securityboulevard.com Open in urlscan Pro
2606:4700:10::6816:39c Public Scan

Go To Rescan
Add Verdict Report

URL:
https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
Submission: On September 10 via api (September 10th 2024, 8:58:14 am UTC) from IN — Scanned from US

Summary HTTP 200 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 47 IPs in 3 countries across 36 domains to perform 200 HTTP transactions. The main IP is 2606:4700:10::6816:39c, located in United States and belongs to CLOUDFLARENET, US. The main domain is securityboulevard.com. The Cisco Umbrella rank of the primary domain is 803769.
TLS certificate: Issued by WE1 on August 11th 2024. Valid for: 3 months.

This is the only time securityboulevard.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
85	2606:4700:10:... 2606:4700:10::6816:39c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.80.74 142.250.80.74	15169 (GOOGLE) (GOOGLE)
3	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700:10:... 2606:4700:10::ac43:e14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.64.238 151.101.64.238	54113 (FASTLY) (FASTLY)
3	2620:1ec:bdf::40 2620:1ec:bdf::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	172.67.198.8 172.67.198.8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
2	162.159.138.60 162.159.138.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6816:ca	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:816::2003	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:807::200e	15169 (GOOGLE) (GOOGLE)
1	2600:141b:e80... 2600:141b:e800:25::1721:2ad1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 7	34.117.77.79 34.117.77.79	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	142.251.41.2 142.251.41.2	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:29b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.16.160.145 104.16.160.145	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.141.119 104.18.141.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
9	172.67.39.148 172.67.39.148	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:816::200a	15169 (GOOGLE) (GOOGLE)
2	34.107.133.146 34.107.133.146	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2001:4860:480... 2001:4860:4802:34::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::9b	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
1	54.164.233.65 54.164.233.65	14618 (AMAZON-AES) (AMAZON-AES)
4 6	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	3.228.127.100 3.228.127.100	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.244.154.8 35.244.154.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 2	44.206.34.39 44.206.34.39	14618 (AMAZON-AES) (AMAZON-AES)
2 3	52.3.138.212 52.3.138.212	14618 (AMAZON-AES) (AMAZON-AES)
3	20.114.189.70 20.114.189.70	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.251.40.136 142.251.40.136	15169 (GOOGLE) (GOOGLE)
8	142.251.32.98 142.251.32.98	15169 (GOOGLE) (GOOGLE)
11	142.251.40.142 142.251.40.142	15169 (GOOGLE) (GOOGLE)
5	142.251.40.98 142.251.40.98	15169 (GOOGLE) (GOOGLE)
3	104.19.175.188 104.19.175.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:2800:220... 2606:2800:220:131d:1d30:1f1d:238b:1e56	15133 (EDGECAST) (EDGECAST)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2607:f8b0:400... 2607:f8b0:4006:821::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:823::2001	15169 (GOOGLE) (GOOGLE)
3	104.17.111.223 104.17.111.223	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.40.164 142.251.40.164	15169 (GOOGLE) (GOOGLE)
1	216.239.32.181 216.239.32.181	15169 (GOOGLE) (GOOGLE)
200	47

85 2606:4700:10::6816:39c (United States)

ASN13335 (CLOUDFLARENET, US)

securityboulevard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.74 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:e14 (United States)

ASN13335 (CLOUDFLARENET, US)

devops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.64.238 (San Francisco, United States)

ASN54113 (FASTLY, US)

images.squarespace-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:bdf::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.198.8 (United States)

ASN13335 (CLOUDFLARENET, US)

techstronggroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)

vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:ca (United States)

ASN13335 (CLOUDFLARENET, US)

www.podbean.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:807::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:e800:25::1721:2ad1 (Piscataway, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.117.77.79 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.251.41.2 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:29b (United States)

ASN13335 (CLOUDFLARENET, US)

assets.apollo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.160.145 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.141.119 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.67.39.148 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.133.146 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 146.133.107.34.bc.googleusercontent.com

aplo-evnt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::2002 (United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.164.233.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-233-65.compute-1.amazonaws.com

in.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.228.127.100 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-127-100.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.154.8 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.206.34.39 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-34-39.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.3.138.212 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-138-212.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

t.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.136 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.32.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.251.40.142 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.40.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.19.175.188 (None, )

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:220:131d:1d30:1f1d:238b:1e56 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::2001 (United States)

ASN15169 (GOOGLE, US)

5c5cd254ec7fff17826118106680e7ee.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.111.223 (None, )

ASN13335 (CLOUDFLARENET, US)

onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.164 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
85	securityboulevard.com securityboulevard.com — Cisco Umbrella Rank: 803769	808 KB
15	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 252 td.doubleclick.net — Cisco Umbrella Rank: 481 googleads.g.doubleclick.net — Cisco Umbrella Rank: 77 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280	150 KB
15	google.com analytics.google.com — Cisco Umbrella Rank: 238 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662 www.google.com — Cisco Umbrella Rank: 10	77 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157 tpc.googlesyndication.com — Cisco Umbrella Rank: 203 5c5cd254ec7fff17826118106680e7ee.safeframe.googlesyndication.com	262 KB
9	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 6145	33 KB
8	ml314.com 1 redirects ml314.com — Cisco Umbrella Rank: 3108 in.ml314.com — Cisco Umbrella Rank: 17091	79 KB
7	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 669 www.linkedin.com — Cisco Umbrella Rank: 914 px4.ads.linkedin.com — Cisco Umbrella Rank: 7330	5 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1114 t.clarity.ms — Cisco Umbrella Rank: 8415 c.clarity.ms — Cisco Umbrella Rank: 1838	29 KB
6	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 5708 onesignal.com — Cisco Umbrella Rank: 1415 img.onesignal.com — Cisco Umbrella Rank: 8171	97 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	507 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
3	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 9382 forms-na1.hsforms.com — Cisco Umbrella Rank: 15115	4 KB
3	eyeota.net 2 redirects ps.eyeota.net — Cisco Umbrella Rank: 1596	2 KB
3	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 3614 0.gravatar.com — Cisco Umbrella Rank: 14639	7 KB
2	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1868	28 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 1261	864 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 505	1 KB
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 689	836 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 319	1 KB
2	aplo-evnt.com aplo-evnt.com — Cisco Umbrella Rank: 86068
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	4 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 4519 pixel.wp.com — Cisco Umbrella Rank: 4225	3 KB
2	gstatic.com fonts.gstatic.com	59 KB
2	podbean.com www.podbean.com — Cisco Umbrella Rank: 107942
2	vimeo.com vimeo.com — Cisco Umbrella Rank: 3150
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110 ajax.googleapis.com — Cisco Umbrella Rank: 641	33 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 341	774 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 353	32 KB
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 14516	157 KB
1	apollo.io assets.apollo.io — Cisco Umbrella Rank: 88066	2 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1884	14 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1223	7 KB
1	techstronggroup.com techstronggroup.com	3 KB
1	dmca.com www.dmca.com — Cisco Umbrella Rank: 157775	7 KB
1	squarespace-cdn.com images.squarespace-cdn.com — Cisco Umbrella Rank: 8177	64 KB
1	devops.com devops.com	20 KB
200	36

	Domain	Requested by
85	securityboulevard.com	securityboulevard.com static.cloudflareinsights.com
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
9	static.addtoany.com	securityboulevard.com static.addtoany.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com ajax.googleapis.com
7	pagead2.googlesyndication.com	www.googletagmanager.com securityboulevard.com pagead2.googlesyndication.com
7	ml314.com	1 redirects securityboulevard.com ml314.com
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
5	px.ads.linkedin.com	3 redirects snap.licdn.com
5	www.googletagmanager.com	securityboulevard.com www.googletagmanager.com www.google-analytics.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	onesignal.com	cdn.onesignal.com
3	t.clarity.ms	www.clarity.ms
3	ps.eyeota.net	2 redirects securityboulevard.com
3	analytics.google.com	www.googletagmanager.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	c.clarity.ms	1 redirects
2	forms-na1.hsforms.com
2	platform.twitter.com	securityboulevard.com platform.twitter.com
2	sync.crwdcntrl.net	2 redirects
2	match.adsrvr.org	2 redirects
2	idsync.rlcdn.com	2 redirects
2	dpm.demdex.net	1 redirects securityboulevard.com
2	aplo-evnt.com	assets.apollo.io
2	cdnjs.cloudflare.com	securityboulevard.com ajax.googleapis.com
2	cdn.onesignal.com	securityboulevard.com cdn.onesignal.com
2	www.clarity.ms	securityboulevard.com www.clarity.ms
2	fonts.gstatic.com	fonts.googleapis.com
2	www.podbean.com	securityboulevard.com ajax.googleapis.com
2	vimeo.com	securityboulevard.com ajax.googleapis.com
2	secure.gravatar.com	securityboulevard.com
1	img.onesignal.com
1	www.google.com	tpc.googlesyndication.com
1	5c5cd254ec7fff17826118106680e7ee.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	c.bing.com	1 redirects
1	0.gravatar.com	secure.gravatar.com
1	pixel.wp.com
1	forms.hsforms.com	js.hsforms.net
1	px4.ads.linkedin.com	securityboulevard.com
1	www.linkedin.com	1 redirects
1	in.ml314.com	ml314.com
1	td.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	ajax.googleapis.com	securityboulevard.com
1	www.googletagservices.com	securityboulevard.com
1	js.hsforms.net	securityboulevard.com
1	stats.wp.com	securityboulevard.com
1	assets.apollo.io	securityboulevard.com
1	snap.licdn.com	www.googletagmanager.com
1	static.cloudflareinsights.com	securityboulevard.com
1	techstronggroup.com	securityboulevard.com
1	www.dmca.com	securityboulevard.com
1	images.squarespace-cdn.com	securityboulevard.com
1	devops.com	securityboulevard.com
1	fonts.googleapis.com	securityboulevard.com
200	54

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.linkedin.com
www.facebook.com
www.youtube.com
soundcloud.com
news.google.com
www.mediaopsevents.com
www.techstrongpodcasts.com
www.twitch.tv
techstronggroup.com
cloudnativenow.com
devops.com
techstrongresearch.com
techstrong.tv
devopsdozen.com
www.addtoany.com
webinars.techstronglearning.com
www.ic3.gov
www.zscaler.com
techstrongpodcasts.com
www.threatlocker.com
www.dmca.com
digitalcxo.com
www.techstrongtvpodcast.com

Subject Issuer	Validity	Valid
securityboulevard.com WE1	`2024-08-11` - `2024-11-09`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.gravatar.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-05` - `2025-01-04`	a year	crt.sh
devops.com WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh
*.squarespace-cdn.com R11	`2024-07-29` - `2024-10-27`	3 months	crt.sh
www.dmca.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2024-08-31` - `2025-02-28`	6 months	crt.sh
techstronggroup.com WE1	`2024-08-19` - `2024-11-17`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-09-03` - `2024-12-02`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
vimeo.com WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh
podbean.com E6	`2024-09-10` - `2024-12-09`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
event-horizon.gcp.bomm.in WR3	`2024-08-21` - `2024-11-19`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
apollo.io E5	`2024-09-01` - `2024-11-30`	3 months	crt.sh
*.onesignal.com WE1	`2024-09-02` - `2024-12-01`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
hsforms.net WE1	`2024-08-11` - `2024-11-09`	3 months	crt.sh
static.addtoany.com WE1	`2024-09-05` - `2024-12-04`	3 months	crt.sh
aplo-evnt.com R10	`2024-08-22` - `2024-11-20`	3 months	crt.sh
*.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.ml314.com Amazon RSA 2048 M02	`2023-10-16` - `2024-11-12`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-08-27` - `2025-02-27`	6 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
hsforms.com WE1	`2024-08-12` - `2024-11-10`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-08` - `2025-07-07`	a year	crt.sh
tpc.googlesyndication.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
onesignal.com WE1	`2024-09-02` - `2024-12-01`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
Frame ID: 388B2883FF78EDD28F3911E427D160A3
Requests: 180 HTTP requests in this frame

Frame: https://vimeo.com/event/4046309/embed?muted=1
Frame ID: ED430C9C9AF6767D16798FC080714DD4
Requests: 1 HTTP requests in this frame

Frame: https://www.podbean.com/player-v2/?i=aw5u6-1119a75-pbblog-playlist&pbad=0&share=1&download=0&rtl=0&fonts=Arial&skin=1&font-color=auto&logo_link=episode_page&order=episodic&limit=10&filter=all&ss=a713390a017602015775e868a2cf26b0&btn-skin=1b1b1b&size=250
Frame ID: 7024819B06F047B3F12F8B9AB69F0CC3
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-FB70FYBEHB&gacid=1395742400.1725958689&gtm=45je4940v873694773z8850968773za200zb850968773&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=531789472
Frame ID: 0B70F665E3D6AF1642527C72B68F2B7C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240905/r20110914/zrt_lookup_fy2021.html
Frame ID: 93A3AF0D47D06C1AE111EC9989C2B083
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2091799172090865&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1725958689&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fsecurityboulevard.com%2F2022%2F05%2Fanalysis-of-blackbyte-ransomwares-go-based-variants%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&aihb=0&asro=0&ailel=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=32_25~29_18~30_19&aiixl=32_9~29_5~30_6&aslmct=0.7&asamct=0.7&aifgd=1&aipaq=1&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725958689683&bpp=4&bdt=1431&idt=203&shv=r20240905&mjsv=m202409090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=4622505989818&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086865%2C44795922%2C95332926%2C95338227%2C95341664%2C31086926%2C95335247&oid=2&pvsid=2716687733465037&tmod=1118629986&uas=0&nvt=1&fsapi=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=254
Frame ID: 3D03BB5068975B2B99BF9B228F2D0F36
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2091799172090865&output=html&h=280&slotname=8723094367&adk=2100128681&adf=3364220164&pi=t.ma~as.8723094367&w=789&abgtt=6&fwrn=4&fwrnh=100&lmt=1725958691&rafmt=1&format=789x280&url=https%3A%2F%2Fsecurityboulevard.com%2F2022%2F05%2Fanalysis-of-blackbyte-ransomwares-go-based-variants%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725958691219&bpp=6&bdt=2967&idt=-M&shv=r20240905&mjsv=m202409090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4622505989818&frm=20&pv=1&u_tz=-600&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086865%2C44795922%2C95332926%2C95338227%2C95341664%2C31086926%2C95335247&oid=2&pvsid=2716687733465037&tmod=1118629986&uas=0&nvt=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=14
Frame ID: 727E088A0DE4602941AE1FEEACF00422
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2091799172090865&output=html&h=600&slotname=6041677438&adk=1737941811&adf=2400985084&pi=t.ma~as.6041677438&w=285&abgtt=6&fwrn=4&fwrnh=100&lmt=1725958691&rafmt=1&format=285x600&url=https%3A%2F%2Fsecurityboulevard.com%2F2022%2F05%2Fanalysis-of-blackbyte-ransomwares-go-based-variants%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725958691219&bpp=1&bdt=2967&idt=1&shv=r20240905&mjsv=m202409090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C789x280&nras=1&correlator=4622505989818&frm=20&pv=1&u_tz=-600&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1085&ady=1702&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086865%2C44795922%2C95332926%2C95338227%2C95341664%2C31086926%2C95335247&oid=2&pvsid=2716687733465037&tmod=1118629986&uas=0&nvt=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=58
Frame ID: 66D9C3FDCB6780F071F04DF2D09ABF88
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2091799172090865&output=html&h=600&slotname=8224400918&adk=4154946611&adf=2555830777&pi=t.ma~as.8224400918&w=285&abgtt=6&fwrn=4&fwrnh=100&lmt=1725958691&rafmt=1&format=285x600&url=https%3A%2F%2Fsecurityboulevard.com%2F2022%2F05%2Fanalysis-of-blackbyte-ransomwares-go-based-variants%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725958691356&bpp=2&bdt=3104&idt=2&shv=r20240905&mjsv=m202409090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C789x280%2C285x600&nras=1&correlator=4622505989818&frm=20&pv=1&u_tz=-600&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1085&ady=2465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086865%2C44795922%2C95332926%2C95338227%2C95341664%2C31086926%2C95335247&oid=2&pvsid=2716687733465037&tmod=1118629986&uas=0&nvt=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=21
Frame ID: 82535801085F857083644B036EAA8271
Requests: 1 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.25.html
Frame ID: B25F4DACB3B4F6EE5178716825FB9DD2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2091799172090865&output=html&h=280&slotname=8723094367&adk=2100128681&adf=3364220164&pi=t.ma~as.8723094367&w=789&abgtt=6&fwrn=4&fwrnh=100&lmt=1725958691&rafmt=1&format=789x280&url=https%3A%2F%2Fsecurityboulevard.com%2F2022%2F05%2Fanalysis-of-blackbyte-ransomwares-go-based-variants%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725958691219&bpp=6&bdt=2967&idt=-M&shv=r20240905&mjsv=m202409090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4622505989818&frm=20&pv=1&u_tz=-600&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086865%2C44795922%2C95332926%2C95338227%2C95341664%2C31086926%2C95335247&oid=2&pvsid=2716687733465037&tmod=1118629986&uas=0&nvt=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=14
Frame ID: D1F08938A0F18B1914F1852189AA16E8
Requests: 1 HTTP requests in this frame

Frame: https://vimeo.com/event/4046309/embed?muted=1
Frame ID: 82BE50C9531D587FB41851BC7899AC53
Requests: 1 HTTP requests in this frame

Frame: https://www.podbean.com/player-v2/?i=aw5u6-1119a75-pbblog-playlist&pbad=0&share=1&download=0&rtl=0&fonts=Arial&skin=1&font-color=auto&logo_link=episode_page&order=episodic&limit=10&filter=all&ss=a713390a017602015775e868a2cf26b0&btn-skin=1b1b1b&size=250
Frame ID: BFE59C54E985747F118DEC6D3C8850DB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2091799172090865&output=html&h=600&slotname=6041677438&adk=1737941811&adf=2400985084&pi=t.ma~as.6041677438&w=285&abgtt=6&fwrn=4&fwrnh=100&lmt=1725958691&rafmt=1&format=285x600&url=https%3A%2F%2Fsecurityboulevard.com%2F2022%2F05%2Fanalysis-of-blackbyte-ransomwares-go-based-variants%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725958691219&bpp=1&bdt=2967&idt=1&shv=r20240905&mjsv=m202409090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C789x280&nras=1&correlator=4622505989818&frm=20&pv=1&u_tz=-600&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1085&ady=1702&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086865%2C44795922%2C95332926%2C95338227%2C95341664%2C31086926%2C95335247&oid=2&pvsid=2716687733465037&tmod=1118629986&uas=0&nvt=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=58
Frame ID: 178550D0AB435ADD0CE08247C5C150CF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2091799172090865&output=html&h=600&slotname=8224400918&adk=4154946611&adf=2555830777&pi=t.ma~as.8224400918&w=285&abgtt=6&fwrn=4&fwrnh=100&lmt=1725958691&rafmt=1&format=285x600&url=https%3A%2F%2Fsecurityboulevard.com%2F2022%2F05%2Fanalysis-of-blackbyte-ransomwares-go-based-variants%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725958691356&bpp=2&bdt=3104&idt=2&shv=r20240905&mjsv=m202409090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C789x280%2C285x600&nras=1&correlator=4622505989818&frm=20&pv=1&u_tz=-600&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1085&ady=2465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086865%2C44795922%2C95332926%2C95338227%2C95341664%2C31086926%2C95335247&oid=2&pvsid=2716687733465037&tmod=1118629986&uas=0&nvt=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=21
Frame ID: F592DFF48776314C8D44F013C375F983
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 4346B06F69FF99E9A0E1650D544F7383
Requests: 1 HTTP requests in this frame

Frame: https://5c5cd254ec7fff17826118106680e7ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 14C7779B7689610EBCE5892F950342C1
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fsecurityboulevard.com
Frame ID: CCB09D9E250D0E0DC3ECDAAA31C10228
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E8552CBD7CA472757216384C6A7105BA
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 810585A0DF52E851A7DD743C33CC5454
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Analysis of BlackByte Ransomware's Go-Based Variants - Security Boulevard

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DataTables (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

dataTables.*\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

200
Requests

96 %
HTTPS

42 %
IPv6

36
Domains

54
Subdomains

47
IPs

3
Countries

2541 kB
Transfer

7529 kB
Size

71
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/securityblvd

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/groups/64292

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/24445075146/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC1a8XaAVjQSn_SgIW-rdq0A

Search URL Search Domain Scan URL

URL: https://soundcloud.com/user-540767378

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqMggKIixDQklTR3dnTWFoY0tGWE5sWTNWeWFYUjVZbTkxYkdWMllYSmtMbU52YlNnQVAB?hl=en-US&gl=US&ceid=US%3Aen

Search URL Search Domain Scan URL

URL: https://www.mediaopsevents.com/virtual/upcoming
Title: Upcoming Events

Search URL Search Domain Scan URL

URL: https://www.mediaopsevents.com/virtual/843942
Title: On-Demand Events

Search URL Search Domain Scan URL

URL: https://www.techstrongpodcasts.com/
Title: Techstrong.tv Podcast

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/techstrongtv
Title: TechstrongTV - Twitch

Search URL Search Domain Scan URL

URL: https://techstronggroup.com/
Title: Techstrong Group

Search URL Search Domain Scan URL

URL: https://cloudnativenow.com/
Title: Cloud Native Now

Search URL Search Domain Scan URL

URL: https://devops.com/
Title: DevOps.com

Search URL Search Domain Scan URL

URL: https://techstrongresearch.com/
Title: Techstrong Research

Search URL Search Domain Scan URL

URL: https://techstrong.tv/
Title: Techstrong TV

Search URL Search Domain Scan URL

URL: https://soundcloud.com/devopschat
Title: Devops Chat

Search URL Search Domain Scan URL

URL: https://devopsdozen.com/
Title: DevOps Dozen

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC-zcE077X98oTEDPwKkDQxQ
Title: DevOps TV

Search URL Search Domain Scan URL

URL: https://techstronggroup.com/assets/techstrong-media-kit.pdf
Title: Media Kit

Search URL Search Domain Scan URL

URL: https://techstronggroup.com/tellmemore/
Title: Sponsor

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fsecurityboulevard.com%2F2022%2F05%2Fanalysis-of-blackbyte-ransomwares-go-based-variants%2F&title=Analysis%20of%20BlackByte%20Ransomware%27s%20Go-Based%20Variants%20-%20Security%20Boulevard
Title: Share

Search URL Search Domain Scan URL

URL: https://webinars.techstronglearning.com/addressing-the-security-challenges-of-industrial-ot-and-iot?utm_source=Securityboulevard.com&utm_medium=Referral&utm_campaign=in-article-ad

Search URL Search Domain Scan URL

URL: https://www.ic3.gov/Media/News/2022/220211.pdf
Title: Click to access 220211.pdf

Search URL Search Domain Scan URL

URL: https://www.zscaler.com/
Title: Blog Category Feed

Search URL Search Domain Scan URL

URL: https://www.zscaler.com/blogs/security-research/analysis-blackbyte-ransomwares-go-based-variants
Title: https://www.zscaler.com/blogs/security-research/analysis-blackbyte-ransomwares-go-based-variants

Search URL Search Domain Scan URL

URL: https://techstrongpodcasts.com/
Title: Listen to all of our podcasts

Search URL Search Domain Scan URL

URL: https://www.threatlocker.com/pages/software-audit?utm_source=securityboulevard&utm_medium=sponsor&utm_campaign=software_audit_8-23-24&utm_content=software_audit&utm_term=display

Search URL Search Domain Scan URL

URL: https://www.dmca.com/compliance/securityboulevard.com

Search URL Search Domain Scan URL

URL: https://techstronggroup.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://digitalcxo.com/
Title: Digital CxO

Search URL Search Domain Scan URL

URL: https://www.techstrongtvpodcast.com/
Title: Techstrong.tv Podcast

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 126

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5140001&time=1725958689689&li_adsId=f87c1b04-d458-4f09-8666-c2842a809bd1&url=https%3A%2F%2Fsecurityboulevard.com%2F2022%2F05%2Fanalysis-of-blackbyte-ransomwares-go-based-variants%2F&tm=gtmv2 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5140001&time=1725958689689&li_adsId=f87c1b04-d458-4f09-8666-c2842a809bd1&url=https%3A%2F%2Fsecurityboulevard.com%2F2022%2F05%2Fanalysis-of-blackbyte-ransomwares-go-based-variants%2F&tm=gtmv2&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D5140001%26time%3D1725958689689%26li_adsId%3Df87c1b04-d458-4f09-8666-c2842a809bd1%26url%3Dhttps%253A%252F%252Fsecurityboulevard.com%252F2022%252F05%252Fanalysis-of-blackbyte-ransomwares-go-based-variants%252F%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5140001&time=1725958689689&li_adsId=f87c1b04-d458-4f09-8666-c2842a809bd1&url=https%3A%2F%2Fsecurityboulevard.com%2F2022%2F05%2Fanalysis-of-blackbyte-ransomwares-go-based-variants%2F&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5140001&time=1725958689689&li_adsId=f87c1b04-d458-4f09-8666-c2842a809bd1&url=https%3A%2F%2Fsecurityboulevard.com%2F2022%2F05%2Fanalysis-of-blackbyte-ransomwares-go-based-variants%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJ36bvlJX_R7AAAAZHbJ5WERvdJCrMjM0AZgOt6sc_CLUdtiCOSzrbHVJ_MZ9ryzuGHWNY

Request Chain 129

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3646908348266184740&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3646908348266184740&redir=

Request Chain 130

https://idsync.rlcdn.com/395886.gif?partner_uid=3646908348266184740 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzY0NjkwODM0ODI2NjE4NDc0MBAAGg0IoZSAtwYSBQjoBxAAQgBKAA HTTP 307
https://ml314.com/csync.ashx?fp=c374f54ac024fd0568b5545a604e2cf762ff5795691500b7b2625e6bd85799d4f4cb09cee1a4f8eb&person_id=3646908348266184740&eid=50082

