Submitted URL: https://streaklinks.com/Bj7l5tFycmIGoCnrpQX_YqCs/https%3A%2F%2Fblogs.vmware.com%2Fsecurity%2F2023%2F06%2F8base-ransomwar...
Effective URL: https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
Submission: On June 28 via manual from IE — Scanned from NL

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 59 HTTP transactions. The main IP is 2a02:26f0:3500:894::2ef, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is blogs.vmware.com. The Cisco Umbrella rank of the primary domain is 243656.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 25th 2023. Valid for: a year.
This is the only time blogs.vmware.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 36 2a02:26f0:350... 20940 (AKAMAI-ASN1)
5 2600:9000:223... 16509 (AMAZON-02)
10 2606:4700::68... 13335 (CLOUDFLAR...)
1 3 2600:9000:249... 16509 (AMAZON-02)
5 2600:9000:206... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
59 7
Apex Domain
Subdomains
Transfer
45 vmware.com
blogs.vmware.com — Cisco Umbrella Rank: 243656
www.vmware.com — Cisco Umbrella Rank: 41657
feedback.esp.vmware.com — Cisco Umbrella Rank: 31823
lumos.vmware.com — Cisco Umbrella Rank: 57388
apigw.vmware.com — Cisco Umbrella Rank: 65798
725 KB
10 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 407
219 KB
5 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1029
105 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 678
304 B
1 streaklinks.com
streaklinks.com — Cisco Umbrella Rank: 221971
557 B
59 5
Domain Requested by
27 blogs.vmware.com 1 redirects blogs.vmware.com
10 cdn.cookielaw.org tags.tiqcdn.com
cdn.cookielaw.org
blogs.vmware.com
9 www.vmware.com blogs.vmware.com
www.vmware.com
5 lumos.vmware.com blogs.vmware.com
feedback.esp.vmware.com
5 tags.tiqcdn.com blogs.vmware.com
tags.tiqcdn.com
3 feedback.esp.vmware.com 1 redirects feedback.esp.vmware.com
1 apigw.vmware.com feedback.esp.vmware.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 streaklinks.com 1 redirects
59 9
Subject Issuer Validity Valid
*.vmware.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-25 -
2024-03-27
a year crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M01
2023-04-18 -
2024-05-17
a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2023-04-01 -
2024-03-31
a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2022-12-13 -
2023-12-13
a year crt.sh
lumos.vmware.com
Amazon RSA 2048 M02
2023-06-20 -
2024-07-18
a year crt.sh
api.vdp-stg.vmware.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2023-04-12 -
2024-02-13
10 months crt.sh
*.esp.vmware.com
Amazon RSA 2048 M01
2023-04-13 -
2024-05-10
a year crt.sh

This page contains 1 frames:

Primary Page: https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
Frame ID: 71AAAC42167C3A154A19CC85D78635AD
Requests: 57 HTTP requests in this frame

Screenshot

Page Title

Page not found - VMware Security BlogBack ButtonFilter Button

Page URL History Show full URLs

  1. https://streaklinks.com/Bj7l5tFycmIGoCnrpQX_YqCs/https%3A%2F%2Fblogs.vmware.com%2Fsecurity%2F2023%2F... HTTP 302
    https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc\.clientlibs/

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

59
Requests

97 %
HTTPS

100 %
IPv6

5
Domains

9
Subdomains

7
IPs

2
Countries

1048 kB
Transfer

3373 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://streaklinks.com/Bj7l5tFycmIGoCnrpQX_YqCs/https%3A%2F%2Fblogs.vmware.com%2Fsecurity%2F2023%2F06%2F8base-ransomware-a-heavy-hitting-player HTTP 302
    https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://blogs.vmware.com/security?display_custom_css=css&ver=6.1.1 HTTP 301
  • https://blogs.vmware.com/security/?display_custom_css=css&ver=6.1.1
Request Chain 35
  • https://feedback.esp.vmware.com/assets/ipf/esp.js?client_id=esp-prod-131-fxsxf HTTP 303
  • https://lumos.vmware.com/assets/lumos.js?namespace=esp&client_id=esp-prod-131-fxsxf

59 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 8base-ransomware-a-heavy-hitting-player
blogs.vmware.com/security/2023/06/
Redirect Chain
  • https://streaklinks.com/Bj7l5tFycmIGoCnrpQX_YqCs/https%3A%2F%2Fblogs.vmware.com%2Fsecurity%2F2023%2F06%2F8base-ransomware-a-heavy-hitting-player
  • https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
32 KB
34 KB
Document
General
Full URL
https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::2ef Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx / PHP/7.4.33
Resource Hash
ddd944257d2360d0606ce79de261a010d9e4319fa2423df8d27ac0319edf739d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
32757
content-type
text/html; charset=UTF-8
date
Wed, 28 Jun 2023 12:12:59 GMT
dc-pool-id
bgf8w2at
expires
Wed, 28 Jun 2023 12:12:59 GMT
pragma
no-cache
server
nginx
server-timing
cdn-cache; desc=HIT edge; dur=5 origin; dur=0 ak_p; desc="468876_388276632_847552058_486_11213_19_0_-";dur=1
strict-transport-security
max-age=31536000
x-powered-by
PHP/7.4.33

