URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Submission: On October 12 via api from TR — Scanned from DE

Summary

This website contacted 35 IPs in 4 countries across 30 domains to perform 109 HTTP transactions. The main IP is 2606:2c40::c73c:67e3, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.picussecurity.com.
TLS certificate: Issued by GTS CA 1P5 on October 2nd 2023. Valid for: 3 months.
This is the only time www.picussecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
51 2606:2c40::c7... 209242 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 5 2606:4700:e0:... 13335 (CLOUDFLAR...)
1 52.60.221.89 16509 (AMAZON-02)
3 2a02:26f0:780... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 34.117.30.33 396982 (GOOGLE-CL...)
1 143.204.205.137 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:249... 16509 (AMAZON-02)
3 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:2800:234... 15133 (EDGECAST)
1 172.67.75.100 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 151.139.128.10 20446 (STACKPATH...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.8 13414 (TWITTER)
1 2600:9000:206... 16509 (AMAZON-02)
4 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 2606:4700:e0:... 13335 (CLOUDFLAR...)
1 2600:1f14:50b... 16509 (AMAZON-02)
3 2600:9000:225... 16509 (AMAZON-02)
109 35
Apex Domain
Subdomains
Transfer
51 picussecurity.com
www.picussecurity.com
1 MB
6 linkedin.com
platform.linkedin.com — Cisco Umbrella Rank: 4004
px.ads.linkedin.com — Cisco Umbrella Rank: 416
www.linkedin.com — Cisco Umbrella Rank: 708
px4.ads.linkedin.com — Cisco Umbrella Rank: 6066
165 KB
6 popt.in
cdn.popt.in — Cisco Umbrella Rank: 32237
display.popt.in — Cisco Umbrella Rank: 32055
fonts.popt.in — Cisco Umbrella Rank: 78757
66 KB
4 cloudfront.net
d10lpsik1i8c69.cloudfront.net
d3lopmpcew67el.cloudfront.net
49 KB
4 visitorqueue.com
p.visitorqueue.com — Cisco Umbrella Rank: 157121
t.visitorqueue.com — Cisco Umbrella Rank: 86468
5 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 250
114 KB
3 hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 4956
forms-na1.hsforms.com — Cisco Umbrella Rank: 7966
3 KB
3 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2528
17 KB
3 hubspot.com
app.hubspot.com — Cisco Umbrella Rank: 6214
track.hubspot.com — Cisco Umbrella Rank: 2658
2 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1192
syndication.twitter.com — Cisco Umbrella Rank: 1427
132 KB
3 hubspotusercontent-na1.net
7048931.fs1.hubspotusercontent-na1.net
7 KB
2 hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 5355
forms.hscollectedforms.net — Cisco Umbrella Rank: 5470
26 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 981
9 KB
2 mouseflow.com
cdn.mouseflow.com — Cisco Umbrella Rank: 8490
954 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
182 KB
2 pageimprove.io
pageimprove.io — Cisco Umbrella Rank: 74483
5 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
2 KB
1 on.aws
tctguyhimcwcyexxgullu3seem0fkhrh.lambda-url.us-west-2.on.aws — Cisco Umbrella Rank: 75165
1 KB
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1230
363 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6147
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
258 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2714
258 B
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2519
21 KB
1 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 3531
4 KB
1 hsleadflows.net
js.hsleadflows.net — Cisco Umbrella Rank: 5142
86 KB
1 luckyorange.net
settings.luckyorange.net — Cisco Umbrella Rank: 11237
757 B
1 googleusercontent.com
lh6.googleusercontent.com — Cisco Umbrella Rank: 515
545 KB
1 gstatic.com
fonts.gstatic.com
46 KB
1 hsappstatic.net
static.hsappstatic.net — Cisco Umbrella Rank: 6516
6 KB
0 facebook.net Failed
www.facebook.net Failed
109 30
Domain Requested by
51 www.picussecurity.com www.picussecurity.com
4 cdn.popt.in www.picussecurity.com
cdnjs.cloudflare.com
4 cdnjs.cloudflare.com www.picussecurity.com
cdnjs.cloudflare.com
3 d3lopmpcew67el.cloudfront.net cdnjs.cloudflare.com
3 px.ads.linkedin.com 3 redirects
3 js.hs-banner.com www.picussecurity.com
js.hs-banner.com
3 7048931.fs1.hubspotusercontent-na1.net www.picussecurity.com
3 t.visitorqueue.com www.picussecurity.com
t.visitorqueue.com
2 track.hubspot.com
2 forms.hsforms.com www.picussecurity.com
2 snap.licdn.com www.googletagmanager.com
snap.licdn.com
2 cdn.mouseflow.com 1 redirects www.picussecurity.com
2 platform.twitter.com www.picussecurity.com
platform.twitter.com
2 www.googletagmanager.com www.picussecurity.com
www.googletagmanager.com
2 pageimprove.io www.picussecurity.com
pageimprove.io
2 fonts.googleapis.com www.picussecurity.com
1 tctguyhimcwcyexxgullu3seem0fkhrh.lambda-url.us-west-2.on.aws
1 fonts.popt.in 1 redirects
1 display.popt.in cdnjs.cloudflare.com
1 forms.hscollectedforms.net js.hscollectedforms.net
1 px4.ads.linkedin.com www.picussecurity.com
1 www.linkedin.com 1 redirects
1 cdn.linkedin.oribi.io snap.licdn.com
1 syndication.twitter.com platform.twitter.com
1 www.google.de www.picussecurity.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 forms-na1.hsforms.com www.picussecurity.com
1 js.hs-analytics.net www.picussecurity.com
1 js.hsadspixel.net www.picussecurity.com
1 js.hsleadflows.net www.picussecurity.com
1 js.hscollectedforms.net www.picussecurity.com
1 app.hubspot.com www.picussecurity.com
1 settings.luckyorange.net d10lpsik1i8c69.cloudfront.net
1 lh6.googleusercontent.com www.picussecurity.com
1 fonts.gstatic.com fonts.googleapis.com
1 d10lpsik1i8c69.cloudfront.net www.picussecurity.com
1 static.hsappstatic.net www.picussecurity.com
1 platform.linkedin.com www.picussecurity.com
1 p.visitorqueue.com www.picussecurity.com
0 www.facebook.net Failed www.picussecurity.com
109 41
Subject Issuer Validity Valid
www.picussecurity.com
GTS CA 1P5
2023-10-02 -
2023-12-31
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
popt.in
E1
2023-09-12 -
2023-12-11
3 months crt.sh
p.visitorqueue.com
Amazon RSA 2048 M01
2023-09-02 -
2024-09-30
a year crt.sh
platform.linkedin.com
DigiCert SHA2 Secure Server CA
2023-05-17 -
2024-05-16
a year crt.sh
hsappstatic.net
Cloudflare Inc ECC CA-3
2023-04-10 -
2024-04-09
a year crt.sh
pageimprove.io
GTS CA 1D4
2023-09-02 -
2023-12-01
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2022-12-08 -
2023-12-07
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.visitorqueue.com
Amazon RSA 2048 M02
2023-03-17 -
2024-04-14
a year crt.sh
hubspotusercontent-na1.net
Cloudflare Inc ECC CA-3
2023-09-30 -
2024-09-29
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-28 -
2024-07-26
a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3
2023-02-05 -
2024-02-05
a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2023-02-01 -
2024-01-31
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
www.google.de
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-02-05 -
2024-02-05
a year crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01
2023-06-08 -
2024-07-07
a year crt.sh

This page contains 2 frames:

Primary Page: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Frame ID: D486164A609ECFEDE9BD02D4F087944E
Requests: 107 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fwww.picussecurity.com
Frame ID: B9754A568741797CE34855FF1628F102
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

AvosLocker Ransomware Continues to Target US - CISA Alert AA23-284AFollow us on LinkedInFollow us on TwitterFollow us on Facebook

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics

Overall confidence: 100%
Detected patterns
  • //platform\.linkedin\.com/in\.js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • cdn\.mouseflow\.com

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?slick-theme\.css
  • (?:/([\d.]+))?/slick(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

109
Requests

96 %
HTTPS

80 %
IPv6

30
Domains

41
Subdomains

35
IPs

4
Countries

2944 kB
Transfer

5584 kB
Size

30
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65
  • https://connect.facebook.net/en_US/all.js HTTP 302
  • https://www.facebook.net/login/?next=https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Fall.js
Request Chain 71
  • https://cdn.mouseflow.com/projects/a33e3dc0-7316-4f7d-8ec0-244dbd62e401.js HTTP 301
  • https://cdn.mouseflow.com/projects/a33e3dc0-7316-4f7d-8ec0-244dbd62e401_eu.js
Request Chain 90
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2042428&time=1697117826213&url=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Favoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2042428&time=1697117826213&url=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Favoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2042428%26time%3D1697117826213%26url%3Dhttps%253A%252F%252Fwww.picussecurity.com%252Fresource%252Fblog%252Favoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2042428&time=1697117826213&url=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Favoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2042428&time=1697117826213&url=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Favoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a&cookiesTest=true&liSync=true&e_ipv6=AQK21kI7ScDp_gAAAYskGu9Q3tcS7bRJ15QAGXU570t8rlC2sgqsjWYwlvuWNT4V
Request Chain 98
  • https://fonts.popt.in/?family=Poppins&display=swap HTTP 302
  • https://tctguyhimcwcyexxgullu3seem0fkhrh.lambda-url.us-west-2.on.aws/?family=Poppins&display=swap