Request Chain 131

https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=c1f5ff8d-a33b-4f05-b439-654215500ef9&gdpr=0&gdpr_consent=

Request Chain 132

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3646908348266184740 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3646908348266184740 HTTP 302
https://ml314.com/csync.ashx?fp=1888987b7cef81c207d2c8ebfda072e4&eid=50146&person_id=3646908348266184740

Request Chain 133

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2WTwQCGlg2svaa2p27RzeHq2hnZ_TKi-vHTlsrHu-44w&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_pid%3Dr8hrb20 HTTP 302
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20

Request Chain 160

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=9230F4D1211F4E2D96DE59A1191130C2&RedC=c.clarity.ms&MXFR=0F3AF9A9B6706A392944ED5FB270644D HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9230F4D1211F4E2D96DE59A1191130C2&MUID=07FB0D02E9B965E32C8419F4E8C264CF

200 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/ 331 KB
58 KB 450ms
318ms Document
text/html 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37dcc08f28496a33da246e72d26931248a996351747ec0ff740d90fd8e03f2a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: public, max-age=0, s-maxage=3600
cf-cache-status: DYNAMIC
cf-edge-cache: cache,platform=wordpress
cf-ray: 8c0e36e7a93231e0-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 10 Sep 2024 08:58:08 GMT
ki-cache-tag: a7da4f50-0916-4160-9d1e-cdae583ed4a0,0ebfd95fe9bdc2d0251ec64c5314557b3a3b582fa167d4d3cfe554958d9656fb
ki-cache-type: Edge
ki-cf-cache-status: SAVING
ki-edge: v=20.2.8;mv=3.1.0
ki-edge-o2o: yes
ki-origin: g1p
link: <https://securityboulevard.com/wp-json/>; rel="https://api.w.org/", <https://securityboulevard.com/wp-json/wp/v2/posts/1922728>; rel="alternate"; title="JSON"; type="application/json", <https://wp.me/p91vu9-84bK>; rel=shortlink
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A2LXkKFtPo5Z8htkGuiQBiRUtowY4MVfylMfI9n2jOJSdaBAmMWVnxCqZ3rUiqbTdBNSsEApbsjQHY1LvO%2FlZmP7Y%2B2btOpZg0FJThbQcp%2BHGgO57SJSst3qBriDDF%2BlFJlhv4ut32hMwTxbjMxAOV%2FqwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, accept, content-type
x-content-type-options: nosniff
x-edge-location-klb: 1
x-frame-options: SAMEORIGIN
x-kinsta-cache: HIT
x-tec-api-origin: https://securityboulevard.com
x-tec-api-root: https://securityboulevard.com/wp-json/tribe/events/v1/
x-tec-api-version: v1

GET
H2 200 sb.css
securityboulevard.com/wp-content/themes/colormag-pro/ 21 KB
4 KB 44ms
43ms Stylesheet
text/css 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/themes/colormag-pro/sb.css

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c9f5960dced0cd174a6f994adefa4cc95334fa92e24587243b0b8a507c963f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-edge: v=20.2.8;mv=3.1.0
age: 576431
cf-polished: origSize=26981
ki-origin: g1p
ki-edge-o2o: yes
cf-bgj: minify
last-modified: Wed, 06 Oct 2021 03:28:09 GMT
server: cloudflare
etag: W/"615d17c9-6965"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qf7yawEcmdziGtdjjYici6JbhFepFr%2BTKc473D4TSBBhs0OG4xIxnq6MN0GsmOrFLS9d50AEqI93ylCWocjDnBx1O5MT8RtyDsBS4J6sJjebC6ju1zIrYB2JLfbKvKfnPhZFB54xvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36e9a9f231e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cv.css
securityboulevard.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/ 85 KB
13 KB 50ms
42ms Stylesheet
text/css 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/cv.css

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

693656882fbd1648fdc72aea16f38f1b6ffa041ef224bbc35e5db4061d302ffa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-edge: v=20.2.8;mv=3.1.0
age: 576431
cf-polished: origSize=87193
ki-origin: g1p
ki-edge-o2o: yes
cf-bgj: minify
last-modified: Sat, 27 Jul 2024 16:40:47 GMT
server: cloudflare
etag: W/"66a5230f-15499"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vn2zVZSV3oW42pTnFxKZ9p2znhAE0K8oNQ0GKrTNaca4F%2BBtx%2B%2BlpBeRl76gQyc5HIgRL6SVj9cRNLFiFJWFyKm%2Fp%2FYhcMXA2BTk8aMaIxyPFHlAct1E%2BfKMpzoAt%2BkB1gnh6mglbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36e9da0431e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cvpro.min.css
securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/css/ 63 KB
16 KB 49ms
42ms Stylesheet
text/css 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/css/cvpro.min.css

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53948075293f5d4a1c0a2d48f3b452fd376b415b4ca0699d12a0c5461ea160f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576431
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Fri, 12 Apr 2024 02:59:37 GMT
server: cloudflare
etag: W/"6618a399-fc9a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BhOwgg7hfJCwKMt9x9%2BiVbslUNQEJVWf%2BZ%2BJDE37R0NmCBrk9E%2BgmOzAlBzb%2BZm4oC61hGnuj29QS1g8vVLOWPSsLPQUcBA5Sh2gm2yIsjpBk90HGR6ZSTxC2heeYyLmubj0lE4bNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36e9da0731e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tribe-events-pro-mini-calendar-block.min.css
securityboulevard.com/wp-content/plugins/events-calendar-pro/src/resources/css/ 655 B
583 B 65ms
58ms Stylesheet
text/css 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/events-calendar-pro/src/resources/css/tribe-events-pro-mini-calendar-block.min.css

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2d330f53cdfd25a188faebfc07535a76190bcc529946b09c74d0971e84b53cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576431
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Tue, 09 Aug 2022 16:24:44 GMT
server: cloudflare
etag: W/"62f28a4c-28f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xRo1v%2FrNnOAvbMwQR4NgAUYvoFFtfM%2Bq4i2XQf4gudxyKBqwDhLELWVYy26LzQQnPR%2FHD5fHupa7vn1vk%2BmZ2W8FYIkZvyH2g99QDfNsB%2F3szK32krvWyDFfnW0ZXKruiocvr3jJug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36e9da0831e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
securityboulevard.com/wp-includes/css/dist/block-library/ 110 KB
15 KB 51ms
44ms Stylesheet
text/css 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576431
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Sat, 27 Jul 2024 16:48:04 GMT
server: cloudflare
etag: W/"66a524c4-1b723"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JqnBrVx6VMFFD8sEBHmOMBlFZofWndHY%2FglEhIZbsTDNY3ST0GlbVYyuL9jskz5M3ZyRZGZpbXy4cMNMKfquZszJrEyREgwJ%2BhjDtGI2rmjLIswpL4%2BBwnkBDTXdbKv%2FnGlzqrW6aw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36e9da0b31e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
securityboulevard.com/wp-includes/js/mediaelement/ 11 KB
3 KB 53ms
46ms Stylesheet
text/css 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 427237
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Thu, 22 Jul 2021 21:03:56 GMT
server: cloudflare
etag: W/"60f9dd3c-2bf8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l1zSPIgzxWZBb8LKDXCdL4a09HDipAPQ0jeMdF%2F5oKfOTLqft1%2FhcrZayq8l6SGR%2FCZrttrdvILz3c%2Fu8xZi9K7Fz3vBi%2Bti7SSnH0dgUtghOw%2F2F%2B%2FK7tlVfTWr7M57D%2FCIY9bQFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36e9da0d31e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-mediaelement.min.css
securityboulevard.com/wp-includes/js/mediaelement/ 4 KB
1 KB 50ms
44ms Stylesheet
text/css 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-includes/js/mediaelement/wp-mediaelement.min.css

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576431
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Thu, 22 Jul 2021 21:03:56 GMT
server: cloudflare
etag: W/"60f9dd3c-105a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HQtHbae3HV4uWC52GKpawf87corh8rUzVOSmFuA7vFAUwplXfXUNXgEzQb%2BZyiDQG1NtmpeUtgv4Cwwjezimwtdkq8QEqZF36YRfeprePIqFakLw3iiBvUvQLVkVyPdiDjhy3nx%2BVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36e9da0e31e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 chainwire-public.css
securityboulevard.com/wp-content/plugins/chainwire-integration/public/css/ 175 B
496 B 63ms
57ms Stylesheet
text/css 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/chainwire-integration/public/css/chainwire-public.css

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

758ec37b307443cb9be2d4f93e40d730eecfaf18a77ec9b071372b1ef64c2ab0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-edge: v=20.2.8;mv=3.1.0
age: 576431
cf-polished: origSize=339
ki-origin: g1p
ki-edge-o2o: yes
cf-bgj: minify
last-modified: Wed, 22 May 2024 04:50:32 GMT
server: cloudflare
etag: W/"664d7998-153"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W2Kb07KGUE7EMGH0niF2cN54zBi1CFQ7O1wOIidrYicHyrQ%2Ff3vwW8EpcMtvjPoSL4PTAUKN9XZZ3Ry8LIGjlt2ds4a022t9sHoOZ7bD%2F8nhTNgwKDcUuiE17YLYCrW%2BXadvXb6bSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36e9da1131e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 owl.carousel.min.css
securityboulevard.com/wp-content/plugins/devops_core/assets/ 3 KB
1 KB 63ms
57ms Stylesheet
text/css 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/devops_core/assets/owl.carousel.min.css

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576431
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Thu, 22 Jul 2021 21:09:18 GMT
server: cloudflare
etag: W/"60f9de7e-b78"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yrIf3F%2FOhalKPPDfEbpmEUvmD00XoNg240oM6BuYH41WEMyN2FCyN8YOw48far4pSAYI4C8dsFxRhNmvhjUuyp55nQAZHklgUCPM4kXtF5E2UZj7qjUX8oWsHR0hVWmOteQHQ4gTxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36e9da1231e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 owl.theme.default.min.css
securityboulevard.com/wp-content/plugins/devops_core/assets/ 936 B
742 B 64ms
58ms Stylesheet
text/css 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/devops_core/assets/owl.theme.default.min.css

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

296b3d8e9fa36733999a69d6e630bc6361ea23dada8c98a0e48d34ba7f7d0ed2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576431
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Thu, 22 Jul 2021 21:09:18 GMT
server: cloudflare
etag: W/"60f9de7e-3a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4gRpInwXYUPoNHelVIufmhSUwUmTfP43Kq4R2Rvd5wGEg8zDyLiZ%2F97LwyQxyo9rMQKwVu5fjGvZsNTXVC6NPQgJ296Y5zd36D2%2FtE5wVyZSF6D94DpBN8RrSStcr5hqNF83OH9AyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36e9da1331e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 basic.min.css
securityboulevard.com/wp-content/plugins/gravityforms/assets/css/dist/ 48 KB
7 KB 80ms
74ms Stylesheet
text/css 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/gravityforms/assets/css/dist/basic.min.css

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08c19ec190562f3078e2ad89f840a23315b57fec742d0906c8146b0b71eabee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576431
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Sat, 27 Jul 2024 16:41:19 GMT
server: cloudflare
etag: W/"66a5232f-c1a5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1DjOVRcpLF1BEB7gioSnpsoI1bKvQseegNyXRjSNU8qONBpOT1s9kUk7G%2BIjXgyp6%2F8pjNWC1oGx9%2F7d3yhy3HOXcPvDhnMsa7XHHAYK1yZMJkBuT5M1he79%2FUJTvG7C9t8cBCn4JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36e9fa1a31e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 theme-components.min.css
securityboulevard.com/wp-content/plugins/gravityforms/assets/css/dist/ 0
353 B 81ms
75ms Stylesheet
text/css 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/gravityforms/assets/css/dist/theme-components.min.css

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576431
ki-origin: g1p
content-length: 0
ki-edge-o2o: yes
last-modified: Sat, 27 Jul 2024 16:41:19 GMT
server: cloudflare
etag: "66a5232f-0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NfcEWzTYHFz8QB8A%2F4MBEvshvGLJ8qWLMpKXcx1MNC9dbCQQVqW0ZMwKKOM3yVJ0mgFFGu5q0RMJis2TJO0lo6aPrjA2FZHwywu915zdzzY%2FQvXCAqljDxofuoVw2Dc2%2FLX%2FbpVCQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
accept-ranges: bytes
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36e9fa1c31e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 theme-ie11.min.css
securityboulevard.com/wp-content/plugins/gravityforms/assets/css/dist/ 2 KB
865 B 82ms
76ms Stylesheet
text/css 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/gravityforms/assets/css/dist/theme-ie11.min.css

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fee2241b1a7e456a690a5630244d9a452f20f2a8a241eb242238d418295750b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576431
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Sat, 27 Jul 2024 16:41:19 GMT
server: cloudflare
etag: W/"66a5232f-6dd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aOvej%2BVYIXyzCrUry5Mp9Cqv8diEJ6pgW4BYSHTcJtzXr1U%2B9%2FxARH10X%2FMz8Z9vYK3EEQ%2F7cKCZHXYU%2Bfl4%2B7N6r%2FU2YC37WHZCZrxqGwNDGE5EcFAiY%2F0%2Fs6KDo58SjdiY09ey2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36e9fa1e31e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 theme.min.css
securityboulevard.com/wp-content/plugins/gravityforms/assets/css/dist/ 31 KB
6 KB 67ms
62ms Stylesheet
text/css 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/gravityforms/assets/css/dist/theme.min.css

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca0af6b4ab8d2b645c51e8b2a3e8d3dce3a43f287d9edec5f01277e46526c757

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576431
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Sat, 27 Jul 2024 16:41:19 GMT
server: cloudflare
etag: W/"66a5232f-7ddd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TT2XqDJsp%2FTnWwJYHSsBezpQm4ZnStdcdnWaFyGk9W1Q9VnLrAZUNZD6UJBc5oJRUN0X%2BLOpbyYTdzxIXBcTL4FLslnMJb6O0B2NCPJl%2B44pxxGS%2B8paUs0g%2FPqmba%2B96zotHfdrQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36e9fa2031e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 theme.min.css
securityboulevard.com/wp-content/plugins/gravityformspolls/assets/css/dist/ 6 KB
1 KB 65ms
60ms Stylesheet
text/css 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/gravityformspolls/assets/css/dist/theme.min.css

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b09f9ab3d995c54d315591f2733e609eae5c174f20ed1c8b9598b888b5704253

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576431
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Sun, 03 Dec 2023 15:43:47 GMT
server: cloudflare
etag: W/"656ca233-1678"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k9EaCG%2FWvB57R7CEcMz879Fed9wtwXAdMvcNsxiogAfM9MSOoloYBVM9gEgOikXgfnrCd72IL0CNMs8uaWNc33ARBs0Ydzv65F3aNOgTr16ioghGDO2A1%2F%2BnpMSYkAkky5OBqhFbLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36e9fa2131e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 theme.css
securityboulevard.com/wp-content/plugins/popup-builder/public/css/ 70 KB
11 KB 78ms
73ms Stylesheet
text/css 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/popup-builder/public/css/theme.css

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9117ce316239e8ce14f6975954d77c9ad297ac10861be1bf3d1ed15289a0c8a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-edge: v=20.2.8;mv=3.1.0
age: 576431
cf-polished: origSize=72185
ki-origin: g1p
ki-edge-o2o: yes
cf-bgj: minify
last-modified: Tue, 03 Sep 2024 16:12:03 GMT
server: cloudflare
etag: W/"66d73553-119f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wiwXRg23lGIqSI6okLygJE8AbKxaOCon%2Fat%2BBJ%2Fo%2F%2FRK4EtaFabbr%2FbVZSXIbEFnOLd5SB7FuzLeLsCEFmwcGugEkdQPmFgGCniZJa2%2FvUE1I2IdIwVrskwObsjWmKcyGcE3McF8eA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36e9fa2231e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
securityboulevard.com/wp-content/uploads/maxmegamenu/ 47 KB
4 KB 76ms
71ms Stylesheet
text/css 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/uploads/maxmegamenu/style.css

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1898554002afcec490975613ba45248ab76af74d151fb84a101d55bc2ca2b70

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-edge: v=20.2.8;mv=3.1.0
age: 576431
cf-polished: origSize=54547
ki-origin: g1p
ki-edge-o2o: yes
cf-bgj: minify
last-modified: Thu, 22 Jul 2021 21:03:58 GMT
server: cloudflare
etag: W/"60f9dd3e-d513"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=53V54zXg04oqlSlYkIa%2FXhLMyUv6ZDBimtpc%2FpFQ5oCR2GQ0kaiz%2BTp0U2kDlYa0%2BcQtLYGJVJsJU5qgVfFQW272%2BAEyEZT2Po9CVbb9zuoDbNprRmKOvaDWwm1ZHfF3tQ%2FWz2%2FIbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36e9fa2331e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dashicons.min.css
securityboulevard.com/wp-includes/css/ 58 KB
35 KB 67ms
62ms Stylesheet
text/css 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-includes/css/dashicons.min.css

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576431
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Thu, 22 Jul 2021 21:03:57 GMT
server: cloudflare
etag: W/"60f9dd3d-e688"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0lXtTcdXq9wUWKk7j%2BYgv%2F92df%2FQkVDF1WZyvsOkCQKC9FvZ3TLdItiBeNHhIwz%2Fto0EztMdB8mxF7V3cDkvPlSLpTU4tQ8S6%2F2F9l%2FIrcSy5zXPiCcu%2FKv1URtvd6O9q7%2FJum9amw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36e9fa2531e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
securityboulevard.com/wp-content/themes/colormag-pro/ 58 KB
11 KB 78ms
74ms Stylesheet
text/css 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/themes/colormag-pro/style.css

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4b3fbc360a34e6b9eb349ee0663dc97fa48ba73f1bb1f8e95438940b2a14dec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-edge: v=20.2.8;mv=3.1.0
age: 576431
cf-polished: origSize=81033
ki-origin: g1p
ki-edge-o2o: yes
cf-bgj: minify
last-modified: Mon, 06 Feb 2023 21:03:34 GMT
server: cloudflare
etag: W/"63e16b26-13c89"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sa4hPZ0xVw4CLDERXTv8uMh2ZbEojTym%2BhEGo%2FuEcTnN5Urm95nOU60zSo5eB2bwnStjxRZWH%2BKNlFEfp5mUwVTyigDDO%2FnKXfAwZvZpd%2FKV9DmfKu73NxdO%2FOOf4teFijmCubrBzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36e9fa2731e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
2 KB 510ms
80ms Stylesheet
text/css 142.250.80.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%7COpen+Sans%3A400%2C600%7CPT+Sans%7CSource+Sans+Pro&ver=6.6.1

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.74 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f10.1e100.net

Software

ESF /

Resource Hash

91698821a1603c559e8e255f3e34c2ea63acfcfd23d2394d55b42bb70e1c130c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 10 Sep 2024 08:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 10 Sep 2024 08:58:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 10 Sep 2024 08:58:08 GMT

GET
H2 200 magnific-popup.min.css
securityboulevard.com/wp-content/themes/colormag-pro/js/magnific-popup/ 5 KB
2 KB 77ms
73ms Stylesheet
text/css 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/themes/colormag-pro/js/magnific-popup/magnific-popup.min.css

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e529245e8867300ffd2b6f6c1e5b36d41ce8c71a9eb7cbdec52360c0be7b0017

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576431
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Thu, 22 Jul 2021 21:09:07 GMT
server: cloudflare
etag: W/"60f9de73-1463"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k1Ek%2BCQnq8HYrNkArqD9fsmLB4WUNvEYaPCJd0sUAeDDh5Sk7lufc4sWJz87fO3slqe2TrKrPTv0%2F8pNG59vEX2Pk2yfA5XvRO3xFEVxyRxXTg2TxWD6pmXZWoDPvkG1aWgG8UphJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36e9fa2831e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 font-awesome.min.css
securityboulevard.com/wp-content/themes/colormag-pro/fontawesome/css/ 30 KB
7 KB 78ms
74ms Stylesheet
text/css 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/themes/colormag-pro/fontawesome/css/font-awesome.min.css

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576431
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Thu, 22 Jul 2021 21:09:07 GMT
server: cloudflare
etag: W/"60f9de73-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XBXOmeNf3X2ZK6OlFpMaNvSdjHWG5NERkpud0kOUFi6bw2iB1sEEnkcc1HWPg6NWaZDiXSo3u7dk35ws4REiEQNIs1iMFlKNNVCIkksFXj7n%2B5BKvEcKX1zgbJ4pFo0S1Zjvf3s6pg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36e9fa2931e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.mCustomScrollbar.min.css
securityboulevard.com/wp-content/themes/colormag-pro/css/ 42 KB
4 KB 78ms
75ms Stylesheet
text/css 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/themes/colormag-pro/css/jquery.mCustomScrollbar.min.css

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

247184981eb6f698a94e431a83d68c6b0df623cce57b6e29dc5a6c11e23aa195

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576431
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Thu, 22 Jul 2021 21:09:07 GMT
server: cloudflare
etag: W/"60f9de73-a757"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fc3VJycDut%2BWQaJ32jq6PA6xEvBkouXW%2BhclZwSIYq3Ny8csX516bS2R%2F5%2FmV0KNcvlne4GKCgXoyTjpA9XgepsTcOVKKbbUEVw5O1gNh4O6RHBDWL%2BDXArnJXN0FJSW0xmmk23RpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36e9fa2b31e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 datatables.min.css
securityboulevard.com/wp-content/themes/colormag-pro/css/ 15 KB
3 KB 226ms
222ms Stylesheet
text/css 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/themes/colormag-pro/css/datatables.min.css

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7670969cdbb95fcd3e9e270b7d63c5ea6c1b3bf44fdebd13215ef8f5098a54b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Thu, 22 Jul 2021 21:09:07 GMT
server: cloudflare
etag: W/"60f9de73-3ac5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5cG4GLDMjmuPfWRoij5U%2FUXmWFxWuVUXBqn%2BWjqQWocn4AS0QKS5wdsTK6AHKY1e4g3vKqSXmpyHfmaRJOZdYC0aDEsOF026ZgO1x96cjK351RMMaBLAJakPKhP%2Bq9O7ih%2FXoYWRUGL93OhyrHiJUWqaog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36e9fa2e31e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 themify-icons.min.css
securityboulevard.com/wp-content/plugins/dflip/assets/css/ 14 KB
3 KB 76ms
73ms Stylesheet
text/css 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/dflip/assets/css/themify-icons.min.css

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

142ef075542912c4636585b0e581cd0ac6b4a3f818ec43b3fbf3667dd30a6351

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576431
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Thu, 22 Jul 2021 21:09:18 GMT
server: cloudflare
etag: W/"60f9de7e-361b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rFMAGwQQdiA5k6aOR0djtxmhHIcq%2Bg39kZHVnlu0acigGqwFTnZV%2FMitLgY63TBqkPM4ITB9iXXzowX4jQVJOSbHH8PPeeblHvoTigaxjy90wbEPE1Tg%2BdQR4GJtnrWu87xboI2LEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36e9fa2f31e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dflip.min.css
securityboulevard.com/wp-content/plugins/dflip/assets/css/ 26 KB
5 KB 76ms
73ms Stylesheet
text/css 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/dflip/assets/css/dflip.min.css

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

446bafe3e71ba46e4191766edc1d2ce5ed9710d9c6a915d3f3c36c37fe0b9346

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576431
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Thu, 22 Jul 2021 21:09:18 GMT
server: cloudflare
etag: W/"60f9de7e-66b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vDHxsNhlzvDLcwry%2BNLYh3U9QhJy1FZ9PN8kmEi2JbI%2B6gC3E1fgyvcumNPSFVMepwnFRANWjVyR%2BNuLa05zfCGvtyxwpN7tjEc2R%2B585W%2F0OnGsnS%2BCbwmfkZ4qOFjypg81y26WRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36e9fa3231e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 addtoany.min.css
securityboulevard.com/wp-content/plugins/add-to-any/ 2 KB
987 B 77ms
75ms Stylesheet
text/css 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/add-to-any/addtoany.min.css

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c19e3e4151ea4933fa9ba9703c51fe20ad469237771214b1c5001d1b107ddef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576431
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Sat, 27 Jul 2024 16:39:48 GMT
server: cloudflare
etag: W/"66a522d4-644"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9RY%2BTOdvAex8R2BV7a48RcZubvOpTom694B9M61H8UN%2B4XJyKrHh2VE1cGTjbK8gMze9rgwfqAkIy%2FOjTZxKiH9vhoVXPUAAwUfu7f3wIvS%2B50LkgyQG5GGAk3smoYJmKiOAYlPrbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36e9fa3331e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jetpack.css
securityboulevard.com/wp-content/plugins/jetpack/css/ 106 KB
20 KB 78ms
76ms Stylesheet
text/css 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/jetpack/css/jetpack.css

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32d5700587b6c9e3c4dbb404bfd2afe1a36f7ece0a9e2761bf487fca687df08c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-edge: v=20.2.8;mv=3.1.0
age: 576431
cf-polished: origSize=108968
ki-origin: g1p
ki-edge-o2o: yes
cf-bgj: minify
last-modified: Sat, 27 Jul 2024 16:42:09 GMT
server: cloudflare
etag: W/"66a52361-1a9a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x0TaN%2BX%2FDjVO5jjhrkSBM5259YaTZI8LkaNlkFGI6pe4TWoL%2B%2FcvJIJCkGtC4WumETlKGSkRdfHs31jlrkFs%2BOG6NcXihl3mqoYwor2ZdjgeRrLTkiUWQY5ZlT3a1SJ6oC%2BqBvUL9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36e9fa3431e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
securityboulevard.com/wp-includes/js/jquery/ 86 KB
30 KB 77ms
75ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576431
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Thu, 16 Nov 2023 02:00:44 GMT
server: cloudflare
etag: W/"655577cc-15601"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oZORlEj1YvJUiDcw0dZkZxZd%2FGnSZkL4Jf3LCft0DkweHkyIx4L22DqUHW89JbI9sla4IedUNcOUGTxUzd0X%2BAIMwYat0ye2EjFYZ2FE1WJV5sNOH8GBdcgRz0keB4TnvjgOzOBeAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36e9fa3731e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 /
securityboulevard.com/ 18 KB
4 KB 837ms
835ms Stylesheet
text/css 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/?custom-css=7c1b548128