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
7de5d7570c321cab-FRA
content-length
0
content-type
text/plain;charset=UTF-8
date
Wed, 28 Jun 2023 12:12:59 GMT
location
https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MAmzywYspxjazQShlEB%2BDYonqbcMY7eTv1sWm0d7Lzlh6b3hwSPTekoefexLE3wDafFTtH5vi3ZZVgnuHL57GbkpSSffr%2BOsG1RjQ%2B%2FKZhjmGxBUK7xtD15A35zNoCD4aQ%2FF27xzpKFwEJMRr0A%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-robots-tag
noindex, nofollow, noarchive, nosnippet
responsive.css
www.vmware.com/content/dam/vmwaredesigns/scrapercontent/
176 KB
29 KB
Stylesheet
General
Full URL
https://www.vmware.com/content/dam/vmwaredesigns/scrapercontent/responsive.css
Requested by
Host: blogs.vmware.com
URL: https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::2ef Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
8b3a46da0990085120dcbbb9bd4655635b58d43e465177a09e6c66d818f35230
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.vmware.com;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:12:59 GMT
content-encoding
gzip
content-security-policy
frame-ancestors 'self' https://*.vmware.com;
server
Apache
access-control-max-age
1000
access-control-allow-methods
GET
content-type
text/css
vary
Accept-Encoding
dc-pool-id
u33xp12k
cache-control
public, must-revalidate, max-age=3600
access-control-allow-credentials
true
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468876_388276632_847552194_20_9180_19_0_-";dur=1
accept-ranges
bytes
access-control-allow-headers
X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
content-length
28768
style.min.css
blogs.vmware.com/security/wp-includes/css/dist/block-library/
93 KB
12 KB
Stylesheet
General
Full URL
https://blogs.vmware.com/security/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by
Host: blogs.vmware.com
URL: https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::2ef Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:12:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Fri, 11 Nov 2022 14:56:45 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
dc-pool-id
dcf6w1ns
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468876_388276632_847552240_1337_10562_20_0_-";dur=1
accept-ranges
bytes
content-length
12518
classic-themes.min.css
blogs.vmware.com/security/wp-includes/css/
217 B
462 B
Stylesheet
General
Full URL
https://blogs.vmware.com/security/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: blogs.vmware.com
URL: https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::2ef Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:12:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 25 Oct 2022 13:45:16 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
dc-pool-id
bgf8w2at
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468876_388276632_847552241_1340_10518_20_0_-";dur=1
accept-ranges
bytes
content-length
189
styles.css
blogs.vmware.com/security/wp-content/plugins/better-click-to-tweet/assets/css/
2 KB
892 B
Stylesheet
General
Full URL
https://blogs.vmware.com/security/wp-content/plugins/better-click-to-tweet/assets/css/styles.css?ver=3.0
Requested by
Host: blogs.vmware.com
URL: https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::2ef Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e453554e6885591ad9afaa69013198fe38891dfad0e6a09a8fef7d6d7c6cbf3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:12:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 13 Jun 2023 17:29:56 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
dc-pool-id
bgf8w2at
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468876_388276632_847552242_1343_10893_20_0_-";dur=1
accept-ranges
bytes
content-length
619
g_onetrust.css
blogs.vmware.com/security/wp-content/plugins/onetrust-vmware-mu/css/
782 B
660 B
Stylesheet
General
Full URL
https://blogs.vmware.com/security/wp-content/plugins/onetrust-vmware-mu/css/g_onetrust.css?ver=6.1.1
Requested by
Host: blogs.vmware.com
URL: https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::2ef Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
2f090a05f250f0f8854ef4db0a845f890f4c5735b41acf0c9b0a83fda98a4a09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:12:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Mon, 21 Sep 2020 05:37:05 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
dc-pool-id
bgf8w2at
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=6, origin; dur=0, ak_p; desc="468876_388276632_847552243_1895_10483_20_0_-";dur=1
accept-ranges
bytes
content-length
364
rounded-thumbs.min.css
blogs.vmware.com/security/wp-content/plugins/contextual-related-posts/css/
1 KB
738 B
Stylesheet
General
Full URL
https://blogs.vmware.com/security/wp-content/plugins/contextual-related-posts/css/rounded-thumbs.min.css?ver=3.2.3
Requested by
Host: blogs.vmware.com
URL: https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::2ef Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
088cb0b5b803bbf57403577861d1f063b6a45fe9fd7adcfab7944f962ac81be9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:12:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 02 Aug 2022 00:37:26 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
dc-pool-id
dcf6w1ns
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468876_388276632_847552244_1344_10492_20_0_-";dur=1
accept-ranges
bytes
content-length
465
style.css
blogs.vmware.com/security/wp-content/plugins/meks-smart-author-widget/css/
234 B
428 B
Stylesheet
General
Full URL
https://blogs.vmware.com/security/wp-content/plugins/meks-smart-author-widget/css/style.css?ver=1.1.1
Requested by
Host: blogs.vmware.com
URL: https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::2ef Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
832f350d6d5335f0c7dd62bf45c30d5808a7d35249be1711e699b5ac68ffc9af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:12:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Fri, 07 Feb 2020 12:57:32 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
dc-pool-id
bgf8w2at
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468876_388276632_847552245_1357_10465_20_0_-";dur=1
accept-ranges
bytes
content-length
155
main-3089d13a45.css
blogs.vmware.com/security/wp-content/themes/vmware-security-0.2.2/dist/styles/
256 KB
36 KB
Stylesheet
General
Full URL
https://blogs.vmware.com/security/wp-content/themes/vmware-security-0.2.2/dist/styles/main-3089d13a45.css
Requested by
Host: blogs.vmware.com
URL: https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::2ef Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
fe7f18f5cc3719144a794426f0608bb6ce73bd5f9ad3929a59f8106763dca2d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:12:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 28 Jun 2022 23:07:24 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
dc-pool-id
dcf6w1ns
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468876_388276632_847552246_1347_10406_20_0_-";dur=1
accept-ranges
bytes
content-length
36780
/
blogs.vmware.com/security/
Redirect Chain
  • https://blogs.vmware.com/security?display_custom_css=css&ver=6.1.1
  • https://blogs.vmware.com/security/?display_custom_css=css&ver=6.1.1
105 B
390 B
Stylesheet
General
Full URL
https://blogs.vmware.com/security/?display_custom_css=css&ver=6.1.1
Requested by
Host: blogs.vmware.com
URL: https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
Protocol
H2
Server
2a02:26f0:3500:894::2ef Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx / PHP/7.4.33
Resource Hash
fbc18e145cdbeb64ab7397220a13bf5dd5073ab111689c38de863b4e010d9ed2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:12:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
server
nginx
x-powered-by
PHP/7.4.33
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
dc-pool-id
bgf8w2at
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468876_388276632_847552322_224_10087_19_0_-";dur=1
content-length
110

Redirect headers

date
Wed, 28 Jun 2023 12:12:59 GMT
strict-transport-security
max-age=31536000
server
nginx
x-powered-by
PHP/7.4.33
x-redirect-by
WordPress
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://blogs.vmware.com/security/?display_custom_css=css&ver=6.1.1
dc-pool-id
bgf8w2at
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468876_388276632_847552247_1350_10457_20_0_-";dur=1
content-length
0
expires
Wed, 28 Jun 2023 13:12:59 GMT
g_onetrust.js
blogs.vmware.com/security/wp-content/plugins/onetrust-vmware-mu/js/
1 KB
892 B
Script
General
Full URL
https://blogs.vmware.com/security/wp-content/plugins/onetrust-vmware-mu/js/g_onetrust.js?ver=6.1.1
Requested by
Host: blogs.vmware.com
URL: https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::2ef Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
6a44c4e95239008073f3d2a30763492443d0a72ba3f31f34c9c097b5a9046c58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:12:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 19 Aug 2020 11:40:49 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
dc-pool-id
bgf8w2at
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468876_388276632_847552248_1350_10417_20_0_-";dur=1
accept-ranges
bytes
content-length
610
jquery.min.js
blogs.vmware.com/security/wp-includes/js/jquery/
88 KB
31 KB
Script
General
Full URL
https://blogs.vmware.com/security/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: blogs.vmware.com
URL: https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::2ef Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:12:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Mon, 19 Sep 2022 14:16:24 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
dc-pool-id
bgf8w2at
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468876_388276632_847552249_1351_10347_20_0_-";dur=1
accept-ranges
bytes
content-length
31038
jquery-migrate.min.js
blogs.vmware.com/security/wp-includes/js/jquery/
11 KB
4 KB
Script
General
Full URL
https://blogs.vmware.com/security/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: blogs.vmware.com
URL: https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::2ef Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:12:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
dc-pool-id
bgf8w2at
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468876_388276632_847552250_1354_10306_20_0_-";dur=1
accept-ranges
bytes
content-length
4169
utag.sync.js
tags.tiqcdn.com/utag/vmware/microsites-privacy/prod/
201 KB
57 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/vmware/microsites-privacy/prod/utag.sync.js?ver=6.1.1
Requested by
Host: blogs.vmware.com
URL: https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:ce00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
26b737ce82d75053243eff025729fecc4ece022e35251b13fc6b1c117b4342fa

