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ea5%2Bt4HhldT%2F8KqdryN0UFMcuavN9twAeUcZl8xZi9GxkL7704y8CicJ3yxuYYB1nVBvY2A0%2BBnvJmN1H1nCEJwasgWsgXKkXkz5B70GW2kXrGQ8Ix8hVK05Yp8v2A7GZmw2EDyxTbD7sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d6922780baedc68-FRA
expires: Mon, 19 May 2025 17:21:38 GMT
date: Tue, 22 Oct 2024 11:26:49 GMT
content-type: application/javascript
last-modified: Sun, 19 May 2024 17:17:01 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 chunk.d43472f435e6bfab8439.d41d8cd9.js Show response
malware.news/assets/ 305 KB
21 KB 40ms
30ms Script
application/javascript 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://malware.news/assets/chunk.d43472f435e6bfab8439.d41d8cd9.js
Requested by: Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b5ddfb3a605aeed9ff478a225e8062861424d523836d7256e2b75489bf20cdf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Response headers

cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 581698
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gW5dhOyCtbv%2FD4sV7SX71lm99FFI6F2628iZZX49uaq0Xlqd25tkocz4bF7NW2CB8pIf7257tgQks3Ce9WtSys7vPHWU7J74v3Zh0vsI6lAfe1YH3ghEplgsBbhaB%2Fr0H7cx7U8NgHoBvg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d6922780bafdc68-FRA
expires: Mon, 19 May 2025 17:21:38 GMT
date: Tue, 22 Oct 2024 11:26:49 GMT
content-type: application/javascript
last-modified: Sun, 19 May 2024 17:17:01 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 checklist-55813a5bacc3c99fda0b099a80401f124870fa9b510ced078af32f8a82364461.js Show response
malware.news/assets/plugins/ 4 KB
2 KB 32ms
21ms Script
application/javascript 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://malware.news/assets/plugins/checklist-55813a5bacc3c99fda0b099a80401f124870fa9b510ced078af32f8a82364461.js
Requested by: Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55813a5bacc3c99fda0b099a80401f124870fa9b510ced078af32f8a82364461

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Response headers

cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 667324
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j4wC6fmZwb%2FRORGpUib3uIdJowLi%2FSv9zGyfRhUx05QB9YLcX1W%2FEkelrQy6nL9l0UH5aVQ8FO2rNg3dRgcfqZU8V4PptJg5II7mJzczYLrGwpx3Kbn%2B%2BqD5xK%2BZCfxcoJ4sN%2F%2FaMYvEpA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d6922780bb1dc68-FRA
expires: Mon, 19 May 2025 17:21:38 GMT
date: Tue, 22 Oct 2024 11:26:49 GMT
content-type: application/javascript
last-modified: Sun, 19 May 2024 17:18:01 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 discourse-details-48148ec534a4c5e9614302186b345123ba1358787c41bc31cbd17231f794fe42.js Show response
malware.news/assets/plugins/ 1 KB
989 B 33ms
22ms Script
application/javascript 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://malware.news/assets/plugins/discourse-details-48148ec534a4c5e9614302186b345123ba1358787c41bc31cbd17231f794fe42.js
Requested by: Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48148ec534a4c5e9614302186b345123ba1358787c41bc31cbd17231f794fe42

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Response headers

cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 581698
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G4ZZ5kSC3IZB7fF%2F41dAqsR3Ye40Ol8062ABCWyE%2BprUlRLXj62TrUA8JYv4f655nfOwqZtAhdBuy9p%2BDWj29rxptuv7e0tLwTRSCTlptihj%2FQKE1zeBzycn20vBSbzGyQZFgGiLypWtrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d6922780bb3dc68-FRA
expires: Mon, 12 May 2025 06:44:11 GMT
date: Tue, 22 Oct 2024 11:26:49 GMT
content-type: application/javascript
last-modified: Sat, 09 Mar 2024 04:05:22 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 discourse-lazy-videos-bdf1486acc96b228a2163490640a2bdc90f5e0a1bb1949335fd1fde2ad48795c.js Show response
malware.news/assets/plugins/ 7 KB
3 KB 33ms
29ms Script
application/javascript 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://malware.news/assets/plugins/discourse-lazy-videos-bdf1486acc96b228a2163490640a2bdc90f5e0a1bb1949335fd1fde2ad48795c.js
Requested by: Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdf1486acc96b228a2163490640a2bdc90f5e0a1bb1949335fd1fde2ad48795c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Response headers

cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 667324
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=apVVfC%2FwPSJp0pV4YPoMcyAx8UrA4PMqu8emsXJadqHEc61IyRvpoGaiMyP6ac19sXtHaNyF41rZEXQOQRpEOpOFvxvBwQ48y2MzPPRRe9ndzKRUz9N5NxJJuMICd9%2BFvarWl9OQED7szw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d6922780bb4dc68-FRA
expires: Thu, 09 Oct 2025 21:12:05 GMT
date: Tue, 22 Oct 2024 11:26:49 GMT
content-type: application/javascript
last-modified: Sun, 19 May 2024 17:36:18 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 discourse-local-dates-823b91992054aeb8ca1e4921c7a3ae7f9fae09ef838946f3b261ab5a6ad776ee.js Show response
malware.news/assets/plugins/ 33 KB
9 KB 34ms
31ms Script
application/javascript 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://malware.news/assets/plugins/discourse-local-dates-823b91992054aeb8ca1e4921c7a3ae7f9fae09ef838946f3b261ab5a6ad776ee.js
Requested by: Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 823b91992054aeb8ca1e4921c7a3ae7f9fae09ef838946f3b261ab5a6ad776ee