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2863ec1f28569c220d7864d8870001a4f4d461123daed31d11347fefc856ec4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cf-edge-cache: cache,platform=wordpress
date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-origin: g1p
x-kinsta-cache: BYPASS
ki-edge-o2o: yes
server: cloudflare
vary: Accept-Encoding, accept, content-type
x-frame-options: SAMEORIGIN
content-type: text/css;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MwlYpL7Id5rnP6gFux26HKG0TIZ3Ix6ZOCvGIHngFwla0wLHO8qnqZ0aD6a8vL0dH4zFfSPGxue7nlYFIKTm5Tn2jJ6H1R%2FfK0zaOGfZRMK20zvMh7kM4oxMaEiCZ9Kf%2B2pjqWi0DzmCHVl0FowvPGXS6g%3D%3D"}],"group":"cf-nel","max_age":604800}
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36e9fa3631e0-MIA
x-edge-location-klb: 1
expires: Wed, 10 Sep 2025 08:58:09 GMT

GET
H2 200 security-boulevard-tsg-logo.png
securityboulevard.com/wp-content/themes/colormag-pro/img/ 5 KB
5 KB 78ms
76ms Image
image/webp 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securityboulevard.com/wp-content/themes/colormag-pro/img/security-boulevard-tsg-logo.png

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

addd3084e45a2c68ac5b4baf988e0f18f572f213a2930e32d3a79a01ab579278

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-edge: v=20.2.8;mv=3.1.0
age: 576431
cf-polished: origFmt=png, origSize=5545
ki-origin: g1p
content-disposition: inline; filename="security-boulevard-tsg-logo.webp"
content-length: 4968
ki-edge-o2o: yes
cf-bgj: imgq:85,h2pri
last-modified: Tue, 31 Jan 2023 18:04:17 GMT
server: cloudflare
etag: "63d95821-15a9"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RDyG2HJphMV3T9n60k2ePLnGlg2hjsDBFI2xoz%2Ft94Kevphh2i5t0Rq%2FXvqCSCRwmDK%2FBjOT%2B05tPBFNA04GSm%2BF4nvi5JAjBuWqX1PwD7k5TetEB1PKKl0TGwszRxTHuxCLPmqfWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
accept-ranges: bytes
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36e9fa3a31e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SBNIcon4_512px.png
securityboulevard.com/wp-content/uploads/2017/09/ 19 KB
19 KB 77ms
75ms Image
image/webp 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securityboulevard.com/wp-content/uploads/2017/09/SBNIcon4_512px.png

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f542387def66d7826b8d923a05312ec681a1389ed09ac29dc34dfe5fb857f992

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-edge: v=20.2.8;mv=3.1.0
age: 152389
cf-polished: origFmt=png, origSize=57915
ki-origin: g1p
content-disposition: inline; filename="SBNIcon4_512px.webp"
content-length: 19284
ki-edge-o2o: yes
cf-bgj: imgq:85,h2pri
last-modified: Thu, 22 Jul 2021 21:07:51 GMT
server: cloudflare
etag: "60f9de27-e23b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fUawJef0Tf9rKpdRM2pxkgPOWVs5LhRDJtxYsUXWMqJz8toTieMii2cnNQjyCifYr2lbjw9dTR1a198pYCxMxZWPJuHi5YdlL6zO7DDcqtLpXDmvyOze%2Finifr0yjq%2B%2BTqw7eGK9LA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
accept-ranges: bytes
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36e9fa3b31e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 d69176746e562c3ae8b540faf16de8ba
secure.gravatar.com/avatar/ 911 B
1 KB 132ms
62ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/d69176746e562c3ae8b540faf16de8ba?s=32&d=mm&r=g
Requested by: Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 9ef33605db40f5dd37e194f4af592cd22a8a90f56da1a165b4a97c34efaa09eb

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: MISS mia 2
date: Tue, 10 Sep 2024 08:58:08 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="d69176746e562c3ae8b540faf16de8ba.png"
accept-ranges: bytes
link: <https://gravatar.com/avatar/d69176746e562c3ae8b540faf16de8ba?s=32&d=mm&r=g>; rel="canonical"
content-length: 911
alt-svc: h3=":443"; ma=86400
expires: Tue, 10 Sep 2024 09:03:08 GMT

GET
H2 200 OnDemand-2024.07.18-Claroty-LandingPage-1540x660-2.png
securityboulevard.com/wp-content/uploads/2024/07/ 19 KB
20 KB 42ms
42ms Image
image/webp 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securityboulevard.com/wp-content/uploads/2024/07/OnDemand-2024.07.18-Claroty-LandingPage-1540x660-2.png

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2a4e7c87de9caabbbbf5500898e3173855d41a026cd37ea707aed7b197a5a9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-edge: v=20.2.8;mv=3.1.0
age: 48289
cf-polished: origFmt=png, origSize=44811
ki-origin: g1p
content-disposition: inline; filename="OnDemand-2024.webp"
content-length: 19884
ki-edge-o2o: yes
cf-bgj: imgq:85,h2pri
last-modified: Tue, 30 Jul 2024 19:58:15 GMT
server: cloudflare
etag: "66a945d7-af0b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=keiWPjg%2B1P17TbYzv1j3UTCAz%2F%2BmyZ12UJDfia6d3RgQaa54ssIrt%2BC41AOaNu22FQiNSMMFeUcz8lpAFy2eVg7d%2BSxpttckEojleGhyNP3HllAgJDqVyUoo0Gqi1afinC%2BJeX3mbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
accept-ranges: bytes
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36ea6a5a31e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ThreatLocker_Tech-Strong_Group_Security_Boulevard_300x250.png
devops.com/wp-content/uploads/2024/08/ 20 KB
20 KB 123ms
43ms Image
image/webp 2606:4700:10::ac43:e14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://devops.com/wp-content/uploads/2024/08/ThreatLocker_Tech-Strong_Group_Security_Boulevard_300x250.png

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac6f83dcff13a63bca026fd1d3c5cea71fe5e8a387618e563309f1dedb73f8c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-edge: v=20.2.8;mv=3.1.0
age: 1515688
cf-polished: origFmt=png, origSize=31742
ki-origin: g1p
content-disposition: inline; filename="ThreatLocker_Tech-Strong_Group_Security_Boulevard_300x250.webp"
content-length: 20248
ki-edge-o2o: yes
cf-bgj: imgq:85,h2pri
last-modified: Fri, 23 Aug 2024 19:32:58 GMT
server: cloudflare
etag: "66c8e3ea-7bfe"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d2h0Z2xvfMUH1W0hM%2FxTzNslBIKWLvAquawfdcOv3AYMX1G66XAjl66sAXcrLIlvofL3%2BWIUDjKhnXw944PeiPubprMD293FRwGMLm%2BikECDZ8CMogLXWefTH2o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
accept-ranges: bytes
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36eaee0731e4-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 slingshots.png
images.squarespace-cdn.com/content/v1/5355d604e4b03c3e9896e131/569a573c-5093-4fc6-8070-0a82a0cdea73/ 64 KB
64 KB 113ms
31ms Image
image/png 151.101.64.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/5355d604e4b03c3e9896e131/569a573c-5093-4fc6-8070-0a82a0cdea73/slingshots.png?format=1000w
Requested by: Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.238 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 51ad5347963f5c9db69a8bff494aca2c82b13199e4eb6205de5a65d0b9709d11

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

tracepoint: Fastly
date: Tue, 10 Sep 2024 08:58:08 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 56506
x-cache: HIT, HIT
content-length: 65041
x-served-by: cache-iad-kcgs7200145-IAD, cache-mia-kmia1760090-MIA
x-timer: S1725958689.511175,VS0,VE1
etag: CJnKyLKdr4gDEAE=
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=31536000,s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
x-sqsp-is-public: true
x-cache-hits: 61, 0

GET
H2 200 State-of-Cloud-Native-Security-2020_cover-232x300.jpg
securityboulevard.com/wp-content/uploads/2020/07/ 12 KB
13 KB 45ms
43ms Image
image/webp 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securityboulevard.com/wp-content/uploads/2020/07/State-of-Cloud-Native-Security-2020_cover-232x300.jpg

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f825bab09c1521408c2328bae1c658d4892824a6182666d4056d622e97dd6bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-edge: v=20.2.8;mv=3.1.0
age: 376097
cf-polished: qual=85, origFmt=jpeg, origSize=17872
ki-origin: g1p
content-disposition: inline; filename="State-of-Cloud-Native-Security-2020_cover-232x300.webp"
content-length: 12656
ki-edge-o2o: yes
cf-bgj: imgq:85,h2pri
last-modified: Fri, 06 Aug 2021 02:15:28 GMT
server: cloudflare
etag: "610c9b40-45d0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OebqretHdaPwIEEN8ByRNWOj%2BiC%2BkcEJGDHLk7KhKz5QxEJra%2FAb%2F7RYJn3lN9s7TJwWd9UPks3P8rXDNM0ehDVdtrgtJbfY%2B5K1HJuaTlx0dW2naWk9qSVMCj3OVBbEKrFS8FP1D73Af3nTrxbmVjRt%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
accept-ranges: bytes
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36ed1bb131e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 security-boulevard-white.png
securityboulevard.com/wp-content/uploads/2021/10/ 3 KB
3 KB 43ms
41ms Image
image/webp 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securityboulevard.com/wp-content/uploads/2021/10/security-boulevard-white.png

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b327fc4684de28d40f1fee56aa5a54f24ade43a7eb7c4a5a22fb86b829e2cc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-edge: v=20.2.8;mv=3.1.0
age: 278635
cf-polished: origFmt=png, origSize=3249
ki-origin: g1p
content-disposition: inline; filename="security-boulevard-white.webp"
content-length: 2838
ki-edge-o2o: yes
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Oct 2021 17:56:21 GMT
server: cloudflare
etag: "615b4045-cb1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9WyvG18zhOZsnzkNaM3GAsDD01j3uRf7nP8VC%2FNBzza4U23WwpZ12jBY7zSOVFc5HA5SAJsCa4%2FHsU1vye%2FIm47N3EX9Pf0ewU7ArtVUFtJ628h3EJbgRgaTiJ%2FawJx4Lj4JpT8%2FtD6KeTfDOc4Zs5cf8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
accept-ranges: bytes
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36ed1bb331e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dmca-compliant-grayscale.png
www.dmca.com/img/ 7 KB
7 KB 177ms
34ms Image
image/png 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dmca.com/img/dmca-compliant-grayscale.png
Requested by: Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f4ed4f3e649cf635824e73f0988b7d838af1c3f6753a16586cd1b64e2cfd1ee0

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
last-modified: Wed, 12 Apr 2023 04:06:52 GMT
etag: "633c4b36f46cd91:0"
x-azure-ref: 20240910T085808Z-185fd9c9b4676rb42r6bwwdz8000000005kg00000000e0v4
x-cache: TCP_HIT
content-type: image/png
cache-control: public, max-age=7603200
x-fd-int-roxy-purgeid: 66675262
accept-ranges: bytes
content-length: 6745

GET
H3 200 powered-by-techstrong-ftr.png
techstronggroup.com/wp-content/uploads/2021/10/ 2 KB
3 KB 93ms
40ms Image
image/png 172.67.198.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://techstronggroup.com/wp-content/uploads/2021/10/powered-by-techstrong-ftr.png

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.198.8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

757eb40b82fad431019322ce4d7edfd5f2b0b0a822d74db6066993d6bb472c49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.7;mv=3.0.6
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8520484
ki-origin: g1p
alt-svc: h3=":443"; ma=86400
content-length: 2417
ki-edge-o2o: yes
last-modified: Thu, 30 Jun 2022 19:23:35 GMT
server: cloudflare
etag: "62bdf837-971"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dmMw%2B9gxpBL3uYT7o%2BIxD8bM6vEppHN1zANoj03EJo%2FgNxNtTUgEAAeGGh54HG7%2BfsvUqXRLi4mHDdC2tbM9HA4NVTrd4yXYSwYggQny7Lxb22z7fImhpc%2BmZU9c%2FMghe9fBUmc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
accept-ranges: bytes
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36ed6a928e00-MIA
priority: u=3,i
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 email-decode.min.js Show response
securityboulevard.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
824 B 33ms
33ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 04 Sep 2024 18:15:33 GMT
server: cloudflare
etag: W/"66d8a3c5-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8c0e36eb3ab131e0-MIA
expires: Thu, 12 Sep 2024 08:58:08 GMT

GET
H2 200 so-css-colormag-pro.css
securityboulevard.com/wp-content/uploads/so-css/ 37 B
483 B 41ms
40ms Stylesheet
text/css 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/uploads/so-css/so-css-colormag-pro.css

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c90882cc87cbb7a374871305ccc2b2b420724591a5de7e863f31842fe7c39ddc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-edge: v=20.2.8;mv=3.1.0
age: 576431
cf-polished: origSize=84
ki-origin: g1p
ki-edge-o2o: yes
cf-bgj: minify
last-modified: Thu, 22 Jul 2021 21:03:58 GMT
server: cloudflare
etag: W/"60f9dd3e-54"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Og0b7il%2FG2N4b0dTk3X5AAQW%2Bbaec1wFdY71T7sJHkxC7VJGSaHSh%2BGCxJjZnZVp1jgICX32F183w0JF5d0SRi0Hc3kPQObBe%2FHOP1MmIEMYM5UDthQl4vaPMQnGjkTG%2FqYkUc9qw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36eb6aca31e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 shortcodes.css
securityboulevard.com/wp-content/plugins/shortcodes-ultimate-extra/includes/css/ 18 KB
4 KB 44ms
43ms Stylesheet
text/css 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/shortcodes-ultimate-extra/includes/css/shortcodes.css

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

471f5e43b94418a2b9b406a02c979eb899ae44f2bfde4dd8613d6b80f50ebf46

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-edge: v=20.2.8;mv=3.1.0
age: 576431
cf-polished: origSize=19024
ki-origin: g1p
ki-edge-o2o: yes
cf-bgj: minify
last-modified: Thu, 22 Jul 2021 21:09:13 GMT
server: cloudflare
etag: W/"60f9de79-4a50"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=opxceZ2NASx5QsP%2B0RhNYkGkbb1kbDDb6M63Q14MhJBFKp7ow9%2BRxYfPiEQ2p%2BF42r1%2FLsUBLQBvW%2BpwSy5nCs%2BVI05LJ3ExO8Ao6aUX0zj%2FX8JPZ29qd9%2Bk4cgGHgaoGwB8GrGRzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36eb9ade31e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 shortcodes.css
securityboulevard.com/wp-content/plugins/shortcodes-ultimate/includes/css/ 44 KB
8 KB 42ms
41ms Stylesheet
text/css 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bfc362d61a36174f9e4ef410adee1288b2a9afc839586ed871949c96f7fa0dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-edge: v=20.2.8;mv=3.1.0
age: 576431
cf-polished: origSize=45247
ki-origin: g1p
ki-edge-o2o: yes
cf-bgj: minify
last-modified: Sat, 27 Jul 2024 16:43:46 GMT
server: cloudflare
etag: W/"66a523c2-b0bf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K0bCWSrN5mfEr%2BRhcNB6cv5g7DTfPTd566f6ZENEX8wZWgxR9vuPXWJ1XaCbomOXg%2FdHN36LOQvIHYE2IxqDiEIsNyyMUkpsRley6ik2LdEZkx825JfNVIo0j9WcbtQ65CSpv0BdYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36ebaaea31e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dflip.min.js Show response
securityboulevard.com/wp-content/plugins/dflip/assets/js/ 127 KB
40 KB 40ms
40ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/dflip/assets/js/dflip.min.js?ver=1.5.6

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2dddbbb11e0d6a306b1a27ed5d693f859dad8c17ccb08d5b9e9d663eae570821

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576431
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Thu, 22 Jul 2021 21:09:18 GMT
server: cloudflare
etag: W/"60f9de7e-1facd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DuWichtApW%2FC%2BmuItKvjlpIPLkF9d7P%2BbD6LAii0w%2FeUcEjmIl2FiDch2xI3Q15YPXRn9ypqaNZCG6a2h3CQwf33Fjzaoj1hNAB%2FXbqfGOOzXo0GoP3dGRstcltxGSeLSOWjgMNXHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36ebeafa31e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rocket-loader.min.js Show response
securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 37ms
35ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 04 Sep 2024 18:15:33 GMT
server: cloudflare
etag: W/"66d8a3c5-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8c0e36ed1bb431e0-MIA
expires: Thu, 12 Sep 2024 08:58:08 GMT

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 124ms
57ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer: https://securityboulevard.com/
Origin: https://securityboulevard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8c0e36ed88a9a569-MIA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 318 KB
107 KB 226ms
89ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5VL4PHQ

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8e865610f821bc6b6683af168c60b57db40b15e6b27755134457ee4d91aa03d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109609
x-xss-protection: 0
last-modified: Tue, 10 Sep 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 Sep 2024 08:58:08 GMT

GET
H/1.1 200
OK embed
vimeo.com/event/4046309/ Frame ED43 0
0 746ms
681ms Document
text/html 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vimeo.com/event/4046309/embed?muted=1

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://securityboulevard.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Age: 0
CF-Cache-Status: DYNAMIC
CF-Ray: 8c0e36ed8c94a540-MIA
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 10 Sep 2024 08:58:09 GMT
Expires: Tue, 10 Sep 2024 09:13:09 GMT
Server: cloudflare
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Vary: User-Agent,Accept-Encoding, X-Geo-Vary-Group,x-http-method-override
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
x-backend-proxy: webproxy14
x-bapp-server: pweb-5f5d8c447f-f5xhz
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-iad-kjyo7100030-IAD, cache-mia-kmia1760065-MIA
x-timer: S1725958689.909679,VS0,VE625
x-ua-compatible: IE=edge
x-varnish-cache: 0
x-vimeo-device: d
x-vserver: web-varnish-prod-varnish-13
x-xss-protection: 1; mode=block

GET
H2 200 /
www.podbean.com/player-v2/ Frame 7024 0
0 229ms
154ms Document
text/html 2606:4700:10::6816:ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.podbean.com/player-v2/?i=aw5u6-1119a75-pbblog-playlist&pbad=0&share=1&download=0&rtl=0&fonts=Arial&skin=1&font-color=auto&logo_link=episode_page&order=episodic&limit=10&filter=all&ss=a713390a017602015775e868a2cf26b0&btn-skin=1b1b1b&size=250

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:ca , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8c0e36efef90dacd-MIA
content-encoding: br
content-type: text/html
date: Tue, 10 Sep 2024 08:58:09 GMT
last-modified: Mon, 09 Sep 2024 03:03:47 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 206ms
73ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%7COpen+Sans%3A400%2C600%7CPT+Sans%7CSource+Sans+Pro&ver=6.6.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://securityboulevard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 17:00:34 GMT
x-content-type-options: nosniff
age: 316655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Sep 2025 17:00:34 GMT

GET
H2 200 fontawesome-webfont.woff2
securityboulevard.com/wp-content/themes/colormag-pro/fontawesome/fonts/ 75 KB
76 KB 47ms
47ms Font
font/woff2 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/themes/colormag-pro/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/wp-content/themes/colormag-pro/fontawesome/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/wp-content/themes/colormag-pro/fontawesome/css/font-awesome.min.css
Origin: https://securityboulevard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576432
ki-origin: g1p
content-length: 77160
ki-edge-o2o: yes
last-modified: Thu, 22 Jul 2021 21:09:07 GMT
server: cloudflare
etag: "60f9de73-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cXExvIfj0ewwLeIDMcuaswPCHrI5WNXcEtrg2xIgyLHkG5UmY1xTsFXoe863BzCauSqaP3ik%2FIfmZF7%2BvL8xviVQH3VOspyvZT1AH4ag%2FDfZxknZqjnRV5iKANwo%2BaRjefoDse2jSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
accept-ranges: bytes
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36ef6ccc31e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 31 KB
31 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6db83b2803fed3f9b574567755102b18c401904a374c8acf4c9a2e9b0159cb4f

Request headers

Referer
Origin: https://securityboulevard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 44 KB
44 KB 214ms
81ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%7COpen+Sans%3A400%2C600%7CPT+Sans%7CSource+Sans+Pro&ver=6.6.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://securityboulevard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 13:46:42 GMT
x-content-type-options: nosniff
age: 328287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Sep 2025 13:46:42 GMT

GET
H2 200 2024.10.09-Mend-LandingPage-1540x660-DO.png
securityboulevard.com/wp-content/uploads/2024/08/ 63 KB
64 KB 47ms
46ms Image
image/webp 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securityboulevard.com/wp-content/uploads/2024/08/2024.10.09-Mend-LandingPage-1540x660-DO.png

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c200597dad422925b0995b9094df1c6005689273467d7b9162ba5502ce4cd8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-edge: v=20.2.8;mv=3.1.0
age: 407085
cf-polished: origFmt=png, origSize=125717
ki-origin: g1p
content-disposition: inline; filename="2024.webp"
content-length: 64868
ki-edge-o2o: yes
cf-bgj: imgq:85,h2pri
last-modified: Wed, 28 Aug 2024 14:06:29 GMT
server: cloudflare
etag: "66cf2ee5-1eb15"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SsgR0t2QyRO0nnuIUwd%2Ffj%2Bd2qcCKT32QDESP1VjUgj3tn7YcClwHMuvAwlxWLtxtJFP%2B4AHaXOGWbo9syWnAnkPqBGiicQFonm2l1kU1Z2kZX6WWAsgT1f6816OXuLugTRY0l4Qww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
accept-ranges: bytes
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36ef6cc931e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 photo_2024-03-27_11-50-18_1711634249BAYRGDETen.jpg
securityboulevard.com/wp-content/uploads/2024/03/ 34 KB
34 KB 43ms
42ms Image
image/webp 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securityboulevard.com/wp-content/uploads/2024/03/photo_2024-03-27_11-50-18_1711634249BAYRGDETen.jpg

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e16986622c696a801f3ebfba9649dae03e94c9c7a2b48a82b5e0da3652770ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-edge: v=20.2.8;mv=3.1.0
age: 376171
cf-polished: qual=85, origFmt=jpeg, origSize=140044
ki-origin: g1p
content-disposition: inline; filename="photo_2024-03-27_11-50-18_1711634249BAYRGDETen.webp"
content-length: 34770
ki-edge-o2o: yes
cf-bgj: imgq:85,h2pri
last-modified: Thu, 28 Mar 2024 16:29:24 GMT
server: cloudflare
etag: "66059ae4-2230c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5mKb2%2BXphFSV9MGhE6pgTkGQMBK36eAuWuAHh%2F6KA6BMGsqy4OXNTGSPmGXpHVuxjgwy7DLp3sIrbiHqS89iTgkQELZHYv%2Bu%2FR2SP%2FgAzC%2BICukeYgDfHUn5iLuux19eaCWvwuppr73YP18nUKM9fV19ug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
accept-ranges: bytes
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36ef6ccb31e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 323 KB
106 KB 97ms
96ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FB70FYBEHB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VL4PHQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a281554e698efea9e14b9bf20c69e231cdbc0d6cf21cd5defea925c124ccda0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 108458
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 10 Sep 2024 08:58:09 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
95 KB 119ms
118ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5EVV7GV4Q5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VL4PHQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f67facb19582d6d0f7d7093568a38c213683826d6cba38064b3fc7c0a41db35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96686
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 10 Sep 2024 08:58:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 415ms
61ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VL4PHQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 10 Sep 2024 07:43:34 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4475
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 10 Sep 2024 09:43:34 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 217ms
63ms Script
application/javascript 2600:141b:e800:25::1721:2ad1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VL4PHQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:e800:25::1721:2ad1 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2024 11:06:54 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=73075
accept-ranges: bytes
content-length: 14628

GET
H2 200 tag.aspx Show response
ml314.com/ 38 KB
39 KB 142ms
26ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?982024
Requested by: Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d0e12af8c4e560fe89643639e0c3ed4dc76125c62adeb2879b761d73dbaecf50

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:04:24 GMT
via: 1.1 google
age: 3225
x-guploader-uploadid: AD-8ljvBajbgbxgssVvlpX-ha9ZqRN5VOE-UbHhCD1PD06FQnEi4C-S4EJcgrkJ6BbHczji_iLflK5cGyQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39162
last-modified: Wed, 24 Jul 2024 19:30:50 GMT
server: UploadServer
etag: "632616ff15825f030aab3391a58ef042"
x-goog-generation: 1721849450340665
x-goog-hash: crc32c=6sDw2Q==, md5=YyYW/xWCXwMKqzORpY7wQg==
content-type: application/javascript
cache-id: MIA-ebd516a
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 39162
accept-ranges: bytes

GET
H2 200 j1vwi9tiia Show response
www.clarity.ms/tag/ 637 B
1000 B 185ms
79ms Script
application/x-javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/j1vwi9tiia
Requested by: Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4105387528744bfb8f22b940743fe631cc3d26c64e52849f05d5147b8132c328

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
date: Tue, 10 Sep 2024 08:58:09 GMT
x-azure-ref: 20240910T085809Z-185fd9c9b46np5t6md1d17pv7w0000000k80000000009tpy
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 637
expires: -1

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 161 KB
52 KB 217ms
89ms Script
text/javascript 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2091799172090865

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VL4PHQ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

fa9e64cf02aa8623cfba0cd734068aed4c1ceb354d4314de36409f73f625c041

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53017
x-xss-protection: 0
server: cafe
etag: 15520815709031542047
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 10 Sep 2024 08:58:09 GMT

GET
H2 200 tracker.iife.js Show response
assets.apollo.io/micro/website-tracker/ 3 KB
2 KB 135ms
46ms Script
application/javascript 2606:4700:10::ac43:29b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.apollo.io/micro/website-tracker/tracker.iife.js?nocache=pcyiec
Requested by: Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:29b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2039d204f18247df88a0f132f35fe67f9e52ee7268515ead1647c611f737ba07