109 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
www.picussecurity.com/resource/blog/
88 KB
21 KB
Document
General
Full URL
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f311ed9a6ca66e8d261bd84a1e9c64672171c40785060f36f3c1aee9075f9334
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
false
alt-svc
h3=":443"; ma=86400
cache-control
s-maxage=0,max-age=0
cache-tag
CT-139822592651,CG-35190412163,CG-7048931,P-7048931,W-32488136213,W-32488280065,W-34050730072,W-64658820451,W-73083427611,W-73190335558,CW-106636205147,CW-113292746136,CW-115735244592,CW-127211604583,CW-39027676914,CW-39038130957,CW-41162016556,CW-97796927572,E-117283871284,E-119013969479,E-125740770973,E-32300259976,E-32300424271,E-32300424286,E-32300424289,E-32379253675,E-32379319518,E-39027126556,E-39027330934,E-81509078165,MENU-32488136213,MENU-32488280065,MENU-34050730072,MENU-64658820451,MENU-73083427611,MENU-73190335558,PGS-ALL,SW-3,B-35190412163,GC-113292746618,GC-34050452150,GC-39027690571,GC-39027888131,TS-32295139665
cf-cache-status
MISS
cf-ray
814fbc43684c383b-FRA
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-security-policy-report-only
content-type
text/html;charset=utf-8
date
Thu, 12 Oct 2023 13:37:05 GMT
edge-cache-tag
CT-139822592651,CG-35190412163,CG-7048931,P-7048931,W-32488136213,W-32488280065,W-34050730072,W-64658820451,W-73083427611,W-73190335558,CW-106636205147,CW-113292746136,CW-115735244592,CW-127211604583,CW-39027676914,CW-39038130957,CW-41162016556,CW-97796927572,E-117283871284,E-119013969479,E-125740770973,E-32300259976,E-32300424271,E-32300424286,E-32300424289,E-32379253675,E-32379319518,E-39027126556,E-39027330934,E-81509078165,MENU-32488136213,MENU-32488280065,MENU-34050730072,MENU-64658820451,MENU-73083427611,MENU-73190335558,PGS-ALL,SW-3,B-35190412163,GC-113292746618,GC-34050452150,GC-39027690571,GC-39027888131,TS-32295139665
last-modified
Thu, 12 Oct 2023 13:37:05 GMT
link
</hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js>; rel=preload; as=script, </hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js>; rel=preload; as=script, </hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script, </_hcms/forms/v2.js>; rel=preload; as=script
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xooeTvajY%2FfbjW9zB9cgae66VoDdP%2FSAZLvfhmgIr1O823clnT9tvKeYELuLHYVwW5jqytMueaYMPtT4SFBeqsuDVBqVcaM8O9qtj%2BmWUHZrcya0qQ%2FkZgRAa7IRHTfZFD91TswB%2BWs%2B9AQIEjI6QnOA3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
origin, Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
544
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/cms-30-39-td/envoy-proxy-5687d54bf4-7c6qq
x-evy-trace-virtual-host
all
x-frame-options
sameorigin
x-hs-cache-config
BrowserCache-0s-EdgeCache-0s
x-hs-content-campaign-id
c54e3d4b-3a25-4bcd-9d44-ae12634732c3
x-hs-content-id
139822592651
x-hs-https-only
worker
x-hs-hub-id
7048931
x-hubspot-correlation-id
8d0d5dfe-39a6-4dbf-9a30-be426b8bec4c
x-request-id
8d0d5dfe-39a6-4dbf-9a30-be426b8bec4c
x-trace
2B662709EB551844A002A57F3A29AF264924E5F542000000000000000000
index.js
www.picussecurity.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/
11 KB
5 KB
Script
General
Full URL
https://www.picussecurity.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd5e0c3a0682f03217f201588e51e77bf778d5506224074918f505423f0e25a2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 a914ae2afc6a4cecb4160376b03ff6a2.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
age
15027109
x-amz-cf-pop
PHL51-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
inhS2tX2f2C4tITR3p2haS.uhsvA9eGz
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 21 Apr 2023 15:17:56 GMT
server
cloudflare
etag
W/"0bbd63c0750f141fd5cec04a9393647e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GM4M%2Btnp9NYCCkLUtFzg%2FWtMsMMK7wtmxZSB61xx8ipvgNneh3tzHO9kFWszvtGHBu96r4R8X9XLPev%2FrHePSThQoh9JKp9FFzdb9vY8wB6IM6lQ4PLSSXrS%2F8a6piUeu3eJ3q2vUL0PC9FGoWD5YKL87A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
814fbc482e1c383b-FRA
x-amz-cf-id
h_4sSAtPY7GVmPxJSp7-QXxXADs-gUfRFEMOL17VMTRDtoxsLcvrzw==
expires
Fri, 11 Oct 2024 13:37:05 GMT
project.js
www.picussecurity.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/
2 KB
997 B
Script
General
Full URL
https://www.picussecurity.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 df4167ab0949b4d2c15466bdfdc05f94.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
age
5447855
x-amz-cf-pop
AMS54-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
gEenO44eZUewxnIWfgj9q6LB.g9OszNv
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 19 Aug 2020 22:24:11 GMT
server
cloudflare
etag
W/"ef84f26c310485299d6b75777414eddb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tC0NhuSfuPqOIWg5V%2Fma%2Fzle5QahR%2BIskMDg%2BU%2BT%2BwmYOuszz53C5Abuwv58L3kFGeaHTx8mjJm2F49%2BBmbnA9yDhLEJPvTy7RJlE%2BLQthq6uph%2BDxmC96sIZsBbZBalg4hx5VL9Uu2B%2FEl6oskelawUBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
814fbc482e1f383b-FRA
x-amz-cf-id
kFmX7yEjk10n8JloR2Q4K0-52MUX8mtMrKkriAJ3pHBNGcP73SS5cg==
expires
Fri, 11 Oct 2024 13:37:05 GMT
project.js
www.picussecurity.com/hs/hsstatic/cos-i18n/static-1.53/bundles/
1 KB
1 KB
Script
General
Full URL
https://www.picussecurity.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
age
21895948
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-amz-version-id
P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 09 Nov 2021 16:12:42 GMT
server
cloudflare
etag
W/"61ca66de658cab9587e4636894680d5d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NCl%2BTSvLJcb2njveu6jfnckKc7euTiii9pCsNv8nqDmEhKJuPw%2B4qbxLZTKfuE7ykzrU5obQRlCbKxVWTWFJ91e7%2F07Pi3REJWEAl4%2B8zsbW1%2FVo3m%2B%2BRDpier1yxC%2F%2BmzwAlcozbm3qSiTFx4uNePiMEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
814fbc482e21383b-FRA
x-amz-cf-id
8QXLw2UOfT_OkIUXh8Uk-Qb7YUhl4mYkBSxBcIeGI9pAOc0VmTrDlA==
expires
Fri, 11 Oct 2024 13:37:05 GMT
v2.js
www.picussecurity.com/_hcms/forms/
549 KB
182 KB
Script
General
Full URL
https://www.picussecurity.com/_hcms/forms/v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a24e66d830ef814bbcc4553b662e0c2afe733f8f30fb4a86be6df577d146bec2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
age
318
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.3812/bundles/project-v2.js&cfRay=814fb487b5793aa0-FRA
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-evy-trace-listener
listener_https
etag
W/"84d6c03b19ba72ee08ca8c27dee147c2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=600, max-age=300
x-hs-target-asset
forms-embed/static-1.3812/bundles/project-v2.js
date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 16d910967d343c8da7828222a653755e.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-amz-version-id
4b09e6_AhU37WJHx62r2StyRWH0KMlOF
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
48a64462-8be0-449b-a214-e67ed7554791
x-cache
Hit from cloudfront
cache-tag
staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
48a64462-8be0-449b-a214-e67ed7554791
last-modified
Fri, 22 Sep 2023 08:13:06 UTC
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9UXxFuxtw3lr83Qa5N6cBEq2CcjKzPyiDVdGGSBpicNUfndFJarWz6vi2U7yekGZ80GsJo%2B2vrAdsSt4xnTvokGtSO8SIpVHBczdCggL%2FtAmCgIUJQiEQ3sJbwoLrZec5RDTD3OSsCjAROSRQWvLXhQ%2FFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-7c89bb96b9-sgzbx
cf-ray
814fbc482e24383b-FRA
x-amz-cf-id
MCUsLYMIGOZ0JA8AY3mgIU-NYmLNYGkNF7EBzLAr0TwABq3OdAByQw==
main.css
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1697100070928/Shield/css/
76 KB
18 KB
Stylesheet
General
Full URL
https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1697100070928/Shield/css/main.css
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
98a327c659f4b133d7ffe3bd50cf86d03afe920a4583906308c736e0d5fcbe65
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-request-id
94X8ZQ07SKYQ80EK
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
x-evy-trace-listener
listener_https
etag
W/"df53d60e5d0925fe5d3ae786346c27f0"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1697100070928
content-type
text/css
x-evy-trace-virtual-host
all
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 824fe21e467658628899bdd8725649ee.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
k3MCbccUtW27R0_gEIGEjBGb99I4jXG3
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
aad3a687-0746-4e33-b1f1-28f3622cd0c4
x-cache
RefreshHit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
132
alt-svc
h3=":443"; ma=86400
x-amz-id-2
4Jt0rHsIOhPNs8n4uXNdirZKHzv9DE4NS+H8JVDhu9idMW4FROZH2+YOUe1/e2Nu7uckIiuoCEg=
x-evy-trace-route-configuration
listener_https/all
x-request-id
aad3a687-0746-4e33-b1f1-28f3622cd0c4
last-modified
Thu, 12 Oct 2023 08:41:11 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oy6eDOrKlv17O5KH6LXXYgMM2BdgwqaFYHH5LsKxoeO%2F%2FYKxHl%2BgYGEI1GgS8Dc1JUGrk4xlTu1OcD4uFWjNwIJT5OhXRpZcmlVldTlfc%2BJz%2Bsy1EfkoRaHisDqfzUDTo8xuwnd8seT%2BE6w8qCucv5250A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-hubfs-td/envoy-proxy-6c8d5c7998-b6rgr
access-control-allow-credentials
false
cf-ray
814fbc482e26383b-FRA
x-amz-cf-id
3dtXOKPYNX4XTgS8--OMwD-gYc9RRhsALu3oIzq8qqNqRwQeYtmTqw==
theme-overrides.css
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424286/1689938008260/Shield/css/
28 KB
8 KB
Stylesheet
General
Full URL
https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424286/1689938008260/Shield/css/theme-overrides.css
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f2122b3b3bd142955bced055f46921316c859453a8c6739b4ccb5b332ae7533
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-request-id
1VJGX9KK3Y2SP70B
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.EnforceAclForReads 2
x-evy-trace-listener
listener_https
etag
W/"c7b4e81f50d5191a7f9901cabe747720"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1689938008260
content-type
text/css
x-evy-trace-virtual-host
all
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 2
date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 b7f525be96cecf61bbec66a423b622b0.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
HuNpuYTQDY.C1wUDLhVlbulPe7RoIRj4
x-amz-cf-pop
IAD12-P2
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
b43f353e-9d36-466c-a937-9924f8dc3350
x-cache
RefreshHit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
138
alt-svc
h3=":443"; ma=86400
x-amz-id-2
pKPUzN60SG33srVFOeWOxN808Wg2w7EHHsVLpEg8QJ8Pmqb63ogHR/U8MhxkSbwH7TMbJWinAps=
x-evy-trace-route-configuration
listener_https/all
x-request-id
b43f353e-9d36-466c-a937-9924f8dc3350
last-modified
Fri, 21 Jul 2023 11:13:29 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vK2YxLEpyLhsi1KWGuFOr4V4IC7ivswyscy83%2B3k6M%2BRMy9T6ah%2Bf9caLiImhs5jgngsZjt6Cwo4irTQYVR2vg4mn19XBgw9IV3x9PMnIgGx5VY6uDptVVTYRdd3ckX8sDu61Zq3Ur5kQzU%2FFlSn3lThmw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-fhfns
access-control-allow-credentials
false
cf-ray
814fbc482e27383b-FRA
x-amz-cf-id
UCH2pl5JH-mYeBttgMCpXKvqs0sNGc1JmEn9veXSS9gaFxLqu6H2lw==
shield-animate.min.css
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32379319518/1682685745883/Shield/css/
15 KB
4 KB
Stylesheet
General
Full URL
https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32379319518/1682685745883/Shield/css/shield-animate.min.css
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad35b390ce3898cfef7bb94973d42ab290ec56f7315e0b459f4ba017eac96f07
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-request-id
7MQFDY0ZV6E90509
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener
listener_https
etag
W/"dc33969eb4c5a40ef5e6be0462874811"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1682685747003
content-type
text/css
x-evy-trace-virtual-host
all
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 98b2021a1a69853671ec2390cb8757f0.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
O4dE7lsH.Q5zJBakndHS_xCk2kcdIjSC
x-amz-cf-pop
IAD12-P2
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
149
alt-svc
h3=":443"; ma=86400
x-amz-id-2
uum/gGaXHpL4enIAjtFkoSQ919LPUGrFEeKbTTTz8D1gm0OxpPivyEfmZKLCMnLU2cmtkdTfT9iunodCuy5hwALNmTSVw9pkuJYnGKRac4g=
x-evy-trace-route-configuration
listener_https/all
x-request-id
f5b2461a-5476-4c13-8faa-8f4bef522632
last-modified
Fri, 28 Apr 2023 12:42:28 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vcoTj5tl6L6IgswifRy2hCpQ3R47YNrGr9oWAjuOdzGRgR3zQwksgmxH4d3TKqnR9ISLHUFKwDh6gaSqpJeHVqSQh4dHXFKtqp0cZX2SCeifAIIpfMIhNvvj4bErSEoKbma2aUkgAKVHbyWS3xDa2nP7oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-hubfs-td/envoy-proxy-55b7d448b-7hqzq
access-control-allow-credentials
false
cf-ray
814fbc482e28383b-FRA
x-amz-cf-id
Aha3ISQdXSWIln78UzgtnGgaMNrux3tqy8UdiW8O5aU22Jheh7x_5w==
slick-theme.min.css
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/119013969479/1686049622830/Picus_IL_Shared/Shared_by_Themes/asset/
3 KB
2 KB
Stylesheet
General
Full URL
https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/119013969479/1686049622830/Picus_IL_Shared/Shared_by_Themes/asset/slick-theme.min.css
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f80603874c68fef25ac9ffe412a6c6056ab267d7e4d044f090c8282ab80c4da5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
age
3145
x-amz-request-id
KVCD73MG1VK74DRB
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener
listener_https
etag
W/"fa83e77758ea493769a6cef5ef0df9c8"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1686049623451
content-type
text/css
x-evy-trace-virtual-host
all
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 8b1ca38f6b0e2c14ce8c202175f971a6.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
QzIQ8NfUG.gmqRzMZ_BnITV8_s.CjjH6
x-amz-cf-pop
IAD55-P1
x-hs-alternate-content-type
text/plain
x-cache
Miss from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
140
alt-svc
h3=":443"; ma=86400
x-amz-id-2
rRknEL51802NvsEcyyIv2G2/8rhXiXgX7RLM7iiutfJ10yJoo/gtVeLJoxnIkCF+baQ1imAfiN0=
x-evy-trace-route-configuration
listener_https/all
x-request-id
17cd0b1c-2cc0-43d7-8de8-69e110aa5074
last-modified
Tue, 06 Jun 2023 11:07:04 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b4CJdb4uWuHfxZXXFqTPhwKXC6ncnIgP4GOplQrgZ8IfMCEHfTh1V7H1uXmbHiS7Rc6fCN6WsmFIzJKO%2BWuq4Su9aV3jBXYVc1MeZnf%2BBeHwzFq6DG1pgM8pPRIPF%2FXJVIqLtFdt%2F9varTdFAelfjByxgg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-9xkdz
access-control-allow-credentials
false
cf-ray
814fbc482e2a383b-FRA
x-amz-cf-id
x8zlnX9_EUvUcLXrlKOXmxJqz_dvMVZbwxuE7ZnIABgimG1CXk0RqQ==
module_113292746136_Announcement_Bar.min.css
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/113292746136/1694519023628/
2 KB
2 KB
Stylesheet
General
Full URL
https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/113292746136/1694519023628/module_113292746136_Announcement_Bar.min.css
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9223a8d8b5e98ebc2bd6ca45174e6707ff6f90c00c1cb214c30e5c09fe725178
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-request-id
Q6GY4Y18G2JQ7K4A
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.EnforceAclForReads 2
x-evy-trace-listener
listener_https
etag
W/"1087e0cb6addf2cdfe09e855aabe17e3"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1694519023628
content-type
text/css
x-evy-trace-virtual-host
all
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 2
date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 02db209838c99b1e3d9f7e6b74ddf272.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
qGz39onuKlKxg_iGAdG78lpVtCHltS5h
x-amz-cf-pop
IAD61-P2
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
f921e7a3-cd9f-4d32-8c02-1e1e4f116fe9
x-cache
Miss from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
182
alt-svc
h3=":443"; ma=86400
x-amz-id-2
cxxFAvuDlXUvkk+ybWmsg2ehEijVWjoY6Bj8hCiFEfTgq/Pj9XP5yGgWkn6UT7yghzA8AD0Jc35C9/un8LFsToX/JZXS9FTP
x-evy-trace-route-configuration
listener_https/all
x-request-id
f921e7a3-cd9f-4d32-8c02-1e1e4f116fe9
last-modified
Tue, 12 Sep 2023 11:43:44 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BAzrHR5UAXZN2CZGi6vPQYfFA29DCjpsRw%2FkRppWABVTb2K4%2F1XAQiaz0YJCHBwcCP3kwCGBM3I6iKSVy%2FYqKBLe3zj%2F1lw6nWX1aFxWbfQxtMmL4SFwVQIdcbtM4V8vEG9X%2BUWpE3C8ucnrd6qAQzy6Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-xmwnv
access-control-allow-credentials
false
cf-ray
814fbc482e2b383b-FRA
x-amz-cf-id
0iPanKHBWeSUXdMZlwfuTUV_q0uTocd52H8Zdz5FF_E-nylxq3KRWw==
slick.css
www.picussecurity.com/hubfs/
2 KB
2 KB
Stylesheet
General
Full URL
https://www.picussecurity.com/hubfs/slick.css
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-meta-cache-tag
F-88652463641,P-7048931,FLS-ALL
age
151884
x-amz-request-id
4AGJET6MF44MPKDY
x-amz-server-side-encryption
AES256
edge-cache-tag
F-88652463641,P-7048931,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
etag
W/"f38b2db10e01b1572732a3191d538707"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1666163679669
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
POcUM6CkvZEPNg.2EBNI3HQQEk16JIcL
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-88652463641,P-7048931,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
x-amz-id-2
mVXPs2hJawHQRpTW7KFr5IPw1eLkfOYDD+eY5AtoB3qxKbZYOrOUQDQzMZEoNJqYan0fEc0kyiI=
last-modified
Wed, 19 Oct 2022 07:14:40 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bj1nfWmmGNlb0x49Qo7BLc3zbZE2pehiHTW8UGl3i%2BtWOXMBYRjBa12PcQZ8P7%2BgAmfNAXJ3uczFqXRN6Q6BA1ERMk7gfFQEMejGq2iNCrzFMKmDvpRibbUyYq7pr6u7zqiX1kyIvWePF8SfodiOKMd%2FZA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
814fbc482e2e383b-FRA
x-amz-cf-id
HweT2_O_ML-kuWGhfcoHBaTIixVioyBPIk20s0COZHDz1at3Z0j3-w==
slick-theme.css
www.picussecurity.com/hubfs/
3 KB
2 KB
Stylesheet
General
Full URL
https://www.picussecurity.com/hubfs/slick-theme.css
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b7290b38b86182592c3a60c491c3a977318c034959142a61d92a75025b3c334
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-meta-cache-tag
F-88672063121,P-7048931,FLS-ALL
age
151885
x-amz-request-id
0FHGXVZZSDGQKBTF
x-amz-server-side-encryption
AES256
edge-cache-tag
F-88672063121,P-7048931,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
etag
W/"70713b38259ac3a32f8157845e0701f3"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1666163804020
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
beuNhPPn9XCcdaYz_J0NljSiu1XSNKQi
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-88672063121,P-7048931,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
x-amz-id-2
/VjNbg9EedHa05a6bvCu5OnRCGLzlQUpqn2Ui+9zvwktk42dRaqjbt9tXO4CWRco7vMY3zUFZ5g=
last-modified
Wed, 19 Oct 2022 07:16:45 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2FxJpaaU0TdiV%2F6URUK9vZQI6nGJKvf8%2F5nMGEQ8Zme4kNapCjGJX8uk3h2uKujkrjvi9XgaGPmLDdvoWgcKfQe1gSkTI%2B7hOoKjaMjpqf3PLLX%2F16QEOtNtYh1b1o3pY9LL7iYKukY4dibhKfWb2Rcxlg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
814fbc483e34383b-FRA
x-amz-cf-id
nvvmG392IwuvxxqZUXKCPLgFfhzYMO8JVwMt2QriVm-VqVwr_Fv1hw==
module_39027676914_Mega_Menu.css
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/1696485625274/
15 KB
3 KB
Stylesheet
General
Full URL
https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/1696485625274/module_39027676914_Mega_Menu.css
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
15e64a03ef473e1f3837745e0a6e81a1037afb5c9c5acc4600119ed6c9d5f1f2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-request-id
6X9N4Y1QT7VJM19T
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
x-evy-trace-listener
listener_https
etag
W/"25450fa59dfddc1112f6a935a4a7861d"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1696485625274
content-type
text/css
x-evy-trace-virtual-host
all
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 71f1cca040033ebffc591cf9392d1528.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
3C51Mpv6s_iUJwF2az_EK8mSxcNpBsce
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
0e3d5271-ec20-4874-b23b-30ebab9cf6f0
x-cache
Miss from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
186
alt-svc
h3=":443"; ma=86400
x-amz-id-2
LSdOP31NwmQLqx20BTH/qpA5SsSb9Ea/dGrmLVC9NwUuQi8/qwB33v3a0BqNUVCKujvM3hqIwh0=
x-evy-trace-route-configuration
listener_https/all
x-request-id
0e3d5271-ec20-4874-b23b-30ebab9cf6f0
last-modified
Thu, 05 Oct 2023 06:00:26 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WbGpxWq3sb%2BXuOAZRjbBb764gkDW0zyGBSA7IpawLWAK6rgkvxAy68XomsGAzY8JhxdpS41wlVy8v%2FAeRQjpVr1w5yfXiJHS2vG6YIgWDD5etg8p3EzAEdk5Rwx9c9GUIrxTah3SPWbjuE80FlrswzsHEg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-hubfs-td/envoy-proxy-6c8d5c7998-b6rgr
access-control-allow-credentials
false
cf-ray
814fbc483e35383b-FRA
x-amz-cf-id
nHo3kCteJaHZVMZN8leifdLQfioyExocDFUWza8ncqx28CMH8cbWxg==
module_39038130957_Lead-Magnet-Banner.min.css
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/39038130957/1608575808109/
521 B
1 KB
Stylesheet
General
Full URL
https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/39038130957/1608575808109/module_39038130957_Lead-Magnet-Banner.min.css
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5458bb001fbaee0822a06901d6989a7568457bc97c78ce726d8884c34f665910
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fb1dc2e3bf4105b403e3bfa3a5067970.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD12-P3
x-amz-request-id
QPR7N6G49BNEB22Z
x-amz-server-side-encryption
AES256
x-amz-version-id
_6kG0Z6N7nb2Amvf0P3QvVEgQec_PKrh
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
content-encoding
br
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
alt-svc
h3=":443"; ma=86400
x-amz-id-2
eVUfsmWUWdLg/ZhQiTXz10jOyHsdBQBannNWGECjy7BJ6CFFgLTzHO+8vx/8nbaF3dmobkSUlP0=
last-modified
Mon, 21 Dec 2020 18:36:49 GMT
server
cloudflare
etag
W/"b598cb9f535e9d39bea6fb4c7afc98a2"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1608575808109
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9L%2B%2FdXVr%2B2Hn7wzl0iw8v6LYWbIqJE0QduUzgXndCyyZarVvyHtIr0Oea9MnJCKOtb1T5xp9UK30GtcEt%2F%2F5j30ogBTm1U0BCXmm0cYlQgatBAT5b8z6EXGge9sqA2jNLV0OZ2JRHBywuyWYZ2v933JvBg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
cf-ray
814fbc483e36383b-FRA
x-amz-cf-id
1Y-1CRKiF6yRUGKmVnhrvMaoikeI4LOMBEgX6suV_RpNsNRdgPrqaQ==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
module_115735244592_promotion-box.min.css
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/115735244592/1692362916822/
445 B
1 KB
Stylesheet
General
Full URL
https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/115735244592/1692362916822/module_115735244592_promotion-box.min.css
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2979048807e3ad41f974d0c6920b3e597e269958ba5ba6fd8eab6f5a9bd72c77
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-request-id
B8S56EB4J1A3YCYV
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.EnforceAclForReads 2
x-evy-trace-listener
listener_https
etag
W/"1280ed78ab1a383a5d624651245de222"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1692362916822
content-type
text/css
x-evy-trace-virtual-host
all
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 2
date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 6400936fc4525d1c60e3e8fee9d4806e.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
s8H2XI_b1QCCi5PORu.qp1BCRkwfXbEi
x-amz-cf-pop
IAD12-P2
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
725a261c-b702-4daf-8534-5a36c2ceec74
x-cache
RefreshHit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
191
alt-svc
h3=":443"; ma=86400
x-amz-id-2
/YwVxaFTpO+hkQm/86WSHLNbOJSBZlW/mgPRsx75BiChLbw+9vd5gnGFNqWHEG6LVnWK86riXZg=
x-evy-trace-route-configuration
listener_https/all
x-request-id
725a261c-b702-4daf-8534-5a36c2ceec74
last-modified
Fri, 18 Aug 2023 12:48:37 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6FECVFWTTHkhzQvv8bUqRxABpPevBkr4gJGwpWoN%2B1wa5vpXBuRguv%2BLgug5HFKIf0ct9SJZm5Wxh2pVYzYOO8fCMxEwpbRLpT4XsUM%2FSLCLRsWwid%2FEW0lDItyJMgZlxqTRPoeIXzJl2RiD7gKVGD9kLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-9jn6n
access-control-allow-credentials
false
cf-ray
814fbc483e39383b-FRA
x-amz-cf-id
bSsU3Pq9cFnxtLyUXQQMNoqOAPuU_2wFzypUrTuA8f3Wpd3pquJfsQ==
module_97796927572_recent-blog.min.css
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/97796927572/1689062791424/
3 KB
2 KB
Stylesheet
General
Full URL
https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/97796927572/1689062791424/module_97796927572_recent-blog.min.css
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd992701a1dd6611d88d49c14a2adbfd091c77118f1318a1ffd0a9250d386cc1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-request-id
3KX3MEJW571J0S02
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener
listener_https
etag
W/"74d539623ee3300c89d3a96367ec66af"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1689062791424
content-type
text/css
x-evy-trace-virtual-host
all
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 2e50d9b1ee017f302768660f02b7418e.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
K33bwj0mZNNYnh72VxGgNK4nCYIiul9y
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
ed5f7126-bc46-45d6-8605-a6eb5daaaf98
x-cache
Miss from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
115
alt-svc
h3=":443"; ma=86400
x-amz-id-2
zh2KirELfaXMnrXpXDzVW2NNOIUfZj1lr0tyf7GvyQTuKnLriLGVOcL4VU2LmaTWmpgbAzydN2M=
x-evy-trace-route-configuration
listener_https/all
x-request-id
ed5f7126-bc46-45d6-8605-a6eb5daaaf98
last-modified
Tue, 11 Jul 2023 08:06:32 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b09viFFjazZW7Pdvqw09QtH4Dhftv9fhUQTykqMlHvJ0BYTbc03BrjSIXa%2B35O6K8tl7vvV2cYKKMRBvlXdROvU%2FMvZLqrxRr%2B9h%2Bcfzn0VTRlttjpH67efrC9k731DnMn2rRCfRnrnH5u7QDA%2BZCW0%2Frw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-fhfns
access-control-allow-credentials
false
cf-ray
814fbc483e3a383b-FRA
x-amz-cf-id
iCaKcjDqglTBM9DIpBQUd3kvrq9f3uoiJZ6KaIO_pah_b1OdpOr7RQ==
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/
87 KB
28 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
9654884
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27938
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Zgn17EOROdRH86bHU0CT%2BfaqqUnQLtaeGGBAb4cvmHrLh%2FYL%2Bl8S7sMf3QYxCflDW7NpzSt8qDrvpQOt6trNJ26F9rZvDceKuI1GrN1RPiwbAD82Pc%2FN%2Bm97%2Fjfc03G1GWqskdMId5R2fY%2Bf0LKUUyf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
814fbc484d780487-FRA
expires
Tue, 01 Oct 2024 13:37:05 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.2/
11 KB
4 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.2/jquery-migrate.min.js
