blog.barracuda.com Open in urlscan Pro
20.226.161.182 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate
Submission: On October 30 via api (October 30th 2024, 2:13:51 am UTC) from TR — Scanned from US

Summary HTTP 104 Redirects Links 73 Behaviour Indicators

Summary

This website contacted 26 IPs in 3 countries across 18 domains to perform 104 HTTP transactions. The main IP is 20.226.161.182, located in Campinas, Brazil and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is blog.barracuda.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on January 3rd 2024. Valid for: a year.

This is the only time blog.barracuda.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	20.226.161.182 20.226.161.182	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2600:141b:1c0... 2600:141b:1c00:8::1728:b337	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:141b:1c0... 2600:141b:1c00:8::1728:b338	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
21	2600:9000:284... 2600:9000:2840:d000:14:fd89:5ac0:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2606:4700::68... 2606:4700::6812:572a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:807::200e	15169 (GOOGLE) (GOOGLE)
1 6	2600:9000:23c... 2600:9000:23cb:6800:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.85.61.60 52.85.61.60	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::9d	15169 (GOOGLE) (GOOGLE)
2 2	35.244.154.8 35.244.154.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	13.226.94.12 13.226.94.12	16509 (AMAZON-02) (AMAZON-02)
1	13.226.34.111 13.226.34.111	16509 (AMAZON-02) (AMAZON-02)
2 5	2600:1f18:61c... 2600:1f18:61c0:2205:aa08:c47d:50ee:d74b	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:251... 2600:9000:2511:800:1d:8d6d:3b40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.250.65.238 142.250.65.238	15169 (GOOGLE) (GOOGLE)
1	3.95.95.71 3.95.95.71	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:61c... 2600:1f18:61c0:2209:5334:8b9a:311c:e340	14618 (AMAZON-AES) (AMAZON-AES)
2	31.13.80.12 31.13.80.12	32934 (FACEBOOK) (FACEBOOK)
1	2600:141b:1c0... 2600:141b:1c00:6::17df:d13e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	142.251.41.2 142.251.41.2	15169 (GOOGLE) (GOOGLE)
1 2	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
4 6	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f10... 2a03:2880:f10e:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
104	26

34 20.226.161.182 (Campinas, Brazil)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

blog.barracuda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:141b:1c00:8::1728:b337 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:8::1728:b338 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2600:9000:2840:d000:14:fd89:5ac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.barracuda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6812:572a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:807::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:23cb:6800:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.61.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-60.ewr53.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.154.8 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.94.12 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-226-94-12.jfk52.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.34.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-111.ewr53.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f18:61c0:2205:aa08:c47d:50ee:d74b (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2511:800:1d:8d6d:3b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag-logger.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.238 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.95.95.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-95-95-71.compute-1.amazonaws.com

ipv4.d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:61c0:2209:5334:8b9a:311c:e340 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

x.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.80.12 (Toronto, Canada)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-yyz1.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:6::17df:d13e (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.41.2 (Queens, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.22.214 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f10e:83:face:b00c:0:25de (Toronto, Canada)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	barracuda.com blog.barracuda.com app.barracuda.com — Cisco Umbrella Rank: 574010	3 MB
13	adroll.com 3 redirects s.adroll.com — Cisco Umbrella Rank: 3395 d.adroll.com — Cisco Umbrella Rank: 1624 ipv4.d.adroll.com — Cisco Umbrella Rank: 12598 x.adroll.com — Cisco Umbrella Rank: 4422	42 KB
10	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 326	187 KB
7	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 321 www.linkedin.com — Cisco Umbrella Rank: 646 px4.ads.linkedin.com — Cisco Umbrella Rank: 6828	4 KB
7	typekit.net use.typekit.net — Cisco Umbrella Rank: 455 p.typekit.net — Cisco Umbrella Rank: 561	149 KB
3	company-target.com 1 redirects segments.company-target.com — Cisco Umbrella Rank: 1534 api.company-target.com — Cisco Umbrella Rank: 4087	2 KB
3	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 136 cm.g.doubleclick.net — Cisco Umbrella Rank: 283	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	22 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	3 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 415	982 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	72 KB
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 812	769 B
2	demandbase.com tag.demandbase.com — Cisco Umbrella Rank: 5931 tag-logger.demandbase.com — Cisco Umbrella Rank: 5266	18 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	204 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 784	14 KB
1	google.com analytics.google.com — Cisco Umbrella Rank: 147
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 498	306 B
0	printfriendly.com Failed cdn.printfriendly.com Failed
104	18

	Domain	Requested by
34	blog.barracuda.com	blog.barracuda.com
21	app.barracuda.com	blog.barracuda.com app.barracuda.com
10	cdn.cookielaw.org	www.googletagmanager.com cdn.cookielaw.org
6	s.adroll.com	1 redirects www.googletagmanager.com s.adroll.com
6	use.typekit.net	blog.barracuda.com use.typekit.net
5	px.ads.linkedin.com	3 redirects snap.licdn.com
5	d.adroll.com	2 redirects s.adroll.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.facebook.com
2	eb2.3lift.com	1 redirects
2	cm.g.doubleclick.net	2 redirects
2	connect.facebook.net	s.adroll.com connect.facebook.net
2	segments.company-target.com	1 redirects
2	id.rlcdn.com	2 redirects
2	www.googletagmanager.com	blog.barracuda.com www.googletagmanager.com
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	snap.licdn.com	s.adroll.com
1	x.adroll.com
1	ipv4.d.adroll.com
1	tag-logger.demandbase.com	tag.demandbase.com
1	api.company-target.com	tag.demandbase.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	tag.demandbase.com	blog.barracuda.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	p.typekit.net	use.typekit.net
0	cdn.printfriendly.com Failed	blog.barracuda.com
104	28

This site contains links to these domains. Also see Links.

Domain
www.barracuda.com
x.com
www.linkedin.com
www.facebook.com
www.hhs.gov
areteir.com
www.cisa.gov
heimdalsecurity.com
securityaffairs.com
www.cybereason.com
attack.mitre.org
www.bitsight.com
www.techtarget.com
thedfirreport.com
learn.microsoft.com
www.thestack.technology
www.varonis.com
www.pcrisk.de
www.bleepingcomputer.com
www.s-rminform.com
www.cdkglobal.com
www.channelfutures.com
www.bloomberg.com
edition.cnn.com
www.infosecurity-magazine.com
www.cybersecuritydive.com
www.theregister.com
thecyberexpress.com
www.salvagedata.com
www.malwarebytes.com
www.zdnet.com
www.trmlabs.com
www.cnn.com
www.computerweekly.com
therecord.media
thehackernews.com
rclone.org
platform.socradar.com
www.onetrust.com

Subject Issuer	Validity	Valid
blog.barracuda.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-03` - `2024-12-05`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-27` - `2025-09-27`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
www.barracuda.com Amazon RSA 2048 M02	`2024-02-13` - `2025-03-14`	a year	crt.sh
cookielaw.org WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
geolocation.onetrust.com WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
s.adroll.com Amazon RSA 2048 M02	`2024-05-03` - `2025-06-01`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2024-08-27` - `2025-09-28`	a year	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2024-08-13` - `2025-09-14`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M03	`2024-09-08` - `2025-10-07`	a year	crt.sh
*.demandbase.com Amazon RSA 2048 M02	`2024-06-10` - `2025-07-08`	a year	crt.sh
*.adroll.com Amazon RSA 2048 M02	`2024-07-03` - `2025-07-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-08` - `2024-11-06`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-10-14` - `2025-04-14`	6 months	crt.sh

This page contains 6 frames:

Primary Page: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate
Frame ID: 9B4344C806B554EA0B8290A7D7CC02E6
Requests: 91 HTTP requests in this frame

Frame: https://app.barracuda.com/iframe/blog-subscribe-sidebar?lang=en
Frame ID: F15CE5699E3E86031A1DC3A31CB78B99
Requests: 10 HTTP requests in this frame

Frame: https://app.barracuda.com/iframe/subscribe-blog?container_left_align=yes&lang=en
Frame ID: AD61B556FE2F98265B84E3D84B5DBA97
Requests: 11 HTTP requests in this frame

Frame: data://truncated
Frame ID: 1BB34FE8A5F051C613B23F79728106FA
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: E5A2982DA1BB1927D20902EFDBA0E4CD
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: 6AED213DE4FD742EB93B6660D289C6DB
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BlackSuit ransomware: 8 years, 6 names, 1 cybercrime syndicate

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc\.clientlibs/

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

104
Requests

94 %
HTTPS

59 %
IPv6

18
Domains

28
Subdomains

26
IPs

3
Countries

3278 kB
Transfer

7425 kB
Size

35
Cookies

73 Outgoing links

These are links going to different origins than the main page.

URL: https://www.barracuda.com/

Search URL Search Domain Scan URL

URL: https://x.com/intent/post?text=BlackSuit+ransomware%3A+8+years%2C+6+names%2C+1+cybercrime+syndicate&url=https%3A%2F%2Fblog.barracuda.com%2F2024%2F10%2F29%2Fblacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate&via=barracuda
Title: Post

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite?mini=true&url=https%3A%2F%2Fblog.barracuda.com%2F2024%2F10%2F29%2Fblacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate&title=BlackSuit+ransomware%3A+8+years%2C+6+names%2C+1+cybercrime+syndicate&summary=BlackSuit+ransomware+is+a+prolific+threat+actor+that%27s+been+aggressively+targeting+healthcare.+It%27s+been+tracked+back+to+Hermes+ransomware+%282016%29+and+can+be+correctly+described+as+a+rebranded+rebrand+of+a+rebranded+rebranded+threat.+
Title: Share

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/share?app_id=256771694846661&display=popup&href=https%3A%2F%2Fblog.barracuda.com%2F2024%2F10%2F29%2Fblacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate
Title: Share

Search URL Search Domain Scan URL

URL: https://www.barracuda.com/support/glossary/ransomware?utm_source=10292024&utm_medium=blog&utm_campaign=blog
Title: ransomware

Search URL Search Domain Scan URL

URL: https://www.hhs.gov/sites/default/files/hc3-top-10-most-active-ransomware-groups-analyst-note-tlpclear-r.pdf
Title: the fifth most dangerous threat to the U.S. public healthcare sector

Search URL Search Domain Scan URL

URL: https://areteir.com/article/understanding-blacksuit-ransomware/
Title: less than one-half of a percent

Search URL Search Domain Scan URL

URL: https://www.barracuda.com/support/glossary/malware?utm_source=10292024&utm_medium=blog&utm_campaign=blog
Title: malware

Search URL Search Domain Scan URL

URL: https://www.cisa.gov/sites/default/files/2024-09/aa23-061a-stopransomware-blacksuit-royal-ransomware_5.pdf
Title: BlackSuit uses phishing emails

Search URL Search Domain Scan URL

URL: https://heimdalsecurity.com/blog/drive-by-download/
Title: drive-by download attacks

Search URL Search Domain Scan URL

URL: https://securityaffairs.com/166760/hacking/blacksuit-ransomware-group-advisory.html
Title: 13.3%

Search URL Search Domain Scan URL

URL: https://www.cybereason.com/blog/how-do-initial-access-brokers-enable-ransomware-attacks
Title: initial access brokers

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/versions/v15/techniques/T1190/
Title: exploit public-facing applications

Search URL Search Domain Scan URL

URL: https://www.bitsight.com/blog/systembc-multipurpose-proxy-bot-still-breathes
Title: SystemBC

Search URL Search Domain Scan URL

URL: https://www.techtarget.com/whatis/definition/command-and-control-server-CC-server
Title: command-and-control (C2)

Search URL Search Domain Scan URL

URL: https://thedfirreport.com/2024/08/26/blacksuit-ransomware/

Search URL Search Domain Scan URL

URL: https://www.techtarget.com/searchwindowsserver/definition/PowerShell
Title: task automation suite

Search URL Search Domain Scan URL

URL: https://learn.microsoft.com/en-us/powershell/
Title: PowerShell documentation is here

Search URL Search Domain Scan URL

URL: https://www.thestack.technology/powershell-use-for-ransomware/
Title: here’s an article on how PowerShell is used in ransomware attacks

Search URL Search Domain Scan URL

URL: https://learn.microsoft.com/en-us/sysinternals/downloads/psexec
Title: PSExec is here

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/software/S0154/
Title: the MITRE ATT&CK page here

Search URL Search Domain Scan URL

URL: https://www.varonis.com/blog/what-is-mimikatz
Title: find details here

Search URL Search Domain Scan URL

URL: https://learn.microsoft.com/en-us/windows-server/storage/file-server/volume-shadow-copy-service
Title: delete volume shadow copies

Search URL Search Domain Scan URL

URL: https://www.pcrisk.de/ratgeber-zum-entfernen/12029-blacksuit-ransomware

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/blacksuit-ransomware-gang-claims-attack-on-kadokawa-corporation/

Search URL Search Domain Scan URL

URL: https://www.s-rminform.com/latest-thinking/meet-blacksuit
Title: reports

Search URL Search Domain Scan URL

URL: https://www.cdkglobal.com/about
Title: CDK Global

Search URL Search Domain Scan URL

URL: https://www.channelfutures.com/security/cdk-global-attack-costs-auto-dealers-over-1-billion
Title: lost an estimated $1 billion

Search URL Search Domain Scan URL

URL: https://www.bloomberg.com/news/articles/2024-06-21/cdk-hackers-want-millions-in-ransom-to-end-car-dealership-outage
Title: CDK planned to pay the ransom

Search URL Search Domain Scan URL

URL: https://edition.cnn.com/2024/07/11/business/cdk-hack-ransom-tweny-five-million-dollars/index.html
Title: $25 million Bitcoin payment

Search URL Search Domain Scan URL

URL: https://www.infosecurity-magazine.com/news/researchers-largest-ransomware/
Title: Dark Angels/unnamed victim at $75 million

Search URL Search Domain Scan URL

URL: https://www.cybersecuritydive.com/news/cna-financial-ransomware-payment-treasury-sanctions/600591/
Title: Phoenix/CNA Financial at $40 million

Search URL Search Domain Scan URL

URL: https://www.theregister.com/2024/04/18/ransomware_octapharma_plasma/
Title: attack on Octapharma Plasma

Search URL Search Domain Scan URL

URL: https://thecyberexpress.com/blacksuit-hacker-cyber-attack-on-zootampa/
Title: ZooTampa

Search URL Search Domain Scan URL

URL: https://thecyberexpress.com/blacksuit-ransomware-attack/
Title: Western Municipal Construction

Search URL Search Domain Scan URL

URL: https://www.salvagedata.com/hermes-ransomware-data-recovery/
Title: Hermes ransomware

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/blog/news/2019/12/threat-spotlight-the-curious-case-of-ryuk-ransomware
Title: Ryuk ransomware appeared in August 2018

Search URL Search Domain Scan URL

URL: https://www.cisa.gov/news-events/cybersecurity-advisories/aa21-076a
Title: TrickBot

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/groups/G0082/
Title: Stardust Chollima

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/groups/G0102/
Title: Wizard Spider

Search URL Search Domain Scan URL

URL: https://www.zdnet.com/article/ryuk-ransomware-gang-probably-russian-not-north-korean/
Title: Hermes and Ryuk were of Russian origin

Search URL Search Domain Scan URL

URL: https://www.trmlabs.com/post/analysis-corroborates-suspected-ties-between-conti-and-ryuk-ransomware-groups-and-wizard-spider
Title: evidence linking specific Conti members to Ryuk addresses

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/conti-ransomwares-internal-chats-leaked-after-siding-with-russia/

Search URL Search Domain Scan URL

URL: https://www.cnn.com/2022/03/30/politics/ukraine-hack-russian-ransomware-gang/index.html
Title: Ukrainian researcher with access to Conti resources

Search URL Search Domain Scan URL

URL: https://x.com/contileaks?lang=en
Title: posting private communications on X (formerly Twitter)

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/conti-ransomware-source-code-leaked-by-ukrainian-researcher/
Title: published the source code

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/conti-ransomware-shuts-down-operation-rebrands-into-smaller-units/

Search URL Search Domain Scan URL

URL: https://www.computerweekly.com/news/366602360/Royal-ransomware-crew-puts-on-a-BlackSuit-in-rebrand
Title: Royal rebranded to BlackSuit

Search URL Search Domain Scan URL

URL: https://therecord.media/cisa-fbi-warn-royal-ransomware-gang-rebrands-blacksuit
Title: correctly predict

Search URL Search Domain Scan URL

URL: https://thehackernews.com/2023/06/new-linux-ransomware-strain-blacksuit.html
Title: nearly identical

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/fbi-blacksuit-ransomware-behind-over-500-million-in-ransom-demands/
Title: over 350 attacks and $275 million in ransom demands

Search URL Search Domain Scan URL

URL: https://rclone.org/
Title: RClone

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/software/S1063/#:~:text=Brute%20Ratel%20C4%20is%20a,Type%3A%20TOOL
Title: Brute Ratel

Search URL Search Domain Scan URL

URL: https://platform.socradar.com/app/company/33533/ransomware-intelligence/28/details
Title: dozens of new victims

Search URL Search Domain Scan URL

URL: https://www.barracuda.com/products/email-protection?utm_source=10292024&utm_medium=blog&utm_campaign=blog
Title: email security

Search URL Search Domain Scan URL

URL: https://www.barracuda.com/products/email-protection/security-awareness-training?utm_source=10292024&utm_medium=blog&utm_campaign=blog
Title: phishing awareness

Search URL Search Domain Scan URL

URL: https://www.cisa.gov/stopransomware
Title: Stop Ransomware

Search URL Search Domain Scan URL

URL: https://www.barracuda.com/products?utm_source=10292024&utm_medium=blog&utm_campaign=blog
Title: give us a call

Search URL Search Domain Scan URL

URL: https://www.barracuda.com/solutions/ransomware?utm_source=10292024&utm_medium=blog&utm_campaign=blog
Title: defend every threat vector from ransomware attacks