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 57636
x-guploader-uploadid: AHxI1nP4XvY71UT426JR3drXtcopbSb6TgYmepNz5g7r6KAUSwQD9Dn18ZpMuX96BFY1IEXGQyfSZ4_swQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 1168
last-modified: Mon, 12 Feb 2024 19:05:14 GMT
server: cloudflare
etag: "482eb3be75b60ec86f88e9bc33337e88"
vary: Accept-Encoding
x-goog-generation: 1707764714580510
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=I3tUEw==, md5=SC6zvnW2DshviOm8MzN+iA==
access-control-expose-headers: *
cache-control: public, max-age=31477102
x-goog-stored-content-length: 1168
accept-ranges: bytes
cf-ray: 8c0e36f09a735c76-MIA
expires: Tue, 09 Sep 2025 16:36:31 GMT

GET
H3 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 100ms
51ms Script
application/javascript 104.16.160.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=1.0.0

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1600
etag: W/"09282956186c8515ef0d208902803581"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8c0e36f05faa749b-MIA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Fri, 13 Sep 2024 08:58:09 GMT

GET
H2 200 maxmegamenu.js Show response
securityboulevard.com/wp-content/plugins/megamenu/js/ 21 KB
4 KB 61ms
45ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=3.3.1.2

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9595d6e9cf2ca0d1dfcc07c2cf9ea061045d3db04f081aa50d488bc03a776a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-edge: v=20.2.8;mv=3.1.0
age: 576432
cf-polished: origSize=33714
ki-origin: g1p
ki-edge-o2o: yes
cf-bgj: minify
last-modified: Sat, 27 Jul 2024 16:42:41 GMT
server: cloudflare
etag: W/"66a52381-83b2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X6X9rjO7U9VCYWzqfxjStbjjEsEqfmuyrkK0SenItl33c9KoiMjdyri5pVlXt5ZTjhDJNbbNayBry48NM2Qd6b3AtOg6%2FSqpL98t1eU%2FTTEZ7v%2FNVOW9SdLGBzlPY83Qkn5FFZ%2BjcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f02d0a31e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hoverIntent.min.js Show response
securityboulevard.com/wp-includes/js/ 1 KB
1 KB 57ms
41ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576432
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Mon, 13 Jun 2022 16:39:09 GMT
server: cloudflare
etag: W/"62a7682d-5db"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iXrkPkMleBSuiAITEdSz0XccgjeDMOks7oipTy6dfRQ2b%2FE4lq9McSM9RWr6GtQMHVyH7Nu4Fq%2FFGlXvfbzTz%2BJRiRQJAqaq5u6RVWNdtLq17Ns0kZ5yovioIMaqMrVOUX0eZ5XRwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f02d0c31e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 e-202437.js Show response
stats.wp.com/ 7 KB
3 KB 113ms
35ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202437.js
Requested by: Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT mia
date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/14421-1717166116671.2583
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Sun, 07 Sep 2025 22:15:41 GMT

GET
H2 200 twitter-timeline.min.js Show response
securityboulevard.com/wp-content/plugins/jetpack/_inc/build/ 265 B
593 B 56ms
42ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/jetpack/_inc/build/twitter-timeline.min.js?ver=4.0.0

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68002d1756ab74bbd8c95d977ff8af585ab56706e59b0524a56a9788acf8e482

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576432
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Sat, 27 Jul 2024 16:42:10 GMT
server: cloudflare
etag: W/"66a52362-109"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IiiFUuwRCDlpL5nkW9M5RjtujWkLe3BGFoZB1b6GV4p3BlfcJzBMC%2BkawACH9KTQpY2JY9BK7TqECBUQygoOHVLp12NKLeCV5tD9Idg3xVHwME5CO%2FEGMNUnK8JN0hcElmLa2Y%2BL2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f02d0e31e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 datatables.min.js Show response
securityboulevard.com/wp-content/themes/colormag-pro/js/ 99 KB
33 KB 61ms
46ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/themes/colormag-pro/js/datatables.min.js?ver=6.6.1

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

431ebfe08cafe8dbb9139a8e7632abc824c6fa276ab1037868ae598474062151

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576432
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Thu, 22 Jul 2021 21:09:07 GMT
server: cloudflare
etag: W/"60f9de73-18c20"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VSQMA9XDbM7HbuA%2FFxvrxCDN6f%2BvOBIQtljs3k42ZfM1LXOe6Q2hb98%2FKag9M7CmnS60wiGESM%2B9PEpQvcVkZdnwwdK2A6DQPnkkjIusdAmDkQhLflZolZEUvMh7kJ6NMp7u3zl0bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f02d1031e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.mCustomScrollbar.js Show response
securityboulevard.com/wp-content/themes/colormag-pro/js/ 56 KB
14 KB 59ms
44ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/themes/colormag-pro/js/jquery.mCustomScrollbar.js?ver=6.6.1

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

302dad2d165b5b7849d5fc1db1fea894f35dec4c4f64e77ec4865fd4f3a90a62

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-edge: v=20.2.8;mv=3.1.0
age: 576431
cf-polished: origSize=93484
ki-origin: g1p
ki-edge-o2o: yes
cf-bgj: minify
last-modified: Thu, 22 Jul 2021 21:09:07 GMT
server: cloudflare
etag: W/"60f9de73-16d2c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w177MsnW%2FqTJ338swJzfGq%2FPxs8rJv6ioX5y3Q5y7MH9lblLz3TPZvoU8w%2BPonV5PT4uhI4%2FDA7fIo9PwMWTCn0RdcOsFIz9i1y%2BWmuLAn4huu%2FeIHKNAdVL09HgVBbaWzWlf6WCKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f02d1231e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 colormag-custom.min.js Show response
securityboulevard.com/wp-content/themes/colormag-pro/js/ 6 KB
2 KB 56ms
42ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/themes/colormag-pro/js/colormag-custom.min.js?ver=6.6.1

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7c91d82539279bcc48324d9cdecfaad418f2720a2e40de04a6d975465aa07a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576432
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Thu, 22 Jul 2021 21:09:07 GMT
server: cloudflare
etag: W/"60f9de73-19ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iFuXdviGnpUALMfBXxlJCtZLfLSia2ZSy6fSMRRo3G9oQuym50F9nxNci9Uj1sbSjAT3aVOR%2B%2BAsJREThhHipzSvQMIaypzMNcdowAIsheYW2IJriVR0Jdq6pfCmgGJPfqFoCCtjow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f02d1331e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ResizeSensor.min.js Show response
securityboulevard.com/wp-content/themes/colormag-pro/js/theia-sticky-sidebar/ 2 KB
1 KB 59ms
45ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/themes/colormag-pro/js/theia-sticky-sidebar/ResizeSensor.min.js?ver=6.6.1

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bb987c509cc9d8cddb3a3d729818016e7831788ececc4b736a23c66d22161e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576432
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Thu, 22 Jul 2021 21:09:07 GMT
server: cloudflare
etag: W/"60f9de73-8b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tte4EscPfxAO39J9bnGnXok9zOdEkOrAn5JfHzmf%2FCW9XHD2dE%2FXAR095WyGBvqqacuWQ99iC50hD%2FOClpHjzFd4LNpR6mGUlIGfa4VowuU63RdnWf8EDzjMx5uVP4o%2FSDu0PBlgIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f02d1431e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 theia-sticky-sidebar.min.js Show response
securityboulevard.com/wp-content/themes/colormag-pro/js/theia-sticky-sidebar/ 5 KB
2 KB 59ms
45ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/themes/colormag-pro/js/theia-sticky-sidebar/theia-sticky-sidebar.min.js?ver=6.6.1

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

101f7a6b30db45e2af5f4c16ec0e1ed7584c45260801abdeaa09731ba3abd6c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576431
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Thu, 22 Jul 2021 21:09:07 GMT
server: cloudflare
etag: W/"60f9de73-14f5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cIwOXe9vC5FqiH0WChacpCHtIlUcG0n4%2FpNU6VJh2RatrN2LR2A4lsj2%2BpoSANZxvJD3EAlR4jokjaYO8uBSsg2xi8KjOiDIlRyogviFQyPloyZYY%2Fy%2BVHQnWOyJ5ndts%2BX67LvRyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f02d1531e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.fitvids.min.js Show response
securityboulevard.com/wp-content/themes/colormag-pro/js/fitvids/ 2 KB
1 KB 59ms
46ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/themes/colormag-pro/js/fitvids/jquery.fitvids.min.js?ver=20150311

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28b0b03f51551de0682bed42b4cb9d56508a09f636ff48e3f97df64473d311d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576431
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Thu, 22 Jul 2021 21:09:07 GMT
server: cloudflare
etag: W/"60f9de73-7d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YNUQxtDUV6jmE73Ha1620J%2BwIMC9GYFDjY%2FzYEwB9V3k88NtQOHAfypz7XIgnFjn1YDw%2FuTPGSPp6mEQsl0N6yviY%2BfwIqJQlEFC4WrWivFFQ1t147hJ5P5AcFJrih%2FtrZTK073zfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f02d1631e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 navigation.min.js Show response
securityboulevard.com/wp-content/themes/colormag-pro/js/ 1015 B
614 B 62ms
49ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/themes/colormag-pro/js/navigation.min.js?ver=6.6.1

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41f3fe4ce62f3d3f75f6ca8d5c801832f4dc941028ed09cd2ddf5a5b9f0712d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576432
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Thu, 22 Jul 2021 21:09:07 GMT
server: cloudflare
etag: W/"60f9de73-3f7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z9VJ4dt4j2QEqgkJ7rVNI3mtoD7OtBMOBVeUXk465exEV1H0AeXVu1XKVA%2B93qGYdHyJCgfDIdQ0kfwZAvVkeaZFYEx3j0KwdGOdKwUVG0KWGnHAY25OQDnBUB%2BLw%2B5uCAlSJFFoCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f02d1731e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.magnific-popup.min.js Show response
securityboulevard.com/wp-content/themes/colormag-pro/js/magnific-popup/ 20 KB
7 KB 61ms
48ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/themes/colormag-pro/js/magnific-popup/jquery.magnific-popup.min.js?ver=20150310

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64ab8dbf18e5a9150941c352022b6e14e983a679cee5bd6bc92f6fca7e6426bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576431
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Thu, 22 Jul 2021 21:09:07 GMT
server: cloudflare
etag: W/"60f9de73-4ee9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ISuNvXrvvpEjajsx9x%2FRKRHJfnysePxpXmaEAQkkr%2F7CAvl7jTUUmvfsvu6YBYMsuop5C35gVemSuOBVFgFJGPz3qKDewUH87FbnqniBGZjvOQI0eD5idh9wNNmm42Eu5p0Vm%2B0oMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f02d1831e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.sticky.min.js Show response
securityboulevard.com/wp-content/themes/colormag-pro/js/sticky/ 4 KB
2 KB 98ms
85ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/themes/colormag-pro/js/sticky/jquery.sticky.min.js?ver=20150309

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed5187fd3a8124b6137295fd2b2e0e1451ed9250b6ad989d48e16ea736e5bddc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576432
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Thu, 22 Jul 2021 21:09:07 GMT
server: cloudflare
etag: W/"60f9de73-f65"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C1Jy74BLt1fOtfz%2FXKdkrXdnY2hpQj%2F%2BGyvWIEiX1FJLuSt7kgehn5Jp7xx2tCtTH3kotoziaJrFSuMS3qmSS2x4hgWwYzijjak3X6H8kuapdtwev2%2Be1JcsJaeG62QcozghDTmKiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f05d2431e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery.marquee.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jQuery.Marquee/1.6.0/ 9 KB
3 KB 77ms
39ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jQuery.Marquee/1.6.0/jquery.marquee.min.js?ver=1.6.0

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

feade23a47f6041e6d1008885642dd7ab7cc4f12d94b0c7191c9cf8ca55df97d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1246066
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2000
last-modified: Thu, 25 Feb 2021 18:29:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6037ec91-2345"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4P%2BsbSnGZx4kmfFLUI6P0XxupnlJMf51%2BTiBquaqcACqLVd2JtfdBV3ZIPRVC%2BnXnCmB%2BDk275d%2BcdLkM2uRdooYYm6jWPx5aS%2BZzBDl4PQzGObOYdv43pii1Q%2Bn8zwZDstSlG4T"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8c0e36f04d5fa554-MIA
expires: Sun, 31 Aug 2025 08:58:09 GMT

GET
H2 200 wpgroho.js Show response
securityboulevard.com/wp-content/plugins/jetpack/modules/ 1 KB
1 KB 83ms
71ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/jetpack/modules/wpgroho.js?ver=13.6

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ef5e5f0b35765664c2306f623928124ac103d8e218ad9bd64da51e319d0cc5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-edge: v=20.2.8;mv=3.1.0
age: 576431
cf-polished: origSize=1953
ki-origin: g1p
ki-edge-o2o: yes
cf-bgj: minify
last-modified: Sat, 27 Jul 2024 16:42:10 GMT
server: cloudflare
etag: W/"66a52362-7a1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0p0iHRKsvZ%2BXjUZf86DjiMYRJLX1KgQI5NbyVUcjKpPNl9RYuClVSaNAWm6sWF8qANJLtDI6TuFIYF3GWPVdfQvU0eWyw69n6k99FHiXfKkJiprpFk5qKwnP64bN74dEoeHMmr0WJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f05d2731e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gprofiles.js Show response
secure.gravatar.com/js/ 13 KB
5 KB 42ms
30ms Script
application/javascript 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.gravatar.com/js/gprofiles.js?ver=202437

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b46853b388ab997de6bfa04c1e397b91783aa2d3e125eb7f62b2f41b95dd5e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
last-modified: Tue, 02 Jul 2024 12:40:50 GMT
server: nginx
etag: W/"6683f552-3317"
content-type: application/javascript
cache-control: max-age=604800
alt-svc: h3=":443"; ma=86400
expires: Tue, 17 Sep 2024 08:58:09 GMT

GET
H2 200 akismet-frontend.js Show response
securityboulevard.com/wp-content/plugins/akismet/_inc/ 6 KB
2 KB 90ms
79ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1722098430

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a1b9ae60c527ccefdbbc092245aa6c85aedcaa6ebb4c69d22060ece8ade180d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-edge: v=20.2.8;mv=3.1.0
age: 576432
cf-polished: origSize=11388
ki-origin: g1p
ki-edge-o2o: yes
cf-bgj: minify
last-modified: Sat, 27 Jul 2024 16:40:30 GMT
server: cloudflare
etag: W/"66a522fe-2c7c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ohuz80vbxVHX9qCRb%2Btw0m%2FrND6IG3GeDqNQMQAzUauS5sy7nidrkgjVGTR9vfTy%2BOnFqRP6B8H1PEHCU1nIjfs7GFq%2FSzd9TglJo2z%2FvgMysFRyPn1uVxj8OgLHoOwPDyfreOxRnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f05d2831e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scripts-theme.min.js Show response
securityboulevard.com/wp-content/plugins/gravityforms/assets/js/dist/ 4 KB
2 KB 85ms
73ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/gravityforms/assets/js/dist/scripts-theme.min.js?ver=bab19fd84843dabc070e73326d787910

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fff9001fa9a705871580a83e3c2916c7d136360c55bf0b5ac88d6e055085678d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 334837
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Sat, 27 Jul 2024 16:41:19 GMT
server: cloudflare
etag: W/"66a5232f-1043"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F0SZojwMKA%2FqrGciO5KiH7TMZi0VUG58wEjVPTtBe8eZIK%2FoAYKJPevDUCttDA%2F1nwJ9Dvkd5O%2FD%2BR3B5D5dhU8Q0KAUxtpnowVEkKQvSkkEjgjMZvDSx6shswz41ekDnUiCGPVvzrZL7aJqgNz38%2FUY5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f05d2a31e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vendor-theme.min.js Show response
securityboulevard.com/wp-content/plugins/gravityforms/assets/js/dist/ 17 KB
7 KB 84ms
74ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/gravityforms/assets/js/dist/vendor-theme.min.js?ver=54e7080aa7a02c83aa61fae430b9d869

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b63f93f45b836123619e22860a43538ac0cd157f7afd2f58134e28e5e18fa04

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 427237
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Sat, 27 Jul 2024 16:41:19 GMT
server: cloudflare
etag: W/"66a5232f-438a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FJqaJ3YYhviBxDe7KJj4nDghVUY4OunoUbTEjtsN9aKaitGY2YEvRaJTkSts3ewq0jL0GU6fj%2BHevJpmBC2BjjTxpkCVSKpW7OvwpAayb%2FcmKP3PeDs%2BdTTIlBRW%2BbFiUlWs9%2BRxCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f05d2b31e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 a11y.min.js Show response
securityboulevard.com/wp-includes/js/dist/ 2 KB
1 KB 86ms
75ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-includes/js/dist/a11y.min.js?ver=d90eebea464f6c09bfd5

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb4e63c126beae75728fc000a8847d4d91427b7a63e711f3668de1c20bd5d76c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576432
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Fri, 12 Apr 2024 03:05:56 GMT
server: cloudflare
etag: W/"6618a514-936"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iHFOQZylDVZgjUBP9%2Bb9mnU%2F9k9w76%2FBafs73hFdk%2F12rfi1FT8h%2FFJ5V9MeQ5hK8hIP2eozmLVKErMbzeuTJaTTlKzZ92zPDXiygF1spHXYMAK7mkPBW7VWlLIPugqlzf7h1fLYoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f05d2c31e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 i18n.min.js Show response
securityboulevard.com/wp-includes/js/dist/ 9 KB
4 KB 86ms
76ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576432
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Fri, 12 Apr 2024 03:05:56 GMT
server: cloudflare
etag: W/"6618a514-23b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gjg8BUxF94wmNxnYnEOmWSbZ2fpSZMMstIdkdtqan7vrhjjDnchrpR13peJmI%2F%2FLL2QbPchquyvcU4LL7GZ7i3CCqshLe2C9yZJAeuszJaPBzK4rzd9XO1M7gjCxbUGgOyu7p4k0kA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f05d2d31e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hooks.min.js Show response
securityboulevard.com/wp-includes/js/dist/ 4 KB
2 KB 94ms
84ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576432
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Fri, 12 Apr 2024 03:05:56 GMT
server: cloudflare
etag: W/"6618a514-10d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N64RytfRk%2Fft%2BcLLPMlhgAfQyEpGdE5mnLOM8apVeP0G%2BlRPk2VB86JQg3EDPGW%2BQ7e%2FfSlYeTd0SoE3uzP8Ww312c3ogT3UtwyHeSVY%2FTSxXE86ghmPYgI3wZPDYJI5j7dZmFC8ew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f05d2f31e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dom-ready.min.js Show response
securityboulevard.com/wp-includes/js/dist/ 457 B
631 B 86ms
76ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-includes/js/dist/dom-ready.min.js?ver=f77871ff7694fffea381

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a43a22e48f94b7a45a9a9b1a107f197213b73307fdfa2e6b2daadab264f94d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576432
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Fri, 12 Apr 2024 03:05:56 GMT
server: cloudflare
etag: W/"6618a514-1c9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2aXpolyB689YaEZQxgb816zU4zjXCSgHackgRQv%2BpNpbCQHuBnQQ84kfxr5yLzcUSE2a8apcli%2FIj%2BoEwdJJLyZG%2Bp61qGI5v%2FJSxab2LMiSNTYnTBStdt8KxgHF69%2BXMflk2bzxxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f05d3131e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cvpro.min.js Show response
securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/js/ 161 KB
46 KB 89ms
80ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/js/cvpro.min.js?ver=6.3.0.1

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f33880a7bc942dd2f2218dec8e129e44ba5bf999e793805ff7200cae46917bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576432
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Fri, 12 Apr 2024 02:59:37 GMT
server: cloudflare
etag: W/"6618a399-2831e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OyjLxuxEJn2xn%2BnTj1MEHAYzJAT2EVDMCLNBtTpzgQhMNQG%2BffGH8XOOEjKCaiUdR2aIJWkrrnWjxIKMDLKF0SDjW6DAStUtu6HKl%2BEvji840sEe0lQFarLmemqre8dXYU3MdI8rPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f05d3331e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cv.js Show response
securityboulevard.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/ 23 KB
7 KB 268ms
258ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js?ver=4.0

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88162132623e7768a9f1b350854c1e805bc55beba3709d2e285e4f434674fca2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Sat, 27 Jul 2024 16:40:47 GMT
server: cloudflare
etag: W/"66a5230f-5cf3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EVLIg9aSPHyI%2FfWgD8pnGqnM7UrtJiWd%2BeTHPtSL5evcmPREgIewfxnkS1Fl0ogbnLkTNfZfRdBXEUkPr9l25U1Bah7LBejaOPuDdfAPQdZjMV6JJLyEEEjKWTl6iEflV571qxT9yBXnIxB97RSFeHdIVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f05d3431e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 161 KB
0 205ms
205ms Script
text/javascript 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2091799172090865

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

fa9e64cf02aa8623cfba0cd734068aed4c1ceb354d4314de36409f73f625c041

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
Origin: https://securityboulevard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53017
x-xss-protection: 0
server: cafe
etag: 15520815709031542047
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 10 Sep 2024 08:58:09 GMT

GET
H3 200 v2.js Show response
js.hsforms.net/forms/ 483 KB
157 KB 103ms
54ms Script
application/javascript 104.18.141.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.141.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69f9f19bd433b1317c2e2adf4b0d99a7655e6d878b35a970a5311227c6ad0a04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
x-evy-trace-route-service-name: envoyset-translator
age: 34
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5999/bundles/project-v2.js&cfRay=8bd6881529e10cb0-IAD
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"6baa082bb753a0d6d6e8a595ed1a8003"
vary: accept-encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.5999/bundles/project-v2.js
date: Tue, 10 Sep 2024 08:58:09 GMT
via: 1.1 6b29c936420d116b13807604a0e67044.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: AFaf8mWb39Qooe1K5qzICbDOfESNQB7s
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 2b617210-7634-4229-b448-da409ec84c4d
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 2b617210-7634-4229-b448-da409ec84c4d
last-modified: Tue, 03 Sep 2024 14:36:36 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ED8Bp6HnfHz77MbEtcn5l6JAXJNSCU9UV%2BkxSkiUcYY0%2FKgg3%2FNIwMU6BJ5YHccp3ea0KBcYFPK5ImBWOwGRbVDlxlilTYo1smYHn1Yn6m6%2Fu2tbwRTlgmJtAU7SCgQJ"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-wmpd8
cf-ray: 8c0e36f06ea33376-MIA
x-amz-cf-id: Z0vfvnTaIcwBmdbnpDNH8xE33QZd2fkOIzHWP74Dz2iLcfv1-ek_1A==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 100 KB
32 KB 233ms
93ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f7e490d17ebf809a460ec752c1d37047f5f0aaa54f974da6a440010d70629c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31927
x-xss-protection: 0
server: cafe
etag: 669 / 19976 / m202409050101 / config-hash: 10275488054267259761
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 10 Sep 2024 08:58:09 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 161 KB
52 KB 207ms
89ms Script
text/javascript 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2091799172090865&host=ca-host-pub-2644536267352236

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

c10cb13e4214f7de52c329d84219ebb0a4ef491a9bc28a81a6059c2c9c27fd5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
Origin: https://securityboulevard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53010
x-xss-protection: 0
pragma: no-cache
server: cafe
etag: 18211507587763872718
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 323 KB
106 KB 134ms
127ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FB70FYBEHB

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1ab82940daf0430a4ba90ded905ef1ad9cd6739cea9a222df0c5f0ce89355249

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 108512
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 10 Sep 2024 08:58:09 GMT

GET
H2 200 loadmore.min.js Show response
securityboulevard.com/wp-content/themes/colormag-pro/js/ 1 KB
867 B 87ms
80ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/themes/colormag-pro/js/loadmore.min.js?ver=6.6.1

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

534c262276166217d4ea9b047de9addc67bdab27d749899d098935a58d65940f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576432
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Thu, 22 Jul 2021 21:09:07 GMT
server: cloudflare
etag: W/"60f9de73-470"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WE%2FCaWN2ROHF3K2%2BYCiVWrQQctbxGNXmJAUqo4paQZgvEzLcGDTAKJr2GC01kZIXk%2BC7nPnUSWMS7JEiU5bekJuDa%2B46s5KGIEF3dy3NWdvNbb%2FaWstikK946V1giTtmqaIhVfTpXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f05d3531e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 PopupBuilder.js Show response
securityboulevard.com/wp-content/plugins/popup-builder/public/js/ 64 KB
14 KB 95ms
88ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/popup-builder/public/js/PopupBuilder.js?ver=4.2.7

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68d9cda3dc9625560bbe531dc199dbdaee5e954a6766d1eb3a1933048e4d7f1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-edge: v=20.2.8;mv=3.1.0
age: 576432
cf-polished: origSize=82073
ki-origin: g1p
ki-edge-o2o: yes
cf-bgj: minify
last-modified: Tue, 03 Sep 2024 16:12:03 GMT
server: cloudflare
etag: W/"66d73553-14099"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=39YiNNIHTBhJH%2Bb%2BxSuiU5D7%2FG1kzL1l3PTpj8eZ4B4KUXBjkVF4aH6HZarpEFb1e3sjlJy%2F9%2Fm21kyT%2FDOrzvYo%2Bl44BDoz4ztJuxq1CxKbmbYCRoXvRscGmazz1Bcz727e%2BzzHtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f05d3631e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 PopupConfig.js Show response
securityboulevard.com/wp-content/plugins/popup-builder/public/js/ 6 KB
2 KB 92ms
85ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/popup-builder/public/js/PopupConfig.js?ver=4.2.7