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
J9vOrrHCZgabpzbFJjjcf6Fjz3pBx_f2
content-encoding
br
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Wed, 28 Jun 2023 12:09:42 GMT
last-modified
Wed, 28 Jun 2023 06:49:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
197
x-amz-server-side-encryption
AES256
etag
W/"c7633d1610f3bf71bb9ab4e4e8b3e880"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
aVrUt_ZqY4tivPry2xtPWM9l8YkZr3RdaG2kMWcdApW8y3UKmk_u1Q==
marker-animation.js
blogs.vmware.com/security/wp-content/themes/vmware-security-0.2.2/inc/wp-scripts/
6 KB
3 KB
Script
General
Full URL
https://blogs.vmware.com/security/wp-content/themes/vmware-security-0.2.2/inc/wp-scripts/marker-animation.js?ver=6.1.1
Requested by
Host: blogs.vmware.com
URL: https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::2ef Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
c68deba0294e0ed06089c2500441dd15e4155a4291355719cd6804defc75da5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:12:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 28 Jun 2022 23:07:24 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
dc-pool-id
dcf6w1ns
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468876_388276632_847552251_1354_10357_20_0_-";dur=1
accept-ranges
bytes
content-length
2336
utag_data.js
www.vmware.com/files/templates/inc/
8 KB
3 KB
Script
General
Full URL
https://www.vmware.com/files/templates/inc/utag_data.js
Requested by
Host: blogs.vmware.com
URL: https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::2ef Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
826619928ab943284e8d73726108b44e5cdd4dfdee7eeba21b09d3f5765eadfe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.vmware.com;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:12:59 GMT
content-encoding
gzip
content-security-policy
frame-ancestors 'self' https://*.vmware.com;
server
Apache
access-control-max-age
1000
access-control-allow-methods
GET
content-type
application/javascript
vary
Accept-Encoding
dc-pool-id
4vbxp420
cache-control
public, must-revalidate, max-age=3600
access-control-allow-credentials
true
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468876_388276632_847552252_1354_10152_20_0_-";dur=1
accept-ranges
bytes
access-control-allow-headers
X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
content-length
2781
vmware-logo-large.png
blogs.vmware.com/security/wp-content/themes/vmware-security-0.2.2/dist/images/
4 KB
4 KB
Image
General
Full URL
https://blogs.vmware.com/security/wp-content/themes/vmware-security-0.2.2/dist/images/vmware-logo-large.png
Requested by
Host: blogs.vmware.com
URL: https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::2ef Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
528f6be3592f46be7126029a99daa89c1dd3711cf5fab20939309de97ebbc31a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:12:59 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 28 Jun 2022 23:07:24 GMT
server
nginx
content-type
image/png
dc-pool-id
bgf8w2at
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468876_388276632_847552435_127_9762_19_0_-";dur=1
accept-ranges
bytes
content-length
4250
Tom-Gillis_VMware-Security_Contexa-Threat-Intelligence-410x222.jpg
blogs.vmware.com/security/files/2022/06/
23 KB
23 KB
Image
General
Full URL
https://blogs.vmware.com/security/files/2022/06/Tom-Gillis_VMware-Security_Contexa-Threat-Intelligence-410x222.jpg
Requested by
Host: blogs.vmware.com
URL: https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::2ef Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx / PHP/7.4.29
Resource Hash
e5fdb43f2c7f1a5596e4dfe55b42b07a0718479f2f01aef135e0bbf75b119494
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:12:59 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Jun 2022 23:58:48 GMT
server
nginx
x-powered-by
PHP/7.4.29
etag
"9e33053592d35fdd34dc19e43e84953f"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
dc-pool-id
bgf8w2at
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468876_388276632_847552436_170_9654_19_0_-";dur=1
content-length
23378
Threat-Research_Featured-410x222.png
blogs.vmware.com/security/files/2022/03/
85 KB
86 KB
Image
General
Full URL
https://blogs.vmware.com/security/files/2022/03/Threat-Research_Featured-410x222.png
Requested by
Host: blogs.vmware.com
URL: https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::2ef Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx / PHP/7.4.29
Resource Hash
4419ebe4c794bc0ae0967f648f2cf6a625476ec59d56d24c93c91c2fde08815d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:12:59 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 17 Mar 2022 03:40:54 GMT
server
nginx
x-powered-by
PHP/7.4.29
etag
"04d6852f84afec988c8faf92f9d1da65"
x-frame-options
SAMEORIGIN
content-type
image/png
dc-pool-id
bgf8w2at
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468876_388276632_847552437_131_9622_19_0_-";dur=1
content-length
87532
photo_security9_screens-410x222.jpg
blogs.vmware.com/security/files/2022/03/
20 KB
20 KB
Image
General
Full URL
https://blogs.vmware.com/security/files/2022/03/photo_security9_screens-410x222.jpg
Requested by
Host: blogs.vmware.com
URL: https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::2ef Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx / PHP/7.4.29
Resource Hash
0667f1d5e6d4928d7f140a72ad4970fecb5c6a7caf09e26d08d526a831aa073b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:12:59 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 17 Mar 2022 03:37:42 GMT
server
nginx
x-powered-by
PHP/7.4.29
etag
"948649835c8783caa1cc3184492713ba"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
dc-pool-id
bgf8w2at
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468876_388276632_847552438_179_9212_19_0_-";dur=1
content-length
20164
globecyberattack-e1647877118160-410x222.jpg
blogs.vmware.com/security/files/2022/02/
21 KB
22 KB
Image
General
Full URL
https://blogs.vmware.com/security/files/2022/02/globecyberattack-e1647877118160-410x222.jpg
Requested by
Host: blogs.vmware.com
URL: https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::2ef Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx / PHP/7.4.29
Resource Hash
8f200f9561e423ae6563d09abe143d4ecf57783d4915832a2496d599530b1a3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:12:59 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 21 Mar 2022 15:37:51 GMT
server
nginx
x-powered-by
PHP/7.4.29
etag
"90943aaaa5a1aaaf5ecd9c8e91d54c69"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
dc-pool-id
bgf8w2at
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468876_388276632_847552439_133_9696_19_0_-";dur=1
content-length
21787
404.png
blogs.vmware.com/security/wp-content/themes/vmware-security-0.2.2/dist/images/
10 KB
10 KB
Image
General
Full URL
https://blogs.vmware.com/security/wp-content/themes/vmware-security-0.2.2/dist/images/404.png
Requested by
Host: blogs.vmware.com
URL: https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::2ef Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9db14da7b140b80127530da72690bc064c8c85b5a6bebf9d510940537df56646
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:12:59 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 28 Jun 2022 23:07:24 GMT
server
nginx
content-type
image/png
dc-pool-id
bgf8w2at
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468876_388276632_847552440_133_9661_19_0_-";dur=1
accept-ranges
bytes
content-length
10177
main-77d5692421.js
blogs.vmware.com/security/wp-content/themes/vmware-security-0.2.2/dist/scripts/
198 KB
57 KB
Script
General
Full URL
https://blogs.vmware.com/security/wp-content/themes/vmware-security-0.2.2/dist/scripts/main-77d5692421.js?ver=1656457644
Requested by
Host: blogs.vmware.com
URL: https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::2ef Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
c778db3f26d8857d58085536b2e4f36f9abb03da6eb2626f883aaf97952ccda5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:12:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 28 Jun 2022 23:07:24 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
dc-pool-id
bgf8w2at
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468876_388276632_847552352_21_10328_20_0_-";dur=1
accept-ranges
bytes
content-length
57738
scrapercontent.us.js
www.vmware.com/bin/vmware/template/
123 KB
12 KB
Script
General
Full URL
https://www.vmware.com/bin/vmware/template/scrapercontent.us.js
Requested by
Host: blogs.vmware.com
URL: https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::2ef Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
5b80665bead72991ec7d7d9eacc282d11dd303c292adee26b3292fb89267428e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.vmware.com;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:12:59 GMT
content-encoding
gzip
content-security-policy
frame-ancestors 'self' https://*.vmware.com;
server
Apache
vary
Accept-Encoding
content-type
application/javascript
dc-pool-id
u33xp12k
cache-control
public, must-revalidate, max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468876_388276632_847552423_229_8621_19_0_-";dur=1
accept-ranges
bytes
content-length
11864
responsive.js
www.vmware.com/content/dam/vmwaredesigns/scrapercontent/
214 KB
50 KB
Script
General
Full URL
https://www.vmware.com/content/dam/vmwaredesigns/scrapercontent/responsive.js
Requested by
Host: blogs.vmware.com