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/clbarry/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.barracuda.com/company/engineering
Title: Barracuda Engineering

Search URL Search Domain Scan URL

URL: https://www.barracuda.com/products/email-scan?utm_source=rtrail&utm_medium=blog&utm_campaign=blog
Title: Free Email Threat Scan

Search URL Search Domain Scan URL

URL: https://www.barracuda.com/solutions/cyber-liability-insurance?utm_source=rtrail&utm_medium=blog&utm_campaign=blog
Title: Cyber Liability Insurance Guide

Search URL Search Domain Scan URL

URL: https://www.barracuda.com/company/careers?utm_source=rtrail&utm_medium=blog&utm_campaign=blog
Title: Careers at Barracuda

Search URL Search Domain Scan URL

URL: https://www.barracuda.com/company/engineering?utm_source=rtrail&utm_medium=blog&utm_campaign=blog
Title: Barracuda Engineering

Search URL Search Domain Scan URL

URL: https://www.barracuda.com/company/news?utm_source=rtrail&utm_medium=blog&utm_campaign=blog
Title: Barracuda News Room

Search URL Search Domain Scan URL

URL: https://www.barracuda.com/products/email-protection
Title: Email Protection

Search URL Search Domain Scan URL

URL: https://www.barracuda.com/products/application-protection
Title: Application Protection

Search URL Search Domain Scan URL

URL: https://www.barracuda.com/products/network-security
Title: Network Protection

Search URL Search Domain Scan URL

URL: https://www.barracuda.com/products/data-protection/backup
Title: Data Protection

Search URL Search Domain Scan URL

URL: https://www.barracuda.com/products/managed-xdr
Title: Managed XDR

Search URL Search Domain Scan URL

URL: https://www.barracuda.com/company/legal/trust-center/data-privacy/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88

https://id.rlcdn.com/464526.gif HTTP 307
https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCNqshrkGEgUI6AcQAEIASgA HTTP 307
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc12977-01HPC1BisC7vis8dw1EYLXEYQmSsLNXwMpHyBdrWk HTTP 303
https://segments.company-target.com/validateCookie?vendor=liveramp&user_id=Xc12977-01HPC1BisC7vis8dw1EYLXEYQmSsLNXwMpHyBdrWk&verifyHash=b777699098927cbbc5c467658acc16f356567a2a

Request Chain 90

https://s.adroll.com/j/pre/T6GUPQIK5REDFO6FQ66AFC/EVDJK3NJVNGOVI5VCRVBAG/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 110

https://d.adroll.com/cm/g/out?adroll_fpc=7747ae37b98892ed50f3c29e4573e7d7-1730254426534&flg=1&pv=8297482694.884284&arrfrr=https%3A%2F%2Fblog.barracuda.com%2F2024%2F10%2F29%2Fblacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate&advertisable=T6GUPQIK5REDFO6FQ66AFC HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=t2LAGki4YRZB747o_FDofA HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=t2LAGki4YRZB747o_FDofA&google_tc= HTTP 302
https://d.adroll.com/cm/g/in

Request Chain 111

https://d.adroll.com/cm/x,b,experian,index,l,o,outbrain,pubmatic,n,taboola,triplelift,r/out?adroll_fpc=7747ae37b98892ed50f3c29e4573e7d7-1730254426534&flg=1&pv=8297482694.884284&arrfrr=https%3A%2F%2Fblog.barracuda.com%2F2024%2F10%2F29%2Fblacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate&advertisable=T6GUPQIK5REDFO6FQ66AFC HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=Yjc2MmMwMWE0OGI4NjExNjQxZWY4ZWU4ZmM1MGU4N2M&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=Yjc2MmMwMWE0OGI4NjExNjQxZWY4ZWU4ZmM1MGU4N2M&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=

Request Chain 113

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6462660&time=1730254426922&li_adsId=c72b966c-4bb4-41f8-8deb-dbe3983540a5&url=https%3A%2F%2Fblog.barracuda.com%2F2024%2F10%2F29%2Fblacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6462660&time=1730254426922&li_adsId=c72b966c-4bb4-41f8-8deb-dbe3983540a5&url=https%3A%2F%2Fblog.barracuda.com%2F2024%2F10%2F29%2Fblacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D6462660%26time%3D1730254426922%26li_adsId%3Dc72b966c-4bb4-41f8-8deb-dbe3983540a5%26url%3Dhttps%253A%252F%252Fblog.barracuda.com%252F2024%252F10%252F29%252Fblacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6462660&time=1730254426922&li_adsId=c72b966c-4bb4-41f8-8deb-dbe3983540a5&url=https%3A%2F%2Fblog.barracuda.com%2F2024%2F10%2F29%2Fblacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6462660&time=1730254426922&li_adsId=c72b966c-4bb4-41f8-8deb-dbe3983540a5&url=https%3A%2F%2Fblog.barracuda.com%2F2024%2F10%2F29%2Fblacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate&cookiesTest=true&liSync=true&e_ipv6=AQJnbEhWiOTHmgAAAZLbM1UoE2b1HqiwsjKaaqvBuZjCqgsPpPdaCd63-Vmn52HObd1V_A

104 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate Show response
blog.barracuda.com/2024/10/29/ 72 KB
17 KB 498ms
153ms Document
text/html 20.226.161.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.226.161.182 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d392efc23c03ef13a82d4026c90c93e033f4fbd68454edec92f865358e17d3b3

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com .highcharts.com assets.barracuda.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Age: 783
Connection: keep-alive
Date: Wed, 30 Oct 2024 02:13:43 GMT
Strict-Transport-Security: max-age=31557600
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Cache: HIT
X-Content-Type-Options: nosniff
X-FRAME-OPTIONS: SAMEORIGIN
X-Served-By: cache-gru-sbsp2090046-GRU
X-Timer: S1730254424.668950,VS0,VS0,VE2
cache-control: max-age=300,s-maxage=600,stale-while-revalidate=43200,stale-if-error=43200,public
content-encoding: gzip
content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com script-src 'self' 'unsafe-inline' assets.adobedtm.com *.pdst.fm *.doubleclick.net *.google-analytics.com *.bing.com *.googleadservices.com *.facebook.net *.techtarget.com *.demandbase.com *.googletagmanager.com munchkin.marketo.net *.cookielaw.org *.adroll.com *.licdn.com *.mxpnl.com *.chtbl.com *.invoca.net *.livehelpnow.net addsearch.com *.youtube.com *.searchcdn.com *.vidyard.com *.hotjar.com unpkg.com *.highcharts.com assets.barracuda.com
content-type: text/html;charset=utf-8
etag: "12119-6259fee14b4a7-gzip"
expires: Wed, 30 Oct 2024 02:05:40 GMT
last-modified: Tue, 29 Oct 2024 16:18:04 GMT
x-frame-options: SAMEORIGIN
x-vhost: publish

GET
H/1.1 404
Not Found rum-standalone.js
blog.barracuda.com/.rum/@adobe/helix-rum-js@%5E2/dist/ 0
0 492ms
138ms Script
text/html 20.226.161.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.barracuda.com/.rum/@adobe/helix-rum-js@%5E2/dist/rum-standalone.js
Requested by: Host: blog.barracuda.com
URL: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.226.161.182 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Response headers

Content-Type: text/html
Cache-Control: no-store, no-cache, must-revalidate
Connection: Close

GET
H2 200 fui0ano.css
use.typekit.net/ 6 KB
1 KB 707ms
63ms Stylesheet
text/css 2600:141b:1c00:8::1728:b337
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/fui0ano.css

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:8::1728:b337 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

95646e0746b1c78d25899886984afa82c521da866557e09b443a17d05e234f2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 908
date: Wed, 30 Oct 2024 02:13:44 GMT
content-type: text/css;charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H/1.1 200
OK clientlib-base.lc-cfd1a8765b647d6f660a87bca15f377f-lc.min.css
blog.barracuda.com/etc.clientlibs/barracuda-blog/clientlibs/ 5 KB
3 KB 350ms
224ms Stylesheet
text/css 20.226.161.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/etc.clientlibs/barracuda-blog/clientlibs/clientlib-base.lc-cfd1a8765b647d6f660a87bca15f377f-lc.min.css

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.226.161.182 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

01ec7bdb75d92fb874059c36aadc85fa8e1c1c6ae69ee20040cc2230adb76b78

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com .highcharts.com assets.barracuda.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Response headers

content-encoding: gzip
x-vhost: publish
etag: W/"13d6-2386f26fb1bdc0-gzip"
Age: 655473
X-Content-Type-Options: nosniff
X-Cache: HIT
Date: Wed, 30 Oct 2024 02:13:44 GMT
last-modified: Tue, 22 Oct 2024 12:09:10 GMT
content-type: text/css;charset=utf-8
X-Served-By: cache-gru-sbsp2090046-GRU
x-frame-options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=31557600
Vary: Accept-Encoding
content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com *.pdst.fm *.doubleclick.net *.google-analytics.com *.bing.com *.googleadservices.com *.facebook.net *.techtarget.com *.demandbase.com *.googletagmanager.com munchkin.marketo.net *.cookielaw.org *.adroll.com *.licdn.com *.mxpnl.com *.chtbl.com *.invoca.net *.livehelpnow.net addsearch.com *.youtube.com *.searchcdn.com *.vidyard.com *.hotjar.com unpkg.com *.highcharts.com assets.barracuda.com
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
X-Timer: S1730254424.004192,VS0,VS0,VE1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2067

GET
H/1.1 200
OK clientlib-base.lc-cfd1a8765b647d6f660a87bca15f377f-lc.min.css
blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/ 5 KB
3 KB 429ms
154ms Stylesheet
text/css 20.226.161.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/clientlib-base.lc-cfd1a8765b647d6f660a87bca15f377f-lc.min.css

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.226.161.182 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

01ec7bdb75d92fb874059c36aadc85fa8e1c1c6ae69ee20040cc2230adb76b78

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com .highcharts.com assets.barracuda.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Response headers

content-encoding: gzip
x-vhost: publish
etag: W/"13d6-2386f26fb1bdc0-gzip"
Age: 231421
X-Content-Type-Options: nosniff
X-Cache: HIT
Date: Wed, 30 Oct 2024 02:13:44 GMT
last-modified: Sun, 27 Oct 2024 09:56:42 GMT
content-type: text/css;charset=utf-8
X-Served-By: cache-gru-sbsp2090042-GRU
x-frame-options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=31557600
Vary: Accept-Encoding
content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com *.pdst.fm *.doubleclick.net *.google-analytics.com *.bing.com *.googleadservices.com *.facebook.net *.techtarget.com *.demandbase.com *.googletagmanager.com munchkin.marketo.net *.cookielaw.org *.adroll.com *.licdn.com *.mxpnl.com *.chtbl.com *.invoca.net *.livehelpnow.net addsearch.com *.youtube.com *.searchcdn.com *.vidyard.com *.hotjar.com unpkg.com *.highcharts.com assets.barracuda.com
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
X-Timer: S1730254424.110181,VS0,VS0,VE1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2067

GET
H/1.1 200
OK clientlib-legacy.lc-bc4329dea2e655f9b2462a8c3c3e52cf-lc.min.css
blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/ 11 KB
3 KB 428ms
152ms Stylesheet
text/css 20.226.161.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/clientlib-legacy.lc-bc4329dea2e655f9b2462a8c3c3e52cf-lc.min.css

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.226.161.182 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cc6061367e4f3d946a4ed9bee8fb906e2db5738c15126084ab3c137e5e8004b1

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com .highcharts.com assets.barracuda.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Response headers

content-encoding: gzip
x-vhost: publish
etag: W/"2ce8-2386f26fb1bdc0-gzip"
Age: 144518
X-Content-Type-Options: nosniff
X-Cache: HIT
Date: Wed, 30 Oct 2024 02:13:44 GMT
last-modified: Mon, 28 Oct 2024 10:05:06 GMT
content-type: text/css;charset=utf-8
X-Served-By: cache-gru-sbsp2090041-GRU
x-frame-options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=31557600
Vary: Accept-Encoding
content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com *.pdst.fm *.doubleclick.net *.google-analytics.com *.bing.com *.googleadservices.com *.facebook.net *.techtarget.com *.demandbase.com *.googletagmanager.com munchkin.marketo.net *.cookielaw.org *.adroll.com *.licdn.com *.mxpnl.com *.chtbl.com *.invoca.net *.livehelpnow.net addsearch.com *.youtube.com *.searchcdn.com *.vidyard.com *.hotjar.com unpkg.com *.highcharts.com assets.barracuda.com
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
X-Timer: S1730254424.109131,VS0,VS0,VE2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2292

GET
H/1.1 200
OK clientlib-site.lc-c7edbd3ad6f5a6e02f430e6d9778eaee-lc.min.css
blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/ 617 KB
76 KB 426ms
151ms Stylesheet
text/css 20.226.161.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/clientlib-site.lc-c7edbd3ad6f5a6e02f430e6d9778eaee-lc.min.css

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.226.161.182 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cfcbe25d611e3cd005ea556aeb269ca4395d124b5c583b4bd0eefabd2c1a8fa3

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com .highcharts.com assets.barracuda.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Response headers

content-encoding: gzip
x-vhost: publish
etag: W/"9a318-2386f26fb1bdc0-gzip"
Age: 237663
X-Content-Type-Options: nosniff
X-Cache: HIT
Date: Wed, 30 Oct 2024 02:13:44 GMT
last-modified: Sun, 27 Oct 2024 08:12:41 GMT
content-type: text/css;charset=utf-8
X-Served-By: cache-gru-sbsp2090022-GRU
x-frame-options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=31557600
Vary: Accept-Encoding
content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com *.pdst.fm *.doubleclick.net *.google-analytics.com *.bing.com *.googleadservices.com *.facebook.net *.techtarget.com *.demandbase.com *.googletagmanager.com munchkin.marketo.net *.cookielaw.org *.adroll.com *.licdn.com *.mxpnl.com *.chtbl.com *.invoca.net *.livehelpnow.net addsearch.com *.youtube.com *.searchcdn.com *.vidyard.com *.hotjar.com unpkg.com *.highcharts.com assets.barracuda.com
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
X-Timer: S1730254424.108867,VS0,VS0,VE0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 76546

GET
H/1.1 200
OK clientlib-site.lc-fa4a4ef63c982ef1a7eb6cac9edfdf32-lc.min.css
blog.barracuda.com/etc.clientlibs/barracuda-blog/clientlibs/ 35 KB
7 KB 430ms
153ms Stylesheet
text/css 20.226.161.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/etc.clientlibs/barracuda-blog/clientlibs/clientlib-site.lc-fa4a4ef63c982ef1a7eb6cac9edfdf32-lc.min.css

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.226.161.182 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9786300ad98d5d2a5d668903f72cbfdf98275e556a1e842b8163663425284cee

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com .highcharts.com assets.barracuda.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Response headers

content-encoding: gzip
x-vhost: publish
etag: W/"8b93-2386f26fb1bdc0-gzip"
Age: 1272079
X-Content-Type-Options: nosniff
X-Cache: HIT
Date: Wed, 30 Oct 2024 02:13:44 GMT
last-modified: Tue, 15 Oct 2024 08:52:25 GMT
content-type: text/css;charset=utf-8
X-Served-By: cache-gru-sbsp2090029-GRU
x-frame-options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=31557600
Vary: Accept-Encoding
content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com *.pdst.fm *.doubleclick.net *.google-analytics.com *.bing.com *.googleadservices.com *.facebook.net *.techtarget.com *.demandbase.com *.googletagmanager.com munchkin.marketo.net *.cookielaw.org *.adroll.com *.licdn.com *.mxpnl.com *.chtbl.com *.invoca.net *.livehelpnow.net addsearch.com *.youtube.com *.searchcdn.com *.vidyard.com *.hotjar.com unpkg.com *.highcharts.com assets.barracuda.com
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
X-Timer: S1730254424.111604,VS0,VS0,VE1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5976

GET
H/1.1 200
OK logo_barracuda_primary_reversed.svg
blog.barracuda.com/content/dam/barracuda-corp/images/site/header/ 10 KB
11 KB 222ms
143ms Image
image/svg+xml 20.226.161.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.barracuda.com/content/dam/barracuda-corp/images/site/header/logo_barracuda_primary_reversed.svg

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.226.161.182 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

adf2523156431815d7acccfb2fb25ea818fb3b231d1ba0c20df2377fd815192a

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com *.vidyard.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Response headers

x-vhost: publish
ETag: "0x8DC00CF89C79D7B"
Age: 41157
x-content-type-options: nosniff
X-Cache: HIT
Date: Wed, 30 Oct 2024 02:13:44 GMT
Content-Type: image/svg+xml
Last-Modified: Tue, 19 Dec 2023 20:17:34 GMT
X-Served-By: cache-gru-sbsp2090041-GRU
content-disposition: inline
x-frame-options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=31557600
content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com
Cache-Control: max-age=7200,s-maxage=86400,stale-while-revalidate=43200,stale-if-error=43200,public
X-Timer: S1730254424.255487,VS0,VS0,VE1
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 10238

GET
H/1.1 200
OK Generic_Featured_RansomwareBlackSuit_1200x628.jpg
blog.barracuda.com/content/dam/barracuda-blog/images/2024/10/ 40 KB
41 KB 145ms
144ms Image
image/jpeg 20.226.161.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.barracuda.com/content/dam/barracuda-blog/images/2024/10/Generic_Featured_RansomwareBlackSuit_1200x628.jpg

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.226.161.182 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

14cc688727c79579ba4141b0b69e5b5c2c28459503aa6557fb84adfd767b48ea

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com *.vidyard.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Response headers

x-vhost: publish
ETag: "0x8DCF8132B148CBE"
Age: 36486
x-content-type-options: nosniff
X-Cache: HIT
Date: Wed, 30 Oct 2024 02:13:44 GMT
Content-Type: image/jpeg
Last-Modified: Tue, 29 Oct 2024 12:13:59 GMT
X-Served-By: cache-gru-sbsp2090042-GRU
content-disposition: inline
x-frame-options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=31557600
content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com
Cache-Control: max-age=7200,s-maxage=86400,stale-while-revalidate=43200,stale-if-error=43200,public
X-Timer: S1730254424.255750,VS0,VS0,VE1
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 41083