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fe8c79d67b21039a5d059ef40761950fb76e1d17933d61509f7eb3c68f5aeeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-edge: v=20.2.8;mv=3.1.0
age: 576431
ki-origin: g1p
ki-edge-o2o: yes
cf-bgj: minify
last-modified: Tue, 03 Sep 2024 16:12:03 GMT
server: cloudflare
etag: W/"66d73553-177a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yPNtdUyduTNDCi80qGecJwVXhHSwkz5eVPo5lZp%2BPodgtVK1xBZ%2FGS6WlrIvK68C5lzEFr3VKTyJWtrX%2FDYdLRHDaEOxHme30nB1T4ySEUFCqqftZHF4zAW64j0vOrWTOB7lyvp%2F2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f05d3731e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Popup.js Show response
securityboulevard.com/wp-content/plugins/popup-builder/public/js/ 38 KB
9 KB 97ms
91ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/popup-builder/public/js/Popup.js?ver=4.2.7

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

618a2ea4b0144dc806e4f9cce420a3b4f271d5436d364bfc1192ab74c578c26b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-edge: v=20.2.8;mv=3.1.0
age: 576431
cf-polished: origSize=38940
ki-origin: g1p
ki-edge-o2o: yes
cf-bgj: minify
last-modified: Tue, 03 Sep 2024 16:12:03 GMT
server: cloudflare
etag: W/"66d73553-981c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2OMHDXP2nD1MPPOOPYigKSuWhtwWPvbGNOCDQ59vHS74dIUiDtLEaHGpIyBGMO9UGdM9xcpAi8REFGGgKj77tmYXO3DRPf%2FPdJuxV1WoT15zp5yjyy0Jkeoxe5vWEDUfPxrf9tvGLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f05d3831e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gpoll.min.js Show response
securityboulevard.com/wp-content/plugins/gravityformspolls/js/ 9 KB
3 KB 92ms
86ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/gravityformspolls/js/gpoll.min.js?ver=4.2.0

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

319099c980bb5b741508861ac4209006cc3e4e6fd184672fb16136cff48145a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576431
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Sun, 03 Dec 2023 15:43:47 GMT
server: cloudflare
etag: W/"656ca233-22d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rvaxREoWub5VpZ35fwj1CyQ3ashYePLQfU8l0T1UrLohAGH9t8ccW3Qpt5LDs4cp9y%2FVcRUp9PelopasTtq8xMTzQT0mqwQqyAtVNnTPn%2BflFWz%2F1uZFf6Wpp9PtvcTZ18v1N6s2dw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f05d3931e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 utils.min.js Show response
securityboulevard.com/wp-content/plugins/gravityforms/assets/js/dist/ 38 KB
12 KB 89ms
83ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/gravityforms/assets/js/dist/utils.min.js?ver=50c7bea9c2320e16728e44ae9fde5f26

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05a02a17f79ea82224a296d1b3067e36ae3440fca4172aead3b8fee4a4cfe770

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576431
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Sat, 27 Jul 2024 16:41:19 GMT
server: cloudflare
etag: W/"66a5232f-97ad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nVisN2QH9xAc301submzu9I19CXqPO%2BlI3HQp2EKoKG35gLisAHw%2BqogHPV7Hy%2BNswl3wZzFtMZwjSFpqpdStu69tYZEc1Z4LRCeXEQ0zaK3miBNMmfolMaJ6POIMvU00JZw4pM7jA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f05d3a31e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 conditional_logic.min.js Show response
securityboulevard.com/wp-content/plugins/gravityforms/js/ 9 KB
3 KB 91ms
85ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/gravityforms/js/conditional_logic.min.js?ver=2.8.14

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b5b0187242aa0d8873c91877a0c55ec72c66eaffeea0742ca065ad26f52cd89

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576432
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Sat, 27 Jul 2024 16:41:19 GMT
server: cloudflare
etag: W/"66a5232f-2573"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Acoa70OXckIWtRU2%2Fe4iv%2Fz0PxhBsUqvxqB0y72vaNXiSSVgXFcIH6wBZEThBPXT1PQf%2F%2FN0ShtRVlKGU%2BElyWxZvnhb4nUPcdjPwUSYf1PUpA6lOcCDseazM567C3f3v5ZIR5jsCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f05d3b31e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 page_conditional_logic.min.js Show response
securityboulevard.com/wp-content/plugins/gravityforms/js/ 5 KB
2 KB 94ms
89ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/gravityforms/js/page_conditional_logic.min.js?ver=2.8.14

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f288cc1ee3de88550592e3ea99695d159dd5e8634ffdcb1b98ef5efdf083a106

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576432
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Sat, 27 Jul 2024 16:41:19 GMT
server: cloudflare
etag: W/"66a5232f-13bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z%2F1O4oj1DNZeKb3k4%2BKTxkAxYmjzF7Mk%2FgUdZUrJF%2BmO93VQCesDvF%2F5Nj%2FmpCaDSLLs1HjqLEliq5pTY%2B6eDTjNdhlcBsrGNN7ZimGolsKNBO6ulbSd3JrZqhKktlZIDCfKPDNK1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f05d3c31e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gravityforms.min.js Show response
securityboulevard.com/wp-content/plugins/gravityforms/js/ 46 KB
14 KB 95ms
89ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.8.14

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

154817f0d937e5e7fc5970a56687464e84d690e15e530d8e3f189869280c43e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576431
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Sat, 27 Jul 2024 16:41:19 GMT
server: cloudflare
etag: W/"66a5232f-b690"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UvbHi2clf%2BSZKZC%2F%2Bk7ScQsZ%2FirHlYJ0FinFWFW5F6TFulWh9hdI7AV7ax7ZlMHfe8rAfZ%2Bs0sViZ%2BEcgaTkG12%2B1rZHJJizYgtiYnHNXWuncBpjN2mr7Y66kRwCI%2B9UbHPpys9t8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f05d3d31e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.json.min.js Show response
securityboulevard.com/wp-content/plugins/gravityforms/js/ 2 KB
1 KB 91ms
86ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.8.14

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

998a575c7b376128a98e6d67e29c42e1726aac3489cf2c0b2aaebf6f6ad0b546

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576431
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Sat, 27 Jul 2024 16:41:19 GMT
server: cloudflare
etag: W/"66a5232f-72c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jV7vW6LqfC%2BUS7xzC2ol3H0h%2BYdD71CL7yB154%2BUXTkmxl8KvGbw%2B7KoHf0bqQ3TX%2BJGSlaggFF63%2FUXgzatmBFlEy01O4I0qgElwNrXDPPe3%2F%2FWQmiQ3o4kPRqJTcMDqW27wjH1HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f05d3e31e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 custom.js Show response
securityboulevard.com/wp-content/plugins/devops_core/assets/ 1 KB
954 B 97ms
92ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/devops_core/assets/custom.js?ver=6.6.1

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e9217a20b1f4bec7ec61cb0d3b1ae23a759df26ac6856f15d57e841caa4f0a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-edge: v=20.2.8;mv=3.1.0
age: 576432
cf-polished: origSize=2913
ki-origin: g1p
ki-edge-o2o: yes
cf-bgj: minify
last-modified: Thu, 22 Jul 2021 21:09:18 GMT
server: cloudflare
etag: W/"60f9de7e-b61"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tK3Wfg6MvNj74gw1b9NTbB71XJC%2BSA4XVRGTbcUTzhhYIkj2cPu0pUSQbhQC51zoRCalzOksQE4KaA81g31J1gPVpwhgEfoy%2B2TAhkWUWnxTEIoSUpl%2Bm%2BFJ8b2DXL3XIjfCERtZAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f05d3f31e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 isotope.pkgd.min.js Show response
securityboulevard.com/wp-content/plugins/devops_core/assets/ 34 KB
10 KB 92ms
87ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/devops_core/assets/isotope.pkgd.min.js?ver=6.6.1

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f96151453bf5b861219fab32920589c930580c4f1c427f2e023e7429e7e9f482

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576432
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Thu, 22 Jul 2021 21:09:18 GMT
server: cloudflare
etag: W/"60f9de7e-89f1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BY8%2Fe9Wm%2BlYPASBnWjsV54%2BIM7u26i%2BBfMnAzISWYRIJPxR4LFJ5DNPLzHJq7OJE6BPibO9ns2mVETg7P1eYfThvM0TUh9jkUGKma7viJu69XFP6stZTi8W1ue0qjAjHVldzlzOGTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f05d4031e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 owl.carousel.min.js Show response
securityboulevard.com/wp-content/plugins/devops_core/assets/ 42 KB
11 KB 96ms
91ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/devops_core/assets/owl.carousel.min.js?ver=6.6.1

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576431
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Thu, 22 Jul 2021 21:09:18 GMT
server: cloudflare
etag: W/"60f9de7e-a70e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sts%2F9YrO9%2FMFIMoCCO8BYiSb6s4VEsiJyse9TRMqJZiJA9UKSEpRMqxl%2BiaV26%2FjWBiP5jOQE4VuwWYP6A8sgncso36RCeWrodSCNBxJ8jihBEFrWdfhuQGerfV3ZEdSik6XHt1RVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f05d4131e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 list.min.js Show response
securityboulevard.com/wp-content/plugins/devops_core/assets/ 18 KB
6 KB 93ms
89ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/devops_core/assets/list.min.js?ver=6.6.1

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62a388a7833280dc7dfe5716af9969711f3c2a2fcc34c5af249907d1e2be7c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576432
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Thu, 22 Jul 2021 21:09:18 GMT
server: cloudflare
etag: W/"60f9de7e-46b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y3613Pe6l32eT482gxeLxaUNrttAo8Hl9JS9fym%2Ffx2mTOfTEni7CckH7IHcfNMxUKhESYwwSWvvcS%2BEtXAN6v6HRBFGY7CNpz4eqAS5aJTrR2ETgi85a%2B6f%2BSUE23UpnP%2FFzO2e6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f05d4231e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 addtoany.min.js Show response
securityboulevard.com/wp-content/plugins/add-to-any/ 129 B
467 B 95ms
91ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 529801
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Sat, 27 Jul 2024 16:39:48 GMT
server: cloudflare
etag: W/"66a522d4-81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B35%2FmqbsesjD%2BDL%2BXwpqnXuvWq8t2vwHPUhqDPkKchwhLpG8RPd5Kr%2FAt8lAzd3ObMt6uzS1gP6%2B76VmfkB%2F56Knxsd%2BVV5KAlbfnp0V17FSPfQIQ1xew3SG4SX1pYBqWid4ug2uaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f05d4331e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
securityboulevard.com/wp-includes/js/jquery/ 13 KB
5 KB 91ms
87ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576431
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Fri, 08 Sep 2023 23:54:07 GMT
server: cloudflare
etag: W/"64fbb41f-3509"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AGBfGMLgTY4LdGFNfzxvc3Hz8LPl5ONpGMCabZI%2BpFbCtd1CT3sfGkVJYJCUYYvrBGD3S1%2Be5CcD9D62Ikl9MTcOVLyfzatxdBCq5YZpAiw7F%2FSdsMk4K9j%2BgH27Vgfp3oqzpBFt0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36f05d4431e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 103ms
53ms Script
application/javascript 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ebe2359f7106a99a4d5f17f482ca7efe495dcc7090fb121f56f8cf0055d562e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24227
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"b57737a151d7fd411c90e2eb8cdb171e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q0BtoCCp2606VTy0XV%2B0kX3X58QY2XillW8PSiJGZQIZxLv4%2B2Cd9%2BRhCCek%2FnPm6Vv%2BzemfTPe%2B7zuQz9s6UND9a6s0y043lhld0M54Vf4wSSBtVg9CoT5xG7Vf2fcKYmEK1veL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-ray: 8c0e36f06eab3376-MIA

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 201ms
62ms Script
text/javascript 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 12:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Sep 2025 12:30:26 GMT

GET
H2 200 tag.aspx Show response
ml314.com/ 38 KB
38 KB 129ms
61ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?98
Requested by: Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d0e12af8c4e560fe89643639e0c3ed4dc76125c62adeb2879b761d73dbaecf50

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:04:24 GMT
via: 1.1 google
age: 3225
x-guploader-uploadid: AD-8ljvBajbgbxgssVvlpX-ha9ZqRN5VOE-UbHhCD1PD06FQnEi4C-S4EJcgrkJ6BbHczji_iLflK5cGyQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39162
last-modified: Wed, 24 Jul 2024 19:30:50 GMT
server: UploadServer
etag: "632616ff15825f030aab3391a58ef042"
x-goog-generation: 1721849450340665
x-goog-hash: crc32c=6sDw2Q==, md5=YyYW/xWCXwMKqzORpY7wQg==
content-type: application/javascript
cache-id: MIA-ebd516a
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 39162
accept-ranges: bytes

OPTIONS
H2 200 track_request
aplo-evnt.com/api/v1/intent_pixel/ Frame 0
0 150ms
69ms Preflight 34.107.133.146
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://aplo-evnt.com/api/v1/intent_pixel/track_request?app_id=66323a9f5cdfe70439fa011d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.133.146 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 146.133.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://securityboulevard.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
access-control-max-age: 7200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache
content-length: 0
date: Tue, 10 Sep 2024 08:58:09 GMT
server: nginx
status: 200 OK
via: 1.1 google

POST
H2 204 track_request
aplo-evnt.com/api/v1/intent_pixel/ 0
0 83ms
78ms Fetch 34.107.133.146
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://aplo-evnt.com/api/v1/intent_pixel/track_request?app_id=66323a9f5cdfe70439fa011d

Requested by

Host: assets.apollo.io
URL: https://assets.apollo.io/micro/website-tracker/tracker.iife.js?nocache=pcyiec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.133.146 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

146.133.107.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' chrome-extension://alhgpfoeiimagjlnfekdhkjlkiomcapa chrome-extension://ececkagaccnfmkopaiemklekhoimmgpn .salesforce.com .lightning.force.com
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' chrome-extension://alhgpfoeiimagjlnfekdhkjlkiomcapa chrome-extension://ececkagaccnfmkopaiemklekhoimmgpn *.salesforce.com *.lightning.force.com
via: 1.1 google
server: nginx
vary: Origin
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
status: 204 No Content
x-transaction-id: 693ebb331eeddcc22bddffa96d73bd7b
cache-control: no-cache
access-control-allow-origin: *
x-frame-options: ALLOWALL
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 254ms
122ms Fetch
text/plain 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-5EVV7GV4Q5&gtm=45je4940v876171631z8850968773za200zb850968773&_p=1725958688801&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1395742400.1725958689&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1725958689&sct=1&seg=0&dl=https%3A%2F%2Fsecurityboulevard.com%2F2022%2F05%2Fanalysis-of-blackbyte-ransomwares-go-based-variants%2F&dt=Analysis%20of%20BlackByte%20Ransomware%27s%20Go-Based%20Variants%20-%20Security%20Boulevard&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1687
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5EVV7GV4Q5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Sep 2024 08:58:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securityboulevard.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.45/ 64 KB
27 KB 67ms
64ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.45/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/j1vwi9tiia
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 264532af47b2cfb6620970592478c442a0cd429beccead9d062ff5a91284dc15

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: br
last-modified: Wed, 04 Sep 2024 20:13:15 GMT
etag: W/"0x8DCCD1E024BB9EF"
vary: Accept-Encoding
x-azure-ref: 20240910T085809Z-185fd9c9b46np5t6md1d17pv7w0000000k80000000009tq0
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 3be94dea-d01e-006a-1825-fff6f3000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

POST
H2 204 collect
analytics.google.com/g/ 0
0 388ms
50ms Fetch
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-FB70FYBEHB&gtm=45je4940v873694773z8850968773za200zb850968773&_p=1725958688801&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1395742400.1725958689&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1725958689&sct=1&seg=0&dl=https%3A%2F%2Fsecurityboulevard.com%2F2022%2F05%2Fanalysis-of-blackbyte-ransomwares-go-based-variants%2F&dt=Analysis%20of%20BlackByte%20Ransomware%27s%20Go-Based%20Variants%20-%20Security%20Boulevard&en=page_view&_fv=1&_ss=1&ep.Post_Category=Postsbn&tfd=1779
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FB70FYBEHB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Sep 2024 08:58:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securityboulevard.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
258 B 192ms
68ms Ping
text/plain 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FB70FYBEHB&cid=1395742400.1725958689&gtm=45je4940v873694773z8850968773za200zb850968773&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FB70FYBEHB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Sep 2024 08:58:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securityboulevard.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 0B70 0
0 220ms
83ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-FB70FYBEHB&gacid=1395742400.1725958689&gtm=45je4940v873694773z8850968773za200zb850968773&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=531789472

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FB70FYBEHB&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Sep 2024 08:58:09 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 utsync.ashx Show response
ml314.com/ 684 B
1 KB 75ms
74ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=89831&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fsecurityboulevard.com%2F2022%2F05%2Fanalysis-of-blackbyte-ransomwares-go-based-variants%2F&pv=1725958689618_6mysaj7rn&bl=en-us&cb=4728555&return=&ht=&d=&dc=&si=1725958689618_6mysaj7rn&cid=&s=1600x1200&rp=&v=2.7.4.212
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?982024
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 88c27a96e2eb7d4d096a155f227ca88494d9f9694e0897df5e871bf682fec611

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Sep 2024 08:58:09 GMT
via: 1.1 google
server: Google Frontend
content-type: application/javascript
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ 20 B
482 B 345ms
121ms Script
application/javascript 54.164.233.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=982024&v=2.7.4.212
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?982024
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.233.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-233-65.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 10 Sep 2024 08:58:09 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
Content-Length: 138
Expires: Wed, 11 Sep 2024 08:58:09 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
570 B 188ms
118ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 10FCC4EC099F41F6B23DCA02151737B3 Ref B: MIA301000104017 Ref C: 2024-09-10T08:58:09Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://securityboulevard.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYhwBKZj30hRj9jbooqbA==

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409090101/ 415 KB
139 KB 104ms
103ms Script
text/javascript 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409090101/show_ads_impl_fy2021.js?bust=31086926

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2091799172090865

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

5b9bdd7c7f58fac396b5aab537d9e8ebc4523a637d302f5f6a7d900dc8b399b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142648
x-xss-protection: 0
server: cafe
etag: 7724881470051202975
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 Sep 2024 08:58:09 GMT

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
760 B 146ms
83ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=5140001&time=1725958689689&url=https%3A%2F%2Fsecurityboulevard.com%2F2022%2F05%2Fanalysis-of-blackbyte-ransomwares-go-based-variants%2F&tm=gtmv2
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: *
Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: gzip
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 70F61EB991CA47508D2865AE8252934C Ref B: MIAEDGE2622 Ref C: 2024-09-10T08:58:09Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-ltx1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYhwBKaFEDgvqVfoggsyA==
x-fs-uuid: 000621c0129a1440e0bea55fa2082cc8

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5140001&time=1725958689689&li_adsId=f87c1b04-d458-4f09-8666-c2842a809bd1&url=https%3A%2F%2Fsecurityboulevard.com%2F2022%2F05%2Fanalysis-of-blackby...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5140001&time=1725958689689&li_adsId=f87c1b04-d458-4f09-8666-c2842a809bd1&url=https%3A%2F%2Fsecurityboulevard.com%2F2022%2F05%2Fanalysis-of-blackby...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D5140001%26time%3D1725958689689%26li_adsId%3Df87c1b04-d458-4f09-8666-c2842a809bd1%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5140001&time=1725958689689&li_adsId=f87c1b04-d458-4f09-8666-c2842a809bd1&url=https%3A%2F%2Fsecurityboulevard.com%2F2022%2F05%2Fanalysis-of-blackby...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5140001&time=1725958689689&li_adsId=f87c1b04-d458-4f09-8666-c2842a809bd1&url=https%3A%2F%2Fsecurityboulevard.com%2F2022%2F05%2Fanalysis-of-blackb...

0
705 B

228ms
132ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5140001&time=1725958689689&li_adsId=f87c1b04-d458-4f09-8666-c2842a809bd1&url=https%3A%2F%2Fsecurityboulevard.com%2F2022%2F05%2Fanalysis-of-blackbyte-ransomwares-go-based-variants%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJ36bvlJX_R7AAAAZHbJ5WERvdJCrMjM0AZgOt6sc_CLUdtiCOSzrbHVJ_MZ9ryzuGHWNY
Requested by: Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:10 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 10610F1EBF4A4BD7BC704B4BF3597DB5 Ref B: MIAEDGE1705 Ref C: 2024-09-10T08:58:10Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/javascript
x-li-fabric: prod-lor1
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYhwBKjYZTZQ0haqDZYEw==

Redirect headers

date: Tue, 10 Sep 2024 08:58:09 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: B0194399513242FE9D4EB5E56C29FE6C Ref B: MIA301000104017 Ref C: 2024-09-10T08:58:10Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5140001&time=1725958689689&li_adsId=f87c1b04-d458-4f09-8666-c2842a809bd1&url=https%3A%2F%2Fsecurityboulevard.com%2F2022%2F05%2Fanalysis-of-blackbyte-ransomwares-go-based-variants%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJ36bvlJX_R7AAAAZHbJ5WERvdJCrMjM0AZgOt6sc_CLUdtiCOSzrbHVJ_MZ9ryzuGHWNY
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYhwBKf8shhg6nWNEWPDg==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
93 B 75ms
74ms XHR
text/plain 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1059855683&t=pageview&_s=1&dl=https%3A%2F%2Fsecurityboulevard.com%2F2022%2F05%2Fanalysis-of-blackbyte-ransomwares-go-based-variants%2F&ul=en-us&de=UTF-8&dt=Analysis%20of%20BlackByte%20Ransomware%27s%20Go-Based%20Variants%20-%20Security%20Boulevard&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=956838867&gjid=1848169423&cid=1395742400.1725958689&tid=UA-106313158-1&_gid=1709341656.1725958690&_r=1&_slc=1&gtm=45He4940n815VL4PHQv850968773za200&cg2=sbn&cd1=Javier%20Vicente&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&z=606101112

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 Sep 2024 08:58:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securityboulevard.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
83 B 75ms
75ms XHR
text/plain 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1059855683&t=pageview&_s=1&dl=https%3A%2F%2Fsecurityboulevard.com%2F2022%2F05%2Fanalysis-of-blackbyte-ransomwares-go-based-variants%2F&ul=en-us&de=UTF-8&dt=Analysis%20of%20BlackByte%20Ransomware%27s%20Go-Based%20Variants%20-%20Security%20Boulevard&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=649591082&gjid=106544776&cid=1395742400.1725958689&tid=UA-48656547-8&_gid=1709341656.1725958690&_r=1&_slc=1&gtm=45He4940n815VL4PHQv850968773za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&z=894479116

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9bd1d0c032a074ffb5a644e365d70da64fd2cffe4980b46e3c6a4159ecf0881a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 Sep 2024 08:58:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securityboulevard.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

demconf.jpg
dpm.demdex.net/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3646908348266184740&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3646908348266184740&redir=

42 B
716 B

64ms
59ms

Image
image/gif

3.228.127.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3646908348266184740&redir=

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Server

3.228.127.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-228-127-100.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-va6-1-v064-0533d5563.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Tue, 10 Sep 2024 08:58:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: ZedorCpuR2Q=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-va6-1-v064-0d5084578.edge-va6.demdex.com 0 ms
pragma: no-cache
date: Tue, 10 Sep 2024 08:58:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: fCWHQsgbT5s=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3646908348266184740&redir=
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3

200

csync.ashx
ml314.com/
Redirect Chain

https://idsync.rlcdn.com/395886.gif?partner_uid=3646908348266184740
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzY0NjkwODM0ODI2NjE4NDc0MBAAGg0IoZSAtwYSBQjoBxAAQgBKAA
https://ml314.com/csync.ashx?fp=c374f54ac024fd0568b5545a604e2cf762ff5795691500b7b2625e6bd85799d4f4cb09cee1a4f8eb&person_id=3646908348266184740&eid=50082

43 B
56 B

73ms
73ms

Image
image/gif

34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=c374f54ac024fd0568b5545a604e2cf762ff5795691500b7b2625e6bd85799d4f4cb09cee1a4f8eb&person_id=3646908348266184740&eid=50082
Requested by: Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
Protocol: H3
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-type: image/gif
date: Tue, 10 Sep 2024 08:58:10 GMT
via: 1.1 google
server: Google Frontend
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 11 Sep 2024 08:58:10 GMT

Redirect headers

date: Tue, 10 Sep 2024 08:58:09 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=c374f54ac024fd0568b5545a604e2cf762ff5795691500b7b2625e6bd85799d4f4cb09cee1a4f8eb&person_id=3646908348266184740&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

utsync.ashx
ml314.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=c1f5ff8d-a33b-4f05-b439-654215500ef9&gdpr=0&gdpr_consent=

43 B
61 B

77ms
75ms

Image
image/gif

34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/utsync.ashx?eid=53819&et=0&fp=c1f5ff8d-a33b-4f05-b439-654215500ef9&gdpr=0&gdpr_consent=
Requested by: Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
Protocol: H3
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Sep 2024 08:58:10 GMT
via: 1.1 google
server: Google Frontend
content-type: image/gif
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0,Wed, 11 Sep 2024 08:58:10 GMT

Redirect headers

location: https://ml314.com/utsync.ashx?eid=53819&et=0&fp=c1f5ff8d-a33b-4f05-b439-654215500ef9&gdpr=0&gdpr_consent=
date: Tue, 10 Sep 2024 08:58:09 GMT
server: Kestrel
content-length: 241

GET
H3

200

csync.ashx
ml314.com/
Redirect Chain

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3646908348266184740
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3646908348266184740
https://ml314.com/csync.ashx?fp=1888987b7cef81c207d2c8ebfda072e4&eid=50146&person_id=3646908348266184740

43 B
56 B

83ms
81ms

Image
image/gif

34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=1888987b7cef81c207d2c8ebfda072e4&eid=50146&person_id=3646908348266184740
Requested by: Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
Protocol: H3
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-type: image/gif
date: Tue, 10 Sep 2024 08:58:10 GMT
via: 1.1 google
server: Google Frontend
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 11 Sep 2024 08:58:10 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Sep 2024 08:58:10 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ml314.com/csync.ashx?fp=1888987b7cef81c207d2c8ebfda072e4&eid=50146&person_id=3646908348266184740
cache-control: no-cache
x-server: 10.40.48.110
content-length: 0
expires: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2WTwQCGlg2svaa2p27RzeHq2hnZ_TKi-vHTlsrHu-44w&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_p...
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20