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Response headers

cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 581698
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZtltBu0ZaPiB78bJLGqHVh2yq7JbGDP51hwt2ZDR2N2ur81dWttPww1DON%2FWQHlNPz2cr60uDzc%2FBD7Qt%2FW2B7C76E1OrIeBvLTRuEfhSuSLhbqRQpGKajdfKFJP%2BDNt1Mbqc063yUMGGA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d6922780bb6dc68-FRA
expires: Mon, 19 May 2025 17:21:38 GMT
date: Tue, 22 Oct 2024 11:26:49 GMT
content-type: application/javascript
last-modified: Sun, 19 May 2024 17:18:02 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 discourse-presence-a43bd7b3aa8d60242368b06762baf883047520450269be0bbd5491f6c14661c0.js Show response
malware.news/assets/plugins/ 11 KB
3 KB 35ms
32ms Script
application/javascript 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://malware.news/assets/plugins/discourse-presence-a43bd7b3aa8d60242368b06762baf883047520450269be0bbd5491f6c14661c0.js
Requested by: Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a43bd7b3aa8d60242368b06762baf883047520450269be0bbd5491f6c14661c0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Response headers

cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 581698
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ilrb1Rn1cF61hXSZWTB4GZYhK%2BaLMKis%2BK5Rg4Ant4m1%2BlMrq0wFROXgFwFWD7cr0stTKKEjZb8r1TKkbFIBzl5zZcRB%2FTmglziey3ZzsgY2wKM%2F1WGDoK%2Fy7gRfVpcZItOEDvogVH9i6A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d6922780bb7dc68-FRA
expires: Mon, 19 May 2025 17:21:38 GMT
date: Tue, 22 Oct 2024 11:26:49 GMT
content-type: application/javascript
last-modified: Sun, 19 May 2024 17:18:02 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 docker_manager_admin-b355b48ea8dc5f9252a78cf0a6b7210b0493676ee421a69a425d092b98c2cc51.js Show response
malware.news/assets/plugins/ 37 KB
8 KB 38ms
35ms Script
application/javascript 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://malware.news/assets/plugins/docker_manager_admin-b355b48ea8dc5f9252a78cf0a6b7210b0493676ee421a69a425d092b98c2cc51.js
Requested by: Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b355b48ea8dc5f9252a78cf0a6b7210b0493676ee421a69a425d092b98c2cc51

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Response headers

cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 581698
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B858lzl%2Bfsk9odV6cNUzUdAily9jkDRqplsEOpLkV3tuTuw%2B8xGGBWR5dNZgYFeN3Ao%2FEMYtjgnVIN1L%2FSeTg2ERFiRuMHl0tddvlfmYIC9cKsMh39aKKKZZhBtlINw92zuIhIQPTS3%2BrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d6922780bbadc68-FRA
expires: Mon, 19 May 2025 17:21:38 GMT
date: Tue, 22 Oct 2024 11:26:49 GMT
content-type: application/javascript
last-modified: Sun, 19 May 2024 17:18:02 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 footnote-79e2a367b53b791240c3504826b87b2787c9d197d77cd422969d592aae9cf23b.js Show response
malware.news/assets/plugins/ 3 KB
1 KB 44ms
41ms Script
application/javascript 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://malware.news/assets/plugins/footnote-79e2a367b53b791240c3504826b87b2787c9d197d77cd422969d592aae9cf23b.js
Requested by: Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79e2a367b53b791240c3504826b87b2787c9d197d77cd422969d592aae9cf23b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Response headers

cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 672738
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bBxC11IBCrFZGaYo%2Bw3JnZx5DQjy6kcz8TVATISJKtJ13r0xTr7sjt06IiNEvVn2xw1bY3Thkg%2FOBSwQA0MvbN9MFYV9g7KDMwAs7DSBR%2F0UYMu3UqlyvaAjSSfShG%2BcWgjZDBHZqba0YA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d6922780bbedc68-FRA
expires: Mon, 19 May 2025 17:21:38 GMT
date: Tue, 22 Oct 2024 11:26:49 GMT
content-type: application/javascript
last-modified: Sun, 19 May 2024 17:18:02 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 footnote_extra-295b457b90cb18fedfdb544868c494c71842a27c0781d3042fa4fd26589204fa.js Show response
malware.news/assets/plugins/ 6 KB
2 KB 37ms
34ms Script
application/javascript 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://malware.news/assets/plugins/footnote_extra-295b457b90cb18fedfdb544868c494c71842a27c0781d3042fa4fd26589204fa.js
Requested by: Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d42ebdcddd972fdff22dca8398998a80ce50b0ec08915e8e8b9682a941b8651

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Response headers

cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 672738
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xTEm83%2BB2bnYnp9UXtPTGHj1%2BdH4gZ3xi5VGBJ9V5vuGvj1RR0VtJyt%2BzaYsL%2BKVsJKr3QnHAVbUgjjsQIykxbuah9TIOJgvgb4%2FrT8qg5WQQK7hjOg0cCeOtAWtsyslC%2BBDYC1kc6arwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d6922780bc0dc68-FRA
expires: Mon, 12 May 2025 01:37:00 GMT
date: Tue, 22 Oct 2024 11:26:49 GMT
content-type: application/javascript
last-modified: Sat, 09 Mar 2024 04:05:57 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 poll-ee978b42838e26d757251675c40fb0f62dff2f4081dc00fc4bb5492265f63b16.js Show response
malware.news/assets/plugins/ 62 KB
17 KB 38ms
35ms Script
application/javascript 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://malware.news/assets/plugins/poll-ee978b42838e26d757251675c40fb0f62dff2f4081dc00fc4bb5492265f63b16.js
Requested by: Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee978b42838e26d757251675c40fb0f62dff2f4081dc00fc4bb5492265f63b16

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Response headers

cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 543920
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Z0AgmQ3McJwEIaxHy%2BRa7eaUgOA%2FxYvwzZNSoJCQ1zwOJR8i0iYi7BANBYU6C5xO17q8KfVCbzPuK20pulLbij0OEZ8W9gMSYo6qzyGceEikm3KQzpPze%2BXeNQfIkru7PUeWBfTOaV9AA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d6922780bc1dc68-FRA
expires: Mon, 19 May 2025 17:21:39 GMT
date: Tue, 22 Oct 2024 11:26:49 GMT
content-type: application/javascript
last-modified: Sun, 19 May 2024 17:18:03 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 spoiler-alert-77512c36f465902e7dbf3b8252c7cd6387edc9bf4ca804b79466212c1d1c843d.js Show response
malware.news/assets/plugins/ 3 KB
2 KB 36ms
34ms Script
application/javascript 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://malware.news/assets/plugins/spoiler-alert-77512c36f465902e7dbf3b8252c7cd6387edc9bf4ca804b79466212c1d1c843d.js
Requested by: Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77512c36f465902e7dbf3b8252c7cd6387edc9bf4ca804b79466212c1d1c843d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Response headers

cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 581698
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xwvCKfqAgFIgOO9lfW7z8mnUlRn9GKHAi9%2FILSsGrb1ng8NnStCrFckTW2l15t3NDmqcJTp8CWvFNlnuAPFShfIf%2BOuz1l44UbojjxavgCMW4Z3%2F8Vdw%2FaXdcJJgr9bGkfbg%2BfLMZDozJA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d6922780bc3dc68-FRA
expires: Tue, 29 Apr 2025 17:27:28 GMT
date: Tue, 22 Oct 2024 11:26:49 GMT
content-type: application/javascript
last-modified: Sat, 09 Mar 2024 04:05:23 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 en-666fe268c5c09740e19778d3756be4ffa4bfa22642e83a31cc7ee39923049ac7.js Show response
malware.news/assets/locales/ 348 KB
95 KB 56ms
54ms Script
application/javascript 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://malware.news/assets/locales/en-666fe268c5c09740e19778d3756be4ffa4bfa22642e83a31cc7ee39923049ac7.js
Requested by: Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5ee33f26479a267cb93b664a5c2ff07e4f835e022e2fdbc5c8c23564b0dc292