GET
H/1.1 200
OK cb.png
blog.barracuda.com/content/dam/barracuda-blog/images/2018/02/ 31 KB
32 KB 144ms
144ms Image
image/png 20.226.161.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.barracuda.com/content/dam/barracuda-blog/images/2018/02/cb.png

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.226.161.182 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3ddf2ecfcce74cbec75ccd67a7f591dba759130d4a3c985e9dfad155a8bbfa71

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com *.vidyard.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Response headers

Content-MD5: gpNc/OJTHitOxGoY4PqvLA==
x-vhost: publish
ETag: "0x8DA81271FCC3311"
Age: 41157
x-content-type-options: nosniff
X-Cache: HIT
Date: Wed, 30 Oct 2024 02:13:44 GMT
Content-Type: image/png
Last-Modified: Thu, 18 Aug 2022 14:37:06 GMT
X-Served-By: cache-gru-sbsp2090041-GRU
content-disposition: inline
x-frame-options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=31557600
content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com
Cache-Control: max-age=7200,s-maxage=86400,stale-while-revalidate=43200,stale-if-error=43200,public
X-Timer: S1730254424.402678,VS0,VS0,VE1
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 31756

GET
H/1.1 200
OK clearview-ai.jpg
blog.barracuda.com/content/dam/barracuda-blog/images/2024/10/ 80 KB
80 KB 144ms
144ms Image
image/jpeg 20.226.161.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.barracuda.com/content/dam/barracuda-blog/images/2024/10/clearview-ai.jpg

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.226.161.182 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9b837aa419d6cbf9b8d876c50ce46df77b5e1d70a88d33a4132db523f0a8a0c4

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com *.vidyard.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Response headers

x-vhost: publish
ETag: "0x8DCF3A5BB092EE1"
Age: 36486
x-content-type-options: nosniff
X-Cache: HIT
Date: Wed, 30 Oct 2024 02:13:44 GMT
Content-Type: image/jpeg
Last-Modified: Wed, 23 Oct 2024 21:00:31 GMT
X-Served-By: cache-gru-sbsp2090042-GRU
content-disposition: inline
x-frame-options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=31557600
content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com
Cache-Control: max-age=7200,s-maxage=86400,stale-while-revalidate=43200,stale-if-error=43200,public
X-Timer: S1730254425.673347,VS0,VS0,VE1
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 81619

GET
H/1.1 200
OK Generic_Featured_LLM_Attacks_1200x628.png
blog.barracuda.com/content/dam/barracuda-blog/images/2024/10/ 1 MB
1 MB 143ms
143ms Image
image/png 20.226.161.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.barracuda.com/content/dam/barracuda-blog/images/2024/10/Generic_Featured_LLM_Attacks_1200x628.png

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.226.161.182 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a7bfb2ef6587c1531e20cf111d0095577485ba06f89e933e95f3ce9b1c5890f5

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com *.vidyard.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Response headers

x-vhost: publish
ETag: "0x8DCED2BB1828B4D"
Age: 65799
x-content-type-options: nosniff
X-Cache: HIT
Date: Wed, 30 Oct 2024 02:13:44 GMT
Content-Type: image/png
Last-Modified: Tue, 15 Oct 2024 15:11:49 GMT
X-Served-By: cache-gru-sbsp2090041-GRU
content-disposition: inline
x-frame-options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=31557600
content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com
Cache-Control: max-age=7200,s-maxage=86400,stale-while-revalidate=43200,stale-if-error=43200,public
X-Timer: S1730254425.685131,VS0,VS0,VE1
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 1282257

GET
H/1.1 200
OK cyber-insurance.jpg
blog.barracuda.com/content/dam/barracuda-blog/images/2023/03/ 98 KB
98 KB 160ms
154ms Image
image/jpeg 20.226.161.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.barracuda.com/content/dam/barracuda-blog/images/2023/03/cyber-insurance.jpg

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.226.161.182 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9da108dad761c24f3bf92790c83882472843e3d06d8bdda8743f4187c1d93c23

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com *.vidyard.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Response headers

x-vhost: publish
ETag: "0x8DB352CD071DFF0"
Age: 82687
x-content-type-options: nosniff
X-Cache: HIT
Date: Wed, 30 Oct 2024 02:13:45 GMT
Content-Type: image/jpeg
Last-Modified: Tue, 04 Apr 2023 16:51:19 GMT
X-Served-By: cache-gru-sbsp2090027-GRU
content-disposition: inline
x-frame-options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=31557600
content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com
Cache-Control: max-age=7200,s-maxage=86400,stale-while-revalidate=43200,stale-if-error=43200,public
X-Timer: S1730254425.130163,VS0,VS0,VE1
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 100035

GET
H/1.1 200
OK gartner-ransomware-1200x628-2024.jpg
blog.barracuda.com/content/dam/barracuda-blog/images/2024/09/ 515 KB
516 KB 147ms
146ms Image
image/jpeg 20.226.161.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.barracuda.com/content/dam/barracuda-blog/images/2024/09/gartner-ransomware-1200x628-2024.jpg

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.226.161.182 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

16f1be7697fc2f333cf516604ee180dcbc22f312a3fdd5bd0fda30c805a37341

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com *.vidyard.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Response headers

x-vhost: publish
ETag: "0x8DCCD29ADDD09E4"
Age: 82682
x-content-type-options: nosniff
X-Cache: HIT
Date: Wed, 30 Oct 2024 02:13:45 GMT
Content-Type: image/jpeg
Last-Modified: Wed, 04 Sep 2024 21:36:47 GMT
X-Served-By: cache-gru-sbsp2090029-GRU
content-disposition: inline
x-frame-options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=31557600
content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com
Cache-Control: max-age=7200,s-maxage=86400,stale-while-revalidate=43200,stale-if-error=43200,public
X-Timer: S1730254425.132461,VS0,VS0,VE4
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 527693

GET
H/1.1 200
OK container.lc-0a6aff292f5cc42142779cde92054524-lc.min.js Show response
blog.barracuda.com/etc.clientlibs/core/wcm/components/commons/site/clientlibs/ 1 KB
2 KB 154ms
152ms Script
application/javascript 20.226.161.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/etc.clientlibs/core/wcm/components/commons/site/clientlibs/container.lc-0a6aff292f5cc42142779cde92054524-lc.min.js

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.226.161.182 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c250924012fdc9ea9516b30650895201cd167dbd49c9d148924f30881abfa393

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com .highcharts.com assets.barracuda.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Response headers

content-encoding: gzip
x-vhost: publish
etag: W/"4f7-2386f26fb1bdc0-gzip"
Age: 1272079
X-Content-Type-Options: nosniff
X-Cache: HIT
Date: Wed, 30 Oct 2024 02:13:44 GMT
last-modified: Tue, 15 Oct 2024 08:52:25 GMT
content-type: application/javascript;charset=utf-8
X-Served-By: cache-gru-sbsp2090022-GRU
x-frame-options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=31557600
Vary: Accept-Encoding
content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com *.pdst.fm *.doubleclick.net *.google-analytics.com *.bing.com *.googleadservices.com *.facebook.net *.techtarget.com *.demandbase.com *.googletagmanager.com munchkin.marketo.net *.cookielaw.org *.adroll.com *.licdn.com *.mxpnl.com *.chtbl.com *.invoca.net *.livehelpnow.net addsearch.com *.youtube.com *.searchcdn.com *.vidyard.com *.hotjar.com unpkg.com *.highcharts.com assets.barracuda.com
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
X-Timer: S1730254425.844807,VS0,VS0,VE11
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 491

GET
H/1.1 200
OK jquery.lc-f9e8e8c279baf6a1a278042afe4f395a-lc.min.js Show response
blog.barracuda.com/etc.clientlibs/clientlibs/granite/ 99 KB
37 KB 146ms
144ms Script
application/javascript 20.226.161.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/etc.clientlibs/clientlibs/granite/jquery.lc-f9e8e8c279baf6a1a278042afe4f395a-lc.min.js

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.226.161.182 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ac9c69c1f6df29993331f7e3f9b7ec6d343575d60f4a5795456422e33bcf15d2

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com .highcharts.com assets.barracuda.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Response headers

content-encoding: gzip
x-vhost: publish
etag: W/"18d32-2386f26fb1bdc0-gzip"
Age: 655473
X-Content-Type-Options: nosniff
X-Cache: HIT
Date: Wed, 30 Oct 2024 02:13:44 GMT
last-modified: Tue, 22 Oct 2024 12:09:12 GMT
content-type: application/javascript;charset=utf-8
X-Served-By: cache-gru-sbsp2090029-GRU
x-frame-options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=31557600
Vary: Accept-Encoding
content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com *.pdst.fm *.doubleclick.net *.google-analytics.com *.bing.com *.googleadservices.com *.facebook.net *.techtarget.com *.demandbase.com *.googletagmanager.com munchkin.marketo.net *.cookielaw.org *.adroll.com *.licdn.com *.mxpnl.com *.chtbl.com *.invoca.net *.livehelpnow.net addsearch.com *.youtube.com *.searchcdn.com *.vidyard.com *.hotjar.com unpkg.com *.highcharts.com assets.barracuda.com
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
X-Timer: S1730254425.845718,VS0,VS0,VE1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36477

GET
H/1.1 200
OK clientlib-base.lc-39f8413d3689b6f83630bf47a4e0de88-lc.min.js Show response
blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/ 81 KB
26 KB 155ms
153ms Script
application/javascript 20.226.161.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/clientlib-base.lc-39f8413d3689b6f83630bf47a4e0de88-lc.min.js

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.226.161.182 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a30199dc4b0fb3a02863ada8d58f4491ba215661bb2391fe1655d8e75e787649

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com .highcharts.com assets.barracuda.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Response headers

content-encoding: gzip
x-vhost: publish
etag: W/"143a2-2386f26fb1bdc0-gzip"
Age: 203012
X-Content-Type-Options: nosniff
X-Cache: HIT
Date: Wed, 30 Oct 2024 02:13:44 GMT
last-modified: Sun, 27 Oct 2024 17:50:12 GMT
content-type: application/javascript;charset=utf-8
X-Served-By: cache-gru-sbsp2090056-GRU
x-frame-options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=31557600
Vary: Accept-Encoding
content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com *.pdst.fm *.doubleclick.net *.google-analytics.com *.bing.com *.googleadservices.com *.facebook.net *.techtarget.com *.demandbase.com *.googletagmanager.com munchkin.marketo.net *.cookielaw.org *.adroll.com *.licdn.com *.mxpnl.com *.chtbl.com *.invoca.net *.livehelpnow.net addsearch.com *.youtube.com *.searchcdn.com *.vidyard.com *.hotjar.com unpkg.com *.highcharts.com assets.barracuda.com
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
X-Timer: S1730254425.854444,VS0,VS0,VE1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25603

GET
H/1.1 200
OK clientlib-legacy.lc-d41d8cd98f00b204e9800998ecf8427e-lc.min.js Show response
blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/ 0
1 KB 269ms
143ms Script
application/javascript 20.226.161.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/clientlib-legacy.lc-d41d8cd98f00b204e9800998ecf8427e-lc.min.js

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.226.161.182 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com .highcharts.com assets.barracuda.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Response headers

x-vhost: publish
etag: W/"0-2386f26fb1bdc0"
Age: 655473
X-Content-Type-Options: nosniff
X-Cache: HIT
Date: Wed, 30 Oct 2024 02:13:44 GMT
last-modified: Tue, 22 Oct 2024 12:09:12 GMT
content-type: application/javascript;charset=utf-8
X-Served-By: cache-gru-sbsp2090042-GRU
x-frame-options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=31557600
content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com *.pdst.fm *.doubleclick.net *.google-analytics.com *.bing.com *.googleadservices.com *.facebook.net *.techtarget.com *.demandbase.com *.googletagmanager.com munchkin.marketo.net *.cookielaw.org *.adroll.com *.licdn.com *.mxpnl.com *.chtbl.com *.invoca.net *.livehelpnow.net addsearch.com *.youtube.com *.searchcdn.com *.vidyard.com *.hotjar.com unpkg.com *.highcharts.com assets.barracuda.com
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
X-Timer: S1730254425.970621,VS0,VS0,VE1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0

GET
H/1.1 200
OK clientlib-site.lc-ef8be087fb429a1c186888caf23d806f-lc.min.js Show response
blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/ 132 KB
47 KB 171ms
142ms Script
application/javascript 20.226.161.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/clientlib-site.lc-ef8be087fb429a1c186888caf23d806f-lc.min.js

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.226.161.182 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

690af93ae961048c14bf29508e15a1b1052bf61fdd23a1ab9f94a095b43f2ebe

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com .highcharts.com assets.barracuda.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Response headers

content-encoding: gzip
x-vhost: publish
etag: W/"20edc-2386f26fb1bdc0-gzip"
Age: 237668
X-Content-Type-Options: nosniff
X-Cache: HIT
Date: Wed, 30 Oct 2024 02:13:44 GMT
last-modified: Sun, 27 Oct 2024 08:12:36 GMT
content-type: application/javascript;charset=utf-8
X-Served-By: cache-gru-sbsp2090022-GRU
x-frame-options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=31557600
Vary: Accept-Encoding
content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com *.pdst.fm *.doubleclick.net *.google-analytics.com *.bing.com *.googleadservices.com *.facebook.net *.techtarget.com *.demandbase.com *.googletagmanager.com munchkin.marketo.net *.cookielaw.org *.adroll.com *.licdn.com *.mxpnl.com *.chtbl.com *.invoca.net *.livehelpnow.net addsearch.com *.youtube.com *.searchcdn.com *.vidyard.com *.hotjar.com unpkg.com *.highcharts.com assets.barracuda.com
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
X-Timer: S1730254425.998576,VS0,VS0,VE0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 46378

GET
H/1.1 200
OK clientlib-site.lc-bd076243bba912aa9aef0ddfc05b23a9-lc.min.js Show response
blog.barracuda.com/etc.clientlibs/barracuda-blog/clientlibs/ 92 KB
33 KB 263ms
146ms Script
application/javascript 20.226.161.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/etc.clientlibs/barracuda-blog/clientlibs/clientlib-site.lc-bd076243bba912aa9aef0ddfc05b23a9-lc.min.js

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.226.161.182 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1636daeadf68320a8ff084924ab12632028d06a02bcb2de4febd953b14ab074b

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com .highcharts.com assets.barracuda.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Response headers

content-encoding: gzip
x-vhost: publish
etag: W/"1705b-2386f26fb1bdc0-gzip"
Age: 573712
X-Content-Type-Options: nosniff
X-Cache: HIT
Date: Wed, 30 Oct 2024 02:13:45 GMT
last-modified: Wed, 23 Oct 2024 10:51:53 GMT
content-type: application/javascript;charset=utf-8
X-Served-By: cache-gru-sbsp2090042-GRU
x-frame-options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=31557600
Vary: Accept-Encoding
content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com *.pdst.fm *.doubleclick.net *.google-analytics.com *.bing.com *.googleadservices.com *.facebook.net *.techtarget.com *.demandbase.com *.googletagmanager.com munchkin.marketo.net *.cookielaw.org *.adroll.com *.licdn.com *.mxpnl.com *.chtbl.com *.invoca.net *.livehelpnow.net addsearch.com *.youtube.com *.searchcdn.com *.vidyard.com *.hotjar.com unpkg.com *.highcharts.com assets.barracuda.com
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
X-Timer: S1730254425.115305,VS0,VS0,VE4
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32917

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 292ms
66ms Stylesheet
text/css 2600:141b:1c00:8::1728:b338
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=fui0ano&ht=tk&f=139.169.173.175.5474.25136.2028.2030&a=85669855&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/fui0ano.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:8::1728:b338 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://use.typekit.net/

Response headers

cache-control: public, max-age=604800
etag: "65edab1d-5"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5
date: Wed, 30 Oct 2024 02:13:44 GMT
content-type: text/css
last-modified: Sun, 10 Mar 2024 12:44:13 GMT
server: nginx

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 251 KB
89 KB 223ms
86ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5ZTMGHH

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1f0040095340adb7d81ee99f6fb7d7a6138a3e11389c7c09353407b6399aa3ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Wed, 30 Oct 2024 02:13:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 02:13:44 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 30 Oct 2024 00:21:23 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 90447
x-xss-protection: 0
server: Google Tag Manager

GET
DATA 200
OK truncated
/ 378 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b825cc32ded55e1caa04b70f4b7f0f3010cfbbff4e1d89a035666b649ba2f782

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 235 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7abff666ecb3f4aa7ceb076cc27af4f404c83ad375b76b6aa1a999e844c6adb9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 381 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 330fd6d564dff1313d98d4b80e4f7244d1ea1adfd8ea65b4f0bcc34d424137ae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 262 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4dcf1d72acbe2bfd136649ccbd6db931817e80b60441c95cf57b6cdb36a5e0b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 499 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5abdd6df1d760db1c6749fd92ce2d8a037cb411bc4849da3277cbedab35b8f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 312 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 689a6a3883d0edac137cbb2aa2a1b1bf310d369cd42184d6f3bfce728165f9a4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 511 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 788e13062637eec87f998fb1ca0b33fdce66fbc5b05d68ddea2e6f11ba466c2c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 l
use.typekit.net/af/23e139/00000000000000007735e605/30/ 30 KB
30 KB 309ms
125ms Font
application/font-woff2 2600:141b:1c00:8::1728:b337
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/23e139/00000000000000007735e605/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/fui0ano.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:8::1728:b337 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 38e9ade7cb9f7a31a4525f2a70c4bdd2529340926202641bbbda8d655df8c0c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://blog.barracuda.com
Referer: https://use.typekit.net/fui0ano.css