70 B
440 B

64ms
63ms

Image
image/gif

52.3.138.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Requested by: Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
Protocol: HTTP/1.1
Server: 52.3.138.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-138-212.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Date: Tue, 10 Sep 2024 08:58:10 GMT
Content-Length: 70
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 10 Sep 2024 08:58:10 GMT
via: 1.1 google
server: Google Frontend
content-type: image/gif
location: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
x-cloud-trace-context: f128674cbd9d23e2c7429932f8161263
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: 0,Wed, 11 Sep 2024 08:58:10 GMT

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
285 B 179ms
61ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.45/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://securityboulevard.com
Date: Tue, 10 Sep 2024 08:58:09 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 264 KB
93 KB 99ms
98ms Script
application/javascript 142.251.40.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R6WDMEKGWJ&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.136 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

04fa40ad1ba29039cd270b17dec6abae3f155409c333fdd0c925ebb7f98bf1e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95086
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 10 Sep 2024 08:58:09 GMT

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240905/r20110914/ Frame 93A3 0
0 182ms
61ms Document
text/html 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240905/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409090101/show_ads_impl_fy2021.js?bust=31086926

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age: 1890
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Sep 2024 08:26:40 GMT
etag: 5947459844715414650
expires: Tue, 24 Sep 2024 08:26:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 3D03 0
0 262ms
185ms Document
text/html 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2091799172090865&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1725958689&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fsecurityboulevard.com%2F2022%2F05%2Fanalysis-of-blackbyte-ransomwares-go-based-variants%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&aihb=0&asro=0&ailel=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=32_25~29_18~30_19&aiixl=32_9~29_5~30_6&aslmct=0.7&asamct=0.7&aifgd=1&aipaq=1&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725958689683&bpp=4&bdt=1431&idt=203&shv=r20240905&mjsv=m202409090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=4622505989818&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086865%2C44795922%2C95332926%2C95338227%2C95341664%2C31086926%2C95335247&oid=2&pvsid=2716687733465037&tmod=1118629986&uas=0&nvt=1&fsapi=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=254

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409090101/show_ads_impl_fy2021.js?bust=31086926

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 1978
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Sep 2024 08:58:10 GMT
expires: Tue, 10 Sep 2024 08:58:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
285 B 197ms
124ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.45/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://securityboulevard.com
Date: Tue, 10 Sep 2024 08:58:10 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 ca-pub-2091799172090865 Show response
fundingchoicesmessages.google.com/i/ 206 KB
68 KB 539ms
96ms Script
application/javascript 142.251.40.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-2091799172090865?href=https%3A%2F%2Fsecurityboulevard.com%2F2022%2F05%2Fanalysis-of-blackbyte-ransomwares-go-based-variants&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409090101/show_ads_impl_fy2021.js?bust=31086926

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

ESF /

Resource Hash

6b56424b3ae865d060b7daedd69321918ccf212d0f9c74251e03861a5d39812c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-8_EJ0WUnVFf9I7EKNfognA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:10 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-8_EJ0WUnVFf9I7EKNfognA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw1pBiOHHrNtMFID7vdIfpOhBLfH3JpAXETukzWEOAuPXmOdbpQJz07zxrCRC7a11k9QfiJREXWY8kXmQ1VLjE6gzE99ddYn0OxHs_XmI9CsRCPByLpjRsZxM4cazjDpOSRlJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalG8kYGRiYGlgYWegVl8gQEAHP5AYA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxUw9BU0Yo1z1tMbgdNGilYM7tT_QR33r9F9w8m2gK9SqoOA3kG-FQxg8Y7ehPEzoPyGjzERd_XFvdzsZLTatcYsN44TEFPe-oGlJWJkOnS2ykyT3R7nJPgtwxVOWI-8V1j4Q4hDQA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 100ms
94ms Script
application/javascript 142.251.40.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUw9BU0Yo1z1tMbgdNGilYM7tT_QR33r9F9w8m2gK9SqoOA3kG-FQxg8Y7ehPEzoPyGjzERd_XFvdzsZLTatcYsN44TEFPe-oGlJWJkOnS2ykyT3R7nJPgtwxVOWI-8V1j4Q4hDQA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI1OTU4NjkwLDkyNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9zZWN1cml0eWJvdWxldmFyZC5jb20vMjAyMi8wNS9hbmFseXNpcy1vZi1ibGFja2J5dGUtcmFuc29td2FyZXMtZ28tYmFzZWQtdmFyaWFudHMvIixudWxsLFtbOCwiZHFvRC1TZEEtR1EiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.dqoD-SdA-GQ.es5.O/am=SDA/d=1/rs=AJlcJMyQxcauci_Xn88ezIvoyROd690Nvw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

ESF /

Resource Hash

a22cbeed3355b5779f5a26036f3706ff7a71981d3c930f54a9dbb9fd2c74c67f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3ZVYeuZiWrw8FjTWQ_P2tQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:10 GMT
content-security-policy: script-src 'report-sample' 'nonce-3ZVYeuZiWrw8FjTWQ_P2tQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmII0pBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B-IlERdZjyReZDVUuMTqDMT3111ifQ7Eez9eYj0KxEI8HIumNGxnE1hx--AdZiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTA0sDCz0Ds_gCAwBV6zuI"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxVvOuFJN2gUQHwnFUx8o3JzWRdLdLfx6xZfPiz85uGGsoApBpH1lzWl_iQNXAQRUy54aeRspodUVcUiSeHoDEITPDotQv0cVIzad57RZH_HJ82Eu1eFY_OkZB6TFFk8JKEmezxBEA== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 92ms
92ms Script
application/javascript 142.251.40.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVvOuFJN2gUQHwnFUx8o3JzWRdLdLfx6xZfPiz85uGGsoApBpH1lzWl_iQNXAQRUy54aeRspodUVcUiSeHoDEITPDotQv0cVIzad57RZH_HJ82Eu1eFY_OkZB6TFFk8JKEmezxBEA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI1OTU4NjkxLDU3MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw5XSxudWxsLDIsbnVsbCwiZW4iXSwiaHR0cHM6Ly9zZWN1cml0eWJvdWxldmFyZC5jb20vMjAyMi8wNS9hbmFseXNpcy1vZi1ibGFja2J5dGUtcmFuc29td2FyZXMtZ28tYmFzZWQtdmFyaWFudHMvIixudWxsLFtbOCwiZHFvRC1TZEEtR1EiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

ESF /

Resource Hash

692876a0cbadd3dfd313c330437f1e1c9c977d18ffdd61ef2c3b2dda7dce88b9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3Yr2kiA2NumETrNNTu2jyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:11 GMT
content-security-policy: script-src 'report-sample' 'nonce-3Yr2kiA2NumETrNNTu2jyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmLw0ZBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B-IlERdZjyReZDVUuMTqDMT3111ifQ7Eez9eYj0KxELcHIunNGxnE7jwv8dUSSMpvzA-OT-vpCgzqbQkvygtOS21OLWoLLUo3sjAyMTA0sBCz8AsvsAAAA1YOu8"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET 8c669a73-bf36-4e3f-a40f-c66d7409b891
https://securityboulevard.com/ Frame 0
0

GET
H2 200 android-chrome-256x256-1-32x32.png
securityboulevard.com/wp-content/uploads/2021/10/ 916 B
1 KB 41ms
41ms Other
image/webp 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-content/uploads/2021/10/android-chrome-256x256-1-32x32.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9477347715e11007b443bf2be67df96a108b575f76c4ddb6ca18d8b2fcf39b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-edge: v=20.2.8;mv=3.1.0
age: 576432
cf-polished: origFmt=png, origSize=1357
ki-origin: g1p
content-disposition: inline; filename="android-chrome-256x256-1-32x32.webp"
content-length: 916
ki-edge-o2o: yes
cf-bgj: imgq:85,h2pri
last-modified: Tue, 05 Oct 2021 21:59:29 GMT
server: cloudflare
etag: "615ccac1-54d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=biT8QJiBMFRdQfZGWd%2FWlIoZZGJmEdQsL9rr8ifVL4TA6rDCSpOAftiKh31bOhOeGQMDgmCq7VIGIann3jZDT%2F16FVR7Nx8dj8wVAwQ6Qq%2F5z6Yn%2Bc8mD6nrM%2BU9%2BWU9j4b2C9kl6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
accept-ranges: bytes
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36fbe9a931e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
0 50ms
48ms Fetch
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-FB70FYBEHB&gtm=45je4940v873694773z8850968773za200zb850968773&_p=1725958688801&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1395742400.1725958689&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&sid=1725958689&sct=1&seg=0&dl=https%3A%2F%2Fsecurityboulevard.com%2F2022%2F05%2Fanalysis-of-blackbyte-ransomwares-go-based-variants%2F&dt=Analysis%20of%20BlackByte%20Ransomware%27s%20Go-Based%20Variants%20-%20Security%20Boulevard&_s=2&tfd=3409
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FB70FYBEHB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 10 Sep 2024 08:58:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securityboulevard.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 161 KB
0 0ms
0ms Script
text/javascript 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2091799172090865

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

fa9e64cf02aa8623cfba0cd734068aed4c1ceb354d4314de36409f73f625c041

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
Origin: https://securityboulevard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53017
x-xss-protection: 0
server: cafe
etag: 15520815709031542047
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 10 Sep 2024 08:58:09 GMT

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 727E 0
0 232ms
231ms Document
text/html 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2091799172090865&output=html&h=280&slotname=8723094367&adk=2100128681&adf=3364220164&pi=t.ma~as.8723094367&w=789&abgtt=6&fwrn=4&fwrnh=100&lmt=1725958691&rafmt=1&format=789x280&url=https%3A%2F%2Fsecurityboulevard.com%2F2022%2F05%2Fanalysis-of-blackbyte-ransomwares-go-based-variants%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725958691219&bpp=6&bdt=2967&idt=-M&shv=r20240905&mjsv=m202409090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4622505989818&frm=20&pv=1&u_tz=-600&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086865%2C44795922%2C95332926%2C95338227%2C95341664%2C31086926%2C95335247&oid=2&pvsid=2716687733465037&tmod=1118629986&uas=0&nvt=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409090101/show_ads_impl_fy2021.js?bust=31086926

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 17008
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Sep 2024 08:58:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 66D9 0
0 326ms
325ms Document
text/html 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2091799172090865&output=html&h=600&slotname=6041677438&adk=1737941811&adf=2400985084&pi=t.ma~as.6041677438&w=285&abgtt=6&fwrn=4&fwrnh=100&lmt=1725958691&rafmt=1&format=285x600&url=https%3A%2F%2Fsecurityboulevard.com%2F2022%2F05%2Fanalysis-of-blackbyte-ransomwares-go-based-variants%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725958691219&bpp=1&bdt=2967&idt=1&shv=r20240905&mjsv=m202409090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C789x280&nras=1&correlator=4622505989818&frm=20&pv=1&u_tz=-600&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1085&ady=1702&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086865%2C44795922%2C95332926%2C95338227%2C95341664%2C31086926%2C95335247&oid=2&pvsid=2716687733465037&tmod=1118629986&uas=0&nvt=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=58

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409090101/show_ads_impl_fy2021.js?bust=31086926

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 15688
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Sep 2024 08:58:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409050101/ 475 KB
148 KB 196ms
59ms Script
text/javascript 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409050101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

cafe /

Resource Hash

9fd2f63c1c9cb94ccd7d258e81648758206f1a581780a73c30e657af74b6e3f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:15:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2580
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 151712
x-xss-protection: 0
server: cafe
etag: 16156987026240680160
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 10 Sep 2025 08:15:11 GMT

GET
H3 200 json Show response
forms.hsforms.com/embed/v3/form/1628905/4b9a2bbd-665c-447b-81df-233280dc689e/ 3 KB
2 KB 139ms
86ms XHR
application/json 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/1628905/4b9a2bbd-665c-447b-81df-233280dc689e/json?hs_static_app=forms-embed&hs_static_app_version=1.5999&X-HubSpot-Static-App-Info=forms-embed-1.5999

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee10126a435e8dadc4421d2eb3fcef0c36b2cc9fb7568e4b5c6fca3be4676a86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-origin-hublet: na1
date: Tue, 10 Sep 2024 08:58:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: ffae434e-df04-4533-8d6d-087f81626777
x-envoy-upstream-service-time: 12
alt-svc: h3=":443"; ma=86400
content-length: 1421
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ffae434e-df04-4533-8d6d-087f81626777
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://securityboulevard.com
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 8c0e36fd6b6b74b2-MIA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-rhz77

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 8253 0
0 212ms
212ms Document
text/html 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2091799172090865&output=html&h=600&slotname=8224400918&adk=4154946611&adf=2555830777&pi=t.ma~as.8224400918&w=285&abgtt=6&fwrn=4&fwrnh=100&lmt=1725958691&rafmt=1&format=285x600&url=https%3A%2F%2Fsecurityboulevard.com%2F2022%2F05%2Fanalysis-of-blackbyte-ransomwares-go-based-variants%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725958691356&bpp=2&bdt=3104&idt=2&shv=r20240905&mjsv=m202409090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C789x280%2C285x600&nras=1&correlator=4622505989818&frm=20&pv=1&u_tz=-600&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1085&ady=2465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086865%2C44795922%2C95332926%2C95338227%2C95341664%2C31086926%2C95335247&oid=2&pvsid=2716687733465037&tmod=1118629986&uas=0&nvt=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=21

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409090101/show_ads_impl_fy2021.js?bust=31086926

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 15305
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Sep 2024 08:58:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 jquery.mousewheel.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/ 3 KB
2 KB 41ms
40ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 262704
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1046
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-ad3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KdQnTxyrt7SsVSs2VDj66NgNjgqBlaZ1kEvodwkhKeVx6cgsVs79705%2Bc4B9ANQ7r7h%2Bg0sMI2RaH0bIE445HmDZzxAX6hmXYWnKwIRz4mbGfDKlO4I43aUDeCxfHWjF8kwFgDZh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8c0e36fe1eada554-MIA
expires: Sun, 31 Aug 2025 08:58:11 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 139ms
31ms Script
application/javascript 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: securityboulevard.com
URL: https://securityboulevard.com/wp-content/plugins/jetpack/_inc/build/twitter-timeline.min.js?ver=4.0.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mid/8769) /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 10 Sep 2024 08:58:11 GMT
Content-Encoding: gzip
Age: 436
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27597
Last-Modified: Mon, 11 Dec 2023 17:20:28 GMT
Server: ECS (mid/8769)
Etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 33ms
31ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=133346385&post=1922728&tz=-4&srv=securityboulevard.com&j=1%3A13.6&host=securityboulevard.com&ref=&fcp=1411&rand=0.1342665369779592
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 10 Sep 2024 08:58:11 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 46ms
45ms Script
application/javascript 104.16.160.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=1.0.0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

785d3e9ea187b7242e1a4365a48c3fd95dd7a469245d24c6769b8d46c4ef4b81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:11 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2472
etag: W/"7e91359b46e1da637080a03b759164fa"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8c0e36fe5dfe749b-MIA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Fri, 13 Sep 2024 08:58:11 GMT

GET
H3 200 sm.25.html
static.addtoany.com/menu/ Frame B25F 0
0 73ms
40ms Document
text/html 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.25.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 8867
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 8c0e36fe9bf76dd1-MIA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 10 Sep 2024 08:58:11 GMT
last-modified: Tue, 10 Sep 2024 06:30:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bxciwgyIAfS7w%2Ff17xw2YejuQ1naZwNeyKjAUvdK4FSa1zt7DJ1FcVaWkMClkDbw9Toc0ndfcbSYZFiVUJtiWPmdcRBUJoNTlUf971L0H%2FaL40vlAd3QMVvSD6226MTQEAWO32ocpKjPwBcrCkxxNmxq"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 core.D0Uc7kY6.js Show response
static.addtoany.com/menu/modules/ 70 KB
26 KB 81ms
45ms Script
application/javascript 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.D0Uc7kY6.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d07ac60d7d494f8688e4844d51b988f6a2f95b5e9435880e628eb8966e091382

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/
Origin: https://securityboulevard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18997
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"6fea96ea56ee4fff557b8776f9c8c3a6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lz272dN6cCT7cxTKhwjmXEcQSC6En9bFLU8CjndcJ732PyWpT6GLohnCX2ZNKPkLp%2F8zC5k1tk3s0O%2BYftzIQ6YRGoC826asd8aUs16ajLfetw1ZFGfehcvEGua0JH3flYtif3Ij"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 8c0e36fe9f1b31d7-MIA

GET
H2 200 hovercards.min.css
0.gravatar.com/js/hovercards/ 4 KB
1 KB 41ms
32ms Stylesheet
text/css 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://0.gravatar.com/js/hovercards/hovercards.min.css?ver=0.8.0-1

Requested by

Host: secure.gravatar.com
URL: https://secure.gravatar.com/js/gprofiles.js?ver=202437

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4dc4b084ef936f389a16afec35651270dec229425176c8a76cf24257226ca4ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:11 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
last-modified: Thu, 20 Jun 2024 16:31:59 GMT
server: nginx
etag: W/"6674597f-e29"
content-type: text/css
cache-control: max-age=604800
alt-svc: h3=":443"; ma=86400
expires: Tue, 17 Sep 2024 08:58:11 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 90ms
88ms XHR
application/json 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240905&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409090101/show_ads_impl_fy2021.js?bust=31086926

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

f2ee30d6092b562e98ee9db9c7a6a39ec2546117279552180d49f30d7268f794

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13000
x-xss-protection: 0

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
882 B 122ms
74ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: b024e75c-f201-4b02-8074-2ace0abd6b40
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b024e75c-f201-4b02-8074-2ace0abd6b40
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-vmskt
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 8c0e36fefeca7461-MIA

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=9230F4D1211F4E2D96DE59A1191130C2&RedC=c.clarity.ms&MXFR=0F3AF9A9B6706A392944ED5FB270644D
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9230F4D1211F4E2D96DE59A1191130C2&MUID=07FB0D02E9B965E32C8419F4E8C264CF

42 B
443 B

55ms
55ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9230F4D1211F4E2D96DE59A1191130C2&MUID=07FB0D02E9B965E32C8419F4E8C264CF
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Sep 2024 08:58:11 GMT
last-modified: Wed, 14 Aug 2024 17:35:32 GMT
server: Microsoft-IIS/10.0
etag: "bb391b5d70eeda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 10 Sep 2024 08:58:11 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 055EA648E98E4815A5820FD9B4158D6C Ref B: MIA301000105033 Ref C: 2024-09-10T08:58:11Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9230F4D1211F4E2D96DE59A1191130C2&MUID=07FB0D02E9B965E32C8419F4E8C264CF
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 wp-emoji-release.min.js Show response
securityboulevard.com/wp-includes/js/ 18 KB
5 KB 42ms
40ms Script
application/javascript 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/wp-includes/js/wp-emoji-release.min.js?ver=6.6.1

Requested by

Host: securityboulevard.com
URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576430
ki-origin: g1p
ki-edge-o2o: yes
last-modified: Fri, 12 Apr 2024 03:05:55 GMT
server: cloudflare
etag: W/"6618a513-4926"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DBkwXQDr6FRgDwob%2FrXDbfoSnFYEM0PWVZc2T7jlt%2Frv%2B7ZJ7K%2B5N7NXeRXgZ8mHwUjXo%2BB0YNQUjF4djc2FU%2B8gFTXivfVAdP8t4KD8e8nsEjztmXhYciaplwDK%2F9CFs6Oxm%2B2etQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
ki-cache-type: None
ki-cf-cache-status: BYPASS
cf-ray: 8c0e36feaab731e0-MIA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame D1F0 0
0 517ms
515ms Document
text/html 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 17141
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Sep 2024 08:58:12 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK embed
vimeo.com/event/4046309/ Frame 82BE 0
0 580ms
580ms Document
text/html 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vimeo.com/event/4046309/embed?muted=1

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://securityboulevard.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Age: 0
CF-Cache-Status: DYNAMIC
CF-Ray: 8c0e36ff5cfca540-MIA
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 10 Sep 2024 08:58:12 GMT
Expires: Tue, 10 Sep 2024 09:13:12 GMT
Server: cloudflare
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Vary: User-Agent,Accept-Encoding, X-Geo-Vary-Group,x-http-method-override
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
x-backend-proxy: webproxy14
x-bapp-server: pweb-5f5d8c447f-tt24w
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-iad-kjyo7100052-IAD, cache-mia-kmia1760066-MIA
x-timer: S1725958692.752458,VS0,VE527
x-ua-compatible: IE=edge
x-varnish-cache: 0
x-vimeo-device: d
x-vserver: web-varnish-prod-varnish-13
x-xss-protection: 1; mode=block

GET
H2 200 /
www.podbean.com/player-v2/ Frame BFE5 0
0 0ms
0ms Document
text/html 2606:4700:10::6816:ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:ca , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8c0e36efef90dacd-MIA
content-encoding: br
content-type: text/html
date: Tue, 10 Sep 2024 08:58:09 GMT
last-modified: Mon, 09 Sep 2024 03:03:47 GMT
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 1785 0
0 374ms
369ms Document
text/html 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 15517
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Sep 2024 08:58:12 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame F592 0
0 282ms
278ms Document
text/html 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 409
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Sep 2024 08:58:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 rum Show response
securityboulevard.com/cdn-cgi/ 0
163 B 34ms
33ms XHR
text/plain 2606:4700:10::6816:39c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityboulevard.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Tue, 10 Sep 2024 08:58:11 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://securityboulevard.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8c0e36ffab0131e0-MIA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 224ms
91ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409090101/show_ads_impl_fy2021.js?bust=31086926

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 10 Sep 2024 08:58:11 GMT

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
538 B 100ms
99ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 7ac92e78-b842-41a9-aa1a-f8dc5902d56a
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 7ac92e78-b842-41a9-aa1a-f8dc5902d56a
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-xlvpp
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 8c0e36ffcf117461-MIA

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 4346 0
0 188ms
59ms Document
text/html 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1184
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 29531
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 Sep 2024 08:38:28 GMT
expires: Tue, 10 Sep 2024 09:28:28 GMT
last-modified: Mon, 09 Sep 2024 19:45:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 782 B
362 B 126ms
124ms Fetch
text/plain 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2716687733465037&correlator=3308138965407912&eid=31079956%2C31083344%2C31085777%2C31085995%2C31086223&output=ldjh&gdfp_req=1&vrg=202409050101&ptt=17&impl=fif&gdpr=0&iu_parts=80877830%2CSB_Leaderboard&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=6&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1725958691845&lmt=1725958691&adxs=642&adys=74&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fsecurityboulevard.com%2F2022%2F05%2Fanalysis-of-blackbyte-ransomwares-go-based-variants%2F&vis=1&psz=728x50&msz=728x50&fws=4&ohw=1600&td=1&egid=57023&tan=dd2103e7-1eb1-4dcc-8962-cb0920b08158&tdf=2&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1725958688252&idt=3550&cust_params=category%3D%253C%253Fphp%2520echo%2520%2524category%255B0%255D-%253Ecategory_nicename%253B%2520%253F%253E%26subcategory%3D%253C%253Fphp%2520echo%2520%2524category%255B1%255D-%253Ecategory_nicename%253B%2520%253F%253E%26homepage%3D%253C%253Fphp%2520echo%2520%2524home%2520%253F%2520%27Yes%27%2520%253A%2520%27No%27%253B%2520%253F%253E%26test%3D%253C%253Fphp%2520echo%2520%2524_GET%255B%27test%27%255D%253B%2520%253F%253E&adks=1864732613&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

cafe /

Resource Hash

f131f8100c804592bc8fecf0664b782b568fdf5362fb5a14f568b6234b6241e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 333
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityboulevard.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 778 B
367 B 118ms
113ms Fetch
text/plain 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2716687733465037&correlator=3308138965407912&eid=31079956%2C31083344%2C31085777%2C31085995%2C31086223&output=ldjh&gdfp_req=1&vrg=202409050101&ptt=17&impl=fif&gdpr=0&iu_parts=80877830%2CSB_Medium&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=7&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1725958691856&lmt=1725958691&adxs=1085&adys=3641&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fsecurityboulevard.com%2F2022%2F05%2Fanalysis-of-blackbyte-ransomwares-go-based-variants%2F&vis=1&psz=285x0&msz=285x0&fws=4&ohw=1600&td=1&egid=57023&tan=dd2103e7-1eb1-4dcc-8962-cb0920b08159&tdf=2&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1725958688252&idt=3550&cust_params=category%3D%253C%253Fphp%2520echo%2520%2524category%255B0%255D-%253Ecategory_nicename%253B%2520%253F%253E%26subcategory%3D%253C%253Fphp%2520echo%2520%2524category%255B1%255D-%253Ecategory_nicename%253B%2520%253F%253E%26homepage%3D%253C%253Fphp%2520echo%2520%2524home%2520%253F%2520%27Yes%27%2520%253A%2520%27No%27%253B%2520%253F%253E%26test%3D%253C%253Fphp%2520echo%2520%2524_GET%255B%27test%27%255D%253B%2520%253F%253E&adks=1292373282&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

cafe /

Resource Hash

33166bd3a4a54777435dc6f05b0b9cfbc4e94bde0bfa46468cd5a7d25c48cc0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 338
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityboulevard.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 771 B
358 B 157ms
139ms Fetch
text/plain 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2716687733465037&correlator=3308138965407912&eid=31079956%2C31083344%2C31085777%2C31085995%2C31086223&output=ldjh&gdfp_req=1&vrg=202409050101&ptt=17&impl=fif&gdpr=0&iu_parts=80877830%2CSB_OOP&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=8&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1725958691859&lmt=1725958691&adxs=0&adys=26291&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fsecurityboulevard.com%2F2022%2F05%2Fanalysis-of-blackbyte-ransomwares-go-based-variants%2F&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&td=1&egid=57023&tan=dd2103e7-1eb1-4dcc-8962-cb0920b0815a&tdf=2&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1725958688252&idt=3550&cust_params=category%3D%253C%253Fphp%2520echo%2520%2524category%255B0%255D-%253Ecategory_nicename%253B%2520%253F%253E%26subcategory%3D%253C%253Fphp%2520echo%2520%2524category%255B1%255D-%253Ecategory_nicename%253B%2520%253F%253E%26homepage%3D%253C%253Fphp%2520echo%2520%2524home%2520%253F%2520%27Yes%27%2520%253A%2520%27No%27%253B%2520%253F%253E%26test%3D%253C%253Fphp%2520echo%2520%2524_GET%255B%27test%27%255D%253B%2520%253F%253E&adks=3570421002&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

cafe /

Resource Hash

55b0ec08baaa8216a5bd84b32c0bde4d063020dd1569d5a4dbeae6c92abf64fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityboulevard.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
5c5cd254ec7fff17826118106680e7ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 14C7 0
0 663ms
244ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5c5cd254ec7fff17826118106680e7ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 Sep 2024 08:58:12 GMT
expires: Tue, 10 Sep 2024 08:58:12 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 web Show response
onesignal.com/api/v1/sync/2a5b19ce-fd37-41d6-a5e8-693d5a580b3e/ 3 KB
2 KB 112ms
65ms Script
text/javascript 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/2a5b19ce-fd37-41d6-a5e8-693d5a580b3e/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

deb07f693d85095efba35b7bfcdec31eb7319e0e467b6267014f1114ecdf8261

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:11 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
cf-polished: origSize=3405
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 7742ae10-8b4a-4650-adb0-17ce71d17d5f
x-runtime: 0.035839
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"7d7f0735598820e3902023b6d56f0ac7"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 8c0e3700babcdafd-MIA
access-control-allow-headers: SDK-Version
expires: Tue, 10 Sep 2024 09:58:11 GMT