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
106fcd8d723eda7d92a26893a439ccef998e5fc68ad228253607143d801e8cd8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2314044
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3718
last-modified
Wed, 18 Nov 2020 00:51:42 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fb4701e-2c03"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVoTgLAR8%2BXgC34oKCIBDVV%2BtqaaleVKDNOym1o%2FIiFQK30LJ63Oiqs6WI11%2BMYmpp0FSxBeilQKXmlmU%2B35qi48ZJC5261%2B1s8UW8joxwqj%2FQbg1A7OeP9yQQy43RYcyu5QXvwidTCn7j0MTiRD3xtr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
814fbc484d790487-FRA
expires
Tue, 01 Oct 2024 13:37:05 GMT
css
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Ubuntu:400,400i,500,700&display=swap
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0eacc421ef3f64e94a997b01b7f8fe59651968ff6f16bfdf893329bf17849641
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 12 Oct 2023 13:37:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 12 Oct 2023 13:18:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 12 Oct 2023 13:37:05 GMT
pixel.js
cdn.popt.in/
226 KB
50 KB
Script
General
Full URL
https://cdn.popt.in/pixel.js?id=64d678615e3d0
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6525 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9467131afdf53725eb7dfbcaa63ef3866a3ffa49c40fe167a0a85fef537bd1ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:05 GMT
x-amz-version-id
17oD__KDwqV6NZ2l0utqJw8JnSX78trp
via
1.1 f3e00d74aa4544d776f78a159416d17a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P3
age
1735
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 10 Oct 2023 11:07:05 GMT
server
cloudflare
etag
W/"f1cb47bb0fca0e9131466c3af935f036"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBBpj3cuB1pdTIVF1EmTtjsxaluFwjbzw6AABMmMDQxO9uRkJZfJ0g9mC4l46N9mP2qhUBLuqammn%2Fay2XHoJZYoIzWVimvbXW1lRhL6URH9OzQrLhVxQVBa7uau5Mugg2MWjwa2A%2FADnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=1800
cf-ray
814fbc4aaa6b2c3f-FRA
x-amz-cf-id
DsyZn3uz1leJHmZDNsCGPty5MoSbLdY-kh8eAx4DODhyPMQzmnGcbw==
67ab0ee7-fcba-400b-8cb3-db7bb1cc0033.css
p.visitorqueue.com/styles/
0
117 B
Stylesheet
General
Full URL
https://p.visitorqueue.com/styles/67ab0ee7-fcba-400b-8cb3-db7bb1cc0033.css
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.60.221.89 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-221-89.ca-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 12 Oct 2023 13:37:05 GMT
access-control-request-method
*
access-control-allow-headers
*
content-length
0
content-type
text/css
in.js
platform.linkedin.com/
510 KB
160 KB
Script
General
Full URL
https://platform.linkedin.com/in.js
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::210:a40a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
2adf242340f439db55932fdbd81f194b4514c2883530289412514a8bce94d3c6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
657
date
Thu, 12 Oct 2023 13:37:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cdn-client-ip-version
IPV6
x-cdn
AKAM
x-edgeconnect-midmile-rtt
0
content-length
163638
x-li-uuid
AAYHhGY/0/bQRD9K1ghIyw==
server
Play
x-li-pop
prod-lor1-x
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
x-li-fabric
prod-lor1
cache-control
public, max-age=3600
x-li-proto
http/1.1
expires
Thu, 12 Oct 2023 13:51:32 GMT
logo-original.svg
www.picussecurity.com/hubfs/
2 KB
2 KB
Image
General
Full URL
https://www.picussecurity.com/hubfs/logo-original.svg
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee596884317564904ae040715f9d2961b96b088c0034ff3f4904a6ddfea7221f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-meta-cache-tag
F-54707499331,P-7048931,FLS-ALL
age
150062
x-amz-request-id
0FHH8VVMFESV3QKC
x-amz-server-side-encryption
AES256
edge-cache-tag
F-54707499331,P-7048931,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
etag
W/"ffa324dc95c671fc8929e2bbc8f9a038"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1631012484087
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 56317bf75183e752b06c880e8a1e502a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
BgSjLq3V3YN8qkwdl5C9D8U1riGsc.5a
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-54707499331,P-7048931,FLS-ALL
x-amz-meta-index-tag
all
alt-svc
h3=":443"; ma=86400
x-amz-id-2
tp0z+9SJBBXxAUxW9GJgZgm/AVMmy/fffgbAM0MCKkKZz+rDVaXrBg143ShVOQFAh26ZNKYnqFM=
last-modified
Tue, 07 Sep 2021 11:01:25 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLeqKdQx8zFdGKCfkW2y4iAob%2BzQNvhi1oNfCixTaVxjFaoHM4hvm9tr6a88FRO%2FZsZ17E9k%2FBA3SpCorQOkUwMrFcarSU2jQTnalqtq5JDfhzapjWoLcpw7X74%2Byct1tFzV5PXjJSw4R5m4BwWuxpp8Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
814fbc4aa9414d32-FRA
x-amz-cf-id
G4sDfc8r6LtmTVJpxj_w6_jEfwAIsUTAJrs_OghqFcrLoroXTKaHGA==
dt-menu-arrow-back.svg
www.picussecurity.com/hubfs/Shield/Images/
296 B
1 KB
Image
General
Full URL
https://www.picussecurity.com/hubfs/Shield/Images/dt-menu-arrow-back.svg
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d214792b986a7986cf226ad5f346fa58b7857bcfee980f8c3bc897cf17df564
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-meta-cache-tag
F-39038396307,FD-32586780943,P-7048931,FLS-ALL
age
150062
x-amz-request-id
VMVE99BFASF2RHEJ
x-amz-server-side-encryption
AES256
edge-cache-tag
F-39038396307,FD-32586780943,P-7048931,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
etag
W/"8132c994dd553ae56f7b61821b5a1880"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1608573443493
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
bS6RQKhadAIkt_eobirV6GoH5Y3lWA.b
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-39038396307,FD-32586780943,P-7048931,FLS-ALL
x-amz-meta-index-tag
all
alt-svc
h3=":443"; ma=86400
x-amz-id-2
yAtXi8grjsu1txlrQzI1TQDKxQDAMURQjFIRm5UwojAY0IV8vWz1C5RfjPGHQF3u5w0TiS3XVeI=
last-modified
Mon, 21 Dec 2020 17:57:24 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cCeMgRl3cetceeOddr5dZuQeEaWyWOsdsoqe1MRnEAToxauV%2Bb1tzpBddfUipunP%2BAvkRp%2FZYMWbvTLFpwDg4ieGFnEdrUwufZ9adg31lg6Yq2QLLUYrvQUxN8H%2BJMOjO5iRtBzqvKBDsYDV8TlUhBtCIA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
814fbc4aa9464d32-FRA
x-amz-cf-id
nSCTDqTcCNyGb7w5oalMRbFdtPV8UbEZunn1jhGamzR91gUEsntvfQ==
slider-arrow-next.svg
www.picussecurity.com/hubfs/Shield/Icons/other/
312 B
1 KB
Image
General
Full URL
https://www.picussecurity.com/hubfs/Shield/Icons/other/slider-arrow-next.svg
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdce0b54370929aacc3fead98822cd9193639271d9a7dcc7c0c478f1586409ea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-meta-cache-tag
F-32498117729,FD-32439749862,P-7048931,FLS-ALL
age
150060
x-amz-request-id
AGZNA3JBHYDFKV6P
x-amz-server-side-encryption
AES256
edge-cache-tag
F-32498117729,FD-32439749862,P-7048931,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
etag
W/"4e9ad5b9cbf4dae43f95e76a913be069"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1594995438317
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
wcG5Xq1sOYNBFF9SuxmduAYWAF34VkL_
x-amz-cf-pop
FRA56-P7
x-cache
RefreshHit from cloudfront
cache-tag
F-32498117729,FD-32439749862,P-7048931,FLS-ALL
x-amz-meta-index-tag
all
alt-svc
h3=":443"; ma=86400
x-amz-id-2
KkYji33sXLA3azsvJCh65ec0LwoTSI7jUVnV7t9qOTC4AqFDanI5s8PCFSadLAMRtE3Wy1eWLQzr2uTsXNP4a7ozb6tFVHsPytozZlBoL4M=
last-modified
Wed, 19 Aug 2020 12:01:33 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJ4Atb31GpWVbt9NyXF%2F6m6CEonaSCwE%2BUFPe%2Bqui2WH1aaCSMhmaLmVqw2SB%2Fd95GKX4tf1lzsQExNwrTSkuGQo67lU4qFA%2FfL8yZSk8IQ%2FuBk748BMOKQ%2BERkDggyVNuzDFba8u3D5jYOV7LcNUFx8Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
814fbc4aa94c4d32-FRA
x-amz-cf-id
yR4iudD7m4kJevQriyCHiFp1KddogNLn0Ub7jTI5LaJL-dJSr6yPUQ==
mega-nav-burger.svg
www.picussecurity.com/hubfs/Shield/Images/
673 B
2 KB
Image
General
Full URL
https://www.picussecurity.com/hubfs/Shield/Images/mega-nav-burger.svg
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1018aad3ed798d98490fb01484d0aaf7ba3528f74288091644ae53523c3aa82f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-meta-cache-tag
F-39038395941,FD-32586780943,P-7048931,FLS-ALL
age
150061
x-amz-request-id
QNM41EC58J0764NR
x-amz-server-side-encryption
AES256
edge-cache-tag
F-39038395941,FD-32586780943,P-7048931,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
etag
W/"c2bcd687517100165c2d2b3098b97b73"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1608573140741
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 6f32a39163a1e36ace7a71a85e2d2884.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
.T459IPq_rl_ho8gXG.ZZePe1N2.Y_rE
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-39038395941,FD-32586780943,P-7048931,FLS-ALL
x-amz-meta-index-tag
all
alt-svc
h3=":443"; ma=86400
x-amz-id-2
ZXbjjJrllIMA/XepxxfPXuydVUUS/m64CHgRUbc9N1YinsOUyyCN9nCRjyJNJ7rJ6x2fH8xWJKQ=
last-modified
Mon, 21 Dec 2020 17:52:21 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OP%2B7KHjNXTD45tcmWIhquia2a5uvf2p7gfMO6R9bLf5zv4RqpBrr1AM%2Bp4CAGZpnKUkAuHEU3wxvWm6mojOHsvz8nexkIAvPUNTWXMTpEqIHuXtkZJ8JzmD889R%2FVAAe8Uu7PY6G3Jld6%2Bt7DjMaJGnyHg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
814fbc4aa9524d32-FRA
x-amz-cf-id
hdVxfric3KubyPxvND_ZmzS46_U2pEj3WModRcgZTd5ecYKxi25Pow==
mega-nav-close.svg
www.picussecurity.com/hubfs/Shield/Images/
608 B
2 KB
Image
General
Full URL
https://www.picussecurity.com/hubfs/Shield/Images/mega-nav-close.svg
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
182c0c4a049b82ebaa738d7c22e68bceb8aad2f6d78b94c300b80613c92bff0a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-meta-cache-tag
F-39038468543,FD-32586780943,P-7048931,FLS-ALL
age
150060
x-amz-request-id
0FHYE7J48BX5R5WE
x-amz-server-side-encryption
AES256
edge-cache-tag
F-39038468543,FD-32586780943,P-7048931,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
etag
W/"cec65b8f70f2c97f2118f8560d6b82a4"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1608573183370
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
IE0DyU0kAI_Z9ApqF3Hz_dDPnQZu2OaI
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-39038468543,FD-32586780943,P-7048931,FLS-ALL
x-amz-meta-index-tag
all
alt-svc
h3=":443"; ma=86400
x-amz-id-2
8qUp8Ri1hZlynY3Vi7DyvvvKG7gfpH2dvQBJRQ7FL+Vz1uUR8pt4CWcqV7JgGej2sBPUTvwLrwY=
last-modified
Mon, 21 Dec 2020 17:53:04 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KIKwaXcHT07%2Fc43VS%2FNnwxwGTp7hYsgUxUuavstQti61C8Hc551brOmcdlYvR7%2FTxZvrZT2RIPlh3OpkxxnhExHsf1imIMtbO5JmILHfxT%2BIILnrg0OTuQzEiOw1l4PQpxxRfM91g6qIQ%2FrayN5sqTYKBA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
814fbc4aa9554d32-FRA
x-amz-cf-id
ez3oiItyNgi3zv7XJZSZcf2Zh2lhL3_9vxtPcqpTRMXUUe0NL06OqA==
twitter_black.svg
www.picussecurity.com/hubfs/
3 KB
2 KB
Image
General
Full URL
https://www.picussecurity.com/hubfs/twitter_black.svg
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd28cf99e2e8aa2015c80e6a4de778bf326824014f8fa42de3606f45b930b76c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 22cca4e72d16c1882ac60c018e6acbbe.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag
F-26114461611,P-7048931,FLS-ALL
content-security-policy
upgrade-insecure-requests
age
103519
x-amz-cf-pop
TLV50-C2
x-amz-request-id
MN078GFQW37TGRHZ
content-encoding
br
edge-cache-tag
F-26114461611,P-7048931,FLS-ALL
cache-tag
F-26114461611,P-7048931,FLS-ALL
x-amz-version-id
XdS231XSTsQZlbZ2bdJrHVSVVgPTObTQ
x-cache
RefreshHit from cloudfront
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
alt-svc
h3=":443"; ma=86400
x-amz-id-2
gVrGAs9r+yOaUS6QMlGRndm+GdSxjhlrqQvQmsnx9y/nOLAobKuWiYTtu1B7cecwfee63sIFIOg=
last-modified
Thu, 20 Feb 2020 04:30:57 GMT
server
cloudflare
etag
W/"4a095070df5501e6303d14e972a0194e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FkLTJNdZ6VDH0ZsKl6gNrJ507veTXjKoL3LvIL01u6D3FVAXZHRrLaHyxor2oui4v7N4D7eDU%2FJiXG5McOc%2FjYZfXNwWDtW72Xml6106dedSgQBG%2Flniv7fmNVJ7WCPOE%2Bt7%2FM3oNHU3Jf4OUlc%2BEVVl8A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray
814fbc4aa9594d32-FRA
x-amz-cf-id
bbs0bZfK29hmoUaaXOIkcyPXrVrQ1m1YzeeeIWCDbh2QnmAH-DhAkQ==
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
linkedin_black.svg
www.picussecurity.com/hubfs/
1 KB
2 KB
Image
General
Full URL
https://www.picussecurity.com/hubfs/linkedin_black.svg
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
34350dee947083733dcd88d858cf65df7a4f282846c465b8f9627090aa5da3c0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 6e4fd2f7f4c55027ff6ee922bdafd3ae.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag
F-26106634639,P-7048931,FLS-ALL
content-security-policy
upgrade-insecure-requests
age
105942
x-amz-cf-pop
VIE50-P1
x-amz-request-id
0FHHSVCZE3CX5YAH
content-encoding
br
edge-cache-tag
F-26106634639,P-7048931,FLS-ALL
cache-tag
F-26106634639,P-7048931,FLS-ALL
x-amz-version-id
cxF8LRaoHAeGt3BhM7bUzN7AlCshNAnL
x-cache
RefreshHit from cloudfront
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
alt-svc
h3=":443"; ma=86400
x-amz-id-2
CD6vzScu8ZA9Dp6yUyFzMeu/MFAsrfVHsOkzhl5m/ViiNp5Xsqb5fBfeA2/pB4iPU/h1CcN9L9o=
last-modified
Thu, 20 Feb 2020 04:30:55 GMT
server
cloudflare
etag
W/"cb53f1d14fd4d15a3313d2a24a524fb8"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Okre1bVMG48pGdRK2gpxD5a4p8T%2FlFlxudafi4G3nygo6UKt7Gpar1mjbZhGXmv5F%2Bfg1o3PwMSE36KzWqzGewpMIUbN%2BSJvjwt6E24S6QZg%2BMvJI4EtKI6%2BbgsN%2BtgoSJUjRJBFa5IEim9V9KQ%2BoX%2B1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray
814fbc4aa95f4d32-FRA
x-amz-cf-id
XlEJHg4aWlC-T4pgyQ9yh7Amnns9g6Fb7n5q1iQlivoHVz4Mu-whfA==
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
facebook_black.svg
www.picussecurity.com/hubfs/
669 B
1 KB
Image
General
Full URL
https://www.picussecurity.com/hubfs/facebook_black.svg
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8acd930d7a72da64980a950dea0c1507411900cb1459aa8c743e003df27444dd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 581d2b2095e9ae9fc9bd8c38d2258832.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag
F-26106634638,P-7048931,FLS-ALL
content-security-policy
upgrade-insecure-requests
age
105481
x-amz-cf-pop
VIE50-P1
x-amz-request-id
0FHGAGMG5BDEM7QV
content-encoding
br
edge-cache-tag
F-26106634638,P-7048931,FLS-ALL
cache-tag
F-26106634638,P-7048931,FLS-ALL
x-amz-version-id
8CJrjrvqFB2TaFMkKGP3y_iXgtaroa19
x-cache
RefreshHit from cloudfront
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
alt-svc
h3=":443"; ma=86400
x-amz-id-2
VRF9N6scnV2h0FbwTICRfTOfIf14kKgwhJOSCalGtcOPsTxjC4Yn/EWTHyQV8L0Y3ovIyZVqUPI=
last-modified
Thu, 20 Feb 2020 04:30:53 GMT
server
cloudflare
etag
W/"655ebdf8c830e8540b691af2f06d81c4"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TFXsZK8l2sqVrNUGQPRq0iFihfOOsgBbHSQubZKID1v38zgZY1U8aFxtSrhbz0PHSaA%2BjLevboUbIjmS7yMDkoqOQZ4VEELQgAloPsAWtrBKPjyD3QWIK8H7GLoBocofK8CXq4lkM5YRYFM7lGneadPkCg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray
814fbc4aa9624d32-FRA
x-amz-cf-id
QgtGdsZzFro-5mM7ucAM9AxfGhZISZdAGlGYnpg2D7YBpjxmajQWXw==
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
embed.js
static.hsappstatic.net/content-cwv-embed/static-1.388/
14 KB
6 KB
Script
General
Full URL
https://static.hsappstatic.net/content-cwv-embed/static-1.388/embed.js
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:e05d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34942d531ecf961a2a6777526aef0c7d17f28a4ce9afcac868eb132c700bfe5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:05 GMT
x-amz-version-id
GNgANes_HpxlXMl5IDFfVeYnBgfaeeYN
via
1.1 374989d04bb9f7efef831637d8f4b234.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
DUS51-P2
age
84232
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 15 Aug 2023 19:48:57 GMT
server
cloudflare
etag
W/"8741985292d64b839be39c64b14f3783"
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2BE0R6MLXFgcGlv2Zv%2FvI3dDfietznW1%2BRLcWDSgEkVTvRLM%2B7cZkFKbQY0fyQX5Yd9QrSyYo7JF9QI1xGImQbyf8LiaYGRjmRV7UkzgEUhEDmgzYQMAPE03zoE5MB0O3PxKHdbEIj%2Fr6zJBfDjKSVRGYdk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
814fbc4acd8a927a-FRA
x-amz-cf-id
wPYzpULuaMj49HnhSq9DCGfPKS4cOxbh-bH_kUMQKu9WYEdB65lO-Q==
expires
Fri, 11 Oct 2024 13:37:05 GMT
main.min.js
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300259976/1682685743830/Shield/js/
1 KB
2 KB
Script
General
Full URL
https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300259976/1682685743830/Shield/js/main.min.js
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef0a0e5bb796f1a07e8054e517e697a8d0b7d8c9017aa00ef4c54102312d4999
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-request-id
RHBNRRFYAKY5N43R
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener
listener_https
etag
W/"0a4a0bdbb3681558df4fee4c53905889"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1682685744020
content-type
application/javascript; charset=utf-8
x-evy-trace-virtual-host
all
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 1448f69604d5be1f9c9f0c64cfa90594.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
j.K08h250zgcFgjEsvyqkQqevCO_CAGq
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
178
alt-svc
h3=":443"; ma=86400
x-amz-id-2
x/8jmlrbeLU6HoByJtHaFaxmIO9urK8XwyF9YqZ5zpLOtYN0H1OibC7dfZQaJouERaOxrdD6pz8p3Ae6jtlteuFanMCe+wmdtYbgA0bE1TQ=
x-evy-trace-route-configuration
listener_https/all
x-request-id
fcd8ff0a-3225-4fdf-b617-bb7013bd51b8
last-modified
Fri, 28 Apr 2023 12:42:25 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mf%2FX64tpNim%2BrxqyF%2F%2BSnb6xX8cMaEYrfR0IFnSMpZ12Dau7C6cDrm24DaY3Um%2Fmbv1yQhblXm0rK7bis6hU6sMbRKoXsztBggrBqxEKuc1IlLbb%2FEbGCOt%2FcfDL3DSrJ4vU70vmYlam21dh4xbgsBLXHw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-hubfs-td/envoy-proxy-55b7d448b-r4k2f
access-control-allow-credentials
false
cf-ray
814fbc48cf324d32-FRA
x-amz-cf-id
eq_d2oGbuSKLz1hkK8GEFjIDaJt6E5_-kp7bhjqjyaj798beD8Td9A==
shield-wow.min.js
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32379253675/1682685740703/Shield/js/
8 KB
4 KB
Script
General
Full URL
https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32379253675/1682685740703/Shield/js/shield-wow.min.js
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4efcc099f128e3655108f269adb8e838c24ee54d98c3903a22dec225e3e1221
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
age
2293
x-amz-request-id
RHBM8V5JPW2J1T1M
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener
listener_https
etag
W/"6309bf850dea6345af0b537f2e628964"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1682685740979
content-type
application/javascript; charset=utf-8
x-evy-trace-virtual-host
all
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 6bc1c280aeef9bbdeb102c7f4e4f773e.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
3Y6ojRbIJ3_a2L0i1cyLjVOzG5krJ8PT
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
133
alt-svc
h3=":443"; ma=86400
x-amz-id-2
PEy3sHpXbh6I/+vVrT1rmMzrAi+cmkURoaibvp/+3gQAZazh4mOXn/O6VXc5fGt5HBWEoGvNXJI=
x-evy-trace-route-configuration
listener_https/all
x-request-id
e606d8e1-80b9-46b6-be22-f2d8bd23c5ab
last-modified
Fri, 28 Apr 2023 12:42:21 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2FckzzP7iqupAXVdCZwm0%2BMAbNA63T01FAdacUrZSDgyPobMViIseWwPZz6E7u2DJHEh1G%2B3EXVjXukJFZuGKc5VxSbSE5SK5nho8g%2FJ7xnUfK%2FBvyAYqp4sAzbC9iEaevoHI7CtQvkVJk6IA%2FXPtlW5Rw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-hubfs-td/envoy-proxy-55b7d448b-fwhk5
access-control-allow-credentials
false
cf-ray
814fbc495fec4d32-FRA
x-amz-cf-id
AVXWgth9B2qHc2Cxg-iwUPHEX7jvuEP_Y5MZiwYA7_NDswZxHrtjSw==
slick.min.js
www.picussecurity.com/hubfs/
42 KB
12 KB
Script
General
Full URL
https://www.picussecurity.com/hubfs/slick.min.js
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-meta-cache-tag
F-88670129552,P-7048931,FLS-ALL
age
151884
x-amz-request-id
0FHYR82N3WM5VYHK
x-amz-server-side-encryption
AES256
edge-cache-tag
F-88670129552,P-7048931,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
etag
W/"d5a61c749e44e47159af8a6579dda121"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1666162980835
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 7c3241a948c4d88d2b9d7793615eaf0c.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
rscA3GqdMhf_6Xt5rKM52hFVPQ.2lsXw
x-amz-cf-pop
MXP64-C2
x-hs-alternate-content-type
text/plain
x-cache
Miss from cloudfront
cache-tag
F-88670129552,P-7048931,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
x-amz-id-2
PLfvKPfcDcFOCclQbCmWs0nKZ4Cdf/WQc8/9wWqvSSE0beBrzqGdkPL0Xs9BPD7byy2EYBlNPjo=
last-modified
Wed, 19 Oct 2022 07:03:01 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9n3QNv4JQXLp687HV1jqXZsSMQ7IPTwh67fd71T%2F8e3KuDRCiD8WosjUtd6sCYVnnKw1Ncwoa7pNGEXyKhxCfVtjktmr13nppA8jydIADASet9bpoU9RyPgt%2BQOM2XTPMZ8GMiXOo%2FfN0mn%2F82197cuqWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
814fbc49a8284d32-FRA
x-amz-cf-id
w7aoUZZnAmeI-MKSeCmtCY3E8C6GC4YOkygrHNyjdANUxksqwOG7vA==
module_39027676914_Mega_Menu.min.js
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/39027676914/1696485625215/
1 KB
2 KB
Script
General
Full URL
https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/39027676914/1696485625215/module_39027676914_Mega_Menu.min.js
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c216083c2018a1ca8d3d6b996d05793c5241f708e0e7a21ae992162223f1c590
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-request-id
6X9S41ZYRK9WHBW7
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
x-evy-trace-listener
listener_https
etag
W/"e21ee712307c124e8e34feac1fc3633a"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1696485625215
content-type
application/javascript; charset=utf-8
x-evy-trace-virtual-host
all
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 7dc4818c830423900ae855831181d2b8.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
sFnPp8ENGt0.vKXJo1NiQsKEj7p4sWey
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
a6b9af1d-d92c-44a1-974f-363dfec697a4
x-cache
Miss from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
212
alt-svc
h3=":443"; ma=86400
x-amz-id-2
yU25H0KZnbI/h0jB2MLFyIPo8yaQEjs81gBoE0MwxqXg8ZgqcxPvLflJgW32TWPKahl1VzkBtgU=
x-evy-trace-route-configuration
listener_https/all
x-request-id
a6b9af1d-d92c-44a1-974f-363dfec697a4
last-modified
Thu, 05 Oct 2023 06:00:26 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sjriOBnZ9385PrO%2BYxHJ1s3tpf%2Bq8ggnq3l8CncqBmGmvAJdizqvq6%2FaNHThROq1ZxNOGDXmpN3t9Oo3p8V19Gs9RXAvHj4P0VCXIiSZ6M3CG67U%2BXW7coromAlS0TJRxcOjbKdnmg4O7ljldIEUTwAZpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-hubfs-td/envoy-proxy-6c8d5c7998-2skps
access-control-allow-credentials
false
cf-ray
814fbc49f8794d32-FRA
x-amz-cf-id
_fWXV3mb7mK0nASmDVx5Z3Y0ETe5nlSZAAB05AWu3IQkH-rF3er63g==
header_height.min.js
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/117283871284/1685094012380/Shield/templates/assets/shared/
590 B
2 KB
Script
General
Full URL
https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/117283871284/1685094012380/Shield/templates/assets/shared/header_height.min.js
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e67b4f5fb32d6d546b03f42cff95442d859144653a11b694de5b020cab4fb12
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-request-id
X8WX2C8W47TF4KS2
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener
listener_https
etag
W/"f4ec2297f3a6c4dee0a7eca307395a8c"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1685094012532
content-type
application/javascript; charset=utf-8
x-evy-trace-virtual-host
all
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 0003b3450f3f9fac44312c4622a410c2.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
tSdmAZ1eleRlIHnSfghTZY26IZcvGj3I
x-amz-cf-pop
IAD55-P1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
96
alt-svc
h3=":443"; ma=86400
x-amz-id-2
3cQn4fTJACyYYE1lw5JGkJo8Bqz2mqAXbVZ+F58fpWzkfCskePdEsuqzQevGqoAeR6iVD9+oWTY=
x-evy-trace-route-configuration
listener_https/all
x-request-id
37c6f33b-f0e3-4351-8b9b-7b818b61a66d
last-modified
Fri, 26 May 2023 09:40:13 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wxHOjanfs9nsHYO23Wavcs7E2qyh425qo5VcsuhtT2ZX1D5IKea194LASHDo5gsPtMMgCbdnA1eTjeyuMzmm%2BtrokbKz7Od%2FkTD1WR6nlKY2l3Z6vyvb%2BQRNmkTX%2FR%2BTpwvzpgmrEINmxl1B%2F%2FU%2FRkCXVw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-9xkdz
access-control-allow-credentials
false
cf-ray
814fbc4a58e44d32-FRA
x-amz-cf-id
JidukECduy0Q047QQQH2px9RgBidxE2-Ie5uPNAaklvLbggmQJ4Sdg==
7048931.js
www.picussecurity.com/hs/scriptloader/
2 KB
2 KB
Script
General
Full URL
https://www.picussecurity.com/hs/scriptloader/7048931.js
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5d5c2e9752fa4e5f5b3afbb161e54bcbe5db4a478cc92befbcb2b260d53397a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
52301ca8-081c-4ecd-b5a4-fb3fc0cad1b1
content-encoding
br
x-envoy-upstream-service-time
6
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
52301ca8-081c-4ecd-b5a4-fb3fc0cad1b1
last-modified
Thu, 12 Oct 2023 12:08:38 GMT
server
cloudflare
x-trace
2B2B629075B613F9A0D1E998A2573422512B25877C000000000000000000
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.picussecurity.com
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-5b5c96c966-cxvsr
cache-control
public, max-age=60
access-control-allow-credentials
true
x-evy-trace-virtual-host
all
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QkOHy5wmmA4MGuf2k2kG5cSOoHFap%2Fv%2FvA4IV14DPODFtq3E1IuU08IB2%2BG%2BtiZhNE%2Bn%2BhVj9a7jnFFWhxmID6PI7GBp7S%2BA9VO09kYWuN0GjEiZSLmwnhxnycxwz47nkpuMv1sr33Vpp%2BBOT%2B4F0cwqfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
814fbc4aa9634d32-FRA
expires
Thu, 12 Oct 2023 13:38:05 GMT
css2
fonts.googleapis.com/
11 KB
835 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;800;900&display=swap
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1697100070928/Shield/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
befd473d7da3f98d11a0ee45d1a20b5bd2919a76cbd259c89d54a7043c113ba4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1697100070928/Shield/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 12 Oct 2023 13:37:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 12 Oct 2023 13:37:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 12 Oct 2023 13:37:05 GMT
/
pageimprove.io/
13 KB
5 KB
Script
General
Full URL
https://pageimprove.io/
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.30.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.30.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7522c2cf228f80d9b1af1172f45d04b729d43dd8b9fc7cccb06eee2dd9629fed