URL: https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::2ef Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
1495358750956ad0b24bc7f66eba222258647b0ad56fa92c163da416e3915095
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.vmware.com;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:12:59 GMT
content-encoding
gzip
content-security-policy
frame-ancestors 'self' https://*.vmware.com;
server
Apache
access-control-max-age
1000
access-control-allow-methods
GET
content-type
application/javascript
vary
Accept-Encoding
dc-pool-id
p3tx622k
cache-control
public, must-revalidate, max-age=3600
access-control-allow-credentials
true
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468876_388276632_847552434_127_9663_19_0_-";dur=1
accept-ranges
bytes
access-control-allow-headers
X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
content-length
50314
wp-emoji-release.min.js
blogs.vmware.com/security/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://blogs.vmware.com/security/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by
Host: blogs.vmware.com
URL: https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::2ef Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:12:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 12 Apr 2022 05:56:23 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
dc-pool-id
bgf8w2at
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468876_388276632_847552441_142_9462_19_0_-";dur=1
accept-ranges
bytes
content-length
5004
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
21 KB
7 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/vmware/microsites-privacy/prod/utag.sync.js?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffc79feebdfe105c3de8840c2a5814b3fae59d3529463fdf9329080967ed92ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Jun 2023 12:13:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Ss3gfiwT9vXTSvNlfc+4JQ==
age
71472
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6820
x-ms-lease-status
unlocked
last-modified
Mon, 26 Jun 2023 18:15:29 GMT
server
cloudflare
etag
0x8DB7671529D7907
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f7f39f14-f01e-0180-5767-a83d19000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7de5d75b48671c2a-FRA
rendercontent
www.vmware.com/bin/vmware/entityid/
4 B
2 KB
XHR
General
Full URL
https://www.vmware.com/bin/vmware/entityid/rendercontent?assetpath=blogs.vmware.com%2Fsecurity%2F2023%2F06%2F8base-ransomware-a-heavy-hitting-player
Requested by
Host: blogs.vmware.com
URL: https://blogs.vmware.com/security/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::2ef Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.vmware.com;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://blogs.vmware.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 12:13:00 GMT
content-security-policy
frame-ancestors 'self' https://*.vmware.com;
x-content-type-options
nosniff
server
Apache
access-control-allow-methods
GET
content-type
application/json;charset=utf-8
access-control-allow-origin
*
dc-pool-id
p3tx622k
cache-control
max-age=0, no-cache, no-store
server-timing
cdn-cache; desc=MISS, edge; dur=147, origin; dur=73, ak_p; desc="468876_388276632_847552506_22058_11342_19_0_-";dur=1
content-length
4
expires
Wed, 28 Jun 2023 12:13:00 GMT
icon-magnifying-glass-cobalt.svg
blogs.vmware.com/security/wp-content/themes/vmware-security-0.2.2/dist/images/
434 B
692 B
Image
General
Full URL
https://blogs.vmware.com/security/wp-content/themes/vmware-security-0.2.2/dist/images/icon-magnifying-glass-cobalt.svg
Requested by
Host: blogs.vmware.com
URL: https://blogs.vmware.com/security/wp-content/themes/vmware-security-0.2.2/dist/styles/main-3089d13a45.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::2ef Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
8ff02af5bffd2c74d16f20fddb34bc7ec51c93e13544fdf2e1f4a1c5845da82c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/security/wp-content/themes/vmware-security-0.2.2/dist/styles/main-3089d13a45.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:13:00 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 28 Jun 2022 23:07:24 GMT
server
nginx
content-type
image/svg+xml
dc-pool-id
dcf6w1ns
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468876_388276632_847552468_788_10690_20_0_-";dur=1
accept-ranges
bytes
content-length
434
icon-rss-cobalt.svg
blogs.vmware.com/security/wp-content/themes/vmware-security-0.2.2/dist/images/
713 B
971 B
Image
General
Full URL
https://blogs.vmware.com/security/wp-content/themes/vmware-security-0.2.2/dist/images/icon-rss-cobalt.svg
Requested by
Host: blogs.vmware.com
URL: https://blogs.vmware.com/security/wp-content/themes/vmware-security-0.2.2/dist/styles/main-3089d13a45.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::2ef Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
226c002f5f97e0cf2a4cf1e930fa0a0d32dcdd641d960042810ee93c14c44dfa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/security/wp-content/themes/vmware-security-0.2.2/dist/styles/main-3089d13a45.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:13:00 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 28 Jun 2022 23:07:24 GMT
server
nginx
content-type
image/svg+xml
dc-pool-id
bgf8w2at
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468876_388276632_847552472_795_10485_20_0_-";dur=1
accept-ranges
bytes
content-length
713
Metropolis-Regular.woff2
blogs.vmware.com/security/wp-content/themes/vmware-security-0.2.2/dist/fonts/
11 KB
12 KB
Font
General
Full URL
https://blogs.vmware.com/security/wp-content/themes/vmware-security-0.2.2/dist/fonts/Metropolis-Regular.woff2
Requested by
Host: blogs.vmware.com
URL: https://blogs.vmware.com/security/wp-content/themes/vmware-security-0.2.2/dist/styles/main-3089d13a45.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::2ef Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
7eab176359f9cb1dec55ae347dd45d3f1947a54f367e7a8011302711296e264d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://blogs.vmware.com/security/wp-content/themes/vmware-security-0.2.2/dist/styles/main-3089d13a45.css
Origin
https://blogs.vmware.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:13:00 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 28 Jun 2022 23:07:24 GMT
server
nginx
content-type
font/woff2
dc-pool-id
bgf8w2at
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468876_388276632_847552469_789_10704_20_0_-";dur=1
accept-ranges
bytes
content-length
11544
Metropolis-Light.woff2
blogs.vmware.com/security/wp-content/themes/vmware-security-0.2.2/dist/fonts/
11 KB
12 KB
Font
General
Full URL
https://blogs.vmware.com/security/wp-content/themes/vmware-security-0.2.2/dist/fonts/Metropolis-Light.woff2
Requested by
Host: blogs.vmware.com
URL: https://blogs.vmware.com/security/wp-content/themes/vmware-security-0.2.2/dist/styles/main-3089d13a45.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::2ef Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
b82ac9377577170cb4e1e0c1b2bc4512fda7340087e7ec9706e5d79de66a2ed5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://blogs.vmware.com/security/wp-content/themes/vmware-security-0.2.2/dist/styles/main-3089d13a45.css
Origin
https://blogs.vmware.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:13:00 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 28 Jun 2022 23:07:24 GMT
server
nginx
content-type
font/woff2
dc-pool-id
dcf6w1ns
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468876_388276632_847552470_796_10710_20_0_-";dur=1
accept-ranges
bytes
content-length
11680
Metropolis-Medium.woff2
blogs.vmware.com/security/wp-content/themes/vmware-security-0.2.2/dist/fonts/
11 KB
12 KB
Font
General
Full URL
https://blogs.vmware.com/security/wp-content/themes/vmware-security-0.2.2/dist/fonts/Metropolis-Medium.woff2
Requested by
Host: blogs.vmware.com
URL: https://blogs.vmware.com/security/wp-content/themes/vmware-security-0.2.2/dist/styles/main-3089d13a45.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::2ef Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
2114f81b0fd9980770e14c6da5ca4c2b84d2f1a73c119570d242a614743f3b6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://blogs.vmware.com/security/wp-content/themes/vmware-security-0.2.2/dist/styles/main-3089d13a45.css
Origin
https://blogs.vmware.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:13:00 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 28 Jun 2022 23:07:24 GMT
server
nginx
content-type
font/woff2
dc-pool-id
dcf6w1ns
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468876_388276632_847552471_792_10667_20_0_-";dur=1
accept-ranges
bytes
content-length
11692
metropolis-light-webfont.woff2
www.vmware.com/etc.clientlibs/vmware-modernize-cms/componentlibrary/clientlibs/clientlib-dependencies/resources/fonts/
19 KB
19 KB
Font
General
Full URL
https://www.vmware.com/etc.clientlibs/vmware-modernize-cms/componentlibrary/clientlibs/clientlib-dependencies/resources/fonts/metropolis-light-webfont.woff2
Requested by
Host: www.vmware.com
URL: https://www.vmware.com/content/dam/vmwaredesigns/scrapercontent/responsive.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::2ef Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
8501c833e508c85ca35969513569fa47bc62bd66321ac204ecc24c92c3a6bff6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.vmware.com;