GET
H/1.1 200
OK widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame CCB0 0
0 119ms
32ms Document
text/html 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fsecurityboulevard.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mid/877B) /
Resource Hash

Request headers

Referer: https://securityboulevard.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 10346825
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Tue, 10 Sep 2024 08:58:12 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:49 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mid/877B)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H3 200 twitter.js Show response
static.addtoany.com/menu/svg/icons/ 645 B
934 B 42ms
42ms Script
application/javascript 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/twitter.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.D0Uc7kY6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3003867b66a32c12fdafeefc27cf06d906e5a99ba275550ab757f4bb04834636

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.D0Uc7kY6.js
Origin: https://securityboulevard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18997
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"af2b829f9b79fabec7c0148a8b7e444b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K1v4uCI4U4U0KwW6AjCpPs7%2FvhWd03PMJG3V4L%2FhfmE0q%2FLmITnz7SmJZkYxG0RrdlyTZNZj8kiVmLjT7JoP4fCeI%2BLJABB0mCBCQrQlPaNwDWNEDaHfMKRwFrnFwpLl6fb9VfJgwy3HDqPWP5af3Xia"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 8c0e3700b86a31d7-MIA

GET
H3 200 linkedin.js Show response
static.addtoany.com/menu/svg/icons/ 435 B
835 B 43ms
43ms Script
application/javascript 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/linkedin.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.D0Uc7kY6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce5dbb2cdb85126fdc9d774971a56f8848dbee977a382bd512a5f8b49ea8c727

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.D0Uc7kY6.js
Origin: https://securityboulevard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26192
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"00b1b78053ab07c79bfea2e5a1db9d70"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nzvc7GUDRmEDiGNXlSHKyriY%2FT2dg8dqEYP53i5T2j27q8qtFi3bBcEgptn8A4i14RwP5sErq8moa6c3sf10CKUdSu5KNFgwb0nt%2FyfNB323HeyH%2B9tYJx48V%2B%2BCypDg8tK3aSKVGiEO3eD3znXZ6vT2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 8c0e3700b86d31d7-MIA

GET
H3 200 facebook.js Show response
static.addtoany.com/menu/svg/icons/ 429 B
836 B 43ms
42ms Script
application/javascript 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/facebook.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.D0Uc7kY6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b475960843a5619b907af1f0a89e3136bd5e6a4a700ec78cb417f302647cf49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.D0Uc7kY6.js
Origin: https://securityboulevard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18997
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"68925fa8e347041c6006837e73c518bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=171sKgyLCXgzP8FsUVW7KhDUGvnO6pDJMAKVkYArWByQ9IFlsR4xRN2t17iXUyILn5WBPWqdJubS5EL0nSVnDi%2FP8GOxNm4qpfFN6oqSAsoujV2oOpNiz3is%2Figr%2Bu8noCWycTEtAtdhwACVRdeQl0Lg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 8c0e3700c86f31d7-MIA

GET
H3 200 reddit.js Show response
static.addtoany.com/menu/svg/icons/ 893 B
998 B 49ms
47ms Script
application/javascript 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/reddit.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.D0Uc7kY6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68ed9b82b62d45cf5d12587a7e9566a4ddeb94d69bcb225e9e3c7268c76b3cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.D0Uc7kY6.js
Origin: https://securityboulevard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18997
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"1fe5b5008de689ce6464d7bcb07e742c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IltwQruCD%2FVUYgSLbZuPcS7n4U4NY6PmAMDbYYyyDJVbF33vUXzDnECuCSJz2AUK1KJPdswPPXlub8sXpiZjgcFQLe%2BsPpgB%2B0JCVhbB4wy31q1n5uztFImXupCHOl5KIvPHb09onrN%2BiKsfiq0TNI4y"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 8c0e3700c87131d7-MIA

GET
H3 200 email.js Show response
static.addtoany.com/menu/svg/icons/ 415 B
831 B 47ms
46ms Script
application/javascript 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/email.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.D0Uc7kY6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d432ad1988efa5b258294f52dae3d1b4c10660aec15e49017e21a1ee74bfd453

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.D0Uc7kY6.js
Origin: https://securityboulevard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18997
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"eb2119ad4221a9d01abc336e06962867"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z9S5TteJ7kLbIdblVPx1uY0VS%2Bbc26d3YJKoVn0j5QLBR%2BOieo8z3EavvNEHKt2FbB1%2FWhxKDnjA%2B%2FBDP8fmRmM30KPfXj3fbJ3vmTG9o945vUhC1fHfK2bM6pXYI4K%2BiIJAxJ3YlBacH6Ifvpkckg1f"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 8c0e3700c87231d7-MIA

GET
H3 200 a2a.js Show response
static.addtoany.com/menu/svg/icons/ 182 B
693 B 45ms
45ms Script
application/javascript 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/a2a.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.D0Uc7kY6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dab93242ee573bbcfc22c9d15acd47794e500ed44e6bd48a35400b39d65aa43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.D0Uc7kY6.js
Origin: https://securityboulevard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18997
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"0aca4ea1e5f8f250126a8e0c597dd969"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IR72yJ5ww47TYjyTOD03xejFT1Ub6BrEzTZ%2F%2FHkC7X4grtOXzPcGHUGTSuefmAsu7btLQT%2BHaVLxh9USY4VIhIihqPwujcQqH9KrUiFUzQxEqFwVJcUl8XAK3T6u%2FBBadEDfwpSUGqbbiSD2DpEEUYT6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 8c0e3700c87331d7-MIA

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E855 0
0 63ms
62ms Document
text/html 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1414
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 Sep 2024 08:34:38 GMT
expires: Wed, 10 Sep 2025 08:34:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 8105 0
0 86ms
85ms Document
text/html 142.251.40.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.164 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Vxpd2BtRygWn9ZrRzsLLQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Vxpd2BtRygWn9ZrRzsLLQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Tue, 10 Sep 2024 08:58:12 GMT
expires: Tue, 10 Sep 2024 08:58:12 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
285 B 171ms
157ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.45/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://securityboulevard.com
Date: Tue, 10 Sep 2024 08:58:12 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 44ms
43ms Stylesheet
text/css 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:12 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1349
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8c0e3701fb33dafd-MIA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Thu, 10 Oct 2024 08:58:12 GMT

GET
H3 200 n4403ad. Show response
fundingchoicesmessages.google.com/f/AGSKWxX2H47fOrAY1F0ZUk-F1y0eOglJ1DMM-3tf_FO1j2Sg7Rso11dw_QCQ5r_fi7iinOlQY3CsoHhqC_e27ScZkT6Jn75TyvIOA_NDaVwp8HmxlQ_lFS2RISQKuo1CF_vfoURxQkG7h7rXl0MxyCWuHJ0CXfFgM... 54 B
108 B 84ms
83ms Script
application/javascript 142.251.40.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX2H47fOrAY1F0ZUk-F1y0eOglJ1DMM-3tf_FO1j2Sg7Rso11dw_QCQ5r_fi7iinOlQY3CsoHhqC_e27ScZkT6Jn75TyvIOA_NDaVwp8HmxlQ_lFS2RISQKuo1CF_vfoURxQkG7h7rXl0MxyCWuHJ0CXfFgM9adBJy0T7fBIwCswnl8usxWKl7Wdif4/_/banner-adv-/adspd._ad_renderer_/336x280_/n4403ad.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.dqoD-SdA-GQ.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxV__RwFjxaUZBehR06M6oCEkEl1Q/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

ESF /

Resource Hash

7f71e018a9a827bc2f0977097fbb91b6163cd928390c8743730045e0587fe0d2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Dj89MihLL9CMl3XlVNIpxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:12 GMT
content-security-policy: script-src 'report-sample' 'nonce-Dj89MihLL9CMl3XlVNIpxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitHikmLw1JBiUAjbyXTe6Q7TdSCW-PqSSQuIndJnsIYAcevNc6zTgTjp33nWEiB217rI6g_ESyIush5JvMhqqHCJ1RmI76-7xPociPd-vMR6FIiFuDmWTGnYzibw4-TDOCWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTA0sDCz0Ds_gCAwDKKTyS"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
67 B 60ms
59ms Script
text/javascript 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:19:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2320
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Sep 2024 08:19:32 GMT

POST
H3 204 AGSKWxXrjCCWdpkYk53FXvwXmEnftDZIJdNStdMJT2JrrX7lkTr_kuC0kCxIA5ErNEUhq-PkvID4aN-ZMKYCTLgft6Kg2p6CyATEpbYTeu58Y0yfifZBtYXd6kHBb2EB824rhPrvjuxkPw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 204ms
83ms XHR
text/html 142.251.40.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXrjCCWdpkYk53FXvwXmEnftDZIJdNStdMJT2JrrX7lkTr_kuC0kCxIA5ErNEUhq-PkvID4aN-ZMKYCTLgft6Kg2p6CyATEpbYTeu58Y0yfifZBtYXd6kHBb2EB824rhPrvjuxkPw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-lrlRdCJX5fesIVxE8VGLCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 10 Sep 2024 08:58:12 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-lrlRdCJX5fesIVxE8VGLCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0JBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDiWTGnYziawYf_TGYxKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTA0sBCz8A8vsAAAESNLdw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://securityboulevard.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/2a5b19ce-fd37-41d6-a5e8-693d5a580b3e/ 184 B
762 B 226ms
193ms Fetch
application/json 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/2a5b19ce-fd37-41d6-a5e8-693d5a580b3e/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

297ba0fd2c33be9b8f9e85897adf5b3b86ab7864116c483b4bcdbcf651e71005

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:12 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: b8345c64-04de-4fb9-842a-2b95359a6364
x-runtime: 0.288160
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"297ba0fd2c33be9b8f9e85897adf5b3b"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept, Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 8c0e37028c1631e0-MIA
access-control-allow-headers: SDK-Version

POST
H3 204 collect
analytics.google.com/g/ 0
0 45ms
45ms Fetch
text/plain 216.239.32.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-FB70FYBEHB&gtm=45je4940v873694773za200zb850968773&_p=1725958688801&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=10000&tag_exp=0&gdid=dZTNiMT&cid=1395742400.1725958689&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EAAC&_s=3&sid=1725958689&sct=1&seg=1&dl=https%3A%2F%2Fsecurityboulevard.com%2F2022%2F05%2Fanalysis-of-blackbyte-ransomwares-go-based-variants%2F&dt=Analysis%20of%20BlackByte%20Ransomware%27s%20Go-Based%20Variants%20-%20Security%20Boulevard&en=page_view&_ee=1&_et=1580&tfd=4417
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FB70FYBEHB&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Sep 2024 08:58:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securityboulevard.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXrjCCWdpkYk53FXvwXmEnftDZIJdNStdMJT2JrrX7lkTr_kuC0kCxIA5ErNEUhq-PkvID4aN-ZMKYCTLgft6Kg2p6CyATEpbYTeu58Y0yfifZBtYXd6kHBb2EB824rhPrvjuxkPw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IVhRcStJJEgWfAXkX6BPLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 10 Sep 2024 08:58:12 GMT
content-security-policy: script-src 'report-sample' 'nonce-IVhRcStJJEgWfAXkX6BPLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw1JBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDiWTGnYzibw4vCMGYxKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTA0sBCz8A8vsAAAECgLcw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://securityboulevard.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXrjCCWdpkYk53FXvwXmEnftDZIJdNStdMJT2JrrX7lkTr_kuC0kCxIA5ErNEUhq-PkvID4aN-ZMKYCTLgft6Kg2p6CyATEpbYTeu58Y0yfifZBtYXd6kHBb2EB824rhPrvjuxkPw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YrUf4q98Gs09aRD15QMW9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 10 Sep 2024 08:58:12 GMT
content-security-policy: script-src 'report-sample' 'nonce-YrUf4q98Gs09aRD15QMW9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw1ZBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDiWTGnYziaw4dfvGYxKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTA0sBCz8A8vsAAAFp5Lio"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://securityboulevard.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXrjCCWdpkYk53FXvwXmEnftDZIJdNStdMJT2JrrX7lkTr_kuC0kCxIA5ErNEUhq-PkvID4aN-ZMKYCTLgft6Kg2p6CyATEpbYTeu58Y0yfifZBtYXd6kHBb2EB824rhPrvjuxkPw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-djwT5DmzOVvW1iRIb4a_ug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 10 Sep 2024 08:58:12 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-djwT5DmzOVvW1iRIb4a_ug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw05BicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDiWTGnYziZwYe3S6YxKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTA0sBCz8A8vsAAADVBLac"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://securityboulevard.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVxNBP-VZTZDoJNldLBgJf93V8agf6mb_niMyZdSyaX8D4e-63SFr4ude7O2wDfhZVj0sBclSjXEw9URRZoXmSm9TWdCVjBY47BOzz__ymY16Ohto4USNjbHGJBSM2MmaMn0a0ovQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 99ms
98ms Script
application/javascript 142.251.40.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVxNBP-VZTZDoJNldLBgJf93V8agf6mb_niMyZdSyaX8D4e-63SFr4ude7O2wDfhZVj0sBclSjXEw9URRZoXmSm9TWdCVjBY47BOzz__ymY16Ohto4USNjbHGJBSM2MmaMn0a0ovQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI1OTU4NjkyLDI0MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9zZWN1cml0eWJvdWxldmFyZC5jb20vMjAyMi8wNS9hbmFseXNpcy1vZi1ibGFja2J5dGUtcmFuc29td2FyZXMtZ28tYmFzZWQtdmFyaWFudHMvIixudWxsLFtbOCwiZHFvRC1TZEEtR1EiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

ESF /

Resource Hash

6858ac46192ff7ccf7b6405668bf93e37e092d1607999abcb6907d8e7287ef3f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6PJPXEG8JUgENZbRhn2fNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 08:58:12 GMT
content-security-policy: script-src 'report-sample' 'nonce-6PJPXEG8JUgENZbRhn2fNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmLw0pBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B-IlERdZjyReZDVUuMTqDMT3111ifQ7Eez9eYj0KxEI8HEumNGxnE-j48ribUUkjKb8wPjk_r6QoM6m0JL8oLTkttTi1qCy1KN7IwMjEwNLAQs_ALL7AAABISztK"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXgkNnjAi-X46CsvPZhezKwBBEVufIuWC0zO2kij64ZPrFjAFBmgWP9z7J-lEDmvIesqNhFxJZv8oE063h_sg6GM2M8nIrS0tGoqgc4lRaxPoN0SmHABgaB7JhP92mrBa8UBJz3ng== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 83ms
82ms XHR
text/html 142.251.40.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXgkNnjAi-X46CsvPZhezKwBBEVufIuWC0zO2kij64ZPrFjAFBmgWP9z7J-lEDmvIesqNhFxJZv8oE063h_sg6GM2M8nIrS0tGoqgc4lRaxPoN0SmHABgaB7JhP92mrBa8UBJz3ng==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Q28Jm-g7XZeT9hMCW6YGGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 10 Sep 2024 08:58:12 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Q28Jm-g7XZeT9hMCW6YGGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0JBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDiWTGnYziYwYW7DLkYll6T8wvjk_LyS1LwS3cSUYl0QuygzqbQkvwiFnVoGUpGTn56emZceb2RgZGJgaWChZ2AeX2AAABpcLU8"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://securityboulevard.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXrjCCWdpkYk53FXvwXmEnftDZIJdNStdMJT2JrrX7lkTr_kuC0kCxIA5ErNEUhq-PkvID4aN-ZMKYCTLgft6Kg2p6CyATEpbYTeu58Y0yfifZBtYXd6kHBb2EB824rhPrvjuxkPw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Z61kSfjL803agZL-WsJojQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 10 Sep 2024 08:58:12 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Z61kSfjL803agZL-WsJojQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw1pBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDiWTGnYziZw4fSa3YxKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTA0sBCz8A8vsAAAExkLfU"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://securityboulevard.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 2123c787-03d7-45cf-a5e7-6d80231ec354
img.onesignal.com/permanent/ 13 KB
14 KB 61ms
44ms Image
application/octet-stream 104.16.160.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.onesignal.com/permanent/2123c787-03d7-45cf-a5e7-6d80231ec354

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f08f50720b2d6b5d1bba8663b3ad20e2da80102ac493f7f3c3278f901019d480

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://securityboulevard.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-goog-encryption-kms-key-name: projects/core-infra-onesignal/locations/europe-west4/keyRings/keyring-kms-onesignal/cryptoKeys/img-persistence-bucket-onesignal/cryptoKeyVersions/1
date: Tue, 10 Sep 2024 08:58:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 718
x-guploader-uploadid: ACJd0NpksyntMKzaSRkRgPqN8p5cd69FZ7eiZJuNMpA7ejm89JFFIMtdbQkkVT-yduOCtaCE9gNomhrKcw
x-goog-meta-x-goog-source-etag: "20495719753576cab39c06bb1f83b075"
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 13470
pragma: no-cache
last-modified: Tue, 14 Feb 2023 03:12:26 GMT
server: cloudflare
etag: "-CN/EvaqFlP0CEAE="
vary: Origin, Accept-Encoding
x-goog-generation: 1676344346763871
content-type: application/octet-stream
x-goog-hash: crc32c=Zjz3Xw==, md5=IElXGXU1dsqznAa7H4OwdQ==
cache-control: public, max-age=2678400
x-goog-meta-cache-control: public, maxage=604800
x-goog-stored-content-length: 13470
accept-ranges: bytes
cf-ray: 8c0e3703d8c0749b-MIA
expires: Fri, 11 Oct 2024 08:58:12 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: securityboulevard.com
URL: blob:https://securityboulevard.com/8c669a73-bf36-4e3f-a40f-c66d7409b891

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240905&jk=2716687733465037&bg=!LyylLGPNAAYJ21f7Kds7ADQBe5WfOOwXSgg3TdfKkpTOs5tUS0RP8-fD7NbLp3YwNPaXf_gRqm5ls_M1xeFvFqu17RhlAgAAAH5SAAAAA2gBB34ANvhCqvQyuQqjjZ9QeDSOUFez-rRecYBOlY0RIqvk4PjskGLUFTquBxItej3XLXo8NdYbgx_ODZkCuLQ-H9XoUEXWZx23QglkU6u6LZ83qSkP2Ogj1MK9vhk3Ywh954n8k9uB7NwZQCN8upkdm9REopvGbCp8fnuD0t7DrYyLQ-vJcam3CMDpWuvAUtVIs5PT3dWpVkhRcoaJCwKQugliGkbRXntmQS0buo1nTNLVZAlbjZIOnWR7oLbxQ5t3YsrOjjGbSYGEnCVL4cKsLLeSBi48bZ5y4GpTBErgrVpHiWyYWJnx2dW-FWghQ5YvYENC5l5JkK1DDnsQbhUBphjNRhPCBkSBZl07URGpchTWOaAGV59gzw03guFmnixDewFrV1fM35kyacICcrplOL9f8YqXAdOL2TK5I6-J1eZQPov4oGw0ESV6okKLeB01SLii74WAEJCELcouFCYgBZoWkbhFS5zfVlEbAzyj8a9M4xr5ZaDN8x8VnX3z-6_sRhIQREaGh8RaTvVF-ZGBntXV7HS1tNMBo4Gurteu8YQFF2JI5amd9iD89UwM7jIgxdB8Z4PWUjFSOGqhzNlvrc6J-Y2gFBmXcK2vqd5g4ayswuMGmo5Y7auWBffLiyD9AkqszYkYqasVoFRjM9B-7-LCIKiI-MwI_0EwENQUbY4fpahPAPNrseHsXPwGgBZxt5prl2fpzwEtG6KadiSbs9G0ktDR6ZKsJNuL0QsEdpsHl0GsZeEzFE8Ykccg8VMJ_mvaOQTx0haTFPKcRrg2dbl1dIE-ipA3nQhtj5L5TdmDPYQ2o9pKQ79qTNCgk8qhljjTqk6BjPgU_LEZ2ThaOJQ8JOqYenBUlQFFGweW0xDHW8DxjEysKzBwC514lpFF6MZvr2Q_ImFI964fNAd1XGe1i8e7FRqDla5bPSyub4Wr-TBjZCDGsgNtue8f-lj3jF57rSGeeU76tITS9369WkV-v64yHjfi0JREe31m2C7iU4ysMg