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Response headers

cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 672738
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ww%2FJw1BgX4AL8x1%2B8J3VN4GfA1gGWV5okpsO3blOAsyM2t5Ad%2F%2BTE8C%2BYOHmKhLyKfDPkE2loKtVVPS7t6CHTnE0clCaHK8O3OlugbQS6pvbYeRdSaVMNpWuh6HM0YyNewd10koEo%2F%2BtsA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d6922780bc4dc68-FRA
expires: Mon, 19 May 2025 17:40:56 GMT
date: Tue, 22 Oct 2024 11:26:49 GMT
content-type: application/javascript
last-modified: Sun, 19 May 2024 17:36:59 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 264 KB
93 KB 691ms
137ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SVDG4GL741

Requested by

Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

38d93d365f2c1889e0eb4eec14b7c56235bc450c898b9dfc9db3704839c6c86c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 22 Oct 2024 11:26:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 11:26:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 94620
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 google-universal-analytics-v4-e154af4adb3c483a3aba7f9a7229b8881cdc5cf369290923d965a2ad30163ae8.js Show response
malware.news/assets/ 533 B
642 B 42ms
40ms Script
application/javascript 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://malware.news/assets/google-universal-analytics-v4-e154af4adb3c483a3aba7f9a7229b8881cdc5cf369290923d965a2ad30163ae8.js
Requested by: Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e154af4adb3c483a3aba7f9a7229b8881cdc5cf369290923d965a2ad30163ae8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Response headers

cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 543920
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uA9zepSKEpBU8SIWn0Xhnb4kPsr1LkmSdiEB0KmUgA4FHxW0l37PRyvcsfuezEPhYHnMkqcNKvHF6w1aZpLXVmCLDBeFDqz1xuD1CopAPdom8GnkjltQ2OSEEnWaDc7ZZImFL%2B6kjLp9IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d6922780bc6dc68-FRA
expires: Tue, 29 Apr 2025 14:41:33 GMT
date: Tue, 22 Oct 2024 11:26:49 GMT
content-type: application/javascript
last-modified: Sat, 09 Mar 2024 04:04:58 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 color_definitions_base__2_4a8c937dd96730817e3ecfdfc23b856bce1e757d.css
malware.news/stylesheets/ 4 KB
2 KB 50ms
20ms Stylesheet
text/css 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.news/stylesheets/color_definitions_base__2_4a8c937dd96730817e3ecfdfc23b856bce1e757d.css?__ws=malware.news

Requested by

Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4e134f40c8c4baad557dbe3eb6869d8cf4a66462084170b4881a2aff6eca274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Response headers

x-request-id: ec55d492-ec82-4a17-9160-650e9eb115b8
content-encoding: gzip
cf-cache-status: HIT
age: 667324
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kf%2BgZwpQ%2FOe00ajDG6znwskUMYJ3dDpxwb51mEEfeXPMFnP1VQEmHCndlttBk%2Br7GBfn06w7etveCm7EwV5f4scvUWUZFuljCeRTFnQzWaxQyOU5w4ozcH8OQ6UzOQD8JEfZ7uoo4duiDA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Tue, 22 Oct 2024 11:26:49 GMT
content-disposition: inline; filename="color_definitions_base__2_4a8c937dd96730817e3ecfdfc23b856bce1e757d.css"; filename*=UTF-8''color_definitions_base__2_4a8c937dd96730817e3ecfdfc23b856bce1e757d.css
content-type: text/css
vary: Accept-Encoding
last-modified: Sun, 19 May 2024 17:37:16 GMT
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31556952, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin-allow-popups
content-transfer-encoding: binary
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8d692276d828dc68-FRA
x-discourse-route: stylesheets/show
x-xss-protection: 0
server: cloudflare

GET
H2 200 desktop_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css
malware.news/stylesheets/ 661 KB
103 KB 107ms
62ms Stylesheet
text/css 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.news/stylesheets/desktop_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css?__ws=malware.news

Requested by

Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fe258a6b3a482ce904aaa4d71aa8b276ac2d66289e56515adaa373ce73e6173

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Response headers

x-request-id: d5e0fb08-e9f8-4b92-9a16-00ade4ca5c82
content-encoding: gzip
cf-cache-status: HIT
age: 581698
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RV9p4qlEmECrJfyfVeogLbwebSqM5JrsY1aNTFdO4d7zpoLOhOnuNHZ%2FbvKoaCRJ%2BEU4y50sER6jpFIKKLAyA3IAF4dIynGbaYUfdJCVOitXaaiz%2FwIoeQaDHtdQ%2BIteu%2Bv%2ByqpTqINzwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Tue, 22 Oct 2024 11:26:49 GMT
content-disposition: inline; filename="desktop_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css"; filename*=UTF-8''desktop_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css
content-type: text/css
vary: Accept-Encoding
last-modified: Sun, 19 May 2024 17:37:10 GMT
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31556952, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin-allow-popups
content-transfer-encoding: binary
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8d692276d82cdc68-FRA
x-discourse-route: stylesheets/show
x-xss-protection: 0
server: cloudflare

GET
H2 200 checklist_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css
malware.news/stylesheets/ 5 KB
2 KB 46ms
16ms Stylesheet
text/css 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.news/stylesheets/checklist_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css?__ws=malware.news

Requested by

Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0fbc7f61c0620a4ec824cc106951eff46d60cfd8eb8d8d490218463d2fd98cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Response headers

x-request-id: 1a993d85-260b-47f0-9546-228b39271db1
content-encoding: gzip
cf-cache-status: HIT
age: 581698
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vka4CuANJAYGA5INznMIupaLriFpz0%2F%2FlhR75%2Ff8gdEV8pruX6ujFY0epbtb79C9q1p1MHAtt%2FxI55X3V7MbPkyEPJSJvxHJ2u8f2vppRQI2P9NArNNLhUgGFR5%2BLxyjLoDSfWGKw625eg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Tue, 22 Oct 2024 11:26:49 GMT
content-disposition: inline; filename="checklist_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css"; filename*=UTF-8''checklist_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css
content-type: text/css
vary: Accept-Encoding
last-modified: Sun, 19 May 2024 17:37:14 GMT
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31556952, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin-allow-popups
content-transfer-encoding: binary
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8d692276d82ddc68-FRA
x-discourse-route: stylesheets/show
x-xss-protection: 0
server: cloudflare