Request headers

Referer
https://www.vmware.com/content/dam/vmwaredesigns/scrapercontent/responsive.css
Origin
https://blogs.vmware.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:13:00 GMT
content-security-policy
frame-ancestors 'self' https://*.vmware.com;
server
Apache
access-control-allow-origin
*
dc-pool-id
4vbxp420
cache-control
public, must-revalidate, max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468876_388276632_847552529_21_9963_19_0_-";dur=1
accept-ranges
bytes
content-length
18952
fontawesome-webfont.woff2
www.vmware.com/etc.clientlibs/vmware-modernize-cms/componentlibrary/clientlibs/clientlib-dependencies/resources/fonts/
123 KB
123 KB
Font
General
Full URL
https://www.vmware.com/etc.clientlibs/vmware-modernize-cms/componentlibrary/clientlibs/clientlib-dependencies/resources/fonts/fontawesome-webfont.woff2
Requested by
Host: www.vmware.com
URL: https://www.vmware.com/content/dam/vmwaredesigns/scrapercontent/responsive.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::2ef Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
4f01c7ac30cf937559ed8790e81398fe0f3fd191f77f09e11d5f0cc33981afa9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.vmware.com;

Request headers

Referer
https://www.vmware.com/content/dam/vmwaredesigns/scrapercontent/responsive.css
Origin
https://blogs.vmware.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:13:00 GMT
content-security-policy
frame-ancestors 'self' https://*.vmware.com;
server
Apache
access-control-allow-origin
*
dc-pool-id
4vbxp420
cache-control
public, must-revalidate, max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468876_388276632_847552530_24_9908_19_0_-";dur=1
accept-ranges
bytes
content-length
125836
vmware-logo-grey.svg
www.vmware.com/content/dam/digitalmarketing/vmware/en/images/company/
4 KB
4 KB
Image
General
Full URL
https://www.vmware.com/content/dam/digitalmarketing/vmware/en/images/company/vmware-logo-grey.svg
Requested by
Host: blogs.vmware.com
URL: https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::2ef Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e6ee5d13b45f73b59f9575a2741d90bc2e88178b9a3e53674bb266a18001b064
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.vmware.com;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:13:00 GMT
content-security-policy
frame-ancestors 'self' https://*.vmware.com;
server
Apache
access-control-max-age
1000
access-control-allow-methods
GET
content-type
image/svg+xml
dc-pool-id
p3tx622k
cache-control
public, must-revalidate, max-age=3600
access-control-allow-credentials
true
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468876_388276632_847552534_18_7774_20_0_-";dur=1
accept-ranges
bytes
access-control-allow-headers
X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
content-length
3824
lumos.js
lumos.vmware.com/assets/
Redirect Chain
  • https://feedback.esp.vmware.com/assets/ipf/esp.js?client_id=esp-prod-131-fxsxf
  • https://lumos.vmware.com/assets/lumos.js?namespace=esp&client_id=esp-prod-131-fxsxf
70 KB
71 KB
Script
General
Full URL
https://lumos.vmware.com/assets/lumos.js?namespace=esp&client_id=esp-prod-131-fxsxf
Requested by
Host: blogs.vmware.com
URL: https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
Protocol
H2
Server
2600:9000:206f:a600:1b:f6e1:4540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
eb8c98b4082c75bebb5c44d08b01836b34013fe37b9997f7daee265dae0d0a96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:13:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
etag
W/"e50ed40795ced341fa04a3b1d9b1321f"
access-control-max-age
1728000
access-control-allow-methods
HEAD,GET
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=3600
x-frame-options
DENY
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
vary
Origin
x-amz-cf-id
E6t91jxschyq-SMEP_fDFQVljzES8jBVccAnFZbi_U5_CkZQs72cnA==