Request headers

Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Origin
https://www.picussecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:19:35 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1683295904
age
1050
x-guploader-uploadid
ADPycdsoIfQ6yckzk6W4oJnOGs33rEHf6QaiMJtJSE0sx42xKxifPupBsox_cC_hgkKypkQ5tsibhkIE5R0wlqeVHLhe0Hc39cqb
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4157
last-modified
Fri, 05 May 2023 14:16:37 GMT
server
UploadServer
etag
"432676a5846e294b1a77d1170fa3e21a"
vary
Accept-Encoding
x-goog-generation
1683296197265863
x-goog-hash
crc32c=b8Pcnw==, md5=QyZ2pYRuKUsad9EXD6PiGg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
4157
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 12 Oct 2023 14:19:35 GMT
w.js
d10lpsik1i8c69.cloudfront.net/
5 KB
3 KB
Script
General
Full URL
https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.205.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-205-137.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:32:51 GMT
content-encoding
gzip
via
1.1 a75b67932d84d80b40e12159613deb16.cloudfront.net (CloudFront)
last-modified
Fri, 02 Sep 2022 19:59:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
254
etag
W/"dc0bbcecf2e632d9beb92f4d88b21c2b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
b5C717q8vUc1pEND-SCbASIXap5ClaOeITfdZ7Af2Gs6crgLue9uJQ==
gtm.js
www.googletagmanager.com/
260 KB
87 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N3KD4ZR
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d9fdba06cfaeed5d12beec59349e73ead99ee6e4940a5ef47f08b5a044a02496
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88984
x-xss-protection
0
last-modified
Thu, 12 Oct 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 12 Oct 2023 13:37:05 GMT
0.json
pageimprove.io/s/87e36deb-3baa-4073-8132-78c55a109492/www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a/
0
99 B
XHR
General
Full URL
https://pageimprove.io/s/87e36deb-3baa-4073-8132-78c55a109492/www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a/0.json?version=1.0.0
Requested by
Host: pageimprove.io
URL: https://pageimprove.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.30.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.30.117.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 12 Oct 2023 13:37:06 GMT
cache-control
public, max-age=120
via
1.1 google
server
nginx/1.18.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET
slider-arrow-next.svg
www.picussecurity.com/hubfs/Shield/Icons/other/
312 B
1 KB
Image
General
Full URL
https://www.picussecurity.com/hubfs/Shield/Icons/other/slider-arrow-next.svg
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdce0b54370929aacc3fead98822cd9193639271d9a7dcc7c0c478f1586409ea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-meta-cache-tag
F-32498117729,FD-32439749862,P-7048931,FLS-ALL
age
150060
x-amz-request-id
AGZNA3JBHYDFKV6P
x-amz-server-side-encryption
AES256
edge-cache-tag
F-32498117729,FD-32439749862,P-7048931,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
etag
W/"4e9ad5b9cbf4dae43f95e76a913be069"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1594995438317
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
wcG5Xq1sOYNBFF9SuxmduAYWAF34VkL_
x-amz-cf-pop
FRA56-P7
x-cache
RefreshHit from cloudfront
cache-tag
F-32498117729,FD-32439749862,P-7048931,FLS-ALL
x-amz-meta-index-tag
all
alt-svc
h3=":443"; ma=86400
x-amz-id-2
KkYji33sXLA3azsvJCh65ec0LwoTSI7jUVnV7t9qOTC4AqFDanI5s8PCFSadLAMRtE3Wy1eWLQzr2uTsXNP4a7ozb6tFVHsPytozZlBoL4M=
last-modified
Wed, 19 Aug 2020 12:01:33 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKm6wXGQlG7hniC1pZ0xM4DZOehnUNr6maFbMElKcH4gpW0W6GlPLMoXOyVSfw5bZTyOPiIrMk%2BJ0gu9zDhiOGgsevdLhqFi%2BQu8NOcuehNzLrx35HTPdP2irykZwmRkY4eb7GQLXzaPRwJqUc5oc7v41w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
814fbc4aa9664d32-FRA
x-amz-cf-id
yR4iudD7m4kJevQriyCHiFp1KddogNLn0Ub7jTI5LaJL-dJSr6yPUQ==
dt-menu-arrow-back.svg
www.picussecurity.com/hubfs/Shield/Images/
296 B
1 KB
Image
General
Full URL
https://www.picussecurity.com/hubfs/Shield/Images/dt-menu-arrow-back.svg
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d214792b986a7986cf226ad5f346fa58b7857bcfee980f8c3bc897cf17df564
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-meta-cache-tag
F-39038396307,FD-32586780943,P-7048931,FLS-ALL
age
150062
x-amz-request-id
VMVE99BFASF2RHEJ
x-amz-server-side-encryption
AES256
edge-cache-tag
F-39038396307,FD-32586780943,P-7048931,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
etag
W/"8132c994dd553ae56f7b61821b5a1880"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1608573443493
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
bS6RQKhadAIkt_eobirV6GoH5Y3lWA.b
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-39038396307,FD-32586780943,P-7048931,FLS-ALL
x-amz-meta-index-tag
all
alt-svc
h3=":443"; ma=86400
x-amz-id-2
yAtXi8grjsu1txlrQzI1TQDKxQDAMURQjFIRm5UwojAY0IV8vWz1C5RfjPGHQF3u5w0TiS3XVeI=
last-modified
Mon, 21 Dec 2020 17:57:24 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IDYQQV57Ob51TLiGM5JgkV22n8EqCDTKSO7UwtYCnzVVG8MlA256An%2BE7U85PxDjR%2FQUM96Ic82Ln7JYHUITf2btwLvmFEmXApnVIMnXSThJHqHldNzckDl6NbhTH27vdZIsiBbA1HlcaInbFtMmR%2FRVdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
814fbc4aa9684d32-FRA
x-amz-cf-id
nSCTDqTcCNyGb7w5oalMRbFdtPV8UbEZunn1jhGamzR91gUEsntvfQ==
tracking.min.js
t.visitorqueue.com/p/
8 KB
4 KB
Script
General
Full URL
https://t.visitorqueue.com/p/tracking.min.js?id=67ab0ee7-fcba-400b-8cb3-db7bb1cc0033
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:7e00:c:77c4:d500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
48c22238a7c255b1e07ad60d097624a33f88dea18e6551f5a2012ac9e17bdba9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
2_tEq0cgWOMi4ThJsBGbeTCbWkYZyh_J
content-encoding
gzip
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
date
Thu, 12 Oct 2023 10:00:15 GMT
last-modified
Tue, 25 Apr 2023 11:11:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
13012
x-amz-server-side-encryption
AES256
etag
W/"646a63950383545c112b1e0961d07a19"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
y_WqcpHcIF43maGzFtETXkVwb6mi44--EM3kd1h26ty2e1CuCc4xag==
mega-menu-down-arrow.png
www.picussecurity.com/hubfs/Shield/Images/
98 B
1 KB
Image
General
Full URL
https://www.picussecurity.com/hubfs/Shield/Images/mega-menu-down-arrow.png
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/1696485625274/module_39027676914_Mega_Menu.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
387fafc4558eb44d4303fb1710ec85e39755ffa9378b8cdf982c7e66db79c463
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/1696485625274/module_39027676914_Mega_Menu.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-amz-meta-cache-tag
F-39029899220,FD-32586780943,P-7048931,FLS-ALL
age
150013
x-amz-request-id
4FKAHGNX5AJ91VC0
x-amz-server-side-encryption
AES256
edge-cache-tag
F-39029899220,FD-32586780943,P-7048931,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
content-disposition
inline; filename="mega-menu-down-arrow.webp"
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
cf-bgj
imgq:85,h2pri
etag
"8e2b3f8a9be7c266f20ac70b5ef7c9ef"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1608564034330
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
oVZ1tmPGae_LgGyoO.g0kL81yj6KC.HE
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=121
x-cache
RefreshHit from cloudfront
cache-tag
F-39029899220,FD-32586780943,P-7048931,FLS-ALL
x-amz-meta-index-tag
all
alt-svc
h3=":443"; ma=86400
content-length
98
x-amz-id-2
bsBOQFkV4XhtxOg5u8vb4/ShwnQVJisnrRrot29F6vhY+qfInaVzWwPORKD7Ul3/W01tbioQxZc=
last-modified
Mon, 21 Dec 2020 15:20:35 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2v%2BjROJgRI0dm1yekDHvE9xK7o%2FvsKZfw%2BMO0lrmP9pRtH6mDNE3UhwHbL8%2BveTiH7dpQ54r5Amhlu6t6J%2F2%2FGxVfPiJ1jkIfD%2FF22oIgdoCauLvBwUN1sCnqJZIyLXSqgwvFoC%2F8v2L%2FYfQ3Vd1UysNZg%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
814fbc4ab9704d32-FRA
x-amz-cf-id
hRmNv7WDUxzB7C5aLtKVY5eYKHmEvmw_KNLlzzMJ7yMts6_9W5-9Lw==
Picus-pattern-blue.png
www.picussecurity.com/hubfs/Picus%20Patterns%202022/
185 KB
186 KB
Image
General
Full URL
https://www.picussecurity.com/hubfs/Picus%20Patterns%202022/Picus-pattern-blue.png
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
27becd54cd1d75a01d0d87fc01455809d5eaec6c93e390d1e2654fbc8cf027f8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-amz-meta-cache-tag
F-80817219931,FD-80816751377,P-7048931,FLS-ALL
age
105941
x-amz-request-id
AQQXZDW3BV0FWE1H
x-amz-server-side-encryption
AES256
edge-cache-tag
F-80817219931,FD-80816751377,P-7048931,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
cf-bgj
imgq:85,h2pri
etag
"616946fbcbf2cd2f2378f8dce7bb5ab0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1659421294406
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
RYqudyT1pRmaMwEHHpDfjibBXYa4uV6t
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
cf-polished
origSize=446809, status=webp_bigger
x-cache
RefreshHit from cloudfront
cache-tag
F-80817219931,FD-80816751377,P-7048931,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
content-length
189164
x-amz-id-2
+wF3OTw7sQpCGXT0QTmw/Cb2PeshogtZJzs6Zxin37tzDbQI1Qo+mckBjvbHbvHGpuOYIRDMEzo=
last-modified
Tue, 02 Aug 2022 06:21:36 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W6jVuyp52AJUom6NdYXmgZ4oYlkdf5zM1vdL02mOPz4fxfndNvpxrsQyQFVBIISk3y5yjjmJBjkKCxD9jnmyiTt1u2ero3xyfFo%2BoQdEmSjzm9UXvLOPUHk5iYBgtkwc0e8MylCG1qbWrxiQwBnSTxRRSA%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
814fbc4ab9744d32-FRA
x-amz-cf-id
SS2yk2w88GJR1VWE6WZJawzVZdjEwzJKZmOPLhgg1LYlDbGWPzwT2Q==
background-pattern-20.svg
7048931.fs1.hubspotusercontent-na1.net/hubfs/7048931/raw_assets/public/Shield/images/
1013 B
1 KB
Image
General
Full URL
https://7048931.fs1.hubspotusercontent-na1.net/hubfs/7048931/raw_assets/public/Shield/images/background-pattern-20.svg
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1697100070928/Shield/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3145adf1bffb7600649b9ec6dfc09809307e270dbe6283dbb3c217677a33a2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:05 GMT
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-meta-cache-tag
F-32587224910,FD-32294001075,P-7048931,FLS-ALL
x-amz-version-id
mViV1q64F1is5e_tSVdlZtjxaYvXeqgy
age
1494031
x-amz-cf-pop
FRA56-P7
x-amz-server-side-encryption
AES256
x-amz-request-id
G6SR117KXAXVV996
edge-cache-tag
F-32587224910,FD-32294001075,P-7048931,FLS-ALL
cache-tag
F-32587224910,FD-32294001075,P-7048931,FLS-ALL
x-amz-meta-index-tag
none
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.EnforceAclForReads 2
x-amz-id-2
28iJBbohD3Jv7XmfH+SoOxm8MoBGtkZsl7Q+LolQj5FthPq4uSHLY1bryNBxy4Nk/Y8WVOa7xdk=
last-modified
Mon, 20 Jul 2020 13:27:49 GMT
server
cloudflare
etag
W/"399b73fe70f94e2b0fe7d2a023265e66"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1595251668028
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
cf-ray
814fbc4ae85c9b8f-FRA
x-robots-tag
none
x-amz-cf-id
R1yHE0sIqZbXQyg1GTAe_GcqxNVLcZC3iDGAj3uYVZHhYlSYnSNsgw==
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 2
AvosLocker%20Ransomware%20Continues%20to%20Target%20US%20-%20CISA%20Alert%20AA23-284A-preview.png
www.picussecurity.com/hubfs/
227 KB
228 KB
Image
General
Full URL
https://www.picussecurity.com/hubfs/AvosLocker%20Ransomware%20Continues%20to%20Target%20US%20-%20CISA%20Alert%20AA23-284A-preview.png
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0823d57086c1bd9ad6f4e7744843071a7d2713f49e1be0b75f8b689ad5fa32b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-amz-meta-cache-tag
F-139823134224,P-7048931,FLS-ALL
x-amz-request-id
CJKZHMRPKJK31VPG
x-amz-server-side-encryption
AES256
edge-cache-tag
F-139823134224,P-7048931,FLS-ALL
x-amz-replication-status
PENDING
x-hs-https-only
worker
content-disposition
inline; filename="AvosLocker%20Ransomware%20Continues%20to%20Target%20US%20-%20CISA%20Alert%20AA23-284A-preview.webp"
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
cf-bgj
imgq:85,h2pri
etag
"0fcd1adc55f001b328ac6481153ef012"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1697094579082
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
IWpBobg4YfwDlJ5JYtK40EvddxSgtSgy
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=332716
x-cache
RefreshHit from cloudfront
cache-tag
F-139823134224,P-7048931,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
content-length
232094
x-amz-id-2
O1wwvuMXeqxJ7Fzd78MZcPLAESRmZsI0/MQwlczAzGW8Akwjo9P189akQnY3AkMttaFpRgU/PNU=
last-modified
Thu, 12 Oct 2023 07:09:40 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WNSAK9%2BsXe7kdVOAsGZujmnccfdJISC6gkFM4U4eBXq12Qn%2FYFNPdno%2BraHLJ0OiQteXnQ5xQUVt3uLf5PB40cIFDRngtfuGM8Qgv%2BqL9OzCHFa8cYwaU5mE%2FjilkJKVE3qB3uom5%2FSYVwJ%2FBjuQu%2BoXGw%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
814fbc4ab9784d32-FRA
x-amz-cf-id
Mx-qCFVzGebwk3rZgT38xGw88MUYRxtdE5yY7jREI5LR8i5XvehWJw==
looney-tunables-linux-vulnerability-preview.png
www.picussecurity.com/hubfs/
273 KB
275 KB
Image
General
Full URL
https://www.picussecurity.com/hubfs/looney-tunables-linux-vulnerability-preview.png
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ec62de49aa4f0f39a746653e006baf82e83c2e5106022654546f0f61caefd3b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-amz-meta-cache-tag
F-139354015394,P-7048931,FLS-ALL
age
105941
x-amz-request-id
FSFT3JZ7MJP61VHQ
x-amz-server-side-encryption
AES256
edge-cache-tag
F-139354015394,P-7048931,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
content-disposition
inline; filename="looney-tunables-linux-vulnerability-preview.webp"
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
cf-bgj
imgq:85,h2pri
etag
"24904bfa49622b8115ef3573f7183a91"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1696859826588
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
X3O5.YWmOgTYnxgI7AMZ6W_6a5ttZd2v
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=395074
x-cache
RefreshHit from cloudfront
cache-tag
F-139354015394,P-7048931,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
content-length
279924
x-amz-id-2
LKiD/ekmmzKhlS6IuXuPQlRq62f+aDmV46uA/78K9YBjzOOlaPygjJgruInqdpKUtc7YuIg7hZA=
last-modified
Mon, 09 Oct 2023 13:57:07 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F6r74%2F%2B8KEkQTBlZQWb%2F%2FLroLhhNDH5l6Kh01LSgBAAdjItxWQiB1cqsqZPSL5tNx%2BAHihp4CoFnmjB9yqiRtrc77eYuzkG%2BzD6yQVHcljnSPz1eaDTP%2BW5sb8DT2fCXVJ9%2Bq49v99TdwSz6SzjClpr%2FkA%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
814fbc4ab97b4d32-FRA
x-amz-cf-id
QBnB63pb9iSjSRnS869PBhYZyYGN-mKfcyFXvzoaeoGnr7VUb-v80Q==
CISA-Alert-AA23-270A-BlackTech-Targets-US-Japan-Preview.png
www.picussecurity.com/hubfs/
194 KB
195 KB
Image
General
Full URL
https://www.picussecurity.com/hubfs/CISA-Alert-AA23-270A-BlackTech-Targets-US-Japan-Preview.png
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c40c057d3d2a75cdc144b1fd3c89cb684b316bc22dc92e6224063e631778005
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-amz-meta-cache-tag
F-136913490795,P-7048931,FLS-ALL
x-amz-request-id
5FQCE2WJ4G4D4WR8
x-amz-server-side-encryption
AES256
edge-cache-tag
F-136913490795,P-7048931,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
content-disposition
inline; filename="CISA-Alert-AA23-270A-BlackTech-Targets-US-Japan-Preview.webp"
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
cf-bgj
imgq:85,h2pri
etag
"0bbe76b2568b3bec91db55695100664b"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1695909473548
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
qjVeG7tCFhYCFSS.BsYp6HKh5fBPZ09i
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=289360
x-cache
RefreshHit from cloudfront
cache-tag
F-136913490795,P-7048931,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
content-length
198666
x-amz-id-2
ZJVqRXEKd6PfnkGfQUXxoKCtYU990rZ2puhqskSXVK/MSNopmL1nZ5y4tQoUH3wCkwxIuPMzUR5+/4CViArl+A==
last-modified
Thu, 28 Sep 2023 13:57:54 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cb2avSoRrpGY4Z7uVShIgRlKSaRckKeC3BDL9l3%2BTLjWx1vlRzccG%2FetvmwJep%2FmEygUPvM3csyb%2FlXGVFmXqTm81%2BibFsj4WrsoI2nKs1SbRpz4QU4ThcXYcPvPVzhDpoFeRrXuHcPHV45qH77kbKhHqw%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
814fbc4ab97c4d32-FRA
x-amz-cf-id
3BsyyjVZERngzg16kQ-mTS589UsjgoeZLopuXSaW1paLrOIVpowb0g==
background-pattern-footer.svg
www.picussecurity.com/hubfs/Shield/Backgrounds/
1012 B
2 KB
Image
General
Full URL
https://www.picussecurity.com/hubfs/Shield/Backgrounds/background-pattern-footer.svg
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1697100070928/Shield/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d74aea3ea1a09d7239128033be4a712352c7d38e458103f16f27c9446e8b329
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1697100070928/Shield/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-meta-cache-tag
F-32488001577,FD-32488148221,P-7048931,FLS-ALL
age
150060
x-amz-request-id
JXJM77GJDVE7BYTG
x-amz-server-side-encryption
AES256
edge-cache-tag
F-32488001577,FD-32488148221,P-7048931,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
etag
W/"5d838d296347ac210f658dd228f5e4d5"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1594983750124
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
_FuCvoAKP6E7gHr_urCXSjMGDpA0scJz
x-amz-cf-pop
FRA56-P7
x-cache
RefreshHit from cloudfront
cache-tag
F-32488001577,FD-32488148221,P-7048931,FLS-ALL
x-amz-meta-index-tag
all
alt-svc
h3=":443"; ma=86400
x-amz-id-2
neKSTcsojbi5Hfx7g6UOSNqfs0/ibgUUuU02UCz1ZxhK8JjXo5dSdBsw1Z7LJ9eX5MdhjblJwrk=
last-modified
Fri, 17 Jul 2020 11:02:31 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hhJwvNyT9uHV3x0x1Uuu7123XlyUCpR8JYmdr1O0M5hkDjVhMI%2FakoPspJtTbOdxl7maix830xulPEzsaw%2BTeuRuJ4XwJCVFeQgBY3OEaMxGBSF9GdtcVbZe0b98AVwMsxWri1m9P%2FyFjFI%2BELpfQo1%2Bzw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