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "a21f48c40e7bf9dfada3e63deed3f84d0cf8b79b"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 30440
date: Wed, 30 Oct 2024 02:13:45 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/1be3c2/00000000000000007735e606/30/ 29 KB
29 KB 248ms
64ms Font
application/font-woff2 2600:141b:1c00:8::1728:b337
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/1be3c2/00000000000000007735e606/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/fui0ano.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:8::1728:b337 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 34983ec5da74c95f7b9aba9e7abd42ca76b95cde4c06f476f6bfeb5547bd85ef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://blog.barracuda.com
Referer: https://use.typekit.net/fui0ano.css

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "174f4ede5c586799404565373f175cfaf1562181"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 30008
date: Wed, 30 Oct 2024 02:13:45 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ 29 KB
29 KB 258ms
74ms Font
application/font-woff2 2600:141b:1c00:8::1728:b337
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/fui0ano.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:8::1728:b337 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c4d04d2b6a041dde11c80d8332f983a58c1031c663ab4f42230899cb82adf4a7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://blog.barracuda.com
Referer: https://use.typekit.net/fui0ano.css

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "6aeae62b893768150f3460329dc461358e8ab2f5"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 29820
date: Wed, 30 Oct 2024 02:13:45 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/78aca8/00000000000000007735e60d/30/ 29 KB
29 KB 319ms
136ms Font
application/font-woff2 2600:141b:1c00:8::1728:b337
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/78aca8/00000000000000007735e60d/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/fui0ano.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:8::1728:b337 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b07871da02311868c31ab6ac5a4e78cc877f118acd854857f6f51519f3ddbbc9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://blog.barracuda.com
Referer: https://use.typekit.net/fui0ano.css

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "1d1aed9a298449b26ef6d57c78caa88b6b5de306"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 29764
date: Wed, 30 Oct 2024 02:13:45 GMT
content-type: application/font-woff2
server: nginx

GET
H/1.1 200
OK dfirreport-systembc.png
blog.barracuda.com/adobe/dynamicmedia/deliver/dm-aid--72a1e18d-e6ab-42c2-b65b-b7cf92fc41b8/ 44 KB
45 KB 144ms
144ms Image
image/webp 20.226.161.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.barracuda.com/adobe/dynamicmedia/deliver/dm-aid--72a1e18d-e6ab-42c2-b65b-b7cf92fc41b8/dfirreport-systembc.png?preferwebp=true&width=1024&quality=95

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.226.161.182 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

121f0686e2734a9ed25b1caea7ef4b1bb6cb3daad9c4ecb37e099973a28d5180

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com *.vidyard.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Response headers

x-sky-dm-backend: true
x-vhost: publish
Etag: "gi7VRLqSw0FyU6aRDCbKzLsibQi7slByBwwxmccW1L4"
Age: 170
X-Content-Type-Options: nosniff
X-Cache: HIT
Date: Wed, 30 Oct 2024 02:13:45 GMT
Content-Type: image/webp
Content-Disposition: inline; filename="dfirreport-systembc.webp"; filename*=UTF-8''dfirreport-systembc.webp
X-Served-By: cache-gru-sbsp2090042-GRU
Vary: Accept
X-FRAME-OPTIONS: SAMEORIGIN
Fastly-Stats: io=1
Strict-Transport-Security: max-age=31557600
content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com
Cache-Control: public, max-age=600, stale-while-revalidate=21600, stale-if-error=86400
X-Timer: S1730254425.272258,VS0,VS0,VE1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 45266
Fastly-Io-Served-By: vpop-kiad7010248

GET
H/1.1 200
OK logo_barracuda_primary_reversed.svg
blog.barracuda.com/content/dam/barracuda-corp/images/site/header/ 10 KB
399 B 148ms
147ms Other
image/svg+xml 20.226.161.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/content/dam/barracuda-corp/images/site/header/logo_barracuda_primary_reversed.svg

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.226.161.182 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

adf2523156431815d7acccfb2fb25ea818fb3b231d1ba0c20df2377fd815192a

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com *.vidyard.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Response headers

x-vhost: publish
ETag: "0x8DC00CF89C79D7B"
Age: 41158
x-content-type-options: nosniff
X-Cache: HIT
Date: Wed, 30 Oct 2024 02:13:45 GMT
content-disposition: inline
Content-Type: image/svg+xml
X-Served-By: cache-gru-sbsp2090056-GRU
Last-Modified: Tue, 19 Dec 2023 20:17:34 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=31557600
content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com
Cache-Control: max-age=7200,s-maxage=86400,stale-while-revalidate=43200,stale-if-error=43200,public
X-Timer: S1730254425.277095,VS0,VS0,VE4
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 10238

GET
H/1.1 200
OK Generic_Featured_RansomwareBlackSuit_1200x628.jpg
blog.barracuda.com/content/dam/barracuda-blog/images/2024/10/ 40 KB
399 B 147ms
146ms Other
image/jpeg 20.226.161.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/content/dam/barracuda-blog/images/2024/10/Generic_Featured_RansomwareBlackSuit_1200x628.jpg

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.226.161.182 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

14cc688727c79579ba4141b0b69e5b5c2c28459503aa6557fb84adfd767b48ea

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com *.vidyard.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Response headers

x-vhost: publish
ETag: "0x8DCF8132B148CBE"
Age: 36487
x-content-type-options: nosniff
X-Cache: HIT
Date: Wed, 30 Oct 2024 02:13:45 GMT
content-disposition: inline
Content-Type: image/jpeg
X-Served-By: cache-gru-sbsp2090022-GRU
Last-Modified: Tue, 29 Oct 2024 12:13:59 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=31557600
content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com
Cache-Control: max-age=7200,s-maxage=86400,stale-while-revalidate=43200,stale-if-error=43200,public
X-Timer: S1730254425.279067,VS0,VS0,VE3
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 41083

GET
H2 200 blog-subscribe-sidebar Show response
app.barracuda.com/iframe/ Frame F15C 194 KB
33 KB 436ms
272ms Document
text/html 2600:9000:2840:d000:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/iframe/blog-subscribe-sidebar?lang=en

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2840:d000:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

72cf5dc87a1d16687bcadbeafc5436e576e1a4374d338eb3704b165969c2abe0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.barracuda.com https://author-p42007-e184970.adobeaemcloud.com https://lp.barracudamsp.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.barracuda.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://blog.barracuda.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
content-encoding: gzip
content-length: 32048
content-security-policy: frame-ancestors 'self' https://*.barracuda.com https://author-p42007-e184970.adobeaemcloud.com https://lp.barracudamsp.com
content-type: text/html; charset=UTF-8
date: Wed, 30 Oct 2024 02:13:45 GMT
expires: Wed, 30 Oct 2024 02:13:45 GMT
last-modified: Mon, 28 Oct 2024 02:13:45 GMT
pragma: no-cache
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 22d3debbbb07cb3be927b2ec2660bc0c.cloudfront.net (CloudFront)
x-amz-cf-id: 052hq-qHA-2EgbRDaoIRs-WngHszJEu7J8lC7izYYz7aYjldouYqig==
x-amz-cf-pop: JFK52-P7
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 subscribe-blog Show response
app.barracuda.com/iframe/ Frame AD61 194 KB
33 KB 376ms
214ms Document
text/html 2600:9000:2840:d000:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/iframe/subscribe-blog?container_left_align=yes&lang=en

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2840:d000:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

6e2d7d60f9124415b31d3febaab11d851a4ca679ac122688591acb3a1f901417

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.barracuda.com https://author-p42007-e184970.adobeaemcloud.com https://lp.barracudamsp.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.barracuda.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://blog.barracuda.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
content-encoding: gzip
content-length: 32155
content-security-policy: frame-ancestors 'self' https://*.barracuda.com https://author-p42007-e184970.adobeaemcloud.com https://lp.barracudamsp.com
content-type: text/html; charset=UTF-8
date: Wed, 30 Oct 2024 02:13:45 GMT
expires: Wed, 30 Oct 2024 02:13:45 GMT
last-modified: Mon, 28 Oct 2024 02:13:45 GMT
pragma: no-cache
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 22d3debbbb07cb3be927b2ec2660bc0c.cloudfront.net (CloudFront)
x-amz-cf-id: aR-gncajjcU-IiwFqtKXOcfY6I_FoZjUnCNRLn2gsvERquRIO6ee_w==
x-amz-cf-pop: JFK52-P7
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK cb.png
blog.barracuda.com/content/dam/barracuda-blog/images/2018/02/ 31 KB
399 B 143ms
143ms Other
image/png 20.226.161.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/content/dam/barracuda-blog/images/2018/02/cb.png

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.226.161.182 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3ddf2ecfcce74cbec75ccd67a7f591dba759130d4a3c985e9dfad155a8bbfa71

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com *.vidyard.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Response headers

Content-MD5: gpNc/OJTHitOxGoY4PqvLA==
x-vhost: publish
ETag: "0x8DA81271FCC3311"
Age: 41159
x-content-type-options: nosniff
X-Cache: HIT
Date: Wed, 30 Oct 2024 02:13:45 GMT
Content-Type: image/png
X-Served-By: cache-gru-sbsp2090027-GRU
Last-Modified: Thu, 18 Aug 2022 14:37:06 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=31557600
content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com
Cache-Control: max-age=7200,s-maxage=86400,stale-while-revalidate=43200,stale-if-error=43200,public
X-Timer: S1730254426.689071,VS0,VS0,VE1
content-disposition: inline
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 31756

GET
H/1.1 200
OK clearview-ai.jpg
blog.barracuda.com/content/dam/barracuda-blog/images/2024/10/ 80 KB
399 B 145ms
144ms Other
image/jpeg 20.226.161.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/content/dam/barracuda-blog/images/2024/10/clearview-ai.jpg

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.226.161.182 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9b837aa419d6cbf9b8d876c50ce46df77b5e1d70a88d33a4132db523f0a8a0c4

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com *.vidyard.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Response headers

x-vhost: publish
ETag: "0x8DCF3A5BB092EE1"
Age: 36487
x-content-type-options: nosniff
X-Cache: HIT
Date: Wed, 30 Oct 2024 02:13:45 GMT
content-disposition: inline
Content-Type: image/jpeg
X-Served-By: cache-gru-sbsp2090022-GRU
Last-Modified: Wed, 23 Oct 2024 21:00:31 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=31557600
content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com
Cache-Control: max-age=7200,s-maxage=86400,stale-while-revalidate=43200,stale-if-error=43200,public
X-Timer: S1730254426.716032,VS0,VS0,VE2
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 81619

GET
H/1.1 200
OK Generic_Featured_LLM_Attacks_1200x628.png
blog.barracuda.com/content/dam/barracuda-blog/images/2024/10/ 1 MB
399 B 147ms
146ms Other
image/png 20.226.161.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/content/dam/barracuda-blog/images/2024/10/Generic_Featured_LLM_Attacks_1200x628.png

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.226.161.182 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a7bfb2ef6587c1531e20cf111d0095577485ba06f89e933e95f3ce9b1c5890f5

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com *.vidyard.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Response headers

x-vhost: publish
ETag: "0x8DCED2BB1828B4D"
Age: 65800
x-content-type-options: nosniff
X-Cache: HIT
Date: Wed, 30 Oct 2024 02:13:45 GMT
content-disposition: inline
Content-Type: image/png
X-Served-By: cache-gru-sbsp2090056-GRU
Last-Modified: Tue, 15 Oct 2024 15:11:49 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=31557600
content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com
Cache-Control: max-age=7200,s-maxage=86400,stale-while-revalidate=43200,stale-if-error=43200,public
X-Timer: S1730254426.726244,VS0,VS0,VE1
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 1282257

GET
H2 200 cuda.cookie.js Show response
app.barracuda.com/js/cuda/ Frame AD61 2 KB
1 KB 117ms
114ms Script
text/javascript 2600:9000:2840:d000:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/js/cuda/cuda.cookie.js?v=1729873401

Requested by

Host: app.barracuda.com
URL: https://app.barracuda.com/iframe/subscribe-blog?container_left_align=yes&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2840:d000:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

476bc717be861c9abe30f8c2504ec49c7c5333275be99a6a5385feae22c9c9e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.barracuda.com/iframe/subscribe-blog?container_left_align=yes&lang=en

Response headers

content-encoding: gzip
etag: "886-6254f8992b040-gzip"
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 02:13:45 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: Uq_PB3mQoMMpFdiIDIIlZv978MND554WtAEZd_c9hjmP6EaV0vxhow==
date: Wed, 30 Oct 2024 02:13:45 GMT
content-type: text/javascript
last-modified: Fri, 25 Oct 2024 16:23:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=0
via: 1.1 22d3debbbb07cb3be927b2ec2660bc0c.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 923
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK52-P7
server: Apache

GET
H2 200 cuda.validator.js Show response
app.barracuda.com/js/cuda/ Frame AD61 28 KB
7 KB 124ms
122ms Script
text/javascript 2600:9000:2840:d000:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/js/cuda/cuda.validator.js?v=1729873402

Requested by

Host: app.barracuda.com
URL: https://app.barracuda.com/iframe/subscribe-blog?container_left_align=yes&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2840:d000:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

4941fe01fcfc5d5cb4efbb321e7c4fccb12b531f349771343df16248f23b070c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.barracuda.com/iframe/subscribe-blog?container_left_align=yes&lang=en

Response headers

content-encoding: gzip
etag: "6ee5-6254f89a1f280-gzip"
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 02:13:45 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: RWw4aSedRfAwi9-KU2Ur3vZ0TG5dY30JPaCi-t9AvoZqNUe5KbSVog==
date: Wed, 30 Oct 2024 02:13:45 GMT
content-type: text/javascript
last-modified: Fri, 25 Oct 2024 16:23:22 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=0
via: 1.1 22d3debbbb07cb3be927b2ec2660bc0c.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 7015
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK52-P7
server: Apache

GET
H2 200 cuda.ajax.js Show response
app.barracuda.com/js/cuda/ Frame AD61 2 KB
1 KB 114ms
112ms Script
text/javascript 2600:9000:2840:d000:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/js/cuda/cuda.ajax.js?v=1729873402

Requested by

Host: app.barracuda.com
URL: https://app.barracuda.com/iframe/subscribe-blog?container_left_align=yes&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2840:d000:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

ab24c94a6c443c60e36e879960bf136e69dc08402883c0292d3a44a8da98474a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.barracuda.com/iframe/subscribe-blog?container_left_align=yes&lang=en

Response headers

content-encoding: gzip
etag: "962-6254f8992b040-gzip"
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 02:13:45 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: k1cUhQoz4pv4jasZCD8LkrPy0JH-7cU8aACUwz8lK6i4ZcdnfdkzvA==
date: Wed, 30 Oct 2024 02:13:45 GMT
content-type: text/javascript
last-modified: Fri, 25 Oct 2024 16:23:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=0
via: 1.1 22d3debbbb07cb3be927b2ec2660bc0c.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 910
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK52-P7
server: Apache

GET
H2 200 cuda.ajax_promise.js Show response
app.barracuda.com/js/cuda/ Frame AD61 11 KB
3 KB 89ms
88ms Script
text/javascript 2600:9000:2840:d000:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/js/cuda/cuda.ajax_promise.js?v=1729873401

Requested by

Host: app.barracuda.com
URL: https://app.barracuda.com/iframe/subscribe-blog?container_left_align=yes&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2840:d000:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

81fadfd9148bc4e0b755aa74a2f892264855d11d5fa5a2a372f9d4c1358e86bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.barracuda.com/iframe/subscribe-blog?container_left_align=yes&lang=en

Response headers

content-encoding: gzip
etag: "2d93-6254f8992b040-gzip"
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 02:13:45 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: yFK5wjdTQDBANX0Puoo6eTuFQeowOP3LqhqxfQo_sylEmX4IYcVQ6g==
date: Wed, 30 Oct 2024 02:13:45 GMT
content-type: text/javascript
last-modified: Fri, 25 Oct 2024 16:23:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=0
via: 1.1 22d3debbbb07cb3be927b2ec2660bc0c.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 2526
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK52-P7
server: Apache

GET
H2 200 cuda.submit_btn_animator.js Show response
app.barracuda.com/js/cuda/ Frame AD61 2 KB
1 KB 117ms
115ms Script
text/javascript 2600:9000:2840:d000:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/js/cuda/cuda.submit_btn_animator.js?v=1729873402

Requested by

Host: app.barracuda.com
URL: https://app.barracuda.com/iframe/subscribe-blog?container_left_align=yes&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2840:d000:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

6f4a9a6d7d17b485daf9995ce913842473dff469dd74fa8fe2b730471f000eaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.barracuda.com/iframe/subscribe-blog?container_left_align=yes&lang=en

Response headers

content-encoding: gzip
etag: "860-6254f89a1f280-gzip"
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 02:13:45 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: 4q5dVFNCSa1a8r14re8OuXS7WbOgx3FSgIKxp4egaSBQMFodgppDgg==
date: Wed, 30 Oct 2024 02:13:45 GMT
content-type: text/javascript
last-modified: Fri, 25 Oct 2024 16:23:22 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=0
via: 1.1 22d3debbbb07cb3be927b2ec2660bc0c.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 969
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK52-P7
server: Apache

GET
H2 200 cuda.clearbit.js Show response
app.barracuda.com/js/cuda/ Frame AD61 6 KB
1 KB 134ms
133ms Script
text/javascript 2600:9000:2840:d000:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/js/cuda/cuda.clearbit.js?v=1729873401

Requested by

Host: app.barracuda.com
URL: https://app.barracuda.com/iframe/subscribe-blog?container_left_align=yes&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2840:d000:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

659ea9f7ac5d3c9037da23d13f85498a55c6d386c637dd2999bbcbc904084cd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.barracuda.com/iframe/subscribe-blog?container_left_align=yes&lang=en