Redirect headers

date
Wed, 28 Jun 2023 12:13:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
content-length
0
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
access-control-max-age
1728000
access-control-allow-methods
HEAD,DELETE,POST,GET,PUT
location
https://lumos.vmware.com/assets/lumos.js?namespace=esp&client_id=esp-prod-131-fxsxf
access-control-allow-origin
*
x-frame-options
DENY
vary
Origin
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-amz-cf-id
Re2xsnpHtOd8qAxN7gRZ_3s2c_bBmSl4QMwF67QchWlc6XUy2oorWw==
b9242434-9feb-47be-a894-3a9e658fdd50.json
cdn.cookielaw.org/consent/b9242434-9feb-47be-a894-3a9e658fdd50/
8 KB
3 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/b9242434-9feb-47be-a894-3a9e658fdd50/b9242434-9feb-47be-a894-3a9e658fdd50.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92e2cf9d1caaa016bd69f2df30470ca8f9ef86d2aead99688f326fc36f29597b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Jun 2023 12:13:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
VFx3b2J2z8Djo6Ayb59uRA==
age
85990
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2274
x-ms-lease-status
unlocked
last-modified
Mon, 10 Apr 2023 15:39:52 GMT
server
cloudflare
etag
0x8DB39D9D39AFA03
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
9fd8775e-c01e-0144-0fc2-6b42df000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7de5d75c09862c3e-FRA
expires
Thu, 29 Jun 2023 12:13:00 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
59 B
304 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33110d24cbb506c398f40acebf7e9b4314b3644bda60332a7c993637c957bef1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://blogs.vmware.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:13:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
7de5d75cac6918e4-FRA
access-control-allow-headers
Content-Type
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202303.1.0/
407 KB
98 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202303.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
099d33a1d679bcfa3722a172d91742af80d45166f760db1512e4944a9d95bc23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Jun 2023 12:13:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
12zQcT/rVMicuxojEvnp3g==
age
24577
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
100389
x-ms-lease-status
unlocked
last-modified
Tue, 18 Apr 2023 02:32:15 GMT
server
cloudflare
etag
0x8DB3FB51FD9A927
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4a759dcb-501e-0089-6bb0-7161c2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7de5d75cea221c2a-FRA
en-us.json
cdn.cookielaw.org/consent/b9242434-9feb-47be-a894-3a9e658fdd50/5cc05883-a6ef-4ca5-b48a-a647822b33fd/
466 KB
82 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/b9242434-9feb-47be-a894-3a9e658fdd50/5cc05883-a6ef-4ca5-b48a-a647822b33fd/en-us.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3499999d5786dff2d41ccdf1360aa5a0fbc53925259273ce7e0ad8fa845f7c00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Jun 2023 12:13:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
kgz5i0Bi1Mq7MC0aUA4IXA==
age
56908
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
83573
x-ms-lease-status
unlocked
last-modified
Mon, 10 Apr 2023 15:40:07 GMT
server
cloudflare
etag
0x8DB39D9DC5D4128
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
03aa2553-f01e-012a-7bc2-6bebf6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7de5d75d5b692c3e-FRA
expires
Thu, 29 Jun 2023 12:13:00 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/202303.1.0/assets/
13 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202303.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Jun 2023 12:13:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
QSeDXFW8Ey6Sps1UWSFoNg==
age
50932
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3020
x-ms-lease-status
unlocked
last-modified
Tue, 18 Apr 2023 02:32:07 GMT
server
cloudflare
etag
0x8DB3FB51B21D3A6
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
b57dbe29-d01e-0179-2012-72f7f9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7de5d75dec482c3e-FRA
otPcTab.json
cdn.cookielaw.org/scripttemplates/202303.1.0/assets/v2/
62 KB
13 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202303.1.0/assets/v2/otPcTab.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd59848705700c676f53c35e5ce30bb68308374bb70577911494b1efee6b176a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Jun 2023 12:13:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
EdKfLim+rSnHw/A35nKkCg==
age
26416
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
13392
x-ms-lease-status
unlocked
last-modified
Tue, 18 Apr 2023 02:32:10 GMT
server
cloudflare
etag
0x8DB3FB51C9C0994
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
cbe8f242-b01e-00ee-0911-72d265000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7de5d75dec4d2c3e-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202303.1.0/assets/
21 KB
4 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202303.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Jun 2023 12:13:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
XcxlleAcPGO2n5kTZrHH2Q==
age
85266
x-ms-lease-status
unlocked
last-modified
Tue, 18 Apr 2023 02:32:19 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
e7383b57-c01e-00ae-410e-72fb8b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7de5d75dec4e2c3e-FRA
Close-256.png
www.vmware.com/content/dam/digitalmarketing/onetrust/assets/icons/
2 KB
2 KB
Image
General
Full URL
https://www.vmware.com/content/dam/digitalmarketing/onetrust/assets/icons/Close-256.png
Requested by
Host: blogs.vmware.com
URL: https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::2ef Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
87ba1ab2232f676a3ccd87339d250dbb248208f834ed6f690ecef0046dda195c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.vmware.com;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:13:00 GMT
content-security-policy
frame-ancestors 'self' https://*.vmware.com;
server
Apache
access-control-max-age
1000
access-control-allow-methods
GET
content-type
image/png
dc-pool-id
u33xp12k
cache-control
public, must-revalidate, max-age=3600
access-control-allow-credentials
true
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468876_388276632_847553031_18_10598_20_0_-";dur=1
accept-ranges
bytes
access-control-allow-headers
X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
content-length
1769
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/
497 B
494 B
Fetch
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Jun 2023 12:13:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
53684
x-ms-lease-status
unlocked
last-modified
Mon, 26 Jun 2023 18:15:35 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
57ea638b-001e-0152-45c8-a88341000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7de5d75e4cd92c3e-FRA
vmware-logo.png
cdn.cookielaw.org/logos/75805b91-90db-405c-a89b-da401a2aa4e2/5bc32779-3fc1-4b75-9d8d-00383f35a8dc/144445c7-0781-4866-b2fb-fab47c5c83ed/
5 KB
5 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/75805b91-90db-405c-a89b-da401a2aa4e2/5bc32779-3fc1-4b75-9d8d-00383f35a8dc/144445c7-0781-4866-b2fb-fab47c5c83ed/vmware-logo.png
Requested by
Host: blogs.vmware.com
URL: https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0a51c4ab47bf28c3411e18576ac05c5e4ff96635b0d49f1bda27c2626fb2828
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Jun 2023 12:13:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
dynMrJsWSA+emlJCAEAkFA==
age
70592
content-length
5427
x-ms-lease-status
unlocked
last-modified
Tue, 07 Mar 2023 21:31:07 GMT
server
cloudflare
etag
0x8DB1F534313C1C8
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
bd792915-601e-016b-10e2-5ac3e5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7de5d75e6bcd1c2a-FRA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/
5 KB
2 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: blogs.vmware.com
URL: https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Jun 2023 12:13:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
61506
x-ms-lease-status
unlocked
last-modified
Mon, 26 Jun 2023 18:15:35 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
62661795-901e-00b6-2f21-a9d61e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7de5d75e6bce1c2a-FRA
features
lumos.vmware.com/api/lumos/v1/client/esp-prod-131-fxsxf/
0
0
Preflight
General
Full URL
https://lumos.vmware.com/api/lumos/v1/client/esp-prod-131-fxsxf/features
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:a600:1b:f6e1:4540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://blogs.vmware.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods
HEAD,GET
access-control-allow-origin
*
access-control-max-age
1728000
date
Wed, 28 Jun 2023 12:13:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
x-amz-cf-id
uA-Nc_uPtQr-dmKbf3mCqBLSY4IKGFbM_Wz0J71oGOMbhp8opDjKlA==
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
features
lumos.vmware.com/api/lumos/v1/client/esp-prod-131-fxsxf/
197 B
850 B
XHR
General
Full URL
https://lumos.vmware.com/api/lumos/v1/client/esp-prod-131-fxsxf/features
Requested by
Host: feedback.esp.vmware.com
URL: https://feedback.esp.vmware.com/assets/ipf/esp.js?client_id=esp-prod-131-fxsxf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:a600:1b:f6e1:4540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3f522546cc75ce54c6baafc268ac7d9698087b98412f4d56ccd3499e3f98e082
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs.vmware.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 28 Jun 2023 12:13:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
content-length
197
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
access-control-max-age
1728000
access-control-allow-methods
HEAD,GET
content-type
application/json
access-control-allow-origin
*
x-frame-options
DENY
access-control-allow-credentials
true
vary
Origin
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-amz-cf-id
rvnfFnt2TZBH3nQcGeFxziSvaEbrz14PaBqZo4WYuCeK2qCk9UJKhw==
user-details
apigw.vmware.com/v1/m7/api/lumos/user/
81 B
1 KB
Fetch
General
Full URL
https://apigw.vmware.com/v1/m7/api/lumos/user/user-details?client_id=esp-prod-131-fxsxf
Requested by
Host: feedback.esp.vmware.com
URL: https://feedback.esp.vmware.com/assets/ipf/esp.js?client_id=esp-prod-131-fxsxf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:49d::108c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx / Express
Resource Hash
32b9d15b6fb7cee990090469aa481ae85748d43a96d4d9f1684ba9b28b0e9e15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:13:01 GMT
strict-transport-security
max-age=31536000
server
nginx
x-powered-by
Express
etag
W/"51-CWmCR2nVQasAW+lCEAJla0ZWQNw"
access-control-max-age
1728000
access-control-allow-methods
HEAD,GET,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-kong-upstream-latency
4
x-kong-proxy-latency
2
server-timing
cdn-cache; desc=MISS, edge; dur=167, origin; dur=50, ak_p; desc="468876_1551582753_961161502_21631_52028_19_0_-";dur=1
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length
81
utag.js
tags.tiqcdn.com/utag/vmware/microsites-privacy/prod/
485 KB
42 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/vmware/microsites-privacy/prod/utag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/vmware/microsites-privacy/prod/utag.sync.js?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:ce00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0f38f0e877de5af641abe26bd756c429f2e6ad111c4d324011847b5fe8acdf8b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
OFFPSSCtrK8IbIwvGZ786Jk7S_DupIx9
content-encoding
br
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Wed, 28 Jun 2023 12:11:14 GMT
last-modified
Wed, 28 Jun 2023 06:49:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
107
x-amz-server-side-encryption
AES256
etag
W/"4d2502194569f5d6f373bd1f71d23ff1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
ZFi-rAw1aXZso3nih0o0iYx-jsRogjdCAorx9VFT9A1oUA4Hl1aTPg==
utag.156.js
tags.tiqcdn.com/utag/vmware/microsites-privacy/prod/
8 KB
3 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/vmware/microsites-privacy/prod/utag.156.js?utv=202104300611
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/vmware/microsites-privacy/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:ce00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5138846d7feb0b268d799675d81fa4870e5f271ea1b0880a89d287b25ed98d90