814fbc4ab97e4d32-FRA
x-amz-cf-id
FOEggAJ7HBsUuAHIRstXzQf2WprOlfcNzjzzEjJww523TP8ga6aVsw==
shield-navicon-dropdown-efefef.svg
www.picussecurity.com/hubfs/Shield/Icons/other/
269 B
1 KB
Image
General
Full URL
https://www.picussecurity.com/hubfs/Shield/Icons/other/shield-navicon-dropdown-efefef.svg
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1697100070928/Shield/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1211b9bf5f5278b9d2b064e35be18c27e3274df41a3e348118b713c7a696fae0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1697100070928/Shield/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-meta-cache-tag
F-34505653174,FD-33856159417,P-7048931,FLS-ALL
age
111662
x-amz-request-id
H4Z7RSYCXC1FJTJG
x-amz-server-side-encryption
AES256
edge-cache-tag
F-34505653174,FD-33856159417,P-7048931,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
etag
W/"ecae414d7556d9ccd065fa370783175b"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1599224683583
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
vDQsdUy4ve2mxuhK1StbfxDEwO6rRfAM
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-34505653174,FD-33856159417,P-7048931,FLS-ALL
x-amz-meta-index-tag
all
alt-svc
h3=":443"; ma=86400
x-amz-id-2
/GNcdvOE2QP/J1cd7o2DsdtT4xrXsHpxy1GlRegdTWGI0OL7BXLdPp01XAwChiGS/+zEZclwPjs=
last-modified
Fri, 04 Sep 2020 13:04:44 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CmxKy0SEDxBzbUCpcK7bB1h%2FtnFafnOU5OeAD2TbkFRQHgj4K914d9tsS0TM5%2BKx8inc%2BAPvOstolhrGKo4GSKcWAs7w9HEsjqvxgsJepaQ8lV%2B3e2bolQWpVGPnpU4TeIjLQDnMnvwxdD1HMlUGdWi4ew%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
814fbc4ab9804d32-FRA
x-amz-cf-id
d_d-_2V7bzEMTwYxZRp1k5toSea2ds9-ud77lpfvjoaFjvuGe4tr1A==
700.woff2
www.picussecurity.com/_hcms/googlefonts/Red_Hat_Display/
17 KB
18 KB
Font
General
Full URL
https://www.picussecurity.com/_hcms/googlefonts/Red_Hat_Display/700.woff2
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b71a29ecd59a83648619466fa24609d9030aa3eb31b3cedc7f9b424d2da1a270
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Origin
https://www.picussecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires
Thu, 26 Oct 2023 13:37:05 GMT
date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
FRA56-P7
x-amz-request-id
WW4K0H4XP4RB4K30
x-amz-server-side-encryption
AES256
x-amz-version-id
T3HNX19EUTYxilQSJj96Ev3qIP_QOUsv
x-cache
Miss from cloudfront
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.EnforceAclForReads 2
alt-svc
h3=":443"; ma=86400
content-length
17464
x-amz-id-2
y0x4nAXXkllc+sh8UttyFnk47JaD7OeTewgWXkysEixoysJqWCvzHBtro6FM33AtsCyMLH1fyQ4=
last-modified
Tue, 12 Sep 2023 22:00:09 GMT
server
cloudflare
etag
"e07916f3407087b153d29bebb418965b"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xy8wJPrQtRYGpaiqX7V4zXBjv1CiNNZvEDPLMJTNPll7PWeUE3SDQY5Lv%2FGeRby8lwe%2FfiB9n%2FmalYUy5L56u7yyk8dGa3UJEZrhv%2FPGFfR6NlQfJEg9WwerYB22j1aY0RDzPDNI8sqxrj6rOA0AtSOWQw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=1209600
accept-ranges
bytes
cf-ray
814fbc4ab9834d32-FRA
x-amz-cf-id
AQVgy4h2XG_5bxD-91E7GlOVjb-ak4qkdLlIUt3ezLjXsmEkcuqnaA==
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 2
regular.woff2
www.picussecurity.com/_hcms/googlefonts/Red_Hat_Display/
16 KB
17 KB
Font
General
Full URL
https://www.picussecurity.com/_hcms/googlefonts/Red_Hat_Display/regular.woff2
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fdcb805a20649db94783ffc68e227bd61a806f29af381db6c84b52138d2dccd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Origin
https://www.picussecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires
Thu, 26 Oct 2023 13:37:05 GMT
date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 709380ea5bd18c88e4b28c987d105856.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
TLV50-C2
x-amz-request-id
DM5PW55KR680NVZH
x-amz-server-side-encryption
AES256
x-amz-version-id
hrWF0QeBO7BTXYVLsjLvLF4rjrk37e4K
x-cache
Miss from cloudfront
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.EnforceAclForReads 2
alt-svc
h3=":443"; ma=86400
content-length
16788
x-amz-id-2
oiTNLUtWTGQlAPaGDRQUEpKWa8Sd82T37Oo10YCSLzlq0pofVIT6FUtaBKqL42Qk1tZyW8A2aJE=
last-modified
Tue, 12 Sep 2023 22:00:05 GMT
server
cloudflare
etag
"944832f134e36e508e05dbe34a841f6a"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kOQnvJhfdycGXimQZYN%2BQgFVlLhZwoLLPgOGsXsLEBbPwjJ1alrHwZgeAEkvxRw%2Bf64EkPWFNR3gMDDZBVDXDDAzIz4UvD5I8JVu5M%2BdfzLMj2W%2BabGf%2BPCaXtNyekMO6up1Fh%2FNHE1gsbFiZVq6J8c18w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=1209600
accept-ranges
bytes
cf-ray
814fbc4ab9854d32-FRA
x-amz-cf-id
pPw-NiXx_2P-VAdU82NQBi-ceWAcr_2N4rnIZsQgmwtGMdfv1s3QUg==
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 2
regular.woff2
www.picussecurity.com/_hcms/googlefonts/Inter/
96 KB
97 KB
Font
General
Full URL
https://www.picussecurity.com/_hcms/googlefonts/Inter/regular.woff2
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5b3faf5ec92b8291684bf008308c4248ea2f6a1d05c7eec98366e08438a56b7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Origin
https://www.picussecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires
Thu, 26 Oct 2023 13:37:05 GMT
date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 174262b85c119d8208d4718b655e0b6c.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
MRS52-P2
x-amz-request-id
MB38XBNEFYGE16H6
x-amz-server-side-encryption
AES256
x-amz-version-id
dq8vhCSi3adfa5VbhrDa8AtNcpO3Zcej
x-cache
RefreshHit from cloudfront
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
alt-svc
h3=":443"; ma=86400
content-length
98060
x-amz-id-2
dO+dVuzbvgxa8TSx5fdSzkeM6t2dzDkkT8TC+A9HAbKq3aXUna7+oAwrtHpvcWbGRCjPlvpol7A=
last-modified
Tue, 17 Jan 2023 19:06:37 GMT
server
cloudflare
etag
"bd78957b1fccd36a135d9af54373cc95"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WD5naVErG5Kga0v8ZT74ioas1IlM3AArkpxrfaFa%2FhkwLbqiablXK7YDsvnoakiN0aD89%2F31JsgScSIZq69QTZZtFeqN7BmCWM0BAVTxCOIaDnWhaopK0CBcWAQyZ6HLJjIuHbhjBbz1eP9WCuTzlV7xYw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=1209600
accept-ranges
bytes
cf-ray
814fbc4ab9884d32-FRA
x-amz-cf-id
OqlQKPA01NAgeUbqeq64NBYnk14-CZaGAWcSOCjiGQfabzlDQh9PZg==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/
46 KB
46 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.picussecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 18:19:49 GMT
x-content-type-options
nosniff
age
587836
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Oct 2024 18:19:49 GMT
regular.woff2
www.picussecurity.com/_hcms/googlefonts/Red_Hat_Text/
15 KB
16 KB
Font
General
Full URL
https://www.picussecurity.com/_hcms/googlefonts/Red_Hat_Text/regular.woff2
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
681d60ba79a289885fb9b49a5617a49454e0a0fac9e65f75c5e2d253ade1b302
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Origin
https://www.picussecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires
Thu, 26 Oct 2023 13:37:05 GMT
date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
FRA56-P7
x-amz-request-id
VPGG4WX6M3Y55W7D
x-amz-server-side-encryption
AES256
x-amz-version-id
vuahbwFnn0nW4yRBACbwA._jsMDGupc4
x-cache
RefreshHit from cloudfront
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
alt-svc
h3=":443"; ma=86400
content-length
15528
x-amz-id-2
aTiPb8mvUt+nJOZxxaEPj/hOFnSmQBWt1tYvPkOfLdOh+wkQXvgnzdk+f9D8ipaiu47148s2Qc5ZLz896qg6+w==
last-modified
Tue, 17 Jan 2023 21:51:51 GMT
server
cloudflare
etag
"78f123f008d70569251439f5010339cc"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vgx3yODHbIY%2FwDMfHZj9BxgWPt0E7KXjEMAskRIdoN3cDmUEi9%2B6J0krjgf0BZnqV5jBDog2HT%2BWgmD7vvJZ0UVM2EskpAniMSxIsHEAl0R%2BsfqSV7CXw7WEACPjnvL5pHNxIwadkK%2FWx0NsDWBp0pNLNA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=1209600
accept-ranges
bytes
cf-ray
814fbc4ab9894d32-FRA
x-amz-cf-id
vF5hWkUOAxwF87sg1VZp_s5GtbGmxL-mmyENPvczkylHpDjyKbl8Mg==
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
image%20(63).png
www.picussecurity.com/hs-fs/hubfs/
12 KB
13 KB
Image
General
Full URL
https://www.picussecurity.com/hs-fs/hubfs/image%20(63).png?width=200&height=308&name=image%20(63).png
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cd5d33cb2c42c64af2e3aae61bc9d7939432fabb7f85e236e703e0f7e622783
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 f5046bb9ebd1a8f25b2025d7d9a283f2.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag
F-119965397553,P-7048931,FLS-ALL
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400
content-length
12300
cf-resized
internal=ok/h q=0 n=17+0 c=2+13 v=2023.9.8 l=12300
last-modified
Tue, 13 Jun 2023 13:25:51 GMT
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cfvWzcFFgKWDt6pKhtz5X3Ajm6zaTteLObWMe9OdvFDQ:7e2fbbf55a104b7613eb07a44799f7a2"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T6UNQTD4jcFarYLse40mrzZdGFkGW2HVqbvaOsodDZgNL8wr3Ytm%2B8Q%2Bri8%2BxALey1ubx%2BH6ZYAGckuS9oAWrBwTyo85Xb1u29Nc0qyk%2BRmx1%2FDLa7wAR9pLz6jAGa7tCF6fM2koTJ2UYVFhbas%2Bjbt%2FHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges
bytes
cf-ray
814fbc4ae9cd4d32-FRA
image-png-Jun-16-2023-06-42-00-0224-AM.png
www.picussecurity.com/hs-fs/hubfs/
15 KB
16 KB
Image
General
Full URL
https://www.picussecurity.com/hs-fs/hubfs/image-png-Jun-16-2023-06-42-00-0224-AM.png?width=290&height=268&name=image-png-Jun-16-2023-06-42-00-0224-AM.png
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbc3e410aa75bc69dcdf0a4c56b328c3def693d67651f05dd27698f3bb234d1b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 10c6c3dafd71d2880db1f56a9baf3a70.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag
F-120489779596,P-7048931,FLS-ALL
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400
content-length
15052
cf-resized
internal=ok/h q=0 n=62+0 c=38+48 v=2023.9.8 l=15052
last-modified
Fri, 16 Jun 2023 06:42:01 GMT
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cfWLnNc4t1dG1w7z2_tPxRFegbXJRVDGLm7LJjf-85DQ:df5fdd466996f3451ce780c7ed6e9403"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cKiRX1DkbUStpYjWK65F8bDAwcyS5RuLeCZve9u6WYckwzJfkZ68yUhpigPeqy4GspDVD2J8bxLsMtYbCTb1DVwgAn%2F9pqohS0Ff%2BQBeftHvkNDdA7RmWhcXH%2BXb4e%2ByR21fo6CqYRLBjSnL2eWwTsq87Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges
bytes
cf-ray
814fbc4ae9d04d32-FRA
BAS-Mock-Up-1-small%20(1).png
www.picussecurity.com/hs-fs/hubfs/2023%20-%20Optimization/
15 KB
16 KB
Image
General
Full URL
https://www.picussecurity.com/hs-fs/hubfs/2023%20-%20Optimization/BAS-Mock-Up-1-small%20(1).png?width=329&name=BAS-Mock-Up-1-small%20(1).png
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ccd3b5669b29f2fa98294515dc2fea3e210479c97ccc9617d7f4ba6faa18c1c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 d143bdfb7cce4cf7ec0bcf9ec13e5914.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag
F-106611340645,FD-106424384934,P-7048931,FLS-ALL
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400
content-length
15276
cf-resized
internal=ok/h q=0 n=19+0 c=0+27 v=2023.9.8 l=15276
last-modified
Wed, 15 Mar 2023 13:46:35 GMT
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cfavBT5HL45JZS7Vl7tH0r2X33KKhe5PBBEbOhGtdxDQ:705e4e397cf0a1e2e5c2d0f93b1e894f"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xiOMxt%2F3CUWwbhzOpXTKhr0NjVNbviIZyDrkjccgpFxaB5fKifj8L6pC3gHAG5rVGmprOHQB8QzgtpmJ0AdSq40PTc7Fh0dvKEcHjWSKM6uj%2B8nsCwxahvgLc2SwpSh80jDIjSHhIxx5HYflPwFlUFEhAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges
bytes
cf-ray
814fbc4ae9d14d32-FRA
AvosLocker%20Ransomware%20Continues%20to%20Target%20US%20-%20CISA%20Alert%20AA23-284A-preview.png
www.picussecurity.com/hs-fs/hubfs/
22 KB
23 KB
Image
General
Full URL
https://www.picussecurity.com/hs-fs/hubfs/AvosLocker%20Ransomware%20Continues%20to%20Target%20US%20-%20CISA%20Alert%20AA23-284A-preview.png?width=463&height=343&name=AvosLocker%20Ransomware%20Continues%20to%20Target%20US%20-%20CISA%20Alert%20AA23-284A-preview.png
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a98846e3bf28f8f8f9db78adf6ef8af250dec27bfaf350d5f36b70ff0bd8fc33
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 df327bd0c8709a81ade8602ac9ef16e0.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag
F-139823134224,P-7048931,FLS-ALL
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400
content-length
22228
cf-resized
internal=ok/m q=0 n=838+0 c=9+25 v=2023.9.8 l=22228
last-modified
Thu, 12 Oct 2023 07:09:40 GMT
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cfK31V--QfEhVrwtdDf-q6KoC_jvtstUm7awjwav3NDQ:0fcd1adc55f001b328ac6481153ef012"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYWawPw6qkoP4ZbelUTvQYgm2NzAGd4%2FZVWGzJ9%2F8yvr1IF8EmuA00AyeRdtYCt%2Fk7bBTQbC05PGcM9S1TbpRbxe4uRD%2BV4pgzkmxWK6m8u%2FTgw0OntCN5n98AOz81ZgMhurV9ofDTYdB0pxmLq2PaDJdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges
bytes
cf-ray
814fbc4ae9d34d32-FRA
What%20is%20security%20posture.png
www.picussecurity.com/hs-fs/hubfs/
9 KB
10 KB
Image
General
Full URL
https://www.picussecurity.com/hs-fs/hubfs/What%20is%20security%20posture.png?width=463&height=343&name=What%20is%20security%20posture.png
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2f636ac48b701db6fbd4c211e0cc50a822291be8bc4b286a16aaf065a717ceb
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 56317bf75183e752b06c880e8a1e502a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag
F-139823485314,P-7048931,FLS-ALL
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400
content-length
8946
cf-resized
internal=ok/m q=0 n=864+0 c=1+18 v=2023.9.8 l=8946
last-modified
Thu, 12 Oct 2023 06:59:32 GMT
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cf-p8vNzLLV2uMLfQPQxD2aHgfjvtstUm7awjwav3NDQ:97a21c3bf764e2f11e942da3a30de7a6"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWmBiEHJJaPYrgLbEq3zedt2SBI75mPjMdFNUDBh4Xc9rSZfAMj140%2BUdnoM35otv4fOkKTOMTYLNiXudQSpZ6R8aPfuglXcMpUOAvYAyu%2B%2BQaqX00OIP9zy4QmErndCEc8D7bW4NGS%2FFHvuDxEg0zKEww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges
bytes
cf-ray
814fbc4ae9d44d32-FRA
mega%20menu%20slider%20(260%20%C3%97%20330%20px)%20(2).png
www.picussecurity.com/hs-fs/hubfs/2023%20-%20Optimization/
35 KB
36 KB
Image
General
Full URL
https://www.picussecurity.com/hs-fs/hubfs/2023%20-%20Optimization/mega%20menu%20slider%20(260%20%C3%97%20330%20px)%20(2).png?width=397&height=330&name=mega%20menu%20slider%20(260%20%C3%97%20330%20px)%20(2).png
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6166158031fd51454f5f53ff606451c60fa465ee5f13ec05ed5e477e42ce49ab
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 7f71f5258c6bbee046a26011fbbfa996.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag
F-127077146888,FD-106424384934,P-7048931,FLS-ALL
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400
content-length
36230
cf-resized
internal=ok/h q=0 n=9+0 c=1+97 v=2023.9.8 l=36230
last-modified
Wed, 26 Jul 2023 13:21:09 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"cfaubv21WYBkemDva3Kom-mgL_JsLT1yLXxd4QU68MDQ:d3de6f87e01e0d2ef6266ca45b1ca1c1"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FfnHg8Yh8qu9JYDxRXnULaCfd%2F25H63%2FGtTMGP%2B7XNeLsX26giiMngY%2FqDS6M84zxeUDoAGzg7u4zjNrQmxf94LjHIvoLjw4M3ZOsDBST2BgEErgzJ%2FB1r6bWbNrTKxkJVG4oEuVORv9zSf%2BbpDAPB84ww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges
bytes
cf-ray
814fbc4ae9d54d32-FRA
ZFA71guB0AzYZrfhOsJo56h0u4Bf7ZodfbXpT-mAFkQrcpr4iky1wv_iNsYfelCx84TRTCOwD7bkRxxEy0yemuqokdkEu1FpnchQS5wpBQbVSM1JRARYGDxiHBJRqKPAQGYXgIdH7_fHCCwAmtHdAIM
lh6.googleusercontent.com/
545 KB
545 KB
Image
General
Full URL
https://lh6.googleusercontent.com/ZFA71guB0AzYZrfhOsJo56h0u4Bf7ZodfbXpT-mAFkQrcpr4iky1wv_iNsYfelCx84TRTCOwD7bkRxxEy0yemuqokdkEu1FpnchQS5wpBQbVSM1JRARYGDxiHBJRqKPAQGYXgIdH7_fHCCwAmtHdAIM
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7782a3468a78d539e9f47a9c39d345db3365311b648fd1bd5bbe00fc86808520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:06 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="pasted image 0.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
557946
x-xss-protection
0
expires
Fri, 13 Oct 2023 13:37:06 GMT
json
www.picussecurity.com/_hcms/forms/embed/v3/form/7048931/10a2d0b0-9f91-4cd7-a1e0-1cff39706638/
10 KB
4 KB
XHR
General
Full URL
https://www.picussecurity.com/_hcms/forms/embed/v3/form/7048931/10a2d0b0-9f91-4cd7-a1e0-1cff39706638/json?hs_static_app=forms-embed&hs_static_app_version=1.3812&X-HubSpot-Static-App-Info=forms-embed-1.3812
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/_hcms/forms/v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
492215e7bbac76f3e41fc9887e1063c098cf28c23892c1a878070fc720e582ad
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-origin-hublet
na1
date
Thu, 12 Oct 2023 13:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
bb7c75bf-dc8b-4f59-a0cf-3b41161be57a
content-encoding
br
x-envoy-upstream-service-time
32
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
bb7c75bf-dc8b-4f59-a0cf-3b41161be57a
server
cloudflare
x-trace
2BCC2EB1B40D7AFD40E21AF93AFB7562E67A0CB0A3000000000000000000
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, GET
content-type
application/json;charset=utf-8
access-control-max-age
180
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-79986f96f-jt4pd
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-evy-trace-virtual-host
all
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NuQX1u9i1LUkHxH6ab6z3ln5L7PUHnqIZFt7DmqBUVZxFr19VFkUYFnQk6EYHYvynx7NBoOegKSechsgS7Dy0Pm81iN7KQc%2F%2FlWhqe0wWVYyKCfh14JRvQvPl37OY9rFkt491A80OjT90H3Lu%2F7ZTa%2BUtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
814fbc4b7a8d4d32-FRA
access-control-allow-headers
*
x-robots-tag
none
/
www.facebook.net/login/
Redirect Chain
  • https://connect.facebook.net/en_US/all.js
  • https://www.facebook.net/login/?next=https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Fall.js
0
0