GET
H2 200 discourse-details_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css
malware.news/stylesheets/ 3 KB
1 KB 155ms
104ms Stylesheet
text/css 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.news/stylesheets/discourse-details_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css?__ws=malware.news

Requested by

Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0998f98bd48342f12e7081dc237e6982e151d5f03cda0cf111da67e615b8ce9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Response headers

x-request-id: 1534ccd9-ef9e-455b-8259-e75df474fb94
content-encoding: gzip
cf-cache-status: HIT
age: 667324
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FTMN%2B%2BPk8KVq6H%2BDIeiIrWRW9oiKhD2pByaZ5K8Nv%2BrvUcEx%2FyXNH%2FNoKKaYb%2BYwt8K9WLheg6k0QuS1jfig9mOQsOolGLBRs0MnhLWOi%2Fginxg1hTrNr2UHwm7m4dX%2BiQ1KGhSLumbQFA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Tue, 22 Oct 2024 11:26:49 GMT
content-disposition: inline; filename="discourse-details_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css"; filename*=UTF-8''discourse-details_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css
content-type: text/css
vary: Accept-Encoding
last-modified: Sun, 19 May 2024 17:37:14 GMT
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31556952, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin-allow-popups
content-transfer-encoding: binary
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8d69227728f5dc68-FRA
x-discourse-route: stylesheets/show
x-xss-protection: 0
server: cloudflare

GET
H2 200 discourse-lazy-videos_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css
malware.news/stylesheets/ 7 KB
3 KB 105ms
54ms Stylesheet
text/css 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.news/stylesheets/discourse-lazy-videos_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css?__ws=malware.news

Requested by

Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

152760f614cc53fb6dd1c362d06c281a719e37ce1dec3636ffb90f33e2bb6131

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Response headers

x-request-id: f1c5df15-0a88-4aab-bd13-b20596d0831c
content-encoding: gzip
cf-cache-status: HIT
age: 543920
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mJAF3WR6JWcYsILcyxNr2TKs8V%2Buj3ErkmpWSj9W%2FSqR4j%2BVSr4Nf1wN6pWkkFyXPyQznJX8WpKkXKdLsm8m9lVqlSulCK1QoaxryjGgKsYzb4HP%2B%2FowOe%2Fjgry5WeAEPLfMP4sZ34YD8g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Tue, 22 Oct 2024 11:26:49 GMT
content-disposition: inline; filename="discourse-lazy-videos_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css"; filename*=UTF-8''discourse-lazy-videos_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css
content-type: text/css
vary: Accept-Encoding
last-modified: Sun, 19 May 2024 17:37:14 GMT
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31556952, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin-allow-popups
content-transfer-encoding: binary
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8d69227728fcdc68-FRA
x-discourse-route: stylesheets/show
x-xss-protection: 0
server: cloudflare

GET
H2 200 discourse-local-dates_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css
malware.news/stylesheets/ 875 B
1004 B 107ms
57ms Stylesheet
text/css 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.news/stylesheets/discourse-local-dates_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css?__ws=malware.news

Requested by

Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2b15f24ee32ae108d07a11757c4e120fb2c0384f3a842952432da1736158ce7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Response headers

x-request-id: fdb288da-5f3e-4e2b-ac1b-dee5aee94f6d
content-encoding: gzip
cf-cache-status: HIT
age: 2760860
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bM9tB6NBNwD99f8w2oOij%2FwMqwIBx%2FaK6p7fCEaNrmVl1XwwskCZTEbv10QOT%2F2XV7%2FQvNwjKLr5OfG8gO0pLMrFMR1i0sAB1z7p1ueJh9jmFHpcVeioxIuPArkV%2BpQJ5KrFxJ6wlCKdAg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Tue, 22 Oct 2024 11:26:49 GMT
content-disposition: inline; filename="discourse-local-dates_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css"; filename*=UTF-8''discourse-local-dates_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css
content-type: text/css
vary: Accept-Encoding
last-modified: Sun, 19 May 2024 17:37:15 GMT
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31556952, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin-allow-popups
content-transfer-encoding: binary
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8d69227728ffdc68-FRA
x-discourse-route: stylesheets/show
x-xss-protection: 0
server: cloudflare

GET
H2 200 discourse-narrative-bot_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css
malware.news/stylesheets/ 171 B
623 B 104ms
54ms Stylesheet
text/css 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.news/stylesheets/discourse-narrative-bot_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css?__ws=malware.news

Requested by

Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c3dcd0afcea9a61171dd74c218ce2ba9bb686ae0e68c967ae4e75c8fdeb8687

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Response headers

x-request-id: 1569a4d0-d527-4f26-88b2-4831c34dbba7
content-encoding: gzip
cf-cache-status: HIT
age: 667324
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=guqbBTimkhRUUForkyaKlBuFprf3pLJ8StipZbvFKfvlUNMuGi6QRedWdE18XyXyv9hs%2FfGcbdl24cHil%2Bnq%2FlwD6VJS5eAhk%2B3psyNb0B4kcNKAOcfiTCUMcS7Cz8YEwdHH27xJsPuxQg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Tue, 22 Oct 2024 11:26:49 GMT
content-disposition: inline; filename="discourse-narrative-bot_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css"; filename*=UTF-8''discourse-narrative-bot_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css
content-type: text/css
vary: Accept-Encoding
last-modified: Sun, 19 May 2024 17:37:15 GMT
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31556952, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin-allow-popups
content-transfer-encoding: binary
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8d6922772902dc68-FRA
x-discourse-route: stylesheets/show
x-xss-protection: 0
server: cloudflare

GET
H2 200 discourse-presence_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css
malware.news/stylesheets/ 1 KB
1013 B 107ms
57ms Stylesheet
text/css 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.news/stylesheets/discourse-presence_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css?__ws=malware.news