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
w4wKbz5m93VCeS79DRvw7c3CoNBTRa68
content-encoding
br
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Wed, 28 Jun 2023 12:12:18 GMT
last-modified
Wed, 28 Jun 2023 06:49:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
55
x-amz-server-side-encryption
AES256
etag
W/"cdeb7d7bfe3f8291f42f4ef08cab7cad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
Bou8F8l51QgZt_aqdOn5uAlRUpNo_hSB0JbVZhhuCsfBlmX0aN4DFA==
utag.168.js
tags.tiqcdn.com/utag/vmware/microsites-privacy/prod/
9 KB
3 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/vmware/microsites-privacy/prod/utag.168.js?utv=202107090717
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/vmware/microsites-privacy/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:ce00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8a07b6462921dacc796fdae56e9f26770e4b2b9ac4b241abc8759beda3f887e8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
LayMkQDFLfDQfLb2hM69uNXdUVkwRikr
content-encoding
br
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Wed, 28 Jun 2023 12:12:47 GMT
last-modified
Wed, 28 Jun 2023 06:49:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
13
x-amz-server-side-encryption
AES256
etag
W/"6be4b820ed62fadde6e3129073944e04"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
QaV6ox5Ji0Nl8nworKCl3Tqeon0eIYFybC5HXNmdB_XyqPQP1uTYzA==
utag.v.js
tags.tiqcdn.com/utag/tiqapp/
2 B
432 B
Script
General
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=vmware/microsites-privacy/202306280648&cb=1687954380869
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/vmware/microsites-privacy/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:ce00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date
Wed, 28 Jun 2023 12:12:52 GMT
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
66
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
server
AmazonS3
etag
"7bc0ee636b3b83484fc3b9348863bd22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
V8agLPhqOrWqzyIckGDuWdwuMDD8TF_BH2hhECl-BljR3yS-TswQzQ==
trigger-events
feedback.esp.vmware.com/api/feedback/v1/
534 B
1 KB
Fetch
General
Full URL
https://feedback.esp.vmware.com/api/feedback/v1/trigger-events?client_id=esp-prod-131-fxsxf&user_id=09f277c098cfb8391311438970b16e2f97c20c1e30cd71e9c657477829668097
Requested by
Host: feedback.esp.vmware.com
URL: https://feedback.esp.vmware.com/assets/ipf/esp.js?client_id=esp-prod-131-fxsxf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:be00:4:d08a:2c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
72ee5ac8794ec2ae209c7c806e3a25df3e3b859c179386ea6316e0e74eac1dac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:13:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
content-length
534
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
access-control-max-age
1728000
access-control-allow-methods
HEAD,DELETE,POST,GET,PUT
content-type
application/json
access-control-allow-origin
*
x-frame-options
DENY
access-control-allow-credentials
true
vary
Origin
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-amz-cf-id
4-VdxgqfAT-8B2yH3qVYL3Ig2pU_nrEMEtY56xYExPzUvJUFuraKJQ==
feedback.js
feedback.esp.vmware.com/assets/ipf/
17 KB
18 KB
Script
General
Full URL
https://feedback.esp.vmware.com/assets/ipf/feedback.js?client_id=esp-prod-131-fxsxf&namespace=feedback&lumos_namespace=esp
Requested by
Host: feedback.esp.vmware.com
URL: https://feedback.esp.vmware.com/assets/ipf/esp.js?client_id=esp-prod-131-fxsxf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:be00:4:d08a:2c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
041c4031ab7adbb29eff2cb922c889df670a1e092e3db7f6f15dc67006af8b16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://blogs.vmware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:13:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
access-control-max-age
1728000
access-control-allow-methods
HEAD,DELETE,POST,GET,PUT
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=3600
x-frame-options
DENY
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
vary
Origin
x-amz-cf-id
wL6GUwPTWN0xKNAAgNvx7-bhWD6udWAEQDg6GvIA-qyaptkXH1xK4g==
details
lumos.vmware.com/api/lumos/v1/client/esp-prod-131-fxsxf/metadata-provider/
52 B
705 B
XHR
General
Full URL
https://lumos.vmware.com/api/lumos/v1/client/esp-prod-131-fxsxf/metadata-provider/details
Requested by
Host: feedback.esp.vmware.com
URL: https://feedback.esp.vmware.com/assets/ipf/esp.js?client_id=esp-prod-131-fxsxf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:a600:1b:f6e1:4540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d6d890f68050b24c43652efa66cfd63005b2aabf3e53b6165af8b0af9493533e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs.vmware.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 28 Jun 2023 12:13:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
content-length
52
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
access-control-max-age
1728000
access-control-allow-methods
HEAD,GET
content-type
application/json
access-control-allow-origin
*
x-frame-options
DENY
access-control-allow-credentials
true
vary
Origin
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-amz-cf-id
BMQoBLFdFavkUWUJMM-WgEW4fDB_C8mB_oofGaFXNgYKBD2DKoqUFg==
details
lumos.vmware.com/api/lumos/v1/client/esp-prod-131-fxsxf/metadata-provider/
0
0
Preflight
General
Full URL
https://lumos.vmware.com/api/lumos/v1/client/esp-prod-131-fxsxf/metadata-provider/details
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:a600:1b:f6e1:4540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://blogs.vmware.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods
HEAD,GET
access-control-allow-origin
*
access-control-max-age
1728000
date
Wed, 28 Jun 2023 12:13:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
x-amz-cf-id
vLzRVJkTalqAdm8FAomy_wshMU5GDxGR358FLd9fhm7NXxHiZVTU-Q==
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront

Verdicts & Comments Add Verdict or Comment

179 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend object| _wpemojiSettings number| ot_inx function| getCookieOneTrust function| contentManageOneTrust function| appendContentOneTrust function| $ function| jQuery string| sitedomain object| datadomain string| ddscript object| oneTrustScript function| OptanonWrapper function| getCookieOT object| lowerinstdomains object| proddomains number| loadTargetFlag function| MD5 function| M function| X function| V function| Y function| md5_cmn function| md5_ff function| md5_gg function| md5_hh function| md5_ii function| safe_add function| bit_rol number| finalEId string| Epath string| md5HashEId number| md5HashEIdParse string| md5HashEIdString string| integerStringEId string| integerValEId string| visitor object| css object| firstScript object| metaUtag string| utagScript number| oTWtime string| getOneTrustCookie undefined| utVar function| utdataCheck number| myVar function| waitForOneTrust function| setOpacity function| loadUtag function| privacyMessage function| loadVisitorAPI string| pp1 string| pp2 string| pp3 string| pp4 string| pp5 string| pp6 string| pp7 string| pp8 string| pp9 string| awatch string| pp10 string| pp11 string| pp12 string| pp13 string| pp14 string| pp15 string| pp16 boolean| loadDB undefined| dbInfo1 function| setdata function| loadTarget string| company_name string| industry string| sub_industry string| employee_range string| city string| state string| country string| audience string| acct_watch string| country_code string| isp string| web_site string| category_Id function| targetPageParams function| createEntityAssetMbox string| entitypagePath string| protocol function| set_mbox_variables function| targetPageParamsAll object| MarkerAnimation function| getCookie object| URLobj object| url string| campaign_cookie object| fp string| pn number| c_start object| utag_data undefined| headTag undefined| jqTag function| objectFitImages object| bootstrap object| lazySizesConfig object| lazySizes object| Handlebars object| vmware function| aemimport function| loadTemplate string| localeLang string| instanceUrl function| $jq1 undefined| action undefined| newaction undefined| amb undefined| ques undefined| hash undefined| eq undefined| aq undefined| cc undefined| client undefined| stype undefined| site undefined| product undefined| fallback_client undefined| fallback_site undefined| fallback_cc undefined| fallback_stype undefined| fallback_url undefined| parameter_URL undefined| globalsearch_parameter_MAP undefined| siteRootPath undefined| productfield undefined| form_action undefined| srtype_global undefined| glbSearchCont function| loginhover function| mobileViewSubmenuPanel function| openHeaderSubMenu function| mobileViewSubmenuPanelNew undefined| utilityhtml undefined| searchhtml undefined| global_search undefined| create_globalsearch_Map undefined| create_supp_sec_search_parameter_MAP undefined| get_Search_URL undefined| create_search_urlparam undefined| search undefined| create_lang_mapping object| twemoji object| wp object| cpyyr number| x object| esp object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| Optanon object| OneTrust boolean| utag_condload object| utag function| getOptanonCookiee function| getOptanonCookie boolean| __tealium_twc_switch function| segmentPageCall function| segmentTabTrackCall function| segmentNavTrackCall function| segmentVideoTrackCall function| constructJSON function| segmentCtaTrack function| segmentFormAbandonTrackCall function| segmentFormTrackCall function| segmentIdentifyCall