widgets.js
platform.twitter.com/
91 KB
28 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6795) /
Resource Hash
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Thu, 12 Oct 2023 13:37:05 GMT
Content-Encoding
gzip
Age
1471
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27598
Last-Modified
Mon, 09 Oct 2023 20:29:49 GMT
Server
ECS (frb/6795)
Etag
"391b7fdf0c468036f27102529636f0ca+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
/
settings.luckyorange.net/
129 B
757 B
Fetch
General
Full URL
https://settings.luckyorange.net/?u=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Favoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a&s=202290
Requested by
Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4aedc93d1c0050ee019a0f8a838d5de2b64ca89662eb31c45e04da5d3f09b4f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.picussecurity.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xNS3YH6KDSI3B93BoptL5VFUGMCDBLM6a5%2FIVVYJG7%2FS%2B24%2FnyfA3c5VQFDXhYPfIW1ZfVQ2sE4bvGsD%2Fdiw0mEmFI%2B7L1Lmc%2BioK%2FojIEPkhfIXfggO2zc%2BZs558YXuOhQa%2BaYlD6eYzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-credentials
true
cf-ray
814fbc4bff0f65a3-FRA
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since
open
t.visitorqueue.com/p/
2 B
316 B
Ping
General
Full URL
https://t.visitorqueue.com/p/open
Requested by
Host: t.visitorqueue.com
URL: https://t.visitorqueue.com/p/tracking.min.js?id=67ab0ee7-fcba-400b-8cb3-db7bb1cc0033
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:7e00:c:77c4:d500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 12 Oct 2023 13:37:06 GMT
access-control-request-method
*
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
content-type
text/plain
access-control-allow-origin
*
access-control-allow-headers
*
content-length
2
x-amz-cf-id
GxsTh-2kdwY3HJuyFwT_BPJa97FtSRcm84QxWk9_YL21lxAqcq-3pQ==
alt-svc
h3=":443"; ma=86400
open
t.visitorqueue.com/p/
35 B
369 B
Image
General
Full URL
https://t.visitorqueue.com/p/open?l=9&q=cGFnZVZpZXdJZD1hMDUxNTkwYS1kMjI4LTQ0MTAtODJkMy1mY2YxOTBjMjkyMjQmcGF0aE5hbWU9L3Jlc291cmNlL2Jsb2cvYXZvc2xvY2tlci1yYW5zb213YXJlLWNvbnRpbnVlcy10by10YXJnZXQtdXMtY2lzYS1hbGVydC1hYTIzLTI4NGEmdmlzaXRvcklkPWE3ZjkxZjNiLWE3YWQtNDMyNi05Mzc1LTlmNmRlZTg2YTgwOSZ2aXNpdElkPTJlNTI3Yzg3LWE3MTctNGFhOC05MDAyLTQwYmU2MmY4YjU4ZCZhY2Nlc3NlZEF0PTE2OTcxMTc4MjYmdnFUcmFja2luZ0lkPTY3YWIwZWU3LWZjYmEtNDAwYi04Y2IzLWRiN2JiMWNjMDAzMyZvcmlnaW49d3d3LnBpY3Vzc2VjdXJpdHkuY29tJnNjcmlwdFZlcnNpb249Mi4wLjA=
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:7e00:c:77c4:d500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:05 GMT
access-control-request-method
*
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-origin
*
cache-control
No-Store
access-control-allow-headers
*
content-length
35
x-amz-cf-id
EY9Ov1MSB2ji7gcEuvfGPLTUDQhpauDqhww5Cm2OH5VxwK5Mhh9fVQ==
alt-svc
h3=":443"; ma=86400
has-permission
app.hubspot.com/content-tools-menu/api/v1/tools-menu/
0
979 B
Script
General
Full URL
https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=7048931&callback=jsonpHandler
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options no-sniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
no-sniff
cf-cache-status
DYNAMIC
x-hs-worker-debug-mode
false
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
7d85f0b6-75d7-42d2-aedb-6d241a55d14a
x-envoy-upstream-service-time
4
x-evy-trace-route-configuration
listener_https/all
reporting-endpoints
default="https://send.hsbrowserreports.com/csp/reports?cfRay=814fbc4bfcdf35e8&resource=unknown"
x-evy-trace-listener
listener_https
x-request-id
7d85f0b6-75d7-42d2-aedb-6d241a55d14a
server
cloudflare
x-trace
2BD217BE7B8CCCB847B8C57811C1F3D81C421D585B000000000000000000
vary
origin, Accept-Encoding
access-control-allow-methods
GET
report-to
{"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-7c89bb96b9-wh2kt
x-evy-trace-virtual-host
all
cache-control
max-age=0
access-control-allow-credentials
true
cf-ray
814fbc4bfcdf35e8-FRA
a33e3dc0-7316-4f7d-8ec0-244dbd62e401_eu.js
cdn.mouseflow.com/projects/
Redirect Chain
  • https://cdn.mouseflow.com/projects/a33e3dc0-7316-4f7d-8ec0-244dbd62e401.js
  • https://cdn.mouseflow.com/projects/a33e3dc0-7316-4f7d-8ec0-244dbd62e401_eu.js
115 B
525 B
Script
General
Full URL
https://cdn.mouseflow.com/projects/a33e3dc0-7316-4f7d-8ec0-244dbd62e401_eu.js
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
HTTP/1.1
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Mouseflow /
Resource Hash
0d65e0bb2b93943ac7a72d8f70bda4f8931d6d07c9731bf28dc1d895c1dc4edf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Thu, 12 Oct 2023 13:37:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Sep 2023 11:56:37 GMT
Server
Mouseflow
ETag
"650051f5-73"
X-HW
1697117826.cds341.fr8.hn,1697117826.cds228.fr8.c
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
98

Redirect headers

Date
Thu, 12 Oct 2023 13:37:06 GMT
X-HW
1697117826.cds341.fr8.hn,1697117826.cds343.fr8.c
Location
https://cdn.mouseflow.com/projects/a33e3dc0-7316-4f7d-8ec0-244dbd62e401_eu.js
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
X-HW-Loc
https://cdn.mouseflow.com/projects/a33e3dc0-7316-4f7d-8ec0-244dbd62e401.js
Content-Length
0
insight.min.js
snap.licdn.com/li.lms-analytics/
12 KB
4 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3KD4ZR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::210:a40a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 05 Sep 2023 13:41:52 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=8719
accept-ranges
bytes
content-length
3822
js
www.googletagmanager.com/gtag/
305 KB
95 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DB6MKXQ2E6&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3KD4ZR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9c3f907db5db7c0035e9b487bbe983a82434459488bd9260cd27de31c7dd73af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96915
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 12 Oct 2023 13:37:06 GMT
ajax-loader.gif
7048931.fs1.hubspotusercontent-na1.net/hubfs/7048931/raw_assets/public/Picus%20IL%20Shared/Shared%20by%20Themes/asset/font/
3 KB
3 KB
Image
General
Full URL
https://7048931.fs1.hubspotusercontent-na1.net/hubfs/7048931/raw_assets/public/Picus%20IL%20Shared/Shared%20by%20Themes/asset/font/ajax-loader.gif
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/119013969479/1686049622830/Picus_IL_Shared/Shared_by_Themes/asset/slick-theme.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
568d7b83659993469a2d729ad98daba3a7de2568f74d670d18ae618f118fe353

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-119013776918,FD-119014686826,P-7048931,FLS-ALL
age
1752449
x-amz-request-id
AWNYC8WVY4Q3BCEX
x-amz-server-side-encryption
AES256
edge-cache-tag
F-119013776918,FD-119014686826,P-7048931,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.EnforceAclForReads 2
cf-bgj
imgq:85,h2pri
etag
"c5cd7f5300576ab4c88202b42f6ded62"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1686049611853
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
none
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 2
date
Thu, 12 Oct 2023 13:37:06 GMT
via
1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-version-id
In9ttezEZ_GM9U3eektboBkYWwcorOKA
x-amz-cf-pop
FRA60-P1
x-hs-alternate-content-type
text/plain
cf-polished
origSize=4178
x-cache
Miss from cloudfront
cache-tag
F-119013776918,FD-119014686826,P-7048931,FLS-ALL
x-amz-meta-index-tag
none
x-amz-storage-class
INTELLIGENT_TIERING
content-length
2592
x-amz-id-2
DC1EkwB6zCx/2wwF6aGqRAu4G5MJhlp6lf0BmfsWUsEFH2/rrcTc1Bu9gTb6eD29IW7q5yyEqD0=
last-modified
Tue, 06 Jun 2023 11:06:52 GMT
server
cloudflare
accept-ranges
bytes
cf-ray
814fbc4caab99b8f-FRA
x-amz-cf-id
3X2i1X5Fxv-PsmvBpYXV34SHehBp9AjzRp3Gf-c3oyZ7rLL91cCTXw==
slick.woff
7048931.fs1.hubspotusercontent-na1.net/hubfs/7048931/raw_assets/public/Picus%20IL%20Shared/Shared%20by%20Themes/asset/font/
1 KB
2 KB
Font
General
Full URL
https://7048931.fs1.hubspotusercontent-na1.net/hubfs/7048931/raw_assets/public/Picus%20IL%20Shared/Shared%20by%20Themes/asset/font/slick.woff
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/119013969479/1686049622830/Picus_IL_Shared/Shared_by_Themes/asset/slick-theme.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

Request headers

Referer
https://www.picussecurity.com/
Origin
https://www.picussecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-119014001952,FD-119014686826,P-7048931,FLS-ALL
age
86034
x-amz-request-id
SKYQSFYN0501CVPC
x-amz-server-side-encryption
AES256
edge-cache-tag
F-119014001952,FD-119014686826,P-7048931,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
etag
W/"b7c9e1e479de3b53f1e4e30ebac2403a"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1686049473150
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
none
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Thu, 12 Oct 2023 13:37:06 GMT
via
1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-version-id
qWoEjywQRnOla_dAjTNMqhA4Lhxyooow
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-119014001952,FD-119014686826,P-7048931,FLS-ALL
x-amz-meta-index-tag
none
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-id-2
OxM8GTsqqOWViJ4OXVzYB6R+CTUTQf+5sVr1jyJsiqfsNPhN7dHP94Qyc9sPxRv1iG5/KUgz1a4AYU6aOct44g==
last-modified
Tue, 06 Jun 2023 11:04:34 GMT
server
cloudflare
cf-ray
814fbc4cc8783732-FRA
x-amz-cf-id
ze7TW4Tw0scNDygmZeByYqDXCwlNlpvtR3IjORiLe2zEJVPXpAadxg==
collectedforms.js
js.hscollectedforms.net/
69 KB
25 KB
Script
General
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs/scriptloader/7048931.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:5b9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1b5aca028dd8447199f3c06601e38f5b8aba3b29be5ccd2de504a561fed2558
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Origin
https://www.picussecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:06 GMT
x-amz-version-id
99Y.E0UsJAdqqpubte3vKq3r2MOVQh4K
via
1.1 1f1067e4f193aaabd2c24b99bcdc4e88.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-amz-cf-pop
IAD12-P3
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
6b436ab3-11ab-48d7-8c31-0ef86dd7803a
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.425/bundles/project.js&cfRay=814fbc4cdbd52c6b-FRA
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding
br
x-envoy-upstream-service-time
1
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
6b436ab3-11ab-48d7-8c31-0ef86dd7803a
last-modified
Fri, 22 Sep 2023 08:42:59 UTC
server
cloudflare
etag
W/"526bb173ed1384afadfc2b0eb6b0846e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
x-hs-cache-status
HIT
cache-control
s-maxage=600, max-age=300
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-7c89bb96b9-mqbv2
cf-ray
814fbc4cdbd52c6b-FRA
x-amz-cf-id
kkWgr2SwF6PPiNnHZJwgjkj0fhGZ2ZuyCfhs_heL9tYPMrOIdloPOA==
x-hs-target-asset
collected-forms-embed-js/static-1.425/bundles/project.js
leadflows.js
js.hsleadflows.net/
540 KB
86 KB
Script
General
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs/scriptloader/7048931.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7a0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b399c5e2375b9f5d108af3cc74f7d665747a5d1955f5fde2db7f110b30a1f65e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Origin
https://www.picussecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-encoding
br
age
23285
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1250/bundle/main/lead-flows-release.js&cfRay=814d83d6bfe830e8-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"b41828c438dcec976b93ddee1edebd6d"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=86400, max-age=0
x-hs-target-asset
lead-flows-js/static-1.1250/bundle/main/lead-flows-release.js
date
Thu, 12 Oct 2023 13:37:06 GMT
x-amz-version-id
w9qtR_oGTBab1H9Wt5L5qiHDqxRKIaLE
via
1.1 05133180bbd1649d4b8f97441bf305e8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
5248e419-875b-4eb6-95a4-cb5a5ae051aa
x-cache
Hit from cloudfront
cache-tag
staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
10
x-evy-trace-route-configuration
listener_https/all
x-request-id
5248e419-875b-4eb6-95a4-cb5a5ae051aa
last-modified
Mon, 04 Sep 2023 12:55:59 UTC
server
cloudflare
access-control-max-age
3000
x-hs-cache-status
MISS
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-7c89bb96b9-mlg6m
cf-ray
814fbc4cec7f30e4-FRA
x-amz-cf-id
QrliU74UBGppRIvLPQzfzNbwc47ISLM9cKuzxshZ3fGcrtmvcsvPdA==
7048931.js
js.hs-banner.com/
66 KB
17 KB
Script
General
Full URL
https://js.hs-banner.com/7048931.js
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs/scriptloader/7048931.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ac16092bca03ee5eb65719c9ad2fd91c459b2352925979f202ef4e28656ed6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:06 GMT
x-amz-version-id
kzccIk7o0EDc78D1xn.okO1qvlbVZSq6
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
REBJESED6FDGCBT6
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
94f36d2f-fd8f-4ef0-882a-3bcf7e32f44d
x-envoy-upstream-service-time
33
x-amz-id-2
2tys1eE1SzV9puVOVY500PTZI/9t9EJAj6gUekpwyWJe9p8bc6npzsRpqj1G1Rh0pUUl4lTT7II=
x-evy-trace-listener
listener_https
x-request-id
94f36d2f-fd8f-4ef0-882a-3bcf7e32f44d
x-evy-trace-route-configuration
listener_https/all
last-modified
Wed, 13 Sep 2023 14:43:58 GMT
server
cloudflare
etag
W/"4617df103b6e9f04ecf296febb039125"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.picussecurity.com
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-jgkmt
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
814fbc4cdb011c2c-FRA
expires
Thu, 12 Oct 2023 13:42:06 GMT
fb.js
js.hsadspixel.net/
6 KB
4 KB
Script
General
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs/scriptloader/7048931.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:e5a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1e4e3cba3eeeb3ad74ae67c1f42012ebb51d8497482e5c01d404579d49c6b04
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:06 GMT
x-amz-version-id
MiORZOji2P27E5f3usS102mv5dcg0lYn
via
1.1 68a3b1d5c75429221abc685a453afb60.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-cf-pop
IAD12-P3
age
136
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.485/bundles/pixels-release.js&cfRay=814fb8fb583f91d2-FRA
x-cache
Hit from cloudfront
x-hubspot-correlation-id
30a10e71-5dec-4c08-b528-4bb540e1585a
cache-tag
staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding
br
x-envoy-upstream-service-time
0
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
30a10e71-5dec-4c08-b528-4bb540e1585a
last-modified
Tue, 19 Sep 2023 08:21:28 UTC
server
cloudflare
etag
W/"1bce211846e6a6691aa314979e0a21fb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-7c89bb96b9-g8f86
cf-ray
814fbc4cde1d1c13-FRA
x-amz-cf-id
0Gwoa9bYin28Z9horTOBjJ9tmVXc0G1Q20-Do2RDfiDWPQVt4scQLg==
x-hs-target-asset
adsscriptloaderstatic/static-1.485/bundles/pixels-release.js
7048931.js
js.hs-analytics.net/analytics/1697117700000/
66 KB
21 KB
Script
General
Full URL
https://js.hs-analytics.net/analytics/1697117700000/7048931.js
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs/scriptloader/7048931.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4eba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3a4f692b0ea6fce730b635c59cc2af856f920e185ae945ce19c6f58e3acfcf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:06 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
ZC2QE542A85C73E0
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
42ed3d53-8f03-402d-8fa2-ebd84a523eab
x-envoy-upstream-service-time
41
x-amz-id-2
xPDwpo/ctlejmdtieqjTx7LVZ2a5btmd73+6V5bwmShJExeclr78Mn8FkZ4eEP3pKeqh3jrpuGewYPAiYVjrk+pXLkJ6QztzbR5g+GXkK+c=
x-evy-trace-listener
listener_https
x-request-id
42ed3d53-8f03-402d-8fa2-ebd84a523eab
x-evy-trace-route-configuration
listener_https/all
last-modified
Fri, 15 Sep 2023 18:06:10 GMT
server
cloudflare
etag
W/"2c2ac718ce139250a81c18dc47d8a9bf"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-8ghtd
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
814fbc4cde5737ca-FRA
expires
Thu, 12 Oct 2023 13:42:06 GMT
counters.gif
forms.hsforms.com/embed/v3/
35 B
1015 B
Image
General
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Thu, 12 Oct 2023 13:37:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
bb053ec9-da68-4a00-ac3a-cff1639d5155
x-envoy-upstream-service-time
3
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
bb053ec9-da68-4a00-ac3a-cff1639d5155
Server
cloudflare
X-Trace
2BF02ACDE792F1E285BF7B4CEA9FCAF5BE2AA39E3C000000000000000000
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-79986f96f-swd7n
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
814fbc4cfe2b5be1-FRA
widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html
platform.twitter.com/widgets/ Frame B975
319 KB
104 KB
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fwww.picussecurity.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6711) /
Resource Hash
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
234269
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105429
Content-Type
text/html; charset=utf-8
Date
Thu, 12 Oct 2023 13:37:06 GMT
Etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified
Mon, 09 Oct 2023 20:29:18 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6711)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
counters.gif
forms-na1.hsforms.com/embed/v3/
35 B
1015 B
Image
General
Full URL
https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:cff9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Thu, 12 Oct 2023 13:37:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
5149c1b7-5d4c-4925-b1c6-59bf8d885d8a
x-envoy-upstream-service-time
2
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
5149c1b7-5d4c-4925-b1c6-59bf8d885d8a
Server
cloudflare
X-Trace
2B6349EE19966C076E592AC6C9EF4C50C598DDF233000000000000000000
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-79986f96f-lmntd
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
814fbc4d5f8d3672-FRA
insight.old.min.js
snap.licdn.com/li.lms-analytics/
13 KB
5 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::210:a40a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 28 Aug 2023 12:14:15 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=32826
accept-ranges
bytes
content-length
4862
collect
region1.analytics.google.com/g/
0
258 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-DB6MKXQ2E6&gtm=45je3ab0&_p=817688214&_gaz=1&cid=545652644.1697117826&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=BA&_s=1&dl=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Favoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a&sid=1697117826&sct=1&seg=0&dt=AvosLocker%20Ransomware%20Continues%20to%20Target%20US%20-%20CISA%20Alert%20AA23-284A&en=page_view&_fv=1&_ss=1&ep.page_location_clean=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Favoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a&ep.anonymizeIp=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DB6MKXQ2E6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 13:37:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.picussecurity.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
258 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DB6MKXQ2E6&cid=545652644.1697117826&gtm=45je3ab0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DB6MKXQ2E6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 13:37:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.picussecurity.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DB6MKXQ2E6&cid=545652644.1697117826&gtm=45je3ab0&aip=1&z=264712255
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 13:37:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings
syndication.twitter.com/ Frame B975
869 B
658 B
Fetch
General
Full URL
https://syndication.twitter.com/settings?session_id=5fbd9177fff9acc92881a836f9e1417424a92c82
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fwww.picussecurity.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-response-time
180
date
Thu, 12 Oct 2023 13:37:05 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Thu, 12 Oct 2023 13:37:06 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
1806179db3506b3b
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
fc10224269f6234fd8e0cfd4cc090ff751a98eb6a99b96e279692fbd191d812a
content-length
337
token
cdn.linkedin.oribi.io/partner/2042428/domain/picussecurity.com/
36 B
363 B
XHR
General
Full URL
https://cdn.linkedin.oribi.io/partner/2042428/domain/picussecurity.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:9200:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 10:57:08 GMT
via
1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
server
awselb/2.0
x-amz-cf-pop
FRA56-C1
age
9598
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
content-length
36
x-amz-cf-id
4sFdgsM19xqcdhuUn3QyD5fzg1fVIcTuLPKhO68bvODoy6C1QA7IzA==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2042428&time=1697117826213&url=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Favoslocker-ransomware-continues-to-target-us-cisa-alert-aa2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2042428&time=1697117826213&url=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Favoslocker-ransomware-continues-to-target-us-cisa-alert-aa2...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2042428%26time%3D1697117826213%26url%3Dhttps%253A%252F%252Fwww.picussecurity.com%...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2042428&time=1697117826213&url=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Favoslocker-ransomware-continues-to-target-us-cisa-alert-aa2...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2042428&time=1697117826213&url=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Favoslocker-ransomware-continues-to-target-us-cisa-alert-aa...
0
266 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2042428&time=1697117826213&url=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Favoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a&cookiesTest=true&liSync=true&e_ipv6=AQK21kI7ScDp_gAAAYskGu9Q3tcS7bRJ15QAGXU570t8rlC2sgqsjWYwlvuWNT4V
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:06 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: ED65089BA7454C61A833525A7B69CA12 Ref B: DUS30EDGE0410 Ref C: 2023-10-12T13:37:07Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYHhQk57YVbOify843IHw==