Requested by

Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a39db0af2b877ea2c5cccbc1420ef9533196f61a33e740d8ec2bb31126470856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Response headers

x-request-id: 180573a8-0fd7-428c-88aa-a4821fca2709
content-encoding: gzip
cf-cache-status: HIT
age: 581698
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HFWbDlYavvDtthKDUYcROMzjfsBJ3Zw6SEilkyxTUy8eAABjyJLS72qJCR1ViGAtOXVT%2B%2BbVMB3brV5lizR3R3prQ1kB%2F2mJne0RZw8BJy1oQZ2fhnia3KyWIG8BDrmPBDkeQNBW9%2BnzmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Tue, 22 Oct 2024 11:26:49 GMT
content-disposition: inline; filename="discourse-presence_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css"; filename*=UTF-8''discourse-presence_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css
content-type: text/css
vary: Accept-Encoding
last-modified: Sun, 19 May 2024 17:37:15 GMT
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31556952, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin-allow-popups
content-transfer-encoding: binary
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8d6922772903dc68-FRA
x-discourse-route: stylesheets/show
x-xss-protection: 0
server: cloudflare

GET
H2 200 docker_manager_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css
malware.news/stylesheets/ 2 KB
1 KB 105ms
55ms Stylesheet
text/css 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.news/stylesheets/docker_manager_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css?__ws=malware.news

Requested by

Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb79726d8b50ade37e5ca0c5c82fc92eea9757c2e14e5f7feca1b80f7732048e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Response headers

x-request-id: 8e046a15-4c38-45b5-b003-5981d94f7bef
content-encoding: gzip
cf-cache-status: HIT
age: 667324
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qae8td96kJZO0u9JjLkE0TsWmzLw%2F2mV3XxuxVgRY%2BjbAq4AiRr7hmSl3wFAXOXjsPRQkbQn4XrzRdIh2HTRrK2xIKHWimecENDqhzygT9TTb6%2BQHe5rs%2B9pR8%2F1Hj%2BVLvUoXtXBk%2BnNGA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Tue, 22 Oct 2024 11:26:49 GMT
content-disposition: inline; filename="docker_manager_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css"; filename*=UTF-8''docker_manager_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css
content-type: text/css
vary: Accept-Encoding
last-modified: Sun, 19 May 2024 17:37:15 GMT
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31556952, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin-allow-popups
content-transfer-encoding: binary
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8d6922772904dc68-FRA
x-discourse-route: stylesheets/show
x-xss-protection: 0
server: cloudflare

GET
H2 200 footnote_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css
malware.news/stylesheets/ 2 KB
1 KB 105ms
54ms Stylesheet
text/css 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.news/stylesheets/footnote_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css?__ws=malware.news

Requested by

Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b795edfb1b2de13aba43932708e4148b0aa37971047c94fcded06dbe5a4f61ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Response headers

x-request-id: 0a14e6ff-3c2f-40eb-ac99-ff981b6824ea
content-encoding: gzip
cf-cache-status: HIT
age: 543920
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l%2FwVQ8sTIiTVEPt%2B%2FXENd3Eoc%2B6mMjAJoTUvLq8%2F2L58f2Aartk%2FWDpLD0Z0QMPaVczyzf2avXyyGytAAm9wu0rF2YGkHjhMU1Tt8O6aroTeJYTBuGdd4RjfQuFJ61cJvAaYhd1PlTPyHA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Tue, 22 Oct 2024 11:26:49 GMT
content-disposition: inline; filename="footnote_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css"; filename*=UTF-8''footnote_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css
content-type: text/css
vary: Accept-Encoding
last-modified: Sun, 19 May 2024 17:37:15 GMT
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31556952, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin-allow-popups
content-transfer-encoding: binary
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8d6922772907dc68-FRA
x-discourse-route: stylesheets/show
x-xss-protection: 0
server: cloudflare

GET
H2 200 poll_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css
malware.news/stylesheets/ 10 KB
3 KB 105ms
55ms Stylesheet
text/css 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.news/stylesheets/poll_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css?__ws=malware.news

Requested by

Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ae4f4ee6f5299f646a880259e857f469f41fc0ae30cc568c94e81901dad49cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Response headers

x-request-id: 1d474f2c-3dc1-441e-8712-b226c908560a
content-encoding: gzip
cf-cache-status: HIT
age: 581698
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8jGjmxnWk7OYLjaU27RLxu0Czvwmwg3jDSAgD%2FVSnhzqDzZix4AMatsbCUR0gV1iX6QyqZxjubeDceYwjFube0O2wlAYuNGm8MrzPPQ%2FYEE9UN0kDfbEiZdlPOI2MGEMCNZIn7nZRv0COQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Tue, 22 Oct 2024 11:26:49 GMT
content-disposition: inline; filename="poll_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css"; filename*=UTF-8''poll_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css
content-type: text/css
vary: Accept-Encoding
last-modified: Sun, 19 May 2024 17:37:15 GMT
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31556952, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin-allow-popups
content-transfer-encoding: binary
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8d6922772909dc68-FRA
x-discourse-route: stylesheets/show
x-xss-protection: 0
server: cloudflare

GET
H2 200 spoiler-alert_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css
malware.news/stylesheets/ 1 KB
883 B 105ms
56ms Stylesheet
text/css 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.news/stylesheets/spoiler-alert_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css?__ws=malware.news

Requested by

Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f1ad194fec669a7a9d1643b2e5aa0fc0d4c3566c0652e741f9b7667e687185d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Response headers

x-request-id: 1025a72b-c694-435b-ae6b-a3817b13fb2e
content-encoding: gzip
cf-cache-status: HIT
age: 672741
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ySn81RJ4Zg0pRtivdCdAkaGq0rTNi0aO0s3P2HBas79eYX1gLaKqfSWQin42vEmheKzp6Ht35uxLsB%2FMUmZRdaB4rI6yKcnKqU%2FzClIXA%2BQN3KOAwGXwg5Ehgs7g6XtOCpzQRNuz%2BtYpIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Tue, 22 Oct 2024 11:26:49 GMT
content-disposition: inline; filename="spoiler-alert_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css"; filename*=UTF-8''spoiler-alert_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css
content-type: text/css
vary: Accept-Encoding
last-modified: Sun, 19 May 2024 17:37:15 GMT
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31556952, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin-allow-popups
content-transfer-encoding: binary
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8d692277290cdc68-FRA
x-discourse-route: stylesheets/show
x-xss-protection: 0
server: cloudflare

GET
H2 200 poll_desktop_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css
malware.news/stylesheets/ 611 B
787 B 105ms
55ms Stylesheet
text/css 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.news/stylesheets/poll_desktop_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css?__ws=malware.news