Response headers

content-encoding: gzip
etag: "1872-6254f8992b040-gzip"
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 02:13:45 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: mR3dzU-DxqRmntnsUrs8_6eSpENaHH-0RlxcS3fMvqct2yqwO-Snkw==
date: Wed, 30 Oct 2024 02:13:45 GMT
content-type: text/javascript
last-modified: Fri, 25 Oct 2024 16:23:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=0
via: 1.1 22d3debbbb07cb3be927b2ec2660bc0c.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 973
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK52-P7
server: Apache

GET
H2 200 cuda.gtag.js Show response
app.barracuda.com/js/cuda/ Frame AD61 5 KB
1 KB 130ms
129ms Script
text/javascript 2600:9000:2840:d000:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/js/cuda/cuda.gtag.js?v=1729873401

Requested by

Host: app.barracuda.com
URL: https://app.barracuda.com/iframe/subscribe-blog?container_left_align=yes&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2840:d000:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

fbafece58e723a3541c65b858938222a7d4a81e103aa7e5c69d8a361c32d4ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.barracuda.com/iframe/subscribe-blog?container_left_align=yes&lang=en

Response headers

content-encoding: gzip
etag: "1277-6254f8992b040-gzip"
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 02:13:45 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: OWU4RIdRV-8Yr1P4NKy2qePefUM3N9lHTJnLD1uYhuDPaRoSY_GVEw==
date: Wed, 30 Oct 2024 02:13:45 GMT
content-type: text/javascript
last-modified: Fri, 25 Oct 2024 16:23:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=0
via: 1.1 22d3debbbb07cb3be927b2ec2660bc0c.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 663
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK52-P7
server: Apache

GET
H2 200 proxima-nova400.woff2
app.barracuda.com/css/cuda/fonts/optimize/ Frame AD61 32 KB
32 KB 154ms
153ms Font
font/woff2 2600:9000:2840:d000:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/css/cuda/fonts/optimize/proxima-nova400.woff2

Requested by

Host: app.barracuda.com
URL: https://app.barracuda.com/iframe/subscribe-blog?container_left_align=yes&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2840:d000:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

ceb4ce0bba67a12e21af094eb24293d7ea8bffaffc237a1cd90394c7588eaec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://app.barracuda.com
Referer: https://app.barracuda.com/iframe/subscribe-blog?container_left_align=yes&lang=en

Response headers

content-encoding: gzip
etag: "7fb0-6254f8992b040-gzip"
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 02:13:45 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: Ey3XkfJgrbsX4jpwyVLra3CIPArtCAg8fWiWopOv2rjQA9Y5Ld7DCg==
date: Wed, 30 Oct 2024 02:13:45 GMT
content-type: font/woff2
last-modified: Fri, 25 Oct 2024 16:23:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
via: 1.1 22d3debbbb07cb3be927b2ec2660bc0c.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 32696
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK52-P7
server: Apache

GET
H2 200 proxima-nova600.woff2
app.barracuda.com/css/cuda/fonts/optimize/ Frame AD61 32 KB
33 KB 171ms
170ms Font
font/woff2 2600:9000:2840:d000:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/css/cuda/fonts/optimize/proxima-nova600.woff2

Requested by

Host: app.barracuda.com
URL: https://app.barracuda.com/iframe/subscribe-blog?container_left_align=yes&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2840:d000:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

ae55c313220f063fdb3dc157a89a22e6a20a400cdd5b639a5aabfa4ae91e476a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://app.barracuda.com
Referer: https://app.barracuda.com/iframe/subscribe-blog?container_left_align=yes&lang=en

Response headers

content-encoding: gzip
etag: "8164-6254f8992b040-gzip"
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 02:13:45 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: SYFpNvzSrCYZaeroWEIMa7e3_XMrNcwoGkzMudpl0-MAgVcuMwJoSQ==
date: Wed, 30 Oct 2024 02:13:45 GMT
content-type: font/woff2
last-modified: Fri, 25 Oct 2024 16:23:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
via: 1.1 22d3debbbb07cb3be927b2ec2660bc0c.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 33119
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK52-P7
server: Apache

GET
H2 200 proxima-nova300.woff2
app.barracuda.com/css/cuda/fonts/optimize/ Frame AD61 32 KB
32 KB 123ms
122ms Font
font/woff2 2600:9000:2840:d000:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/css/cuda/fonts/optimize/proxima-nova300.woff2

Requested by

Host: app.barracuda.com
URL: https://app.barracuda.com/iframe/subscribe-blog?container_left_align=yes&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2840:d000:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

b87ef2efd898acfddc8308449b24a558eca1e77f8e66802f03fab8c5d063d92a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://app.barracuda.com
Referer: https://app.barracuda.com/iframe/subscribe-blog?container_left_align=yes&lang=en

Response headers

content-encoding: gzip
etag: "7e7c-6254f8992b040-gzip"
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 02:13:45 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: KufhcUNb-MOaGEUbs2a5kcOc2uFATZmxX3OJ8V-vcpTPhRnPfzEfAQ==
date: Wed, 30 Oct 2024 02:13:45 GMT
content-type: font/woff2
last-modified: Fri, 25 Oct 2024 16:23:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
via: 1.1 22d3debbbb07cb3be927b2ec2660bc0c.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 32388
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK52-P7
server: Apache

GET printfriendly.js
cdn.printfriendly.com/ 0
0

GET
H2 200 cuda.cookie.js Show response
app.barracuda.com/js/cuda/ Frame F15C 2 KB
1 KB 161ms
112ms Script
text/javascript 2600:9000:2840:d000:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/js/cuda/cuda.cookie.js?v=1729873401

Requested by

Host: app.barracuda.com
URL: https://app.barracuda.com/iframe/blog-subscribe-sidebar?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2840:d000:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

476bc717be861c9abe30f8c2504ec49c7c5333275be99a6a5385feae22c9c9e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.barracuda.com/iframe/blog-subscribe-sidebar?lang=en

Response headers

content-encoding: gzip
etag: "886-6254f8992b040-gzip"
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 02:13:45 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: emtN7PPiCNtzNRtuc_vm2Nmdlex_lw_AwReydqx-2ANuOsBnxCwBKQ==
date: Wed, 30 Oct 2024 02:13:45 GMT
content-type: text/javascript
last-modified: Fri, 25 Oct 2024 16:23:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=0
via: 1.1 22d3debbbb07cb3be927b2ec2660bc0c.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 923
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK52-P7
server: Apache

GET
H2 200 cuda.validator.js Show response
app.barracuda.com/js/cuda/ Frame F15C 28 KB
7 KB 174ms
118ms Script
text/javascript 2600:9000:2840:d000:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/js/cuda/cuda.validator.js?v=1729873402

Requested by

Host: app.barracuda.com
URL: https://app.barracuda.com/iframe/blog-subscribe-sidebar?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2840:d000:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

4941fe01fcfc5d5cb4efbb321e7c4fccb12b531f349771343df16248f23b070c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.barracuda.com/iframe/blog-subscribe-sidebar?lang=en

Response headers

content-encoding: gzip
etag: "6ee5-6254f89a1f280-gzip"
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 02:13:45 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: LX2eHCOekKoZTCeI2uEtSay6d8XO9jTkvqlJt3X9hlFFFTx0tAIbyQ==
date: Wed, 30 Oct 2024 02:13:45 GMT
content-type: text/javascript
last-modified: Fri, 25 Oct 2024 16:23:22 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=0
via: 1.1 22d3debbbb07cb3be927b2ec2660bc0c.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 7015
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK52-P7
server: Apache

GET
H2 200 cuda.ajax.js Show response
app.barracuda.com/js/cuda/ Frame F15C 2 KB
1 KB 165ms
119ms Script
text/javascript 2600:9000:2840:d000:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/js/cuda/cuda.ajax.js?v=1729873402

Requested by

Host: app.barracuda.com
URL: https://app.barracuda.com/iframe/blog-subscribe-sidebar?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2840:d000:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

ab24c94a6c443c60e36e879960bf136e69dc08402883c0292d3a44a8da98474a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.barracuda.com/iframe/blog-subscribe-sidebar?lang=en

Response headers

content-encoding: gzip
etag: "962-6254f8992b040-gzip"
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 02:13:45 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: QtAMkvRGvNzwt9Gpg7MHoHGxIloMMf9uzYiOA_VxYgrU7w8jDShPWQ==
date: Wed, 30 Oct 2024 02:13:45 GMT
content-type: text/javascript
last-modified: Fri, 25 Oct 2024 16:23:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=0
via: 1.1 22d3debbbb07cb3be927b2ec2660bc0c.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 910
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK52-P7
server: Apache

GET
H2 200 cuda.ajax_promise.js Show response
app.barracuda.com/js/cuda/ Frame F15C 11 KB
3 KB 162ms
141ms Script
text/javascript 2600:9000:2840:d000:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/js/cuda/cuda.ajax_promise.js?v=1729873401

Requested by

Host: app.barracuda.com
URL: https://app.barracuda.com/iframe/blog-subscribe-sidebar?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2840:d000:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

81fadfd9148bc4e0b755aa74a2f892264855d11d5fa5a2a372f9d4c1358e86bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.barracuda.com/iframe/blog-subscribe-sidebar?lang=en

Response headers

content-encoding: gzip
etag: "2d93-6254f8992b040-gzip"
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 02:13:45 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: WtuVUe6E56OCehDPWQRBYSzU1b0MvhhQRtXSNsWQ7HAWT3L9SbS3mg==
date: Wed, 30 Oct 2024 02:13:45 GMT
content-type: text/javascript
last-modified: Fri, 25 Oct 2024 16:23:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=0
via: 1.1 22d3debbbb07cb3be927b2ec2660bc0c.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 2526
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK52-P7
server: Apache

GET
H2 200 cuda.submit_btn_animator.js Show response
app.barracuda.com/js/cuda/ Frame F15C 2 KB
1 KB 166ms
119ms Script
text/javascript 2600:9000:2840:d000:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/js/cuda/cuda.submit_btn_animator.js?v=1729873402

Requested by

Host: app.barracuda.com
URL: https://app.barracuda.com/iframe/blog-subscribe-sidebar?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2840:d000:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

6f4a9a6d7d17b485daf9995ce913842473dff469dd74fa8fe2b730471f000eaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.barracuda.com/iframe/blog-subscribe-sidebar?lang=en

Response headers

content-encoding: gzip
etag: "860-6254f89a1f280-gzip"
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 02:13:45 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: Vd9BGtivE-PSU-mOES8ldKhduMzS9HUreD7vky5QtjM4JsxDvnoceg==
date: Wed, 30 Oct 2024 02:13:45 GMT
content-type: text/javascript
last-modified: Fri, 25 Oct 2024 16:23:22 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=0
via: 1.1 22d3debbbb07cb3be927b2ec2660bc0c.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 969
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK52-P7
server: Apache

GET
H2 200 cuda.clearbit.js Show response
app.barracuda.com/js/cuda/ Frame F15C 6 KB
1 KB 163ms
98ms Script
text/javascript 2600:9000:2840:d000:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/js/cuda/cuda.clearbit.js?v=1729873401

Requested by

Host: app.barracuda.com
URL: https://app.barracuda.com/iframe/blog-subscribe-sidebar?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2840:d000:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

659ea9f7ac5d3c9037da23d13f85498a55c6d386c637dd2999bbcbc904084cd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.barracuda.com/iframe/blog-subscribe-sidebar?lang=en

Response headers

content-encoding: gzip
etag: "1872-6254f8992b040-gzip"
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 02:13:45 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: -PKUammRcOg5_XJy-dUEDmRFd_egNF5CCK4TWk8kVFK1xAiNcJQ8Xg==
date: Wed, 30 Oct 2024 02:13:45 GMT
content-type: text/javascript
last-modified: Fri, 25 Oct 2024 16:23:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=0
via: 1.1 22d3debbbb07cb3be927b2ec2660bc0c.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 973
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK52-P7
server: Apache

GET
H2 200 cuda.gtag.js Show response
app.barracuda.com/js/cuda/ Frame F15C 5 KB
1 KB 165ms
102ms Script
text/javascript 2600:9000:2840:d000:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/js/cuda/cuda.gtag.js?v=1729873401

Requested by

Host: app.barracuda.com
URL: https://app.barracuda.com/iframe/blog-subscribe-sidebar?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2840:d000:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

fbafece58e723a3541c65b858938222a7d4a81e103aa7e5c69d8a361c32d4ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://app.barracuda.com/iframe/blog-subscribe-sidebar?lang=en

Response headers

content-encoding: gzip
etag: "1277-6254f8992b040-gzip"
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 02:13:45 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: T8gwPZ0AP8wLePfIJPrL4zK7qmrfRviBZqs-axQhR6Hn2o7SD2fogg==
date: Wed, 30 Oct 2024 02:13:45 GMT
content-type: text/javascript
last-modified: Fri, 25 Oct 2024 16:23:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=0
via: 1.1 22d3debbbb07cb3be927b2ec2660bc0c.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 663
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK52-P7
server: Apache

GET
H/1.1 200
OK 9138-47839ac11e1798f407f5.js Show response
blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/clientlib-dynamic-modules/resources/ 1 KB
2 KB 142ms
142ms Script
application/javascript 20.226.161.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/clientlib-dynamic-modules/resources/9138-47839ac11e1798f407f5.js

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/clientlib-site.lc-ef8be087fb429a1c186888caf23d806f-lc.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.226.161.182 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fb39703b5a0f97dcbc12a0dec622b3c4cf187958f5a838db3d70e5dfa528fb77

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com .highcharts.com assets.barracuda.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Response headers

content-encoding: gzip
x-vhost: publish
etag: "4ca-62555a27fdb40-gzip"
Age: 237668
X-Content-Type-Options: nosniff
X-Cache: HIT
Date: Wed, 30 Oct 2024 02:13:45 GMT
last-modified: Fri, 25 Oct 2024 23:39:49 GMT
content-type: application/javascript
X-Served-By: cache-gru-sbsp2090022-GRU
x-frame-options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=31557600
Vary: Accept-Encoding
content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com *.pdst.fm *.doubleclick.net *.google-analytics.com *.bing.com *.googleadservices.com *.facebook.net *.techtarget.com *.demandbase.com *.googletagmanager.com munchkin.marketo.net *.cookielaw.org *.adroll.com *.licdn.com *.mxpnl.com *.chtbl.com *.invoca.net *.livehelpnow.net addsearch.com *.youtube.com *.searchcdn.com *.vidyard.com *.hotjar.com unpkg.com *.highcharts.com assets.barracuda.com
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
X-Timer: S1730254425.426396,VS0,VS0,VE1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 630

GET
H/1.1 200
OK 7878-a5b49f2554d91c8611bc.js Show response
blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/clientlib-dynamic-modules/resources/ 1018 B
2 KB 144ms
143ms Script
application/javascript 20.226.161.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/clientlib-dynamic-modules/resources/7878-a5b49f2554d91c8611bc.js

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/clientlib-site.lc-ef8be087fb429a1c186888caf23d806f-lc.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.226.161.182 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ee536a0a449e09427b5693405097b4dc758bceed3e4cc35bd53a7ef83218b279

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com .highcharts.com assets.barracuda.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Response headers

content-encoding: gzip
x-vhost: publish
etag: "3fa-6251a88b1e040-gzip"
Age: 573712
X-Content-Type-Options: nosniff
X-Cache: HIT
Date: Wed, 30 Oct 2024 02:13:45 GMT
last-modified: Wed, 23 Oct 2024 01:09:13 GMT
content-type: application/javascript
X-Served-By: cache-gru-sbsp2090056-GRU
x-frame-options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=31557600
Vary: Accept-Encoding
content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com *.pdst.fm *.doubleclick.net *.google-analytics.com *.bing.com *.googleadservices.com *.facebook.net *.techtarget.com *.demandbase.com *.googletagmanager.com munchkin.marketo.net *.cookielaw.org *.adroll.com *.licdn.com *.mxpnl.com *.chtbl.com *.invoca.net *.livehelpnow.net addsearch.com *.youtube.com *.searchcdn.com *.vidyard.com *.hotjar.com unpkg.com *.highcharts.com assets.barracuda.com
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
X-Timer: S1730254425.427357,VS0,VS0,VE1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 523

GET
H/1.1 200
OK 4144-51ebc42342c0a14800f9.js Show response
blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/clientlib-dynamic-modules/resources/ 748 B
2 KB 142ms
142ms Script
application/javascript 20.226.161.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/clientlib-dynamic-modules/resources/4144-51ebc42342c0a14800f9.js

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/clientlib-site.lc-ef8be087fb429a1c186888caf23d806f-lc.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.226.161.182 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

29abb1fb7cf50134f1124d0250ebf84ca38c8be090b37b0432d4f137c1c2fd31

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com .highcharts.com assets.barracuda.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Response headers

content-encoding: gzip
x-vhost: publish
etag: "2ec-6251a88b1e040-gzip"
Age: 479220
X-Content-Type-Options: nosniff
X-Cache: HIT
Date: Wed, 30 Oct 2024 02:13:45 GMT
last-modified: Wed, 23 Oct 2024 01:09:13 GMT
content-type: application/javascript
X-Served-By: cache-gru-sbsp2090022-GRU
x-frame-options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=31557600
Vary: Accept-Encoding
content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com *.pdst.fm *.doubleclick.net *.google-analytics.com *.bing.com *.googleadservices.com *.facebook.net *.techtarget.com *.demandbase.com *.googletagmanager.com munchkin.marketo.net *.cookielaw.org *.adroll.com *.licdn.com *.mxpnl.com *.chtbl.com *.invoca.net *.livehelpnow.net addsearch.com *.youtube.com *.searchcdn.com *.vidyard.com *.hotjar.com unpkg.com *.highcharts.com assets.barracuda.com
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
X-Timer: S1730254426.570354,VS0,VS0,VE1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 409

GET
H/1.1 200
OK 2702-a8ed155b73bb214a01bc.js Show response
blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/clientlib-dynamic-modules/resources/ 700 B
2 KB 148ms
147ms Script
application/javascript 20.226.161.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/clientlib-dynamic-modules/resources/2702-a8ed155b73bb214a01bc.js