6 Cookies

Domain/Path Name / Value
.vmware.com/ Name: _abck
Value: A6A62FBB433A57359E8F2285C306496C~-1~YAAQmKEkF8880d+IAQAAt9PrAQr3i+TtfLo0hV1zPcTO8Xb6WteeOEVVWM7pFBpmlTXRvDB+5JK5akbhDMej+Pkn/vkGhqQNRc13tqWaNqhN7QyPxrdiNoOvQdzvN78vVgr9D7qbARFb/CiPXeBaYbCVHcUjonWDgCYKCaVkvsOnGygsOlq1WZLXZw7XgVCjG6RPRVkcIAZ9dtAcbuFSRZjSzTorPdbXDO1SRiUs+NmrFLbgHGwzGg5Bdc/pa1YjanEk/LDIXSgpZbCr5HeIY0N4+8bA57d5Na0Bxm26PI9/8Mk5skTK05UuwAuSngRTOh5tXVNOmOI2iNSOEDvGof3ZWBH3KZnha+i4MJ9Cc7SlVDMFlBOKiKo9+Fw=~-1~-1~-1
.vmware.com/ Name: ak_bmsc
Value: 6942898540F9DB8AADEA90576C8DF409~000000000000000000000000000000~YAAQmKEkF9A80d+IAQAAt9PrARTVjB0K1u8EXgEwDNgmaPjhcmGshPwwpcz9mhrrQs/XErNB+cwJwDDNiTdkr05KvbtMO8mcGJykljAldKMrrd+jXS1TRxG0+cqeTHfTFjUJHH3cKnHJzuqqBhY9Meci7E1ltgVbUZXwa1S+xHc3l6NU+osezbKeiozfDbPzPnZakDDSA4Theag98gYmAIqC8cI0GT1Qyi2CvlCpnKokZLfYvPxJleHJ029plvXkZe+LfQrLq4NRwx6/nB95F5r1tNMOWmtmf1KVbT5nOlSUgyj9OQAkIK66cxwZHU5gWuuTzwNTt/odeNVOkk6n1M/toCSIcQxofCMPgjWXu8gBB3kwpdzE+9VfY+BZxd/4FpkNpmSb4TUxqNecIquAw/g/p+xKr/Da
.vmware.com/ Name: bm_sz
Value: 8E77DF3A26D4DB2602E419160623C541~YAAQmKEkF9I80d+IAQAAt9PrARQFQm5CmKR9laYR0PJMwA2DhGSnKT6B2VAAaiIbf1lSTWxIrEwsUfyI7qNLFubLZ8Dun6bcGESAlYdxLazu6N9ys3bIFbjQ+gEjXGN62EDTPChftw3ThXUW3w9Zr3tLDDJSYFcfJDzQoFnHRMlE+SsUOltLGAGGnm8hfIqOJTUQLlnSEzpIs6fsVgVEC6kq9J75QRA6RKFfd2R2G8ij31q3n+7SuteQoEef2ePEcZSHW+rwDK4eU/+zeKVjubc1sSubNDqVhmK5abbfZRrC4MU=~3162437~4338241
.vmware.com/ Name: bm_sv
Value: 5CC0A5568338353E99405347AB171C1D~YAAQmKEkF9g80d+IAQAAR9TrARSvCYX5LqjbKM2RGCLhXPhFZGdnCUElaZFjibj8jHDa1Cl/2pjslfzLq7v9cS8D0n4v+o1AtGTj+ruUhz9bu3lRsp8OxauH55JcLg4c6j5rhpJLYIByUhTlfHCqG4VL805Uqy5jH0cT4tNZwiZa4SmuFSMJabehyuMR7+uyavh3sTg4UE023kMs3etTtq1rzN7wHUji0satjlmLS6/vf8T1Bwya0gwALZvTT5+0~1
.vmware.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Wed+Jun+28+2023+12%3A13%3A00+GMT%2B0000+(GMT)&version=202303.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=7044666d-c84b-45e8-bf36-f14bad9753c1&interactionCount=0&landingPath=https%3A%2F%2Fblogs.vmware.com%2Fsecurity%2F2023%2F06%2F8base-ransomware-a-heavy-hitting-player&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0%2CC0005%3A0
.vmware.com/ Name: utag_main
Value: v_id:018901ebd80e0013d3853dce004f03074005106c00b08$_sn:1$_ss:1$_pn:1%3Bexp-session$_st:1687956180814$ses_id:1687954380814%3Bexp-session

1 Console Messages

Source Level URL
Text
network error URL: https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apigw.vmware.com
blogs.vmware.com
cdn.cookielaw.org
feedback.esp.vmware.com
geolocation.onetrust.com
lumos.vmware.com
streaklinks.com
tags.tiqcdn.com
www.vmware.com
2600:9000:206f:a600:1b:f6e1:4540:93a1
2600:9000:223e:ce00:7:2bfb:7c00:93a1
2600:9000:2490:be00:4:d08a:2c40:93a1
2606:4700::6812:1c26
2606:4700::6812:a972
2a02:26f0:3500:894::2ef
2a02:26f0:480:49d::108c
2a06:98c1:3120::3
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
041c4031ab7adbb29eff2cb922c889df670a1e092e3db7f6f15dc67006af8b16
0667f1d5e6d4928d7f140a72ad4970fecb5c6a7caf09e26d08d526a831aa073b
088cb0b5b803bbf57403577861d1f063b6a45fe9fd7adcfab7944f962ac81be9
099d33a1d679bcfa3722a172d91742af80d45166f760db1512e4944a9d95bc23
0f38f0e877de5af641abe26bd756c429f2e6ad111c4d324011847b5fe8acdf8b
1495358750956ad0b24bc7f66eba222258647b0ad56fa92c163da416e3915095
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
2114f81b0fd9980770e14c6da5ca4c2b84d2f1a73c119570d242a614743f3b6a
226c002f5f97e0cf2a4cf1e930fa0a0d32dcdd641d960042810ee93c14c44dfa
26b737ce82d75053243eff025729fecc4ece022e35251b13fc6b1c117b4342fa
2f090a05f250f0f8854ef4db0a845f890f4c5735b41acf0c9b0a83fda98a4a09
32b9d15b6fb7cee990090469aa481ae85748d43a96d4d9f1684ba9b28b0e9e15
33110d24cbb506c398f40acebf7e9b4314b3644bda60332a7c993637c957bef1
3499999d5786dff2d41ccdf1360aa5a0fbc53925259273ce7e0ad8fa845f7c00
3f522546cc75ce54c6baafc268ac7d9698087b98412f4d56ccd3499e3f98e082
4419ebe4c794bc0ae0967f648f2cf6a625476ec59d56d24c93c91c2fde08815d
4f01c7ac30cf937559ed8790e81398fe0f3fd191f77f09e11d5f0cc33981afa9
5138846d7feb0b268d799675d81fa4870e5f271ea1b0880a89d287b25ed98d90
528f6be3592f46be7126029a99daa89c1dd3711cf5fab20939309de97ebbc31a
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5b80665bead72991ec7d7d9eacc282d11dd303c292adee26b3292fb89267428e
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6a44c4e95239008073f3d2a30763492443d0a72ba3f31f34c9c097b5a9046c58
72ee5ac8794ec2ae209c7c806e3a25df3e3b859c179386ea6316e0e74eac1dac
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
7eab176359f9cb1dec55ae347dd45d3f1947a54f367e7a8011302711296e264d
826619928ab943284e8d73726108b44e5cdd4dfdee7eeba21b09d3f5765eadfe
832f350d6d5335f0c7dd62bf45c30d5808a7d35249be1711e699b5ac68ffc9af
8501c833e508c85ca35969513569fa47bc62bd66321ac204ecc24c92c3a6bff6
87ba1ab2232f676a3ccd87339d250dbb248208f834ed6f690ecef0046dda195c
8a07b6462921dacc796fdae56e9f26770e4b2b9ac4b241abc8759beda3f887e8
8b3a46da0990085120dcbbb9bd4655635b58d43e465177a09e6c66d818f35230
8f200f9561e423ae6563d09abe143d4ecf57783d4915832a2496d599530b1a3b
8ff02af5bffd2c74d16f20fddb34bc7ec51c93e13544fdf2e1f4a1c5845da82c
92e2cf9d1caaa016bd69f2df30470ca8f9ef86d2aead99688f326fc36f29597b
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
9db14da7b140b80127530da72690bc064c8c85b5a6bebf9d510940537df56646
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
b0a51c4ab47bf28c3411e18576ac05c5e4ff96635b0d49f1bda27c2626fb2828
b82ac9377577170cb4e1e0c1b2bc4512fda7340087e7ec9706e5d79de66a2ed5
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c68deba0294e0ed06089c2500441dd15e4155a4291355719cd6804defc75da5d
c778db3f26d8857d58085536b2e4f36f9abb03da6eb2626f883aaf97952ccda5
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cd59848705700c676f53c35e5ce30bb68308374bb70577911494b1efee6b176a
d6d890f68050b24c43652efa66cfd63005b2aabf3e53b6165af8b0af9493533e
ddd944257d2360d0606ce79de261a010d9e4319fa2423df8d27ac0319edf739d
e453554e6885591ad9afaa69013198fe38891dfad0e6a09a8fef7d6d7c6cbf3a
e5fdb43f2c7f1a5596e4dfe55b42b07a0718479f2f01aef135e0bbf75b119494
e6ee5d13b45f73b59f9575a2741d90bc2e88178b9a3e53674bb266a18001b064
eb8c98b4082c75bebb5c44d08b01836b34013fe37b9997f7daee265dae0d0a96
fbc18e145cdbeb64ab7397220a13bf5dd5073ab111689c38de863b4e010d9ed2
fe7f18f5cc3719144a794426f0608bb6ce73bd5f9ad3929a59f8106763dca2d9
ffc79feebdfe105c3de8840c2a5814b3fae59d3529463fdf9329080967ed92ba