Requested by

Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25f16c6ec5664d0694edfe491fb383a433ece0ea25917cf656e87d3867d5dd5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Response headers

x-request-id: 6fe1b42b-501f-4ea8-a40f-423db8c4ee7f
content-encoding: gzip
cf-cache-status: HIT
age: 666366
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iVDU3K%2BCzWXgU4IFsC3FauymUrF0FBnKH3NwlIO7QWB7BloeMN8LBuKsuaZYPFrB3zjj9NX%2FTNwSLLc0pMEMaXl8PIotwy%2B4qlsbfR%2BEz9Y0C%2BH8GKsCshtXgC8d0CgzcBa3ualY2lepvA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Tue, 22 Oct 2024 11:26:49 GMT
content-disposition: inline; filename="poll_desktop_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css"; filename*=UTF-8''poll_desktop_2867f57e66c2a9b74ab08f80de95e5a0436372fb.css
content-type: text/css
vary: Accept-Encoding
last-modified: Sun, 19 May 2024 17:37:15 GMT
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31556952, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin-allow-popups
content-transfer-encoding: binary
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8d692277290edc68-FRA
x-discourse-route: stylesheets/show
x-xss-protection: 0
server: cloudflare

GET
H2 200 desktop_theme_2_a38326017212e35af640b7285f440cd9f26f6eaa.css
malware.news/stylesheets/ 108 B
823 B 106ms
56ms Stylesheet
text/css 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.news/stylesheets/desktop_theme_2_a38326017212e35af640b7285f440cd9f26f6eaa.css?__ws=malware.news

Requested by

Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b01475a1ed788124386bf51068464a0ea886a403c1b1e51e8a2cde722894a2c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Response headers

x-request-id: 2623e9a5-df6b-4bf4-ba65-70c12a647b5f
content-encoding: gzip
cf-cache-status: HIT
age: 666366
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BuglTRBZzkHP5WtZOeA4aKAwBGJNz7JLa7diryf8PuCGTPvn7%2FGMqOCu8vb5DIebQ88QRo6JHFhMYgFSZTI%2FZ31Dh4fP6UmXIjssVidcWfCjzB5g2OFFC27P6g8NCCAgc6LqGNGAsJ0T3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Tue, 22 Oct 2024 11:26:49 GMT
content-disposition: inline; filename="desktop_theme_2_a38326017212e35af640b7285f440cd9f26f6eaa.css"; filename*=UTF-8''desktop_theme_2_a38326017212e35af640b7285f440cd9f26f6eaa.css
content-type: text/css
vary: Accept-Encoding
last-modified: Sun, 19 May 2024 17:37:16 GMT
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31556952, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin-allow-popups
content-transfer-encoding: binary
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8d6922772929dc68-FRA
x-discourse-route: stylesheets/show
x-xss-protection: 0
server: cloudflare

GET
DATA 200
OK truncated
/ 42 B
42 B Image
image/svg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0389bf2491388d6184b975a3a130c29fc1a9af8f29a4c9a3d0536a3da88e0f3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 svg-2-c1066beb12cc75cc4c3bc42f218f381c862e7905.js Show response
malware.news/svg-sprite/malware.news/ 143 KB
48 KB 146ms
15ms Script
application/javascript 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.news/svg-sprite/malware.news/svg-2-c1066beb12cc75cc4c3bc42f218f381c862e7905.js

Requested by

Host: malware.news
URL: https://malware.news/assets/chunk.6d6a6a17194d67289ef4.d41d8cd9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ce1934be1fa8520dcc9442317e483c1fc52cc241cc48c096c0d188cd327ae04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Response headers

x-request-id: a1b55771-44c0-4a8f-aedb-1d6a2d2d6638
content-encoding: gzip
cf-cache-status: HIT
age: 672738
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E%2BN5z82kRGbpHy0zInaEdt2hYVRJ0zt7c8mhr9RVHPg9nGAPBF%2F0uIYR%2B42sL5H1vhN9rp1%2F7Aq%2B%2BB7t4SKywYPVAjCBwhhe2WvFgRKBDEQRR7wKfmz6AHZi2ac5EQoUxNnlzZsnkmG3qQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Tue, 22 Oct 2024 11:26:50 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding, Accept
last-modified: Mon, 19 May 2014 17:24:04 GMT
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31556952, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin-allow-popups
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8d69227ddc67dc68-FRA
x-discourse-route: svg_sprite/show
x-xss-protection: 0
server: cloudflare

GET
H2 200 ba8ee0a927a69022c651441ac23d01bcdbc09785.png
malware.news/uploads/default/original/3X/b/a/ 9 KB
9 KB 41ms
37ms Image
image/png 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malware.news/uploads/default/original/3X/b/a/ba8ee0a927a69022c651441ac23d01bcdbc09785.png
Requested by: Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 041dc75fa9294876d29e6d78e76c9f7f3202f1763480da93d6ce2414d0a095c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Response headers

cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 543920
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qkTnAOYG8N70EVIANo06%2BFn7DIcsiUEIlhP5RkoTnSIA9mZARDSn842rV4dQ5Uqd96tyhgqh9pM5meFvn4gc3vSSc9f9nmsLFDNMepQd8msGe%2B50ohYIhhrHK7n0QcoVqFWMdGoSRuIUzw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d69227eae8bdc68-FRA
expires: Wed, 03 Sep 2025 05:48:43 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8758
date: Tue, 22 Oct 2024 11:26:50 GMT
content-type: image/png
last-modified: Sat, 22 Dec 2018 04:38:37 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 24_2.png
malware.news/user_avatar/malware.news/malbot/48/ 3 KB
3 KB 24ms
19ms Image
image/jpeg 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://malware.news/user_avatar/malware.news/malbot/48/24_2.png

Requested by

Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acb53c4533765bc5dc1225c4850964ddb2ed637a7a1cf420c446a08104085da8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Response headers

cf-bgj: h2pri
cf-cache-status: HIT
age: 663482
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zw2yQAZglHe6YnYKxuk%2Bo%2FyiNPWAwYyAlZTRg3a2dTj%2BgHVDX0O63w%2BP69m3XkQ%2F7GnkqoMaRGcwgMQI6PURx2j3H3PJ3dK50zEJg5d7fcNMLmEN%2FPcqlxhLc%2F36L2M9zJSHGVk4SbK0LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Tue, 22 Oct 2024 11:26:50 GMT
content-type: image/jpeg
last-modified: Sat, 09 Mar 2024 04:15:49 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31556952, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-transfer-encoding: binary
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8d69227eff57dc68-FRA
accept-ranges: bytes
content-length: 2626
x-discourse-route: user_avatars/show
x-xss-protection: 0
server: cloudflare