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/clientlib-site.lc-ef8be087fb429a1c186888caf23d806f-lc.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.226.161.182 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

dfbb960bd83d748588476e7e26fc34b8ab093c3cb762b60268a8ce66350f283f

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com .highcharts.com assets.barracuda.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Response headers

content-encoding: gzip
x-vhost: publish
etag: "2bc-6251a88b1e040-gzip"
Age: 573712
X-Content-Type-Options: nosniff
X-Cache: HIT
Date: Wed, 30 Oct 2024 02:13:45 GMT
last-modified: Wed, 23 Oct 2024 01:09:13 GMT
content-type: application/javascript
X-Served-By: cache-gru-sbsp2090056-GRU
x-frame-options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=31557600
Vary: Accept-Encoding
content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com *.pdst.fm *.doubleclick.net *.google-analytics.com *.bing.com *.googleadservices.com *.facebook.net *.techtarget.com *.demandbase.com *.googletagmanager.com munchkin.marketo.net *.cookielaw.org *.adroll.com *.licdn.com *.mxpnl.com *.chtbl.com *.invoca.net *.livehelpnow.net addsearch.com *.youtube.com *.searchcdn.com *.vidyard.com *.hotjar.com unpkg.com *.highcharts.com assets.barracuda.com
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
X-Timer: S1730254426.573963,VS0,VS0,VE2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 449

GET
H/1.1 200
OK 909-2e5a8f80790110bfde3f.js Show response
blog.barracuda.com/etc.clientlibs/barracuda-blog/clientlibs/clientlib-dynamic-modules/resources/ 4 KB
3 KB 144ms
143ms Script
application/javascript 20.226.161.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/etc.clientlibs/barracuda-blog/clientlibs/clientlib-dynamic-modules/resources/909-2e5a8f80790110bfde3f.js

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/etc.clientlibs/barracuda-blog/clientlibs/clientlib-site.lc-bd076243bba912aa9aef0ddfc05b23a9-lc.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.226.161.182 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c40da8018356b16f1cb78babdfe38139c129d453b965fd6d0d9d8c637c063ca6

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com .highcharts.com assets.barracuda.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Response headers

content-encoding: gzip
x-vhost: publish
etag: "ef9-6251a88935bc0-gzip"
Age: 464400
X-Content-Type-Options: nosniff
X-Cache: HIT
Date: Wed, 30 Oct 2024 02:13:45 GMT
last-modified: Wed, 23 Oct 2024 01:09:11 GMT
content-type: application/javascript
X-Served-By: cache-gru-sbsp2090042-GRU
x-frame-options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=31557600
Vary: Accept-Encoding
content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com *.pdst.fm *.doubleclick.net *.google-analytics.com *.bing.com *.googleadservices.com *.facebook.net *.techtarget.com *.demandbase.com *.googletagmanager.com munchkin.marketo.net *.cookielaw.org *.adroll.com *.licdn.com *.mxpnl.com *.chtbl.com *.invoca.net *.livehelpnow.net addsearch.com *.youtube.com *.searchcdn.com *.vidyard.com *.hotjar.com unpkg.com *.highcharts.com assets.barracuda.com
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
X-Timer: S1730254426.580899,VS0,VS0,VE2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1413

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 22 KB
8 KB 130ms
62ms Script
application/javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZTMGHH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efad755939e511f2bc1feb0d58d6014006e8598a4d431f27a66dd59e14fc19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/

Response headers

content-md5: uiXk8gw/ehyoMvZ3GeQiaQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCF719E2CE531C
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 69453
x-content-type-options: nosniff
date: Wed, 30 Oct 2024 02:13:45 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 06:29:33 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 040e849d-301e-0026-8055-29083e000000
cf-ray: 8da7e34ecc551287-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7214
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 proxima-nova400.woff2
app.barracuda.com/css/cuda/fonts/optimize/ Frame F15C 32 KB
0 111ms
111ms Font
font/woff2 2600:9000:2840:d000:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/css/cuda/fonts/optimize/proxima-nova400.woff2

Requested by

Host: app.barracuda.com
URL: https://app.barracuda.com/iframe/blog-subscribe-sidebar?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2840:d000:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

ceb4ce0bba67a12e21af094eb24293d7ea8bffaffc237a1cd90394c7588eaec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://app.barracuda.com
Referer: https://app.barracuda.com/iframe/blog-subscribe-sidebar?lang=en

Response headers

content-encoding: gzip
etag: "7fb0-6254f8992b040-gzip"
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 02:13:45 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: Ey3XkfJgrbsX4jpwyVLra3CIPArtCAg8fWiWopOv2rjQA9Y5Ld7DCg==
date: Wed, 30 Oct 2024 02:13:45 GMT
content-type: font/woff2
last-modified: Fri, 25 Oct 2024 16:23:21 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
via: 1.1 22d3debbbb07cb3be927b2ec2660bc0c.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 32696
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK52-P7
server: Apache

GET
H2 200 proxima-nova600.woff2
app.barracuda.com/css/cuda/fonts/optimize/ Frame F15C 32 KB
0 129ms
129ms Font
font/woff2 2600:9000:2840:d000:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/css/cuda/fonts/optimize/proxima-nova600.woff2

Requested by

Host: app.barracuda.com
URL: https://app.barracuda.com/iframe/blog-subscribe-sidebar?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2840:d000:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

ae55c313220f063fdb3dc157a89a22e6a20a400cdd5b639a5aabfa4ae91e476a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://app.barracuda.com
Referer: https://app.barracuda.com/iframe/blog-subscribe-sidebar?lang=en

Response headers

content-encoding: gzip
etag: "8164-6254f8992b040-gzip"
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 02:13:45 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: SYFpNvzSrCYZaeroWEIMa7e3_XMrNcwoGkzMudpl0-MAgVcuMwJoSQ==
date: Wed, 30 Oct 2024 02:13:45 GMT
content-type: font/woff2
last-modified: Fri, 25 Oct 2024 16:23:21 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
via: 1.1 22d3debbbb07cb3be927b2ec2660bc0c.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 33119
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK52-P7
server: Apache

GET
H/1.1 200
OK background-subscribe-box.jpg
blog.barracuda.com/content/dam/barracuda-blog/site-assets/ 22 KB
22 KB 146ms
144ms Image
image/jpeg 20.226.161.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.barracuda.com/content/dam/barracuda-blog/site-assets/background-subscribe-box.jpg

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.226.161.182 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f80899af01e1c97f66fa3f437c183b0c9668bf723c5ad83d54bdfc258a055eec

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com *.vidyard.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Response headers

x-vhost: publish
ETag: "0x8DC87387FD03B9A"
Age: 41157
x-content-type-options: nosniff
X-Cache: HIT
Date: Wed, 30 Oct 2024 02:13:45 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 07 Jun 2024 21:26:31 GMT
X-Served-By: cache-gru-sbsp2090042-GRU
content-disposition: inline
x-frame-options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=31557600
content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com
Cache-Control: max-age=7200,s-maxage=86400,stale-while-revalidate=43200,stale-if-error=43200,public
X-Timer: S1730254425.433682,VS0,VS0,VE1
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 22136

GET
H2 200 aee8f648-186a-4267-b808-6efdd7d84e9c.json Show response
cdn.cookielaw.org/consent/aee8f648-186a-4267-b808-6efdd7d84e9c/ 5 KB
2 KB 128ms
63ms XHR
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/aee8f648-186a-4267-b808-6efdd7d84e9c/aee8f648-186a-4267-b808-6efdd7d84e9c.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ed6e7d3ff56083a1596a6640bf8d61372a59d43df3832b28e43db78097c1b47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/

Response headers

content-md5: rsxm6zbnPY5zX1U27HevlQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCF2390FB582C6
age: 3741
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Thu, 31 Oct 2024 02:13:45 GMT
date: Wed, 30 Oct 2024 02:13:45 GMT
content-type: application/json
last-modified: Tue, 22 Oct 2024 01:30:07 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 9b2d92ec-c01e-007c-3e4c-260ebf000000
cf-ray: 8da7e34f9b23572a-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1782
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 68 B
306 B 149ms
67ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71cfd0bf781e3f393bca283fc9d44777a2036985a4ffe9abedf14909e63a8aef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept: application/json
Referer: https://blog.barracuda.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, OPTIONS
cf-ray: 8da7e3508ece743a-MIA
access-control-allow-origin: *
date: Wed, 30 Oct 2024 02:13:45 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Content-Type

GET
DATA 200
OK truncated
/ 403 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2425711604ea242bbe21daa15ae93b57916cd24f2b7df7637dd7a9786fdf189a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK favicon_barracuda.ico
blog.barracuda.com/etc.clientlibs/barracuda-blog/clientlibs/clientlib-site/resources/images/favicons/ 4 KB
2 KB 168ms
167ms Other
image/vnd.microsoft.icon 20.226.161.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/etc.clientlibs/barracuda-blog/clientlibs/clientlib-site/resources/images/favicons/favicon_barracuda.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.226.161.182 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1345c30696fdb8d45b285cff41c65d49615506474e2a43953a9117ca67fae6a3

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com .highcharts.com assets.barracuda.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Response headers

content-encoding: gzip
x-vhost: publish
etag: "10be-62587c22ff740-gzip"
Age: 51861
X-Content-Type-Options: nosniff
X-Cache: HIT
Date: Wed, 30 Oct 2024 02:13:45 GMT
last-modified: Mon, 28 Oct 2024 11:27:49 GMT
content-type: image/vnd.microsoft.icon
X-Served-By: cache-gru-sbsp2090029-GRU
x-frame-options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=31557600
Vary: Accept-Encoding
content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com *.pdst.fm *.doubleclick.net *.google-analytics.com *.bing.com *.googleadservices.com *.facebook.net *.techtarget.com *.demandbase.com *.googletagmanager.com munchkin.marketo.net *.cookielaw.org *.adroll.com *.licdn.com *.mxpnl.com *.chtbl.com *.invoca.net *.livehelpnow.net addsearch.com *.youtube.com *.searchcdn.com *.vidyard.com *.hotjar.com unpkg.com *.highcharts.com assets.barracuda.com
cache-control: max-age=86400, public
X-Timer: S1730254426.780373,VS0,VS0,VE23
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 391

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202409.1.0/ 457 KB
112 KB 42ms
42ms Script
application/javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202409.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

247f3be41e4d44afac56c74180f05cfc753c2c4618a88b4ed63fd84c5996dc2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/

Response headers

content-md5: Mq8sWt7aN99kE/VZ97+T8Q==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status: unlocked
cf-bgj: minify
cf-cache-status: HIT
x-ms-version: 2009-09-19
age: 70063
content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 31 Oct 2024 02:13:45 GMT
cf-polished: origSize=468078
date: Wed, 30 Oct 2024 02:13:45 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 02:45:02 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 22d7a51e-001e-000c-58ed-247d7b000000
cf-ray: 8da7e350fecf1287-MIA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/aee8f648-186a-4267-b808-6efdd7d84e9c/1593e2d2-0cef-46d7-bd4d-bc8fe2b3da24/ 142 KB
24 KB 58ms
58ms Fetch
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/aee8f648-186a-4267-b808-6efdd7d84e9c/1593e2d2-0cef-46d7-bd4d-bc8fe2b3da24/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202409.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3af17c0057b9dbee141939e0015594c78c9f823b5f6788fde963f9490c392040

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/

Response headers

content-md5: 3h6jrGz/DeUjx5/qTCQDJA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCF2391497396F
age: 52833
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Thu, 31 Oct 2024 02:13:45 GMT
date: Wed, 30 Oct 2024 02:13:45 GMT
content-type: application/json
last-modified: Tue, 22 Oct 2024 01:30:15 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: e44fc2e2-201e-00f5-7d4c-26b79b000000
cf-ray: 8da7e3519db6572a-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24564
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H/1.1 200
OK favicon_barracuda.ico
blog.barracuda.com/etc.clientlibs/barracuda-blog/clientlibs/clientlib-site/resources/images/favicons/ 4 KB
0 0ms
0ms Other
image/vnd.microsoft.icon 20.226.161.182
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/etc.clientlibs/barracuda-blog/clientlibs/clientlib-site/resources/images/favicons/favicon_barracuda.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.226.161.182 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1345c30696fdb8d45b285cff41c65d49615506474e2a43953a9117ca67fae6a3

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com .highcharts.com assets.barracuda.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Response headers

content-encoding: gzip
x-vhost: publish
etag: "10be-62587c22ff740-gzip"
Age: 51861
X-Content-Type-Options: nosniff
X-Cache: HIT
Date: Wed, 30 Oct 2024 02:13:45 GMT
last-modified: Mon, 28 Oct 2024 11:27:49 GMT
content-type: image/vnd.microsoft.icon
X-Served-By: cache-gru-sbsp2090029-GRU
x-frame-options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com *.pdst.fm *.doubleclick.net *.google-analytics.com *.bing.com *.googleadservices.com *.facebook.net *.techtarget.com *.demandbase.com *.googletagmanager.com munchkin.marketo.net *.cookielaw.org *.adroll.com *.licdn.com *.mxpnl.com *.chtbl.com *.invoca.net *.livehelpnow.net addsearch.com *.youtube.com *.searchcdn.com *.vidyard.com *.hotjar.com unpkg.com *.highcharts.com assets.barracuda.com
cache-control: max-age=86400, public
X-Timer: S1730254426.780373,VS0,VS0,VE23
Accept-Ranges: bytes
Content-Length: 391

GET
H2 200 otFloatingFlat.json Show response
cdn.cookielaw.org/scripttemplates/202409.1.0/assets/ 10 KB
3 KB 48ms
47ms Fetch
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202409.1.0/assets/otFloatingFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202409.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad8caeb7b64eea0fb1ab370dfd8bebfbfccd7bef986abd415f7a495a09a8e1f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/

Response headers

content-md5: Kv0CD1LDdaN4tdf60mtXgA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCED8C85824169
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 11486
x-content-type-options: nosniff
date: Wed, 30 Oct 2024 02:13:45 GMT
content-type: application/json
last-modified: Wed, 16 Oct 2024 02:44:57 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 3e752473-e01e-00c1-1222-241833000000
cf-ray: 8da7e3521e4d572a-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2675
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/202409.1.0/assets/v2/ 64 KB
14 KB 57ms
56ms Fetch
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202409.1.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202409.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46b0dc3066786d9507f347b076d34abc4c6f92f32ba5ff9d61d109c6b2b9b2d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/

Response headers

content-md5: Kcw3oawl1r2ylN3k0rnUCA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCED8C86A5CAD3
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 19050
x-content-type-options: nosniff
date: Wed, 30 Oct 2024 02:13:45 GMT
content-type: application/json
last-modified: Wed, 16 Oct 2024 02:44:58 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 3a326852-101e-00b9-0a22-247084000000
cf-ray: 8da7e3521e4f572a-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13789
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202409.1.0/assets/ 24 KB
4 KB 46ms
46ms Fetch
text/css 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202409.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202409.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c496fcbe60fec78dc1b86a9136644d9a97cae20df32be3e9a4a62ce7bd0e6a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/

Response headers

content-md5: HyPJ72TNHxdfOI82cqKVqA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status: unlocked
cf-bgj: minify
cf-cache-status: HIT
x-ms-version: 2009-09-19
age: 3740
content-encoding: gzip
x-content-type-options: nosniff
cf-polished: origSize=24745
date: Wed, 30 Oct 2024 02:13:45 GMT
content-type: text/css
last-modified: Wed, 16 Oct 2024 02:45:07 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 4db2a627-e01e-0102-5b22-24d725000000
cf-ray: 8da7e3521e51572a-MIA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 358 KB
115 KB 96ms
95ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DBQZG98W26&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZTMGHH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

32969a2c12d8f281399374d6bf9e443579492dc93f3086c75b9efcd53fb9e796

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 30 Oct 2024 02:13:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 02:13:45 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 117100
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 195ms
62ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZTMGHH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/

Response headers

content-encoding: gzip
age: 2802
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 03:27:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 01:27:04 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 88 KB
28 KB 214ms
71ms Script
text/javascript 2600:9000:23cb:6800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZTMGHH
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:6800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 84de47ed6481524074cd5e375bb773f01b59fa6452539b3b60cdb916914ca0e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/

Response headers

Access-Control-Max-Age: 600
Content-Encoding: gzip
X-Amz-Version-Id: XRapE5DFdXRGc5myIfsDq4zGHQVtai2E
Etag: W/"792eca3181a87960d692c005437f63e0"
Age: 2380
Access-Control-Allow-Methods: GET
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: fQuKH69AQvB6PINxLTEKEAYc2c66Wam3pAGzJmpj087v4RQAh_Bpgw==
Date: Wed, 30 Oct 2024 01:34:07 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
Last-Modified: Tue, 15 Oct 2024 15:51:52 GMT
Access-Control-Allow-Headers: *
Transfer-Encoding: chunked
Cache-Control: max-age=3600, must-revalidate
Connection: keep-alive
Access-Control-Allow-Credentials: false
Via: 1.1 e2d34a357aab1d6cff5cce981d09ebba.cloudfront.net (CloudFront)
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: JFK50-P1
Server: AmazonS3
X-Amz-Server-Side-Encryption: AES256

GET
H2 200 kNx4tRUU.min.js Show response
tag.demandbase.com/ 61 KB
18 KB 211ms
71ms Script
application/javascript 52.85.61.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.demandbase.com/kNx4tRUU.min.js

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-60.ewr53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5937568be9badf44aa03c40cf5c06a33ec5fadeb92605694fc1485e416c937fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/