Redirect headers

date
Thu, 12 Oct 2023 13:37:06 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: B309C5DCABA24A178BD353E829C16020 Ref B: DUS30EDGE0805 Ref C: 2023-10-12T13:37:06Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2042428&time=1697117826213&url=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Favoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a&cookiesTest=true&liSync=true&e_ipv6=AQK21kI7ScDp_gAAAYskGu9Q3tcS7bRJ15QAGXU570t8rlC2sgqsjWYwlvuWNT4V
x-li-proto
http/2
content-length
0
x-li-uuid
AAYHhQk2t7lBhKlxzP5NSg==
view
js.hs-banner.com/cookie-banner-public/v1/activity/ Frame
0
0
Preflight
General
Full URL
https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.picussecurity.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://www.picussecurity.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age
604800
cf-cache-status
DYNAMIC
cf-ray
814fbc4e3fff9bfb-FRA
content-length
0
content-type
application/octet-stream
date
Thu, 12 Oct 2023 13:37:06 GMT
server
cloudflare
timing-allow-origin
*
vary
origin
x-envoy-upstream-service-time
1
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-jgkmt
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
bc3d1975-f38d-4e42-afe2-72e78d84a10c
x-request-id
bc3d1975-f38d-4e42-afe2-72e78d84a10c
view
js.hs-banner.com/cookie-banner-public/v1/activity/
0
172 B
XHR
General
Full URL
https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Requested by
Host: js.hs-banner.com
URL: https://js.hs-banner.com/7048931.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 12 Oct 2023 13:37:06 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
21c2ceed-3cc1-4661-af04-90253685b624
x-envoy-upstream-service-time
22
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
21c2ceed-3cc1-4661-af04-90253685b624
server
cloudflare
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://www.picussecurity.com
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
vary
origin
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-mlgh4
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
814fbc4ee8fd9bfb-FRA
json
forms.hscollectedforms.net/collected-forms/v1/config/
115 B
439 B
XHR
General
Full URL
https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=7048931&utk=
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:5b9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99055dba9f2387917c3e9808aacc7c2e23a12705985bb8c4a6fcef05a2a0c682
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
1507f1e5-2681-4e1d-b596-8b306562dbc6
x-envoy-upstream-service-time
10
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
1507f1e5-2681-4e1d-b596-8b306562dbc6
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.picussecurity.com
x-evy-trace-virtual-host
all
cache-control
max-age=0
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-7c89bb96b9-97z5m
access-control-max-age
180
x-robots-tag
none
access-control-allow-headers
*
cf-ray
814fbc4e2d512c6b-FRA
counters.gif
forms.hsforms.com/embed/v3/
35 B
625 B
Image
General
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
40c4ef64-0cdb-4a3b-bddd-2451e84077d2
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=86400
content-length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
40c4ef64-0cdb-4a3b-bddd-2451e84077d2
server
cloudflare
x-trace
2B06F485C7B7EFB8426AD47544EB5983F84F5A2123000000000000000000
vary
origin
content-type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-79986f96f-97gbm
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
cf-ray
814fbc4f6b7b4dba-FRA
__ptq.gif
track.hubspot.com/
45 B
613 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3335903367&v=1.1&a=7048931&pi=139822592651&ct=blog-post&ccu=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Favoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a&cpi=139822592651&cgi=35190412163&lpi=139822592651&lvi=139822592651&lvc=en-us&pu=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Favoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a&t=AvosLocker+Ransomware+Continues+to+Target+US+-+CISA+Alert+AA23-284A&cts=1697117827216&vi=5fcb0bdf308608276a181f3f1ef6187c&nc=true&ce=false&pt=3&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
392c8350-8cab-4a57-9bbd-c83fcb2a7a4b
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
10
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
392c8350-8cab-4a57-9bbd-c83fcb2a7a4b
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d19mf6HBMeUybfAZGMCT4qMw2KQLRDm84WeGGUS8ZLNrwmpx405AnZo%2BUesL%2FBCiQ2ymON8hyPducPzevXSbfcUWoOJBYzCMlIAgJgph4owTFy2445WlaJGQ6CLCY6tarh6pjGZwKyAtX%2BQ9QKBS"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-674b9fb979-lsbhc
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
814fbc541fa535e8-FRA
x-robots-tag
none
__ptq.gif
track.hubspot.com/
45 B
445 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=10a2d0b0-9f91-4cd7-a1e0-1cff39706638&fci=a16d75a9-e807-489e-ae2f-c5b4d62cceb3&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3335903367&v=1.1&a=7048931&pi=139822592651&ct=blog-post&ccu=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Favoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a&cpi=139822592651&cgi=35190412163&lpi=139822592651&lvi=139822592651&lvc=en-us&pu=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Favoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a&t=AvosLocker+Ransomware+Continues+to+Target+US+-+CISA+Alert+AA23-284A&cts=1697117827218&vi=5fcb0bdf308608276a181f3f1ef6187c&nc=true&ce=false&pt=3&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
77f809eb-5f96-497f-8b66-2793be0a35ff
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
23
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
77f809eb-5f96-497f-8b66-2793be0a35ff
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B0AFozfX8uezp%2Bmj2gNNZLeQ0PX8X9isuupqgCW%2Bnn9WnjChfjTcEqny9bCds6o4DJ5IOHfBU6ONaQXjMjAn%2BOtLArod%2BzOL%2B1Ix4%2FHBcx9ySC3mSm87gCaLZpuzdgHTsHEji%2F58PjbUgTAe7vbo"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-674b9fb979-n9jgv
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
814fbc542faf35e8-FRA
x-robots-tag
none
64d678615e3d0
display.popt.in/APIRequest/
9 KB
5 KB
XHR
General
Full URL
https://display.popt.in/APIRequest/64d678615e3d0?domain=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Favoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a&referrer=&previous_url=&cookies=%20poptin_old_user%3Dtrue%20poptin_user_id%3D0.ddar65e45vd%20poptin_previous_url%3D%20poptin_new_user%3Dtrue%20poptin_viewed_session%3Dfalse%20&triggers=&cc=false&if_mobile=false&page_title=AvosLocker%20Ransomware%20Continues%20to%20Target%20US%20-%20CISA%20Alert%20AA23-284A&origin_landing_page=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Favoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a&if_page_refreshed=false&poptin_viewed_url=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Favoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a&previous_visited_pages=&shopify_customer_id=0&cart_total_items=0&cart_total_price=0&cart_products_ids_list=&cart_products_org_ids_list=
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
107bb77d916260c824e8cb9b67ac23544b025c0be461afc536b944cf4615ffbc
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://bc.popt.in https://*.mybigcommerce.com https://*.jumpseller.com https://*.myshopline.com https://*.myshopify.com https://*.grisynava.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:07 GMT
content-security-policy
frame-ancestors https://bc.popt.in https://*.mybigcommerce.com https://*.jumpseller.com https://*.myshopline.com https://*.myshopify.com https://*.grisynava.com
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zu4oudRG9FGaZ5aaJL7eGlCP%2B0vnj6VlbBaUacaNCWeuNS%2FXCur%2BYwVLMOsS1YkoapYhCazgNwV4IKf5S5dtEEq5RNmumqFmEKRXZzxa0dSXSOm%2FPxwc6nEVdKnS1%2FiHK3dxgezQIj%2B9gqNPOzE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, must-revalidate, no-store, nocache, private
access-control-allow-credentials
true
cf-ray
814fbc546ab31901-FRA
access-control-allow-headers
Origin, Content-Type
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
tctguyhimcwcyexxgullu3seem0fkhrh.lambda-url.us-west-2.on.aws/
Redirect Chain
  • https://fonts.popt.in/?family=Poppins&display=swap
  • https://tctguyhimcwcyexxgullu3seem0fkhrh.lambda-url.us-west-2.on.aws/?family=Poppins&display=swap
1015 B
1 KB
Stylesheet
General
Full URL
https://tctguyhimcwcyexxgullu3seem0fkhrh.lambda-url.us-west-2.on.aws/?family=Poppins&display=swap
Protocol
HTTP/1.1
Server
2600:1f14:50b:9a02:d4af:966b:aa3b:2a05 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8503bb1f3969798a88dce37ee7f38979711dfd7495f5b8dafd66a19ff24e2d15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Thu, 12 Oct 2023 13:37:08 GMT
x-amzn-Remapped-host
fonts.popt.in
Connection
keep-alive
x-amzn-RequestId
1a57a2fa-a0d8-474a-bbca-9c8ce2e5f0f2
Content-Length
1015
X-Amzn-Trace-Id
root=1-6527f684-723d353b7c50717973ea7364;sampled=0;lineage=013914a9:0
Content-Type
text/css; charset=utf-8

Redirect headers

date
Thu, 12 Oct 2023 13:37:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=17kWNVX92teMO3ZiKaVOq5rE%2Fvb%2BC%2BWRInqdRPoz64cByQ9JBf9dtu73xIt86tOuxkuHWWsJS%2Bg8c8Z5v0uHD9k0ZOuuT5uDCoeU8VQzdqQifab7t785Y5yq54%2FH8W4ax90ttWxsRN7mtnrx"}],"group":"cf-nel","max_age":604800}
location
https://tctguyhimcwcyexxgullu3seem0fkhrh.lambda-url.us-west-2.on.aws?family=Poppins&display=swap
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
814fbc5638d32c3f-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
heb-fonts.min.css
cdn.popt.in/css/
22 KB
3 KB
Stylesheet
General
Full URL
https://cdn.popt.in/css/heb-fonts.min.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6525 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7459dd5ce48ddd21da15f490514af4be07ff85f0b0b6b9e118542d68ff5ec91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:07 GMT
x-amz-version-id
qXd_m_chdhWvR5DNrvI834tklGtnWkb9
via
1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P3
age
181778
content-encoding
br
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 12 Sep 2018 18:05:20 GMT
server
cloudflare
etag
W/"fb58ef8ec15444a0d0cf977973d4f824"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xquFQsbioXrmQ62sk7HtRnnjY7QDZSP93BUkKyHEi24JXW4i3k8%2BYbFMhq9SgUgFSpxqtJauLS5SeGiH%2Bidqt%2BBTRC1MyQAA8QGPluc91ni3En%2FjaCreNuRrGxVFVpz3nXtP8ZA2D1%2Fj3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=30672000
cf-ray
814fbc5618aa2c3f-FRA
x-amz-cf-id
mclo7PnG8Ma3ZSDigdsXUgn0SY4tMCPGZJLt9QHWkOUZkaK4Eo8kjQ==
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
30 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8357055
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O9TEkb7VxiXx%2B7Ov01dwCKGrKSAo8Gqhq%2BomtR5YuBS6W5Cq%2FxvsYMp3eXuARdaV29kBaez6vxg1Bcwj6rYUG27hd6A9e4CvCv9egOj7olhTYSqdjgWtcK6Ceeek2GqzdlSQ8a9HboGjsd2Ss2AfGRQ7"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
814fbc561e870487-FRA
expires
Tue, 01 Oct 2024 13:37:07 GMT
poptin-style-en.css
cdn.popt.in/css/
32 KB
6 KB
Stylesheet
General
Full URL
https://cdn.popt.in/css/poptin-style-en.css?ver=10
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6525 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
937165b54b6ab52132e90b8ba07061725498daefc8646f6353f2f10e0c85ab03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:07 GMT
x-amz-version-id
D1ldg5AOdDebGRnotzld4a3V7157PjT7
via
1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P3
age
1325
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 10 Oct 2023 11:07:05 GMT
server
cloudflare
etag
W/"fe8584a8bb5cd111f30bacec3f8f9ba4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Cd166OCd50deBoVe0kXfYE3ASXtRujtbZoZQdIMZ2ttOvUT3gutoF5V72szHtIuV%2Fah9moNDFSbjtCM9sYuCoGn3bsPKK1RpZgmfsZ%2Be2b12iD1RAOPTnYPHFF28QjoGIZM7bdi%2B0r1%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
814fbc5618af2c3f-FRA
x-amz-cf-id
y-IPduvBmL0kaDKyqVExNxa990iNOorHnPid03J1csh-TKWAEZAQJQ==
poptin-animations.css
cdn.popt.in/css/
6 KB
2 KB
Stylesheet
General
Full URL
https://cdn.popt.in/css/poptin-animations.css?ver=10
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6525 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
310f7d360d659a851c73aa97dcb6031bf45c659cc822b13e947683c5689619f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:07 GMT
x-amz-version-id
6Ilxfc31tcNJQlA0T1G.saG6MJzDyezV
via
1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P3
age
1569
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 10 Oct 2023 11:07:05 GMT
server
cloudflare
etag
W/"407750e10b819ae6ef75e726fcd79341"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n9MWb00%2BkI4mMPSKq%2FpNnCShaEPTy2pEWasiwkCmHPXe%2FOecEBm6FskmE4Wmca3EuFpooBBxkY45Tf4SKGyXFdChM%2FOYvtWRkDYgXe4%2FVQuUvmxZv%2B0Kvzs2w9oRMa0h4A5anbEovdK%2F9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
814fbc5618b22c3f-FRA
x-amz-cf-id
odSXs4F2PpN27XX-tSENqq89bbnZMGynDcOTZhk9LlghXvJ3oVYXXg==
account_613f053dd8506_poptin_1468e65946079_2023-06-12_15-02-22_version_6.html
d3lopmpcew67el.cloudfront.net/client_64d678615e3d0/
60 KB
18 KB
XHR
General
Full URL
https://d3lopmpcew67el.cloudfront.net/client_64d678615e3d0/account_613f053dd8506_poptin_1468e65946079_2023-06-12_15-02-22_version_6.html
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:1800:b:8c20:bf40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
50f9990c58ca81d6fc5bef5f5f6716da20e431fad28989ae4ef11be211f1dcd4

Request headers

Accept
*/*
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
QUhds8PkQNYZ.xQGAKOkQPdJDCUfzGPC
content-encoding
gzip
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
date
Thu, 12 Oct 2023 05:35:53 GMT
x-amz-cf-pop
FRA60-P3
age
28875
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 08 Aug 2023 12:50:31 GMT
server
AmazonS3
etag
W/"a9f4fa5611ae1a8b39b011960ec3c754"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
PfQc1XX5wdpOmuPUzU7JIwe8XCxicKqJY8i6VTONgVWVDjpKgtx1pw==
account_613f053dd8506_poptin_23486b5ada429_2023-08-08_15-52-27_version_21.html
d3lopmpcew67el.cloudfront.net/client_64d678615e3d0/
66 KB
23 KB
XHR
General
Full URL
https://d3lopmpcew67el.cloudfront.net/client_64d678615e3d0/account_613f053dd8506_poptin_23486b5ada429_2023-08-08_15-52-27_version_21.html
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:1800:b:8c20:bf40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d047b8e1c41ff974dfe798733c5138eb128f24a262530584afef87a46b7c8983