GET
H3 200 threat-spotlight.jpg
blog.talosintelligence.com/content/images/2024/10/ 63 KB
64 KB 351ms
58ms Image
image/jpeg 2606:4700::6810:fbef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.talosintelligence.com/content/images/2024/10/threat-spotlight.jpg

Requested by

Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:fbef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d53bca3eeb0bf7e9463a5041b50b223d34a6772d8ebaba79d97af4f0254e7b25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/

Response headers

ghost-age: 0
x-request-id: bb5df9fe-d830-4369-b8be-9971d2785e6c
cf-bgj: imgq:100,h2pri
etag: W/"fc2d-192afd8dd22"
age: 66882
ghost-fastly: true
ghost-cache: MISS
cf-cache-status: HIT
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 11:26:51 GMT
status: 200 OK
alt-svc: h3=":443"; ma=86400
x-cache: MISS, MISS, MISS
cf-polished: status=not_needed
date: Tue, 22 Oct 2024 11:26:51 GMT
content-type: image/jpeg
last-modified: Mon, 21 Oct 2024 16:11:18 GMT
x-cache-hits: 0, 0, 0
x-served-by: cache-ams2100111-AMS, cache-ams21033-AMS, cache-iad-kiad7000126-IAD
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-timer: S1729527078.346078,VS0,VE128
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray: 8d692280c9e1975f-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 64557
server: cloudflare

GET
H3 200 data-src-image-61570bbe-8b34-4432-8712-19d685044594.jpeg
blog.talosintelligence.com/content/images/2024/10/ 39 KB
40 KB 339ms
46ms Image
image/jpeg 2606:4700::6810:fbef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.talosintelligence.com/content/images/2024/10/data-src-image-61570bbe-8b34-4432-8712-19d685044594.jpeg

Requested by

Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:fbef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a524de92a835523e5aa099ae846aa1b0c05d0f6ed924e8e8c8357508436c868

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/

Response headers

ghost-age: 0
x-request-id: 7e282e52-0d1c-448d-a6a2-1c627f9d902b
cf-bgj: imgq:100,h2pri
etag: W/"9c9b-192af552fa4"
age: 66380
ghost-fastly: true
ghost-cache: MISS
cf-cache-status: HIT
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 11:26:51 GMT
status: 200 OK
alt-svc: h3=":443"; ma=86400
x-cache: MISS, MISS, MISS
cf-polished: status=not_needed
date: Tue, 22 Oct 2024 11:26:51 GMT
content-type: image/jpeg
last-modified: Mon, 21 Oct 2024 13:47:28 GMT
x-cache-hits: 0, 0, 0
x-served-by: cache-ams21080-AMS, cache-ams21059-AMS, cache-iad-kiad7000176-IAD
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-timer: S1729518449.837968,VS0,VE126
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-ray: 8d692280c9df975f-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 40091
server: cloudflare

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ad09817976c24d9eab6f4fc788740fc5db93bda522227a4f18f324bb38adf11

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 414ms
20ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-SVDG4GL741&gtm=45je4ah0v9121104881za200&_p=1729596410240&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101686685~101823848~101836706&cid=665134050.1729596411&ecid=602123196&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dl=%2Ft%2Fakira-ransomware-continues-to-evolve%2F87667&dt=Akira%20ransomware%20continues%20to%20evolve%20-%20Malware%20News%20-%20Malware%20Analysis%2C%20News%20and%20Indicators&sid=1729596411&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.autoLinkConfig=%5Bobject%20Object%5D&tfd=2595
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SVDG4GL741
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://malware.news
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 11:26:51 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
552 B 412ms
18ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-SVDG4GL741&cid=665134050.1729596411&gtm=45je4ah0v9121104881za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101686685~101823848~101836706
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SVDG4GL741
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://malware.news
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 11:26:51 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 364ms
48ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SVDG4GL741&cid=665134050.1729596411&gtm=45je4ah0v9121104881za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101686685~101823848~101836706&tag_exp=101686685~101823848~101836706&z=254051606

Requested by

Host: malware.news
URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 22 Oct 2024 11:26:51 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 200 poll
malware.news/message-bus/413e37366bbe49d3b50812c0201cf932/ 267 B
0 339ms
334ms XHR
text/plain 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.news/message-bus/413e37366bbe49d3b50812c0201cf932/poll

Requested by

Host: malware.news
URL: https://malware.news/assets/chunk.6d6a6a17194d67289ef4.d41d8cd9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Discourse-Deferred-Track-View: true
X-CSRF-Token: undefined
Referer: https://malware.news/t/akira-ransomware-continues-to-evolve/87667
X-SILENCE-LOGGER: true
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: text/plain, */*; q=0.01
Discourse-Present: true
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-max-age: 7200
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Aj49t1gB9jp7SWqFm07gWVBVCxhZJXkcIjiPUdSRto%2BwC1%2F4ttV%2FMFHC4HDRKqSUe1HSuDV2B8CW03LBIFAkN0OudN%2F6Aw4pn1J5e5E%2BdaLzGUtbvX%2FD0aJsCyFRVrlGnOtUH6F8HYws0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
x-content-type-options: nosniff
expires: 0
date: Tue, 22 Oct 2024 11:26:52 GMT
content-type: text/plain; charset=utf-8
access-control-allow-headers: X-SILENCE-LOGGER, X-Shared-Session-Key, Dont-Chunk, Discourse-Present, Discourse-Deferred-Track-View
cache-control: must-revalidate, private, max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
cf-ray: 8d6922866ab0dc68-FRA
access-control-allow-origin: https://malware.news
server: cloudflare

GET
H2 200 a0086c91da850eb004fb4af82117ab347b9e272a_2_32x32.png
malware.news/uploads/default/optimized/3X/a/0/ 2 KB
2 KB 32ms
29ms Other
image/png 2606:4700:20::ac43:4a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://malware.news/uploads/default/optimized/3X/a/0/a0086c91da850eb004fb4af82117ab347b9e272a_2_32x32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7afa12ce5701916349284e884f7fddcf56832f30d041982b6f9a484b64084f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://malware.news/t/akira-ransomware-continues-to-evolve/87667

Response headers

cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 667324
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mk4UtH6vzHSiTRQwHYm60n%2FbDK0eOdAgtTaKhInm0dqfX1xtIJIu8N%2FnPJo%2F%2B8R1UP%2Fon4jGeFg%2BpxVLI56%2FQRt0xLOIGn%2BZcI4eRFuWioOWoiqkNeULhZ04XB0rCb1CigMhj%2FnKHjrPZA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d692286bb75dc68-FRA
expires: Sun, 09 Mar 2025 04:07:40 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1851
date: Tue, 22 Oct 2024 11:26:51 GMT
content-type: image/png
last-modified: Sat, 01 Jun 2019 22:43:41 GMT
vary: Accept-Encoding
server: cloudflare