Response headers

content-encoding: gzip
x-amz-version-id: DhfaMEgntLAQWNIzJCtcRgGN7MqJONs3
etag: W/"2825a8c4aae3937c3d05667a7e805fd4"
age: 2462
x-cache: Hit from cloudfront
x-amz-cf-id: TxIp0eDnOgIpfprbZfHmjFBo761Ir-O90LMzjHCUVtcuwGuIh8MNtw==
date: Wed, 30 Oct 2024 01:32:44 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding
last-modified: Thu, 17 Oct 2024 13:53:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=3600
via: 1.1 957a0e737a088bdc07cb5cc9dcc9e826.cloudfront.net (CloudFront)
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-pop: EWR53-P1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 l
use.typekit.net/af/2555e1/00000000000000007735e603/30/ 30 KB
30 KB 63ms
63ms Font
application/font-woff2 2600:141b:1c00:8::1728:b337
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/fui0ano.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:8::1728:b337 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a33128c94dd3c425bc3f4a9ba389a1f3d7a75233e8cb788ea80f8f43a3d68423

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://blog.barracuda.com
Referer: https://use.typekit.net/fui0ano.css

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "09d1a94c81035c62708e0a513ee76d7886d15a25"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 30704
date: Wed, 30 Oct 2024 02:13:46 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
517 B 44ms
44ms Fetch
image/svg+xml 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202409.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/

Response headers

content-md5: tXyZydHjxQshFMbbBT1/8A==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 19051
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 30 Oct 2024 02:13:46 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Oct 2024 02:38:26 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 72e1d21a-101e-00d4-32e3-29daaa000000
cf-ray: 8da7e352aef3572a-MIA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 logo_barracuda_primary_strapline.png
cdn.cookielaw.org/logos/1b503826-0eee-4147-b5a6-93330b3031bb/c3e77002-28a9-483a-9358-8e7b50f3fb3c/ 18 KB
18 KB 78ms
77ms Image
image/png 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/1b503826-0eee-4147-b5a6-93330b3031bb/c3e77002-28a9-483a-9358-8e7b50f3fb3c/logo_barracuda_primary_strapline.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa7cfefb24051850e7eea890d015415748eae8b8084c3e710bdf46d799c257bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/

Response headers

content-md5: L34s22kW6UMdyMUTgk3UlA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8D7B57AA219B13D
age: 59028
cf-cache-status: HIT
x-content-type-options: nosniff
date: Wed, 30 Oct 2024 02:13:46 GMT
content-type: image/png
last-modified: Wed, 19 Feb 2020 20:31:00 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 923f9cd7-b01e-007f-75d1-9bdf5b000000
cf-ray: 8da7e352b9821287-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18019
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 54ms
54ms Image
image/svg+xml 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/

Response headers

content-md5: Y+c301RBZNK39PvKQWrIBw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 49640
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 30 Oct 2024 02:13:46 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Oct 2024 06:29:35 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 4b9478fa-d01e-00eb-735e-296d76000000
cf-ray: 8da7e352b9871287-MIA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

POST
H2 204 collect
analytics.google.com/g/ 0
0 215ms
82ms Fetch
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-DBQZG98W26&gtm=45je4as0v874823434z8893713979za200zb893713979&_p=1730254424763&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533421~101823848~101878899~101878944~101925629&cid=316732967.1730254426&ecid=87751570&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&ec_mode=a&_eu=EA&_s=1&sid=1730254426&sct=1&seg=0&dl=https%3A%2F%2Fblog.barracuda.com%2F2024%2F10%2F29%2Fblacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate&dt=BlackSuit%20ransomware%3A%208%20years%2C%206%20names%2C%201%20cybercrime%20syndicate&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2938
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DBQZG98W26&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://blog.barracuda.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 02:13:46 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
547 B 188ms
66ms Ping
text/plain 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DBQZG98W26&cid=316732967.1730254426&gtm=45je4as0v874823434z8893713979za200zb893713979&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101533421~101823848~101878899~101878944~101925629
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DBQZG98W26&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://blog.barracuda.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 02:13:46 GMT
content-type: text/plain
server: Golfe2

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://id.rlcdn.com/464526.gif
https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCNqshrkGEgUI6AcQAEIASgA
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc12977-01HPC1BisC7vis8dw1EYLXEYQmSsLNXwMpHyBdrWk
https://segments.company-target.com/validateCookie?vendor=liveramp&user_id=Xc12977-01HPC1BisC7vis8dw1EYLXEYQmSsLNXwMpHyBdrWk&verifyHash=b777699098927cbbc5c467658acc16f356567a2a

26 B
349 B

71ms
70ms

Image
image/gif

13.226.94.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=liveramp&user_id=Xc12977-01HPC1BisC7vis8dw1EYLXEYQmSsLNXwMpHyBdrWk&verifyHash=b777699098927cbbc5c467658acc16f356567a2a
Protocol: HTTP/1.1
Server: 13.226.94.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-94-12.jfk52.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/

Response headers

Connection: keep-alive
Via: 1.1 0f0bf0c53ec14c9acfe222b40dee092a.cloudfront.net (CloudFront)
X-Cache: Miss from cloudfront
Content-Length: 26
X-Amz-Cf-Id: e1v15D9tll6dvfjxBW0wxU5kirHjmuZdh4lbeHFUQ-Urk_5-eeAeIg==
Date: Wed, 30 Oct 2024 02:13:46 GMT
Content-Type: image/gif
X-Amz-Cf-Pop: JFK52-P10

Redirect headers

Location: /validateCookie?vendor=liveramp&user_id=Xc12977-01HPC1BisC7vis8dw1EYLXEYQmSsLNXwMpHyBdrWk&verifyHash=b777699098927cbbc5c467658acc16f356567a2a
Connection: keep-alive
Via: 1.1 0f0bf0c53ec14c9acfe222b40dee092a.cloudfront.net (CloudFront)
X-Cache: Miss from cloudfront
Content-Length: 176
X-Amz-Cf-Id: 654SmDtRN8ybNDaDjcOE5PWPdeJULELx7AVCQAU48_yKBENP3wAnEQ==
Date: Wed, 30 Oct 2024 02:13:46 GMT
Content-Type: text/html; charset=utf-8
X-Amz-Cf-Pop: JFK52-P10

POST
H2 200 ip.json Show response
api.company-target.com/api/v3/ 458 B
1 KB 302ms
162ms XHR
application/json 13.226.34.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.company-target.com/api/v3/ip.json?referrer=&page=https%3A%2F%2Fblog.barracuda.com%2F2024%2F10%2F29%2Fblacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate&page_title=BlackSuit%20ransomware%3A%208%20years%2C%206%20names%2C%201%20cybercrime%20syndicate

Requested by

Host: tag.demandbase.com
URL: https://tag.demandbase.com/kNx4tRUU.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.34.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-34-111.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

0e34bdd06d72971f987a3c2d4bfe225316929cc2c051cb25ebc4094e89594fc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://blog.barracuda.com/

Response headers

access-control-max-age: 7200
access-control-expose-headers: x-amz-cf-id
content-encoding: gzip
identification-source: CENTRAL
access-control-allow-methods: GET, POST, OPTIONS
request-id: 335c12c9-3970-4fd1-8bb6-0a89a87fdcc8
expires: Tue, 29 Oct 2024 02:13:46 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: uyhTMYGOE7r9LbmdMxYTNYvx7asdPy9AkKZFjmTTV27LqqW90LNd4w==
date: Wed, 30 Oct 2024 02:13:46 GMT
content-type: application/json;charset=utf-8
vary: Accept-Encoding, Origin
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
api-version: v3
access-control-allow-credentials: true
via: 1.1 4667374d732461e741437d79cda68ba0.cloudfront.net (CloudFront)
access-control-allow-origin: https://blog.barracuda.com
x-amz-cf-pop: EWR53-C2
server: nginx

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/T6GUPQIK5REDFO6FQ66AFC/EVDJK3NJVNGOVI5VCRVBAG/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

124ms
65ms

Script
application/javascript

2600:9000:23cb:6800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Protocol: HTTP/1.1
Server: 2600:9000:23cb:6800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/

Response headers

Access-Control-Max-Age: 600
X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 68862
Access-Control-Allow-Methods: GET
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: lO1Sx3Dv3kqFIjEkSx_dkN2HC6-sp9K9EC6v0X1MsBSvEU7ObEDULA==
Date: Tue, 29 Oct 2024 07:06:05 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Access-Control-Allow-Headers: *
Connection: keep-alive
Access-Control-Allow-Credentials: false
Via: 1.1 11addd18912b8ffba16fde7055a9ca56.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 0
X-Amz-Cf-Pop: JFK50-P1
Server: AmazonS3
X-Amz-Server-Side-Encryption: AES256

Redirect headers

Access-Control-Max-Age: 600
Age: 51929
Access-Control-Allow-Methods: GET
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: wiZy1tlGzEsPgNAneOGuonw8knqH9T3_XWh5VwBkSxkskSkqMYSDMQ==
Date: Tue, 29 Oct 2024 11:48:17 GMT
Content-Type: application/xml
Access-Control-Allow-Headers: *
Location: https://s.adroll.com/j/pre/index.js
Connection: keep-alive
Access-Control-Allow-Credentials: false
Via: 1.1 e2d34a357aab1d6cff5cce981d09ebba.cloudfront.net (CloudFront)
Access-Control-Allow-Origin: *
Content-Length: 0
X-Amz-Cf-Pop: JFK50-P1
Server: AmazonS3

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/T6GUPQIK5REDFO6FQ66AFC/EVDJK3NJVNGOVI5VCRVBAG/ 0
809 B 130ms
65ms Script
text/javascript 2600:9000:23cb:6800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/T6GUPQIK5REDFO6FQ66AFC/EVDJK3NJVNGOVI5VCRVBAG/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:6800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/

Response headers

Access-Control-Max-Age: 600
X-Amz-Version-Id: nOIj6c6_8mswa2ywgL7rcaccrNbsNyvr
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 2445
Access-Control-Allow-Methods: GET
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: pBiKL6K424FwrT1nxS8HJ219yT6VJuVIFvs57HnAfLO2Bw8PgVRa2w==
Date: Wed, 30 Oct 2024 01:33:56 GMT
Content-Type: text/javascript; charset=utf-8
Vary: Accept-Encoding
Last-Modified: Mon, 28 Oct 2024 13:17:22 GMT
Access-Control-Allow-Headers: *
Cache-Control: max-age=3600, must-revalidate
Connection: keep-alive
Access-Control-Allow-Credentials: false
Via: 1.1 e2d34a357aab1d6cff5cce981d09ebba.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 0
X-Amz-Cf-Pop: JFK50-P1
Server: AmazonS3
X-Amz-Server-Side-Encryption: AES256

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
423 B 79ms
77ms XHR
text/plain 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=127926449&t=pageview&_s=1&dl=https%3A%2F%2Fblog.barracuda.com%2F2024%2F10%2F29%2Fblacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate&ul=en-us&de=UTF-8&dt=BlackSuit%20ransomware%3A%208%20years%2C%206%20names%2C%201%20cybercrime%20syndicate&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAACAC~&jid=1654912071&gjid=324544237&cid=316732967.1730254426&tid=UA-377962-15&_gid=1282134662.1730254426&_r=1&_slc=1&gtm=45He4as0n815ZTMGHHv893713979za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101823848~101878899~101878944~101925629&z=1649456770

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://blog.barracuda.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 02:13:46 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://blog.barracuda.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

GET
DATA 200
OK truncated
/ Frame 1BB3 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1BB3 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E5A2 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E5A2 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 T6GUPQIK5REDFO6FQ66AFC Show response
d.adroll.com/consent/check/ 546 B
1 KB 196ms
62ms Script
application/javascript 2600:1f18:61c0:2205:aa08:c47d:50ee:d74b
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/T6GUPQIK5REDFO6FQ66AFC?flg=1&pv=8297482694.884284&arrfrr=https%3A%2F%2Fblog.barracuda.com%2F2024%2F10%2F29%2Fblacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate&_s=10d944b5e6f9385432bf2d5449a2e5fd&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:61c0:2205:aa08:c47d:50ee:d74b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 392623b41791c2963c936369e6649f1135b3c6265df76eae29965318863b2543

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/

Response headers

cache-control: no-store, no-cache, must-revalidate
content-length: 546
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date: Wed, 30 Oct 2024 02:13:46 GMT
pragma: no-cache
content-type: application/javascript
server: nginx/1.22.1

GET
H2 200 bg9s Show response
tag-logger.demandbase.com/ 0
420 B 219ms
75ms XHR
text/html 2600:9000:2511:800:1d:8d6d:3b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag-logger.demandbase.com/bg9s?x-amz-cf-id=uyhTMYGOE7r9LbmdMxYTNYvx7asdPy9AkKZFjmTTV27LqqW90LNd4w==&api-version=v3
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/kNx4tRUU.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:800:1d:8d6d:3b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/

Response headers

x-amz-version-id: 8SdDCdpJvGjkSiMFPv08XcVSgwOMVVmH
etag: "d41d8cd98f00b204e9800998ecf8427e"
age: 77385
x-cache: Error from cloudfront
x-amz-cf-id: 9bkPPQKw_yqSuGUkyMS0Hepl6slNYRv5kSRWnmx2KwCVU1GQSndEYw==
date: Tue, 29 Oct 2024 04:44:01 GMT
content-type: text/html
vary: accept-encoding
last-modified: Tue, 07 Mar 2023 20:47:02 GMT
via: 1.1 b863f5ba2fad5306016f04b0ec05bd82.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-amz-cf-pop: JFK50-P6
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 collect
www.google-analytics.com/ 35 B
58 B 61ms
61ms Image
image/gif 142.250.65.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=127926449&t=event&ni=1&_s=2&dl=https%3A%2F%2Fblog.barracuda.com%2F2024%2F10%2F29%2Fblacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate&ul=en-us&de=UTF-8&dt=BlackSuit%20ransomware%3A%208%20years%2C%206%20names%2C%201%20cybercrime%20syndicate&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aDDAAAABAAAAACACAAC~&jid=&gjid=&cid=316732967.1730254426&tid=UA-377962-15&_gid=1282134662.1730254426&gtm=45He4as0n815ZTMGHHv893713979za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101823848~101878899~101878944~101925629&cd2=(Non-Company%20Visitor)&cd3=(Non-Company%20Visitor)&cd4=(Non-Company%20Visitor)&cd5=(Non-Company%20Visitor)&cd6=(Non-Company%20Visitor)&cd7=(Non-Company%20Visitor)&cd8=Bot&cd9=(Non-Company%20Visitor)&cd10=(Non-Company%20Visitor)&cd11=Miami&cd12=FL&cd13=United%20States&cd14=(Non-Company%20Visitor)&cd15=(Non-Company%20Visitor)&cd16=(Non-Company%20Visitor)&cd17=(Non-Company%20Visitor)&cd18=(Non-Company%20Visitor)&cd19=(Non-Company%20Visitor)&z=1158900159

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/

Response headers

age: 62946
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 08:44:40 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H2 200 EVDJK3NJVNGOVI5VCRVBAG Show response
d.adroll.com/pixel/T6GUPQIK5REDFO6FQ66AFC/ 480 B
1 KB 63ms
63ms Script
text/plain 2600:1f18:61c0:2205:aa08:c47d:50ee:d74b
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/pixel/T6GUPQIK5REDFO6FQ66AFC/EVDJK3NJVNGOVI5VCRVBAG?adroll_fpc=7747ae37b98892ed50f3c29e4573e7d7-1730254426534&flg=1&pv=8297482694.884284&arrfrr=https%3A%2F%2Fblog.barracuda.com%2F2024%2F10%2F29%2Fblacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate&cookie=&adroll_s_ref=&keyw=&p0=2474&xa4=1
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:61c0:2205:aa08:c47d:50ee:d74b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 5177a9def40007c506332292e8482f14a29f4aac54570bb27288328fbe198820

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/

Response headers

x-segment-display-name: CGF-RT_ransomware
x-rule-type: s
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-conversion-currency
x-conversion-value: 0.00
x-segment-eid: BGADGTOCERDUTMB3R375WW
x-advertisable-eid: T6GUPQIK5REDFO6FQ66AFC
x-segment-name: 3b1b52c4
content-length: 480
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date: Wed, 30 Oct 2024 02:13:46 GMT
x-pixel-eid: EVDJK3NJVNGOVI5VCRVBAG
server: nginx/1.22.1
x-rule: *ransomware*

GET
H2 200 EVDJK3NJVNGOVI5VCRVBAG
ipv4.d.adroll.com/px4/T6GUPQIK5REDFO6FQ66AFC/ 42 B
176 B 218ms
64ms Image
image/gif 3.95.95.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipv4.d.adroll.com/px4/T6GUPQIK5REDFO6FQ66AFC/EVDJK3NJVNGOVI5VCRVBAG?adroll_fpc=7747ae37b98892ed50f3c29e4573e7d7-1730254426534&flg=1&pv=8297482694.884284&arrfrr=https%3A%2F%2Fblog.barracuda.com%2F2024%2F10%2F29%2Fblacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate&cookie=&adroll_s_ref=&keyw=&p0=2474&xa4=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.95.95.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-95-95-71.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/

Response headers

cache-control: no-store, no-cache, must-revalidate
content-length: 42
date: Wed, 30 Oct 2024 02:13:46 GMT
pragma: no-cache
content-type: image/gif
server: nginx/1.22.1

GET
DATA 200
OK truncated
/ Frame 6AED 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6AED 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6AED 155 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H/1.1 200
OK BGADGTOCERDUTMB3R375WW.js Show response
s.adroll.com/pixel/T6GUPQIK5REDFO6FQ66AFC/EVDJK3NJVNGOVI5VCRVBAG/ 12 KB
3 KB 74ms
73ms Script
text/javascript 2600:9000:23cb:6800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/T6GUPQIK5REDFO6FQ66AFC/EVDJK3NJVNGOVI5VCRVBAG/BGADGTOCERDUTMB3R375WW.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:6800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d7ff8e6a9195e90e19699804f73e091aab3ab52265c972808f403fa9d3171c05