Verdicts & Comments Add Verdict or Comment

274 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

71 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants	1970-01-20 23:27:25	Name: timer Value: 3
securityboulevard.com/	1970-01-20 23:27:25	Name: lastvisit Value: 1725958638
.securityboulevard.com/	1970-01-21 01:35:34	Name: _gcl_au Value: 1.1.1242885828.1725958689
.onesignal.com/	1970-01-20 23:26:00	Name: __cf_bm Value: _lTMehckOA.ET31yvteBJ..v2xtBzM8AuPkPrAvbi9o-1725958689-1.0.1.1-TnlfrlPhkWbj1X.8zKyw50DW14HQD8XKCvdyetI99.xzasQlOQtZvPEYCKnvaiw5Anm1KgV9FtDslJH26SZaRA
.hsforms.net/	1970-01-20 23:26:00	Name: __cf_bm Value: 8_3EsVE8Gl_zLREgLifDFaRJ_MJ.mA6FL5xkWsK7Q_4-1725958689-1.0.1.1-qfo_iyBO6dZNPJXrNk1VbtZ0mHL14qBVU2pyLVScdnmbR_2BthsJk2bWTRV8ORMdjTOmGk5I7eW8n3xmXbBuWw
.apollo.io/	1970-01-20 23:26:00	Name: __cf_bm Value: TzRwGUkGIAf2yEXCgzTSGD3Iezt8oFbaiFZATNmW8X8-1725958689-1.0.1.1-fevoAL1bycy3gzIBfXmuqfljR4at85ZwBNwz6WiznN_5x77ztVCKiXxDU1fZG7pU.IM4CktCk0tctcit0iBRqA
www.clarity.ms/	1970-01-21 08:11:34	Name: CLID Value: 8b89cf5dc1974934b6be428039441ec9.20240910.20250910
.securityboulevard.com/	1970-01-21 09:01:58	Name: _ga_5EVV7GV4Q5 Value: GS1.1.1725958689.1.0.1725958689.0.0.0
.vimeo.com/	1970-01-21 09:01:58	Name: vuid Value: 799128632.23601235
.ml314.com/	1970-01-21 08:11:34	Name: pi Value: 3646908348266184740
.ml314.com/	1970-01-20 23:46:08	Name: tp Value: 4%253B09%252F10%252F2024%2B08%253A58%253A09%253B0
.securityboulevard.com/	1970-01-21 08:11:34	Name: _clck Value: 1km0hhg%7C2%7Cfp2%7C0%7C1714
.securityboulevard.com/	1970-01-21 09:01:58	Name: _ga Value: GA1.2.1395742400.1725958689
.securityboulevard.com/	1970-01-20 23:27:25	Name: _gid Value: GA1.2.1709341656.1725958690
.securityboulevard.com/	1970-01-20 23:25:58	Name: _gat_UA-106313158-1 Value: 1
.linkedin.com/	1970-01-21 01:35:34	Name: li_sugr Value: 0bb13135-8dd6-445f-bcdd-04b27ec3af70
.linkedin.com/	1970-01-21 08:11:34	Name: bcookie Value: "v=2&3e55f9b4-416f-470e-8b2d-fc6d247ce35e"
.linkedin.com/	1970-01-20 23:27:25	Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=3343:u=1:x=1:i=1725958689:t=1726045089:v=2:sig=AQEQ-Sc-hR4643iExxtQ01tvuNYlPX2r"
.rlcdn.com/	1970-01-21 08:11:34	Name: rlas3 Value: tHrDHGdWipspPiBP9VaJwzTQVjuKapzoG64LUEzOuE8=
.demdex.net/	1970-01-21 03:45:10	Name: demdex Value: 35373187332126989193157886475202141027
.adsrvr.org/	1970-01-21 08:11:34	Name: TDID Value: c1f5ff8d-a33b-4f05-b439-654215500ef9
.linkedin.com/	1970-01-21 00:09:10	Name: UserMatchHistory Value: AQLNC2xaQJjHfgAAAZHbJ5R9l-PkQyAnyQoTP7Ob1CxvxofL2LgPeEjJ0wLvlW1Rjh0UfVmOChfMaw
.linkedin.com/	1970-01-21 00:09:10	Name: AnalyticsSyncHistory Value: AQINPkbyrSR9fQAAAZHbJ5R9XAZQO3j2pOgzMfXPD2qQL9Ou4v_jRe_6Lh0va8DbShlPhE0iZ04OppuqTwKETQ
.securityboulevard.com/	1970-01-20 23:27:25	Name: _clsk Value: 1hzokl6%7C1725958690004%7C1%7C1%7Ct.clarity.ms%2Fcollect
.eyeota.net/	1970-01-21 08:11:34	Name: mako_uid Value: 191db2794c7-2fec0000010a450e
.eyeota.net/	1970-01-20 23:25:59	Name: SERVERID Value: 17678~DM
.dpm.demdex.net/	1970-01-21 03:45:10	Name: dpm Value: 35373187332126989193157886475202141027
.rlcdn.com/	1970-01-21 00:52:22	Name: pxrc Value: CKGUgLcGEgUI6AcQABIFCNtOEAA=
.crwdcntrl.net/	1970-01-21 05:54:43	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 05:54:43	Name: _cc_id Value: 1888987b7cef81c207d2c8ebfda072e4
.ml314.com/	1970-01-20 23:25:58	Name: u Value: aHR0cHM6Ly9zZWN1cml0eWJvdWxldmFyZC5jb20v
.www.linkedin.com/	1970-01-21 08:11:34	Name: bscookie Value: "v=1&20240910085810fc617ed0-067b-489a-8dec-65747256a82aAQEfMvhWzT3BFcua-RiXvY79BZk6_Zy0"
.doubleclick.net/	1970-01-21 09:01:58	Name: IDE Value: AHWqTUlMuboB-ne7dEsNlr6IaNwJ2DovUcfgJv6SN7TYM9Va5Qe0BXOdpkUK9YKLU34
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 3d3ec7f4851c4bff
.hsforms.com/	1970-01-20 23:26:00	Name: __cf_bm Value: KDZVK1HPbbXuoXwO.LFYcQ_WfUIvs2RlcZL1KoevBj0-1725958691-1.0.1.1-3PS4c4Kxp8QcSo7Gz2TTK2AsysaF0iZ0RUw0AG.m2IQT6Yw3jL11gnSfT85ohu93.2bLJovWuD0LCpHyAUBUHg
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 7YEvDetyYfWfHsKeERn.rAkcCqNbKJNVwjoU8QU.P3I-1725958691717-0.0.1.1-604800000
.podbean.com/	1970-01-21 08:11:34	Name: cf_clearance Value: _tGI5Ou0f22kO0Y6LxUpRMQXtoEifRirJ5d9j8phhwI-1725958691-1.2.1.1-5Nzcz7IWDvK3R1gZkGTJiI5GQW9VuzPIiJh1Q4rdh.oDqn18oXHjyweHyqoOEIWVqYpWvveWk3fw8hIdanMDOMmLxvI4gowAvmdycQxQE6p5QSz9Efv5ys0Ng2YWH6smwA_6GG3M7eTKeQVXfWv5T7DqD5MU7YX3ooj_TZBSdbUpxMp4hQeT0n54K3XyC96kNlEtfCSKp44Ero25VQcDI.im3i7r6Uk0Z6niNVcd3SX0HFXfPGj2QWUIMm9VmQDMRKjr_doylvV5XiWBekSxp67BUDsshtGDHHi_vQTl3n8I1.Ru2I15WWHdOFLWiQ6pNSa7Lo2fbUFFxIM8Jpcadx6HXXMf_TZYdUsWQ5myyW0rJdoJAhLnZ_GElYFcmqrnKYSlprEJCE4pn7KsdYKQyA
.bing.com/	1970-01-21 08:47:34	Name: MUID Value: 07FB0D02E9B965E32C8419F4E8C264CF
.c.bing.com/	1970-01-20 23:36:03	Name: MR Value: 0
.c.bing.com/	1970-01-21 08:47:34	Name: SRM_B Value: 07FB0D02E9B965E32C8419F4E8C264CF
.securityboulevard.com/	1970-01-21 08:47:34	Name: __gads Value: ID=ecb16ee0b6c251ca:T=1725958691:RT=1725958691:S=ALNI_Ma3pyQPZqayDal1BHO-VYrNy6bHyQ
.securityboulevard.com/	1970-01-21 08:47:34	Name: __gpi Value: UID=00000a50266e0938:T=1725958691:RT=1725958691:S=ALNI_MZ3tDj3qDgW70G3bZ_GdNw8dAuxGw
.securityboulevard.com/	1970-01-21 03:45:10	Name: __eoi Value: ID=f912bbb0c1bc11ff:T=1725958691:RT=1725958691:S=AA-AfjZ1LhL6Khf34Q5DZXVoCq1r
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 08:47:34	Name: MUID Value: 07FB0D02E9B965E32C8419F4E8C264CF
.c.clarity.ms/	1970-01-20 23:36:03	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 23:25:59	Name: ANONCHK Value: 0
.criteo.com/	1970-01-21 08:47:34	Name: receive-cookie-deprecation Value: 1
.blismedia.com/	1970-01-21 08:11:38	Name: b Value: 66E00A24D4D698CC377D6413BLIS
.securityboulevard.com/	1970-01-21 08:11:34	Name: FCNEC Value: %5B%5B%22AKsRol9n2qj1K6xmlyu07juGY3blMGaLxAqj7YhRbus3ksR4GG2kRNiwlB93ZTKiYt9Vho94gX52JTXVZsPR1Q3EwZT6gSiPPiq7PPNdqARdeF4alLw4R8IPs7wEFIUzgtXmxAMiD43YcQvj4d64g8fr47Np-LKG4Q%3D%3D%22%5D%5D
.turn.com/	1970-01-21 03:45:10	Name: uid Value: 3893970120173994183
.quantserve.com/	1970-01-21 08:56:13	Name: mc Value: 66e00a24-5aa50-80ab8-d5de9
.quantserve.com/	1970-01-21 01:35:34	Name: sp Value: CggI2WUSAxCxDQ==
.securityboulevard.com/	1970-01-21 09:01:58	Name: _ga_FB70FYBEHB Value: GS1.1.1725958689.1.1.1725958692.57.0.0
.ipredictive.com/	1970-01-21 08:11:34	Name: cu Value: 61852e89-d940-414f-bec6-4e76b8d2ea1a\|1725958692404
sync.srv.stackadapt.com/	1970-01-21 08:11:34	Name: sa-user-id Value: s%3A0-3a634e9b-574f-5abd-411d-391c06621fbb.NM%2FQfdjajolYciOjY%2B4r4vf7uqJZTVa48ugpZbGiJZo
.srv.stackadapt.com/	1970-01-21 08:11:34	Name: sa-user-id Value: s%3A0-3a634e9b-574f-5abd-411d-391c06621fbb.NM%2FQfdjajolYciOjY%2B4r4vf7uqJZTVa48ugpZbGiJZo
sync.srv.stackadapt.com/	1970-01-21 08:11:34	Name: sa-user-id-v2 Value: s%3AOmNOm1dPWr1BHTkcBmIfuyaEdkQ.TowsZ3VwC8I3uY1%2BVKh0CT0RM9%2BYymJm6b18OyPlNWQ
.srv.stackadapt.com/	1970-01-21 08:11:34	Name: sa-user-id-v2 Value: s%3AOmNOm1dPWr1BHTkcBmIfuyaEdkQ.TowsZ3VwC8I3uY1%2BVKh0CT0RM9%2BYymJm6b18OyPlNWQ
sync.srv.stackadapt.com/	1970-01-21 08:11:34	Name: sa-user-id-v3 Value: s%3AAQAKIBLD3sLUg6M-a5X3ViS-hCwz7jmcWuveS-hKgkdfcq1qEGcYBCCklIC3BjABOgQUEbaQQgTHc93e.DUoVvKHs%2FxVydGSVOoqbvabQP1UnEJhuRf4D%2FWglR5A
.srv.stackadapt.com/	1970-01-21 08:11:34	Name: sa-user-id-v3 Value: s%3AAQAKIBLD3sLUg6M-a5X3ViS-hCwz7jmcWuveS-hKgkdfcq1qEGcYBCCklIC3BjABOgQUEbaQQgTHc93e.DUoVvKHs%2FxVydGSVOoqbvabQP1UnEJhuRf4D%2FWglR5A
beacon.lynx.cognitivlabs.com/	1970-01-21 08:11:34	Name: UID Value: cf984c7b-c34a-4cb9-9b42-55e1ba05d4c9
beacon.lynx.cognitivlabs.com/	1970-01-21 08:11:34	Name: ss Value: 6dKMsi0HnRscK92Z0PzOLe522YNNUsNOfsDSP7Kp%2Bexn%2BuXSi3YuDTC444eITAI2NKKSPuRF9q7k5rrJ9noYFg%3D%3D
measurement-api.criteo.com/	1969-12-31 23:59:59	Name: ar_debug Value: 1
.adsrvr.org/	1970-01-21 08:11:34	Name: TDCPM Value: CAESFgoHZDB0cm8xahILCMaenaKX4Kg9EAUSFQoGZ29vZ2xlEgsIhMLfupfgqD0QBRgFIAIoAjILCPLW2s6t4Kg9EAU4AQ..
.creativecdn.com/	1970-01-21 08:11:34	Name: ts Value: 1725958692
.creativecdn.com/	1970-01-21 08:11:34	Name: g Value: n50c35KVonuXj01FddRJ_1725958692561
.vimeo.com/	1970-01-20 23:26:00	Name: __cf_bm Value: KS4g4uSrHJ_cArjPPUHxU6tb.Pybs.oGtuCrh32Oitg-1725958692-1.0.1.1-3eproeSqtHMss_Lp1tncihrmBSNhmKjFpy8HCeOMagIGOUJh7Qbtjpq0GeZPGVYs
.vimeo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: YH0bZ8WJc0nBAWmEDeuuKj4lxR8mUuoacwcIPHX50yU-1725958692622-0.0.1.1-604800000
.bidr.io/	1970-01-21 08:54:32	Name: bito Value: AAHLek7NwBQAABWgYP6tNQ
.bidr.io/	1970-01-21 08:54:32	Name: bitoIsSecure Value: ok

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/(Line 1239) Message: Allow attribute will take precedence over 'allowfullscreen'.
other	warning	URL: https://securityboulevard.com/2022/05/analysis-of-blackbyte-ransomwares-go-based-variants/ Message: The keyword 'push-button' used on the 'appearance' property was deprecated and has now been removed. It will no longer have any effect.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.gravatar.com
5c5cd254ec7fff17826118106680e7ee.safeframe.googlesyndication.com
ajax.googleapis.com
analytics.google.com
aplo-evnt.com
assets.apollo.io
c.bing.com
c.clarity.ms
cdn.onesignal.com
cdnjs.cloudflare.com
devops.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
forms-na1.hsforms.com
forms.hsforms.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
idsync.rlcdn.com
images.squarespace-cdn.com
img.onesignal.com
in.ml314.com
js.hsforms.net
match.adsrvr.org
ml314.com
onesignal.com
pagead2.googlesyndication.com
pixel.wp.com
platform.twitter.com
ps.eyeota.net
px.ads.linkedin.com
px4.ads.linkedin.com
secure.gravatar.com
securepubads.g.doubleclick.net
securityboulevard.com
snap.licdn.com
static.addtoany.com
static.cloudflareinsights.com
stats.g.doubleclick.net
stats.wp.com
sync.crwdcntrl.net
t.clarity.ms
td.doubleclick.net
techstronggroup.com
tpc.googlesyndication.com
vimeo.com
www.clarity.ms
www.dmca.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.podbean.com
pagead2.googlesyndication.com
securityboulevard.com
104.16.160.145
104.17.111.223
104.17.24.14
104.18.141.119
104.19.175.188
13.107.42.14
142.250.80.74
142.251.32.98
142.251.40.136
142.251.40.142
142.251.40.164
142.251.40.98
142.251.41.2
151.101.64.238
162.159.138.60
172.67.198.8
172.67.39.148
192.0.76.3
20.110.205.119
20.114.189.70
2001:4860:4802:34::181
216.239.32.181
2600:141b:e800:25::1721:2ad1
2606:2800:220:131d:1d30:1f1d:238b:1e56
2606:4700:10::6816:39c
2606:4700:10::6816:ca
2606:4700:10::ac43:29b
2606:4700:10::ac43:e14
2606:4700::6810:4f49
2607:f8b0:4004:c06::9b
2607:f8b0:4006:807::200e
2607:f8b0:4006:816::2002
2607:f8b0:4006:816::2003
2607:f8b0:4006:816::200a
2607:f8b0:4006:81e::2002
2607:f8b0:4006:821::2001
2607:f8b0:4006:821::2008
2607:f8b0:4006:823::2001
2620:1ec:21::14
2620:1ec:bdf::40
2620:1ec:c11::237
2a04:fa87:fffe::c000:4902
3.228.127.100
34.107.133.146
34.117.77.79
35.244.154.8
35.71.131.137
44.206.34.39
52.3.138.212
54.164.233.65
016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d
04fa40ad1ba29039cd270b17dec6abae3f155409c333fdd0c925ebb7f98bf1e7
05a02a17f79ea82224a296d1b3067e36ae3440fca4172aead3b8fee4a4cfe770
08c19ec190562f3078e2ad89f840a23315b57fec742d0906c8146b0b71eabee0
0bfc362d61a36174f9e4ef410adee1288b2a9afc839586ed871949c96f7fa0dc
0ebe2359f7106a99a4d5f17f482ca7efe495dcc7090fb121f56f8cf0055d562e
101f7a6b30db45e2af5f4c16ec0e1ed7584c45260801abdeaa09731ba3abd6c6
142ef075542912c4636585b0e581cd0ac6b4a3f818ec43b3fbf3667dd30a6351
154817f0d937e5e7fc5970a56687464e84d690e15e530d8e3f189869280c43e7
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
1a1b9ae60c527ccefdbbc092245aa6c85aedcaa6ebb4c69d22060ece8ade180d
1ab82940daf0430a4ba90ded905ef1ad9cd6739cea9a222df0c5f0ce89355249
1b5b0187242aa0d8873c91877a0c55ec72c66eaffeea0742ca065ad26f52cd89
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f825bab09c1521408c2328bae1c658d4892824a6182666d4056d622e97dd6bc
2039d204f18247df88a0f132f35fe67f9e52ee7268515ead1647c611f737ba07
247184981eb6f698a94e431a83d68c6b0df623cce57b6e29dc5a6c11e23aa195
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
264532af47b2cfb6620970592478c442a0cd429beccead9d062ff5a91284dc15
2863ec1f28569c220d7864d8870001a4f4d461123daed31d11347fefc856ec4c
28b0b03f51551de0682bed42b4cb9d56508a09f636ff48e3f97df64473d311d4
296b3d8e9fa36733999a69d6e630bc6361ea23dada8c98a0e48d34ba7f7d0ed2
297ba0fd2c33be9b8f9e85897adf5b3b86ab7864116c483b4bcdbcf651e71005
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045
2dddbbb11e0d6a306b1a27ed5d693f859dad8c17ccb08d5b9e9d663eae570821
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2f7e490d17ebf809a460ec752c1d37047f5f0aaa54f974da6a440010d70629c1
3003867b66a32c12fdafeefc27cf06d906e5a99ba275550ab757f4bb04834636
302dad2d165b5b7849d5fc1db1fea894f35dec4c4f64e77ec4865fd4f3a90a62
319099c980bb5b741508861ac4209006cc3e4e6fd184672fb16136cff48145a0
32d5700587b6c9e3c4dbb404bfd2afe1a36f7ece0a9e2761bf487fca687df08c
33166bd3a4a54777435dc6f05b0b9cfbc4e94bde0bfa46468cd5a7d25c48cc0c
37dcc08f28496a33da246e72d26931248a996351747ec0ff740d90fd8e03f2a6
3b327fc4684de28d40f1fee56aa5a54f24ade43a7eb7c4a5a22fb86b829e2cc3
3bb987c509cc9d8cddb3a3d729818016e7831788ececc4b736a23c66d22161e1
3dab93242ee573bbcfc22c9d15acd47794e500ed44e6bd48a35400b39d65aa43
3fe8c79d67b21039a5d059ef40761950fb76e1d17933d61509f7eb3c68f5aeeb
3fee2241b1a7e456a690a5630244d9a452f20f2a8a241eb242238d418295750b
4105387528744bfb8f22b940743fe631cc3d26c64e52849f05d5147b8132c328
41f3fe4ce62f3d3f75f6ca8d5c801832f4dc941028ed09cd2ddf5a5b9f0712d3
431ebfe08cafe8dbb9139a8e7632abc824c6fa276ab1037868ae598474062151
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
446bafe3e71ba46e4191766edc1d2ce5ed9710d9c6a915d3f3c36c37fe0b9346
471f5e43b94418a2b9b406a02c979eb899ae44f2bfde4dd8613d6b80f50ebf46
4b475960843a5619b907af1f0a89e3136bd5e6a4a700ec78cb417f302647cf49
4c200597dad422925b0995b9094df1c6005689273467d7b9162ba5502ce4cd8d
4dc4b084ef936f389a16afec35651270dec229425176c8a76cf24257226ca4ff
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da
4ef5e5f0b35765664c2306f623928124ac103d8e218ad9bd64da51e319d0cc5d
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
51ad5347963f5c9db69a8bff494aca2c82b13199e4eb6205de5a65d0b9709d11
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
534c262276166217d4ea9b047de9addc67bdab27d749899d098935a58d65940f
53948075293f5d4a1c0a2d48f3b452fd376b415b4ca0699d12a0c5461ea160f6
55b0ec08baaa8216a5bd84b32c0bde4d063020dd1569d5a4dbeae6c92abf64fd
5a43a22e48f94b7a45a9a9b1a107f197213b73307fdfa2e6b2daadab264f94d2
5b9bdd7c7f58fac396b5aab537d9e8ebc4523a637d302f5f6a7d900dc8b399b5
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855
5e9217a20b1f4bec7ec61cb0d3b1ae23a759df26ac6856f15d57e841caa4f0a9
618a2ea4b0144dc806e4f9cce420a3b4f271d5436d364bfc1192ab74c578c26b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62a388a7833280dc7dfe5716af9969711f3c2a2fcc34c5af249907d1e2be7c73
64ab8dbf18e5a9150941c352022b6e14e983a679cee5bd6bc92f6fca7e6426bc
68002d1756ab74bbd8c95d977ff8af585ab56706e59b0524a56a9788acf8e482
6858ac46192ff7ccf7b6405668bf93e37e092d1607999abcb6907d8e7287ef3f
68d9cda3dc9625560bbe531dc199dbdaee5e954a6766d1eb3a1933048e4d7f1b
68ed9b82b62d45cf5d12587a7e9566a4ddeb94d69bcb225e9e3c7268c76b3cbb
692876a0cbadd3dfd313c330437f1e1c9c977d18ffdd61ef2c3b2dda7dce88b9
693656882fbd1648fdc72aea16f38f1b6ffa041ef224bbc35e5db4061d302ffa
69f9f19bd433b1317c2e2adf4b0d99a7655e6d878b35a970a5311227c6ad0a04
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b56424b3ae865d060b7daedd69321918ccf212d0f9c74251e03861a5d39812c
6b63f93f45b836123619e22860a43538ac0cd157f7afd2f58134e28e5e18fa04
6c9f5960dced0cd174a6f994adefa4cc95334fa92e24587243b0b8a507c963f0
6db83b2803fed3f9b574567755102b18c401904a374c8acf4c9a2e9b0159cb4f
757eb40b82fad431019322ce4d7edfd5f2b0b0a822d74db6066993d6bb472c49
758ec37b307443cb9be2d4f93e40d730eecfaf18a77ec9b071372b1ef64c2ab0
7670969cdbb95fcd3e9e270b7d63c5ea6c1b3bf44fdebd13215ef8f5098a54b5
785d3e9ea187b7242e1a4365a48c3fd95dd7a469245d24c6769b8d46c4ef4b81
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7f71e018a9a827bc2f0977097fbb91b6163cd928390c8743730045e0587fe0d2
88162132623e7768a9f1b350854c1e805bc55beba3709d2e285e4f434674fca2
885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6
88c27a96e2eb7d4d096a155f227ca88494d9f9694e0897df5e871bf682fec611
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
8e865610f821bc6b6683af168c60b57db40b15e6b27755134457ee4d91aa03d0
8f33880a7bc942dd2f2218dec8e129e44ba5bf999e793805ff7200cae46917bf
8f67facb19582d6d0f7d7093568a38c213683826d6cba38064b3fc7c0a41db35
9117ce316239e8ce14f6975954d77c9ad297ac10861be1bf3d1ed15289a0c8a9
91698821a1603c559e8e255f3e34c2ea63acfcfd23d2394d55b42bb70e1c130c
9595d6e9cf2ca0d1dfcc07c2cf9ea061045d3db04f081aa50d488bc03a776a4d
998a575c7b376128a98e6d67e29c42e1726aac3489cf2c0b2aaebf6f6ad0b546
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bd1d0c032a074ffb5a644e365d70da64fd2cffe4980b46e3c6a4159ecf0881a
9ef33605db40f5dd37e194f4af592cd22a8a90f56da1a165b4a97c34efaa09eb
9fd2f63c1c9cb94ccd7d258e81648758206f1a581780a73c30e657af74b6e3f8
a22cbeed3355b5779f5a26036f3706ff7a71981d3c930f54a9dbb9fd2c74c67f
a281554e698efea9e14b9bf20c69e231cdbc0d6cf21cd5defea925c124ccda0b
a2a4e7c87de9caabbbbf5500898e3173855d41a026cd37ea707aed7b197a5a9c
ac6f83dcff13a63bca026fd1d3c5cea71fe5e8a387618e563309f1dedb73f8c0
addd3084e45a2c68ac5b4baf988e0f18f572f213a2930e32d3a79a01ab579278
b09f9ab3d995c54d315591f2733e609eae5c174f20ed1c8b9598b888b5704253
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
b46853b388ab997de6bfa04c1e397b91783aa2d3e125eb7f62b2f41b95dd5e57
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bb4e63c126beae75728fc000a8847d4d91427b7a63e711f3668de1c20bd5d76c
c10cb13e4214f7de52c329d84219ebb0a4ef491a9bc28a81a6059c2c9c27fd5b
c19e3e4151ea4933fa9ba9703c51fe20ad469237771214b1c5001d1b107ddef5
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c4b3fbc360a34e6b9eb349ee0663dc97fa48ba73f1bb1f8e95438940b2a14dec
c90882cc87cbb7a374871305ccc2b2b420724591a5de7e863f31842fe7c39ddc
ca0af6b4ab8d2b645c51e8b2a3e8d3dce3a43f287d9edec5f01277e46526c757
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce5dbb2cdb85126fdc9d774971a56f8848dbee977a382bd512a5f8b49ea8c727
d07ac60d7d494f8688e4844d51b988f6a2f95b5e9435880e628eb8966e091382
d0e12af8c4e560fe89643639e0c3ed4dc76125c62adeb2879b761d73dbaecf50
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d2d330f53cdfd25a188faebfc07535a76190bcc529946b09c74d0971e84b53cd
d432ad1988efa5b258294f52dae3d1b4c10660aec15e49017e21a1ee74bfd453
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
deb07f693d85095efba35b7bfcdec31eb7319e0e467b6267014f1114ecdf8261
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e16986622c696a801f3ebfba9649dae03e94c9c7a2b48a82b5e0da3652770ba0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e529245e8867300ffd2b6f6c1e5b36d41ce8c71a9eb7cbdec52360c0be7b0017
e9477347715e11007b443bf2be67df96a108b575f76c4ddb6ca18d8b2fcf39b2
ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef
ed5187fd3a8124b6137295fd2b2e0e1451ed9250b6ad989d48e16ea736e5bddc
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
ee10126a435e8dadc4421d2eb3fcef0c36b2cc9fb7568e4b5c6fca3be4676a86
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f08f50720b2d6b5d1bba8663b3ad20e2da80102ac493f7f3c3278f901019d480
f131f8100c804592bc8fecf0664b782b568fdf5362fb5a14f568b6234b6241e1
f1898554002afcec490975613ba45248ab76af74d151fb84a101d55bc2ca2b70
f288cc1ee3de88550592e3ea99695d159dd5e8634ffdcb1b98ef5efdf083a106
f2ee30d6092b562e98ee9db9c7a6a39ec2546117279552180d49f30d7268f794
f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4ed4f3e649cf635824e73f0988b7d838af1c3f6753a16586cd1b64e2cfd1ee0
f542387def66d7826b8d923a05312ec681a1389ed09ac29dc34dfe5fb857f992
f7c91d82539279bcc48324d9cdecfaad418f2720a2e40de04a6d975465aa07a2
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f96151453bf5b861219fab32920589c930580c4f1c427f2e023e7429e7e9f482
fa9e64cf02aa8623cfba0cd734068aed4c1ceb354d4314de36409f73f625c041
feade23a47f6041e6d1008885642dd7ab7cc4f12d94b0c7191c9cf8ca55df97d
fff9001fa9a705871580a83e3c2916c7d136360c55bf0b5ac88d6e055085678d

securityboulevard.com Open in urlscan Pro 2606:4700:10::6816:39c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

200 Requests

96 %HTTPS

42 %IPv6

36 Domains

54 Subdomains

47 IPs

3 Countries

2541 kBTransfer

7529 kBSize

71 Cookies

32 Outgoing links

Redirected requests

200 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

securityboulevard.com Open in urlscan Pro
2606:4700:10::6816:39c Public Scan

Screenshot
Live screenshot

Full Image

200
Requests

96 %
HTTPS

42 %
IPv6

36
Domains

54
Subdomains

47
IPs

3
Countries

2541 kB
Transfer

7529 kB
Size

71
Cookies

200 HTTP transactions
1 data transactions