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.talosintelligence.com/	1970-01-21 00:26:38	Name: __cf_bm Value: hlQhFnbZc3TA0DPF31qhlERA9L2r6vWpQWYwiaVIk3g-1729596411-1.0.1.1-OIHedxo5tV0mHUYn0ojB6497tDrSJQ92ZB29sOHl0IHX5MxYAYff1gfzgFs.vBouI5RIJi0bKUY_bTIGWCrA0A
.malware.news/	1970-01-21 10:02:36	Name: _ga_SVDG4GL741 Value: GS1.1.1729596411.1.0.1729596411.60.0.602123196
.malware.news/	1970-01-21 10:02:36	Name: _ga Value: GA1.1.665134050.1729596411

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667 Message: The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
recommendation	verbose	URL: https://malware.news/t/akira-ransomware-continues-to-evolve/87667 Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'self'; object-src 'none'; script-src 'nonce-JWUUDNkVLlHFQrNGc79kJZYVT' 'strict-dynamic'; frame-ancestors 'self'; manifest-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blog.talosintelligence.com
malware.news
region1.analytics.google.com
stats.g.doubleclick.net
www.google.de
www.googletagmanager.com
2001:4860:4802:32::36
2606:4700:20::ac43:4a41
2606:4700::6810:fbef
2a00:1450:4001:806::2008
2a00:1450:4001:809::2003
2a00:1450:400c:c00::9d
041dc75fa9294876d29e6d78e76c9f7f3202f1763480da93d6ce2414d0a095c3
0998f98bd48342f12e7081dc237e6982e151d5f03cda0cf111da67e615b8ce9a
0b5ddfb3a605aeed9ff478a225e8062861424d523836d7256e2b75489bf20cdf
152760f614cc53fb6dd1c362d06c281a719e37ce1dec3636ffb90f33e2bb6131
1ad09817976c24d9eab6f4fc788740fc5db93bda522227a4f18f324bb38adf11
1c3dcd0afcea9a61171dd74c218ce2ba9bb686ae0e68c967ae4e75c8fdeb8687
1f1ad194fec669a7a9d1643b2e5aa0fc0d4c3566c0652e741f9b7667e687185d
25f16c6ec5664d0694edfe491fb383a433ece0ea25917cf656e87d3867d5dd5d
2a524de92a835523e5aa099ae846aa1b0c05d0f6ed924e8e8c8357508436c868
2fe258a6b3a482ce904aaa4d71aa8b276ac2d66289e56515adaa373ce73e6173
38d93d365f2c1889e0eb4eec14b7c56235bc450c898b9dfc9db3704839c6c86c
48148ec534a4c5e9614302186b345123ba1358787c41bc31cbd17231f794fe42
4ae4f4ee6f5299f646a880259e857f469f41fc0ae30cc568c94e81901dad49cd
5566fc85873915364c34914ef9efda42cca8e77faad713da08a9d3d8e8677943
55813a5bacc3c99fda0b099a80401f124870fa9b510ced078af32f8a82364461
5d42ebdcddd972fdff22dca8398998a80ce50b0ec08915e8e8b9682a941b8651
608f4f77d8437d715d8d39c739c0c8bbe0fe51c9305e55f1ec7d0bee19f5571f
77512c36f465902e7dbf3b8252c7cd6387edc9bf4ca804b79466212c1d1c843d
79e2a367b53b791240c3504826b87b2787c9d197d77cd422969d592aae9cf23b
823b91992054aeb8ca1e4921c7a3ae7f9fae09ef838946f3b261ab5a6ad776ee
8ce1934be1fa8520dcc9442317e483c1fc52cc241cc48c096c0d188cd327ae04
9070f07226d022f68c06506e046ae33f8fe725302ff53955cd3d483f2fc47ff6
99f42f91bffa8ca1606d62b70bb92f981d83921e78ccdbd3d9538f07007f27ac
a0389bf2491388d6184b975a3a130c29fc1a9af8f29a4c9a3d0536a3da88e0f3
a2b15f24ee32ae108d07a11757c4e120fb2c0384f3a842952432da1736158ce7
a39db0af2b877ea2c5cccbc1420ef9533196f61a33e740d8ec2bb31126470856
a43bd7b3aa8d60242368b06762baf883047520450269be0bbd5491f6c14661c0
acb53c4533765bc5dc1225c4850964ddb2ed637a7a1cf420c446a08104085da8
b01475a1ed788124386bf51068464a0ea886a403c1b1e51e8a2cde722894a2c1
b355b48ea8dc5f9252a78cf0a6b7210b0493676ee421a69a425d092b98c2cc51
b795edfb1b2de13aba43932708e4148b0aa37971047c94fcded06dbe5a4f61ac
bdf1486acc96b228a2163490640a2bdc90f5e0a1bb1949335fd1fde2ad48795c
c4e134f40c8c4baad557dbe3eb6869d8cf4a66462084170b4881a2aff6eca274
c524a8995f2f0cbcea43353efe8e8f269da821ea97c21ef0f04df5fcd916170a
c5ee33f26479a267cb93b664a5c2ff07e4f835e022e2fdbc5c8c23564b0dc292
c7afa12ce5701916349284e884f7fddcf56832f30d041982b6f9a484b64084f5
cb79726d8b50ade37e5ca0c5c82fc92eea9757c2e14e5f7feca1b80f7732048e
d53bca3eeb0bf7e9463a5041b50b223d34a6772d8ebaba79d97af4f0254e7b25
dd0466d329188a3df3b93c6a8332e6f82eeb0fa48f613e6112a797049736d421
e154af4adb3c483a3aba7f9a7229b8881cdc5cf369290923d965a2ad30163ae8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee978b42838e26d757251675c40fb0f62dff2f4081dc00fc4bb5492265f63b16
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0fbc7f61c0620a4ec824cc106951eff46d60cfd8eb8d8d490218463d2fd98cb

malware.news Open in urlscan Pro 2606:4700:20::ac43:4a41 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

44 Requests

100 %HTTPS

100 %IPv6

6 Domains

6 Subdomains

7 IPs

3 Countries

2481 kBTransfer

14979 kBSize

3 Cookies

30 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

malware.news Open in urlscan Pro
2606:4700:20::ac43:4a41 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

100 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

7
IPs

3
Countries

2481 kB
Transfer

14979 kB
Size

3
Cookies

44 HTTP transactions
3 data transactions