Request headers

Accept
*/*
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
JwAYhxlSuYlcNb4j.zcNTeRpcPxqq4I2
content-encoding
gzip
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
date
Thu, 12 Oct 2023 05:35:53 GMT
x-amz-cf-pop
FRA60-P3
age
28875
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 29 Sep 2023 11:26:53 GMT
server
AmazonS3
etag
W/"9da27dcc5bf02a145c9453ed804222e2"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
jUP1ZmRDItXJ2E1_Bz34AMr44GXkOGX-vaNNQcZOeKbDGIaMXFYSSQ==
account_613f053dd8506_poptin_de66aefb30463_2023-02-21_08-24-48_version_9.html
d3lopmpcew67el.cloudfront.net/client_64d678615e3d0/
25 KB
5 KB
XHR
General
Full URL
https://d3lopmpcew67el.cloudfront.net/client_64d678615e3d0/account_613f053dd8506_poptin_de66aefb30463_2023-02-21_08-24-48_version_9.html
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:1800:b:8c20:bf40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b3085529c69e7d5372a400a2551be69c85c45dbc91deba9ab47a32100cdf99b

Request headers

Accept
*/*
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
AlfhrRkgVYLsKpKbQW3RDXgEdxfnClQf
content-encoding
gzip
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
date
Thu, 12 Oct 2023 03:21:46 GMT
x-amz-cf-pop
FRA60-P3
age
36922
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 22 Feb 2023 11:40:09 GMT
server
AmazonS3
etag
W/"500fbb071f0033020e74837444a82bcc"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
_Xn90KJQIXBpBD8ckHOBVlkkBpYmMWLeVfCLJe_X-oLtTYml6scraA==
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://www.picussecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:07 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
431717
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MNiiofYbzN%2FBSy3RKvuzSuulyoGgntbODGSlf4LmQ71jKJOHkS3rVfJTn1mqDgf3QbhZud591kTJyJSiV1MIMFSCUObMGOEI%2FUTcFD4%2B6rD6wO7Yq4u5EQJIFgQi68djXeGakeNffhOvafrPaKl3fs6c"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
814fbc569f2f5d3c-FRA
expires
Tue, 01 Oct 2024 13:37:07 GMT
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0fc981e6d8430af04fae96ed7a7b286aa84e27a5b6cfe4a42278ea4cc4c88080

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
play_icon.png
www.picussecurity.com/assest/
8 KB
8 KB
Image
General
Full URL
https://www.picussecurity.com/assest/play_icon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
85475160e627a4e949c05f122d6554ea60a38f73dbf094c6d569cb6378fbd597
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/avoslocker-ransomware-continues-to-target-us-cisa-alert-aa23-284a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:37:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
08626c35-2174-4718-89fb-d66c4d39d9bd
content-security-policy-report-only
content-encoding
br
x-envoy-upstream-service-time
277
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
08626c35-2174-4718-89fb-d66c4d39d9bd
x-hs-reason
No view mapper found to handle request
server
cloudflare
x-trace
2BDF7BD42F7DBEF6CF61FB901B1786BF18B1E250AC000000000000000000
vary
origin, Accept-Encoding
x-frame-options
sameorigin
content-type
text/html;charset=utf-8
x-evy-trace-served-by-pod
iad02/cms-30-39-td/envoy-proxy-5687d54bf4-cshqp
x-evy-trace-virtual-host
all
cache-control
s-maxage=5,max-age=5
access-control-allow-credentials
false
x-hubspot-notfound
true
cf-ray
814fbc56db9f4d32-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZNN05ORtLfsKLuaapVRAtKZB%2B%2FKut%2Bv3LzOGd4Z%2BWi2h8ETYf0HoSFqDeg2E%2Bz4DIWOHnAk09%2B0NjmSIzbH%2BLj4sJkMOt2c7uPMTQUzCq7x3vOxEOGNJk8i4T2kEQYSb7fNmmY9qDwMbTQa1v%2BAJHKmOw%3D%3D"}],"group":"cf-nel","max_age":604800}

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.facebook.net
URL
https://www.facebook.net/login/?next=https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Fall.js

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| $ function| jQuery object| _hsp function| hsLoadGtm boolean| useGoogleConsentMode undefined| gtag number| __lo_site_id object| dataLayer string| poptinAfterPageLoad object| __core-js_shared__ object| Sslac object| IN function| WOW function| vqTrackPc function| vqTrackId object| hsVars function| hs_i18n_log function| hs_i18n_substituteStrings function| hs_i18n_insertPlaceholders function| hs_i18n_getMessage undefined| module_39027676914 function| marginTopConfigurator object| hubspot object| HubSpotForms object| _hsq object| hbspt object| hsFormsOnReady object| options object| appConfigChunkLoadingGlobal boolean| pixelAdded boolean| poptin_loadcontrol_fix boolean| poptin_disable_fa boolean| poptin_disable_localstorage boolean| poptin_single_page_app boolean| landing_page_teaser_on object| upgrade_popup_setting object| previous_url_spa number| poptinTimeDelayTrigger boolean| poptinExitPopupShown boolean| poptin_display_trigger boolean| poptin_disable_fonts number| updateClockInterval function| jQ224 object| poptinSubmitted function| poptinVisible function| onpoptinClose function| onpoptinSubmit boolean| poptinStarted function| runPoptinNow function| runPoptinNowStart function| pageLoadCheck boolean| isPoptinLandingPage function| closePoptinOnXclick function| closeTabPoptinOnXclick function| poptin_display function| poptin_display_form function| closePoptin function| PoptinQueue function| poptinClientLimitLogStatus function| closeUpgradePopup function| poptinUpgradeDontRemindMe function| poptinUpgradeRemindMe function| poptinUpgradePopupClick boolean| __lo_csr_added object| google_tag_manager object| google_tag_data object| VQUglJS function| jsonpHandler string| _linkedin_data_partner_id function| onYouTubeIframeAPIReady object| __twttrll object| twttr object| __twttr object| process object| gaGlobal boolean| PIXELS_RAN object| enabledEventSettings object| globalRoot undefined| hns function| bindToWindowOnError object| leadflows function| OutpostErrorReporter function| _registerAvailablePopup object| _availablePopups boolean| popupPoliceActive undefined| hns2 undefined| jade undefined| I18n undefined| Pikaday undefined| reqwest undefined| exports undefined| define boolean| LEAD_FLOWS_RAN boolean| COMMON_SETUP_RAN function| lintrk boolean| _already_called_lintrk object| __hsCollectedFormsDebug boolean| _hspb_ran boolean| _hspb_loaded object| _paq function| sanitizeKey boolean| _hstc_loaded object| jQ_ver_arr object| cookies string| relevent_cookie string| poptin_viewed_session number| poptin_once string| ap_triggers boolean| _hstc_ran string| __hsUserToken number| expireDateTime string| winie string| font_link string| poptin_style string| poptin_data

30 Cookies

Domain/Path Name / Value
.www.picussecurity.com/ Name: __cf_bm
Value: lzWqhPL.iwxeVZJcIPAM3dTW9qg3LLFs1b0vtdN4TT8-1697117825-0-ASxSdFlPWO/4QRliYw3Z7JAWKezNIrEeiF/87H53yogzYXQaMmUqmjmHOjnri7ZVSk4Jm1YpoCiHH3zM/CtQ4dA=
.www.picussecurity.com/ Name: __cfruid
Value: fa5d7b8d85f5d002935addbbcadbdcdd385337d4-1697117825
www.picussecurity.com/ Name: MF69CXJ-OZ2jFJm35
Value:
www.picussecurity.com/ Name: MF6JIbbIciiT7
Value:
www.picussecurity.com/ Name: MF6JIbbJSfd
Value:
www.picussecurity.com/ Name: MF6JIbbCSRZlD
Value:
www.picussecurity.com/ Name: MFVaKX5
Value: a7f91f3b-a7ad-4326-9375-9f6dee86a809
www.picussecurity.com/ Name: MFVaKk-5
Value: 2e527c87-a717-4aa8-9002-40be62f8b58d
.picussecurity.com/ Name: _gcl_au
Value: 1.1.439689294.1697117826
.hubspot.com/ Name: __cf_bm
Value: iPEwwbmhN5wZB.6CotDg9W_JOnNooIy25OH.e.KgNLM-1697117826-0-AVEk+/xAkwSqX712LkxCUtASP4Q5ADmQGYcAhaH401VaLKUg0PJ/lXPTqJkToVbx3Q7NsdZiIpymppQjwQWfrAI=
.picussecurity.com/ Name: _ga_DB6MKXQ2E6
Value: GS1.1.1697117826.1.0.1697117826.60.0.0
.picussecurity.com/ Name: _ga
Value: GA1.1.545652644.1697117826
www.picussecurity.com/ Name: ln_or
Value: eyIyMDQyNDI4IjoiZCJ9
.linkedin.com/ Name: li_sugr
Value: f5055fc3-d2d5-4d4d-92bb-3947365859b4
.linkedin.com/ Name: bcookie
Value: "v=2&4619f265-0e79-4c00-87f5-9d2b1a55d89c"
.linkedin.com/ Name: lidc
Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2981:u=1:x=1:i=1697117826:t=1697204226:v=2:sig=AQFHld65dmNk6Dh-lT7OZEkEq8qZK17U"
.linkedin.com/ Name: UserMatchHistory
Value: AQKAtxRVFUPVWAAAAYskGu3dd2JzdVCscAP_XEkkSVjkHCXCVSWoQfChgPa3WMRFu7WM9Il8Rn3svw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQKc26ekn9xNegAAAYskGu3dlDkIuyx-bRZDhe_hsNc6SQzRurHFqKyGaaMKl1ewUl51Ha-Hv2m4BtG33baKrA
.www.linkedin.com/ Name: bscookie
Value: "v=1&20231012133706bc1fff64-6340-40a1-85ed-f42ed66616abAQEIkkr8KNJtc8-q_-YAqLKz14mVDbwY"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTcxMTc4MjY7MjswMjFRnDfKkEpYDAAMTPhSUeSWJ8pnYr22cE5679JK7rUAMw==
www.picussecurity.com/ Name: poptin_old_user
Value: true
www.picussecurity.com/ Name: poptin_user_id
Value: 0.ddar65e45vd
www.picussecurity.com/ Name: poptin_previous_url
Value:
www.picussecurity.com/ Name: poptin_user_ip
Value: 2a01:4a0:5a::8
www.picussecurity.com/ Name: poptin_user_country_code
Value: false
www.picussecurity.com/ Name: poptin_session_account_613f053dd8506
Value: true
www.picussecurity.com/ Name: poptin_o_v_23486b5ada429
Value: d277fa866f355
www.picussecurity.com/ Name: poptin_o_v_de66aefb30463
Value: 76679352f6668
www.picussecurity.com/ Name: poptin_session
Value: true
www.picussecurity.com/ Name: poptin_c_visitor
Value: true

2 Console Messages

Source Level URL
Text
network error URL: https://www.facebook.net/login/?next=https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Fall.js#xfbml=1&status=0
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://www.picussecurity.com/assest/play_icon.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7048931.fs1.hubspotusercontent-na1.net
app.hubspot.com
cdn.linkedin.oribi.io
cdn.mouseflow.com
cdn.popt.in
cdnjs.cloudflare.com
d10lpsik1i8c69.cloudfront.net
d3lopmpcew67el.cloudfront.net
display.popt.in
fonts.googleapis.com
fonts.gstatic.com
fonts.popt.in
forms-na1.hsforms.com
forms.hscollectedforms.net
forms.hsforms.com
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsleadflows.net
lh6.googleusercontent.com
p.visitorqueue.com
pageimprove.io
platform.linkedin.com
platform.twitter.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
settings.luckyorange.net
snap.licdn.com
static.hsappstatic.net
stats.g.doubleclick.net
syndication.twitter.com
t.visitorqueue.com
tctguyhimcwcyexxgullu3seem0fkhrh.lambda-url.us-west-2.on.aws
track.hubspot.com
www.facebook.net
www.google.de
www.googletagmanager.com
www.linkedin.com
www.picussecurity.com
www.facebook.net
104.244.42.8
13.107.42.14
143.204.205.137
151.139.128.10
172.67.75.100
2001:4860:4802:32::36
2600:1f14:50b:9a02:d4af:966b:aa3b:2a05
2600:9000:206f:9200:2:53b2:240:93a1
2600:9000:2251:1800:b:8c20:bf40:21
2600:9000:2490:7e00:c:77c4:d500:93a1
2606:2800:234:59:254c:406:2366:268c
2606:2c40::c73c:67e3
2606:4700:4400::ac40:9284
2606:4700:4400::ac40:991b
2606:4700::6810:4eba
2606:4700::6810:e05d
2606:4700::6811:180e
2606:4700::6811:5b9a
2606:4700::6811:cff9
2606:4700::6811:e5a3
2606:4700::6812:7a0c
2606:4700::6812:b07d
2606:4700::6813:9b53
2606:4700:e0::ac40:6425
2606:4700:e0::ac40:6525
2620:1ec:21::14
2a00:1450:4001:811::2008
2a00:1450:4001:813::2001
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2003
2a00:1450:400c:c00::9d
2a02:26f0:780::210:a40a
34.117.30.33
52.60.221.89
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0cd5d33cb2c42c64af2e3aae61bc9d7939432fabb7f85e236e703e0f7e622783
0d65e0bb2b93943ac7a72d8f70bda4f8931d6d07c9731bf28dc1d895c1dc4edf
0eacc421ef3f64e94a997b01b7f8fe59651968ff6f16bfdf893329bf17849641
0fc981e6d8430af04fae96ed7a7b286aa84e27a5b6cfe4a42278ea4cc4c88080
1018aad3ed798d98490fb01484d0aaf7ba3528f74288091644ae53523c3aa82f
106fcd8d723eda7d92a26893a439ccef998e5fc68ad228253607143d801e8cd8
107bb77d916260c824e8cb9b67ac23544b025c0be461afc536b944cf4615ffbc
1211b9bf5f5278b9d2b064e35be18c27e3274df41a3e348118b713c7a696fae0
15e64a03ef473e1f3837745e0a6e81a1037afb5c9c5acc4600119ed6c9d5f1f2
182c0c4a049b82ebaa738d7c22e68bceb8aad2f6d78b94c300b80613c92bff0a
1d214792b986a7986cf226ad5f346fa58b7857bcfee980f8c3bc897cf17df564
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
27becd54cd1d75a01d0d87fc01455809d5eaec6c93e390d1e2654fbc8cf027f8
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
2979048807e3ad41f974d0c6920b3e597e269958ba5ba6fd8eab6f5a9bd72c77
2adf242340f439db55932fdbd81f194b4514c2883530289412514a8bce94d3c6
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
310f7d360d659a851c73aa97dcb6031bf45c659cc822b13e947683c5689619f2
34350dee947083733dcd88d858cf65df7a4f282846c465b8f9627090aa5da3c0
34942d531ecf961a2a6777526aef0c7d17f28a4ce9afcac868eb132c700bfe5a
387fafc4558eb44d4303fb1710ec85e39755ffa9378b8cdf982c7e66db79c463
389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4
3ac16092bca03ee5eb65719c9ad2fd91c459b2352925979f202ef4e28656ed6b
48c22238a7c255b1e07ad60d097624a33f88dea18e6551f5a2012ac9e17bdba9
492215e7bbac76f3e41fc9887e1063c098cf28c23892c1a878070fc720e582ad
50f9990c58ca81d6fc5bef5f5f6716da20e431fad28989ae4ef11be211f1dcd4
5458bb001fbaee0822a06901d6989a7568457bc97c78ce726d8884c34f665910
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
568d7b83659993469a2d729ad98daba3a7de2568f74d670d18ae618f118fe353
5b3085529c69e7d5372a400a2551be69c85c45dbc91deba9ab47a32100cdf99b
5b7290b38b86182592c3a60c491c3a977318c034959142a61d92a75025b3c334
5c40c057d3d2a75cdc144b1fd3c89cb684b316bc22dc92e6224063e631778005
6166158031fd51454f5f53ff606451c60fa465ee5f13ec05ed5e477e42ce49ab
681d60ba79a289885fb9b49a5617a49454e0a0fac9e65f75c5e2d253ade1b302
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d74aea3ea1a09d7239128033be4a712352c7d38e458103f16f27c9446e8b329
6ec62de49aa4f0f39a746653e006baf82e83c2e5106022654546f0f61caefd3b
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
7522c2cf228f80d9b1af1172f45d04b729d43dd8b9fc7cccb06eee2dd9629fed
7782a3468a78d539e9f47a9c39d345db3365311b648fd1bd5bbe00fc86808520
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7ccd3b5669b29f2fa98294515dc2fea3e210479c97ccc9617d7f4ba6faa18c1c
7f2122b3b3bd142955bced055f46921316c859453a8c6739b4ccb5b332ae7533
7fdcb805a20649db94783ffc68e227bd61a806f29af381db6c84b52138d2dccd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8503bb1f3969798a88dce37ee7f38979711dfd7495f5b8dafd66a19ff24e2d15
85475160e627a4e949c05f122d6554ea60a38f73dbf094c6d569cb6378fbd597
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8acd930d7a72da64980a950dea0c1507411900cb1459aa8c743e003df27444dd
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
9223a8d8b5e98ebc2bd6ca45174e6707ff6f90c00c1cb214c30e5c09fe725178
937165b54b6ab52132e90b8ba07061725498daefc8646f6353f2f10e0c85ab03
9467131afdf53725eb7dfbcaa63ef3866a3ffa49c40fe167a0a85fef537bd1ae
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182
98a327c659f4b133d7ffe3bd50cf86d03afe920a4583906308c736e0d5fcbe65
99055dba9f2387917c3e9808aacc7c2e23a12705985bb8c4a6fcef05a2a0c682
9c3f907db5db7c0035e9b487bbe983a82434459488bd9260cd27de31c7dd73af
9e67b4f5fb32d6d546b03f42cff95442d859144653a11b694de5b020cab4fb12
a24e66d830ef814bbcc4553b662e0c2afe733f8f30fb4a86be6df577d146bec2
a5d5c2e9752fa4e5f5b3afbb161e54bcbe5db4a478cc92befbcb2b260d53397a
a98846e3bf28f8f8f9db78adf6ef8af250dec27bfaf350d5f36b70ff0bd8fc33
ad35b390ce3898cfef7bb94973d42ab290ec56f7315e0b459f4ba017eac96f07
b2f636ac48b701db6fbd4c211e0cc50a822291be8bc4b286a16aaf065a717ceb
b399c5e2375b9f5d108af3cc74f7d665747a5d1955f5fde2db7f110b30a1f65e
b4aedc93d1c0050ee019a0f8a838d5de2b64ca89662eb31c45e04da5d3f09b4f
b71a29ecd59a83648619466fa24609d9030aa3eb31b3cedc7f9b424d2da1a270
bbc3e410aa75bc69dcdf0a4c56b328c3def693d67651f05dd27698f3bb234d1b
bdce0b54370929aacc3fead98822cd9193639271d9a7dcc7c0c478f1586409ea
befd473d7da3f98d11a0ee45d1a20b5bd2919a76cbd259c89d54a7043c113ba4
c216083c2018a1ca8d3d6b996d05793c5241f708e0e7a21ae992162223f1c590
cd28cf99e2e8aa2015c80e6a4de778bf326824014f8fa42de3606f45b930b76c
cd992701a1dd6611d88d49c14a2adbfd091c77118f1318a1ffd0a9250d386cc1
d047b8e1c41ff974dfe798733c5138eb128f24a262530584afef87a46b7c8983
d1b5aca028dd8447199f3c06601e38f5b8aba3b29be5ccd2de504a561fed2558
d5b3faf5ec92b8291684bf008308c4248ea2f6a1d05c7eec98366e08438a56b7
d7459dd5ce48ddd21da15f490514af4be07ff85f0b0b6b9e118542d68ff5ec91
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d9fdba06cfaeed5d12beec59349e73ead99ee6e4940a5ef47f08b5a044a02496
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
e0823d57086c1bd9ad6f4e7744843071a7d2713f49e1be0b75f8b689ad5fa32b
e1e4e3cba3eeeb3ad74ae67c1f42012ebb51d8497482e5c01d404579d49c6b04
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4efcc099f128e3655108f269adb8e838c24ee54d98c3903a22dec225e3e1221
ee596884317564904ae040715f9d2961b96b088c0034ff3f4904a6ddfea7221f
ef0a0e5bb796f1a07e8054e517e697a8d0b7d8c9017aa00ef4c54102312d4999
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f311ed9a6ca66e8d261bd84a1e9c64672171c40785060f36f3c1aee9075f9334
f3145adf1bffb7600649b9ec6dfc09809307e270dbe6283dbb3c217677a33a2e
f3a4f692b0ea6fce730b635c59cc2af856f920e185ae945ce19c6f58e3acfcf9
f80603874c68fef25ac9ffe412a6c6056ab267d7e4d044f090c8282ab80c4da5
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5
fd5e0c3a0682f03217f201588e51e77bf778d5506224074918f505423f0e25a2
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e