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/

Response headers

Access-Control-Max-Age: 600
Content-Encoding: gzip
X-Amz-Version-Id: LHoR85hboYzqhUiyMQm7dowhSP4Y5wU2
Etag: W/"87e159fbb39aebc612073d8b8615b6cf"
Age: 567
Access-Control-Allow-Methods: GET
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: xPHYQqYNRUzI-9W0ppkfYdeNzmQgBHHAouX7srS1WovAmzC-nKZCFQ==
Date: Wed, 30 Oct 2024 02:13:46 GMT
Content-Type: text/javascript; charset=utf-8
Vary: Accept-Encoding
Last-Modified: Fri, 09 Aug 2024 18:29:02 GMT
Access-Control-Allow-Headers: *
Transfer-Encoding: chunked
Cache-Control: max-age=3600, must-revalidate
Connection: keep-alive
Access-Control-Allow-Credentials: false
Via: 1.1 11addd18912b8ffba16fde7055a9ca56.cloudfront.net (CloudFront)
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: JFK50-P1
Server: AmazonS3
X-Amz-Server-Side-Encryption: AES256

GET
H2 200 trigger
x.adroll.com/attribution/ 2 B
469 B 523ms
60ms Image
text/plain 2600:1f18:61c0:2209:5334:8b9a:311c:e340
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.adroll.com/attribution/trigger?fpc=7747ae37b98892ed50f3c29e4573e7d7&advertisable_eid=T6GUPQIK5REDFO6FQ66AFC&conversion_type=PageView&conversion_value=0.00&currency=USC&flg=1&pv=8297482694.884284&arrfrr=https%3A%2F%2Fblog.barracuda.com%2F2024%2F10%2F29%2Fblacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f18:61c0:2209:5334:8b9a:311c:e340 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/

Response headers

content-length: 2
date: Wed, 30 Oct 2024 02:13:47 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0","priority":"0","deduplication_key":"15435144423754232444","filters":{"source_type":["event"]}},{"trigger_data":"0","priority":"0","deduplication_key":"15435144423754232444","filters":{"source_type":["navigation"]}}],"debug_key":"13939961010654526717","debug_reporting":true,"filters":{"0":["T6GUPQIK5REDFO6FQ66AFC"]}}
content-type: text/plain; charset=utf-8

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 229 KB
58 KB 146ms
69ms Script
application/x-javascript 31.13.80.12
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: s.adroll.com
URL: https://s.adroll.com/pixel/T6GUPQIK5REDFO6FQ66AFC/EVDJK3NJVNGOVI5VCRVBAG/BGADGTOCERDUTMB3R375WW.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.80.12 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-yyz1.fbcdn.net

Software

Resource Hash

668c6828672fa8600b7a0632cb328ee63a31361be6734987b04985fcd9d08d4f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-XzE19t0I' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 30 Oct 2024 02:13:46 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-XzE19t0I' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=65, rtx=0, c=23, mss=1232, tbw=4444, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: TN5PLBH4VZUV5ijBFQmZmiL38ax2CNJU4SnKjEGiChw45+OBvOXA6ZvSdecbfDow8gChJhUUi+NGrYI4BvVH+w==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59722
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 209ms
62ms Script
application/javascript 2600:141b:1c00:6::17df:d13e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: s.adroll.com
URL: https://s.adroll.com/pixel/T6GUPQIK5REDFO6FQ66AFC/EVDJK3NJVNGOVI5VCRVBAG/BGADGTOCERDUTMB3R375WW.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:6::17df:d13e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/

Response headers

cache-control: max-age=39493
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14628
date: Wed, 30 Oct 2024 02:13:46 GMT
last-modified: Thu, 22 Aug 2024 11:06:54 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 8 KB
3 KB 70ms
68ms Script
text/javascript 2600:9000:23cb:6800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/pixel/T6GUPQIK5REDFO6FQ66AFC/EVDJK3NJVNGOVI5VCRVBAG/BGADGTOCERDUTMB3R375WW.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:6800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 203987ff8bd021893a06303e163eeb294647081d8376b725bdacbc414cc4d035

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/

Response headers

Access-Control-Max-Age: 600
Content-Encoding: gzip
X-Amz-Version-Id: CK4cMX5vZLEnRrAtBOR1tfE4_uNanswm
Etag: W/"4a64112c69b3c4b3f104f38d9547a094"
Age: 191
Access-Control-Allow-Methods: GET
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: sovRXkYIDKxYu8tEuT_fIxI8ALVIqwRbFEgq0Mo-yAH9-SSrri10dw==
Date: Wed, 30 Oct 2024 02:10:35 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
Last-Modified: Mon, 30 Sep 2024 21:10:57 GMT
Access-Control-Allow-Headers: *
Transfer-Encoding: chunked
Cache-Control: max-age=300, must-revalidate
Connection: keep-alive
Access-Control-Allow-Credentials: false
Via: 1.1 11addd18912b8ffba16fde7055a9ca56.cloudfront.net (CloudFront)
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: JFK50-P1
Server: AmazonS3
X-Amz-Server-Side-Encryption: AES256

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=7747ae37b98892ed50f3c29e4573e7d7-1730254426534&flg=1&pv=8297482694.884284&arrfrr=https%3A%2F%2Fblog.barracuda.com%2F2024%2F10%2F29%2Fblacksuit-ransomware--8...
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=t2LAGki4YRZB747o_FDofA
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=t2LAGki4YRZB747o_FDofA&google_tc=
https://d.adroll.com/cm/g/in

42 B
820 B

63ms
63ms

Image
image/gif

2600:1f18:61c0:2205:aa08:c47d:50ee:d74b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Protocol: H2
Server: 2600:1f18:61c0:2205:aa08:c47d:50ee:d74b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/

Response headers

cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-result: g.-1.-1.-1
content-length: 42
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date: Wed, 30 Oct 2024 02:13:47 GMT
content-type: image/gif
server: nginx/1.22.1

Redirect headers

cache-control: no-cache, must-revalidate
location: https://d.adroll.com/cm/g/in
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 225
date: Wed, 30 Oct 2024 02:13:47 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/x,b,experian,index,l,o,outbrain,pubmatic,n,taboola,triplelift,r/out?adroll_fpc=7747ae37b98892ed50f3c29e4573e7d7-1730254426534&flg=1&pv=8297482694.884284&arrfrr=https%3A%2F%2...
https://eb2.3lift.com/xuid?mid=4714&xuid=Yjc2MmMwMWE0OGI4NjExNjQxZWY4ZWU4ZmM1MGU4N2M&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=Yjc2MmMwMWE0OGI4NjExNjQxZWY4ZWU4ZmM1MGU4N2M&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=

37 B
474 B

65ms
65ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=Yjc2MmMwMWE0OGI4NjExNjQxZWY4ZWU4ZmM1MGU4N2M&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date: Wed, 30 Oct 2024 02:13:46 GMT
content-type: image/gif

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: /xuid?ld=1&mid=4714&xuid=Yjc2MmMwMWE0OGI4NjExNjQxZWY4ZWU4ZmM1MGU4N2M&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date: Wed, 30 Oct 2024 02:13:46 GMT

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
763 B 155ms
84ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=6462660&time=1730254426922&url=https%3A%2F%2Fblog.barracuda.com%2F2024%2F10%2F29%2Fblacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Referer: https://blog.barracuda.com/

Response headers

x-li-pop: afd-prod-ltx1-x
content-encoding: gzip
x-fs-uuid: 000625a8407e844ae258a70df15cd919
x-msedge-ref: Ref A: 83197412EE0248B4B57E40CA28C7FB92 Ref B: MIAEDGE1520 Ref C: 2024-10-30T02:13:47Z
x-li-fabric: prod-ltx1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYlqEB+hEriWKcN8VzZGQ==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Wed, 30 Oct 2024 02:13:46 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6462660&time=1730254426922&li_adsId=c72b966c-4bb4-41f8-8deb-dbe3983540a5&url=https%3A%2F%2Fblog.barracuda.com%2F2024%2F10%2F29%2Fblacksuit-ransomw...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6462660&time=1730254426922&li_adsId=c72b966c-4bb4-41f8-8deb-dbe3983540a5&url=https%3A%2F%2Fblog.barracuda.com%2F2024%2F10%2F29%2Fblacksuit-ransomw...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D6462660%26time%3D1730254426922%26li_adsId%3Dc72b966c-4bb4-41f8-8deb-dbe3983540a5%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6462660&time=1730254426922&li_adsId=c72b966c-4bb4-41f8-8deb-dbe3983540a5&url=https%3A%2F%2Fblog.barracuda.com%2F2024%2F10%2F29%2Fblacksuit-ransomw...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6462660&time=1730254426922&li_adsId=c72b966c-4bb4-41f8-8deb-dbe3983540a5&url=https%3A%2F%2Fblog.barracuda.com%2F2024%2F10%2F29%2Fblacksuit-ransom...

0
487 B

210ms
135ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6462660&time=1730254426922&li_adsId=c72b966c-4bb4-41f8-8deb-dbe3983540a5&url=https%3A%2F%2Fblog.barracuda.com%2F2024%2F10%2F29%2Fblacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate&cookiesTest=true&liSync=true&e_ipv6=AQJnbEhWiOTHmgAAAZLbM1UoE2b1HqiwsjKaaqvBuZjCqgsPpPdaCd63-Vmn52HObd1V_A
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: AAF1CE0906F646C4AACE49B32B06CA14 Ref B: MIAEDGE2313 Ref C: 2024-10-30T02:13:47Z
x-li-fabric: prod-lor1
x-li-uuid: AAYlqECHhU7n8VZ1ip2J3A==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Wed, 30 Oct 2024 02:13:46 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6462660&time=1730254426922&li_adsId=c72b966c-4bb4-41f8-8deb-dbe3983540a5&url=https%3A%2F%2Fblog.barracuda.com%2F2024%2F10%2F29%2Fblacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate&cookiesTest=true&liSync=true&e_ipv6=AQJnbEhWiOTHmgAAAZLbM1UoE2b1HqiwsjKaaqvBuZjCqgsPpPdaCd63-Vmn52HObd1V_A
x-msedge-ref: Ref A: ADCA03E76E7E4767819EC463048107DD Ref B: MIAEDGE2906 Ref C: 2024-10-30T02:13:47Z
x-li-fabric: prod-lor1
x-li-uuid: AAYlqECEZWf9xzsQ6WDdow==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Wed, 30 Oct 2024 02:13:47 GMT

GET
H3 200 1770934679791682 Show response
connect.facebook.net/signals/config/ 67 KB
13 KB 194ms
193ms Script
application/x-javascript 31.13.80.12
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1770934679791682?v=2.9.174&r=stable&domain=blog.barracuda.com&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.80.12 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-yyz1.fbcdn.net

Software

Resource Hash

d1d9490b446cf79c9b7e0503f229b5051947797373a14fca1d5621ea7dc1e369

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-D8LkNYxO' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 30 Oct 2024 02:13:47 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-D8LkNYxO' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=65, rtx=0, c=75, mss=1232, tbw=68448, tp=65, tpl=0, uplat=125, ullat=0
pragma: public
x-fb-debug: jOfkNlnQLir5+oJ9JcIILwo5D4dwcHs3Z6nRzPSKu9tpV6oftK4pAt2piZoQQbQVsbJxVK5QWeEHL1Gf3KLaMA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 /
www.facebook.com/tr/ 0
269 B 226ms
73ms Image
text/plain 2a03:2880:f10e:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1770934679791682&ev=PageView&dl=https%3A%2F%2Fblog.barracuda.com%2F2024%2F10%2F29%2Fblacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate&rl=&if=false&ts=1730254427166&cd[segment_eid]=BGADGTOCERDUTMB3R375WW%2CGYSTE2DTXNFQRKV6EPZRRD&sw=1600&sh=1200&v=2.9.174&r=stable&ec=0&o=4125&fbp=fb.1.1730254427164.832010863427017359&ler=empty&cdl=API_unavailable&it=1730254426944&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10e:83:face:b00c:0:25de Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=70, rtx=0, c=10, mss=1297, tbw=2903, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 30 Oct 2024 02:13:47 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 365ms
213ms Image
image/png 2a03:2880:f10e:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1770934679791682&ev=PageView&dl=https%3A%2F%2Fblog.barracuda.com%2F2024%2F10%2F29%2Fblacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate&rl=&if=false&ts=1730254427166&cd[segment_eid]=BGADGTOCERDUTMB3R375WW%2CGYSTE2DTXNFQRKV6EPZRRD&sw=1600&sh=1200&v=2.9.174&r=stable&ec=0&o=4125&fbp=fb.1.1730254427164.832010863427017359&ler=empty&cdl=API_unavailable&it=1730254426944&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10e:83:face:b00c:0:25de Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://blog.barracuda.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7431386179210655886"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 30 Oct 2024 02:13:47 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: PuOhiIOf9DkUlURN+++iB6y3uSBQ3XOIta9VLom3WHRzdciJB1Lpvlc+eJ4f3zPTzCsvFvFochTuXMUHUdvbGw==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7431386179210655886", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=76, rtx=0, c=10, mss=1297, tbw=3216, tp=-1, tpl=-1, uplat=136, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
198 B 127ms
125ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blog.barracuda.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 473B8364FF41447D8E050A8A10A538D7 Ref B: MIAEDGE2906 Ref C: 2024-10-30T02:13:47Z
x-li-fabric: prod-lor1
access-control-allow-credentials: true
x-li-uuid: AAYlqECJr+QIhGqhe+EEnQ==
x-li-proto: http/2
access-control-allow-origin: https://blog.barracuda.com
x-cache: CONFIG_NOCACHE
date: Wed, 30 Oct 2024 02:13:47 GMT
vary: Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.printfriendly.com
URL: https://cdn.printfriendly.com/printfriendly.js

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
blog.barracuda.com/	1969-12-31 23:59:59	Name: affinity Value: "2264e52a3c2d1fb8"
app.barracuda.com/	1969-12-31 23:59:59	Name: barracuda_lang_code Value: en
app.barracuda.com/	1969-12-31 23:59:59	Name: barracuda_barracuda_referer Value: https%3A%2F%2Fblog.barracuda.com%2F
app.barracuda.com/	1970-01-21 00:37:41	Name: barracuda_ci_csrf_token Value: a84764c7e7dc9861404e9eb1ec5f4a45
app.barracuda.com/	1969-12-31 23:59:59	Name: barracuda_ci_session Value: UGcFPApmB2lRJQp6BmlUMlhhV24LeVR5DjEOdgd%2FATwJYQwzBQsKYgQ2BCUObVJ1BDELOwViUD1ddlNiBGUFbg5kAW9VPAUzB2YDY1BkDWpQZAVjCmIHYlFvCjgGZFRgWDJXZQs%2BVDIOMQ4zB28BNgk7DGsFNQpvBGUEJQ5tUnUEMQs5BWBQPV12UzkEJAUEDjUBblU6BSMHZQMhUHINLlA9BXUKaAdiUW0KMwZxVDJYYVdkC3VUOw5kDjQHIgFgCToMcwVnCjgEcAQ8DiVSPAQ6CzgFalAlXSFTIwQxBSkOCwFrVTkFNAduAyZQIw03UHUFPApnB2NRZAorBh5UbFgrVz0LN1RmDjUOKgc5AXsJPgx9BXwKUwRjBDYObVImBEcLYQU%2BUHJdLFNwBCwFYw5iAVVVaAVlBykDclBADXxQdgVqCjcHBFE7CmsGGFRqWCVXewtuVDkOYw4rBz8BYwksDGYFJwoxBGMENA5sUiQEZwtpBSNQc10LUzEENwUvDj0BfFU3BSUHeQNwUDoNZVA8BTcKZQdgUW4KOwZmVDdYZVdmC25UMQ4p
app.barracuda.com/	1969-12-31 23:59:59	Name: barracuda_new_locale Value: country_code%0Aus%0Astate_code%0Afl%0Aregion_code%0Aus%0Alang_code%0Aen%0A
app.barracuda.com/	1969-12-31 23:59:59	Name: barracuda_tracking_query_string Value: lang%3Den
.barracuda.com/	1970-01-21 00:39:00	Name: cuda_lang_code Value: en
.barracuda.com/	1970-01-21 09:23:10	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Tue+Oct+29+2024+16%3A13%3A46+GMT-1000+(Hawaii-Aleutian+Standard+Time)&version=202409.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fblog.barracuda.com%2F2024%2F10%2F29%2Fblacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate&groups=C0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1%2CC0005%3A1
.barracuda.com/	1970-01-21 10:13:34	Name: _ga_DBQZG98W26 Value: GS1.1.1730254426.1.0.1730254426.60.0.87751570
.barracuda.com/	1970-01-21 10:13:34	Name: _ga Value: GA1.1.316732967.1730254426
.blog.barracuda.com/	1970-01-21 10:13:34	Name: _ga Value: GA1.3.316732967.1730254426
.blog.barracuda.com/	1970-01-21 00:39:00	Name: _gid Value: GA1.3.1282134662.1730254426
.blog.barracuda.com/	1970-01-21 00:37:34	Name: _gat_UA-377962-15 Value: 1
.rlcdn.com/	1970-01-21 09:23:10	Name: rlas3 Value: sHjRUdcKeeKJ5I3SSSZLnS6p2O68zL2qyEA9e/2SoQ4=
.rlcdn.com/	1970-01-21 02:03:58	Name: pxrc Value: CNqshrkGEgUI6AcQABIGCMrdKhAA
.d.adroll.com/	1970-01-21 10:06:22	Name: receive-cookie-deprecation Value: 1
.adroll.com/	1970-01-21 10:06:22	Name: receive-cookie-deprecation Value: 1
.barracuda.com/	1970-01-21 09:23:32	Name: __adroll_fpc Value: 7747ae37b98892ed50f3c29e4573e7d7-1730254426534
.company-target.com/	1970-01-21 10:13:34	Name: tuuid Value: 26add85c-41ae-4c0d-8558-a38620aa8ef5
.company-target.com/	1970-01-21 10:13:34	Name: tuuid_lu Value: 1730254426
.blog.barracuda.com/	1970-01-21 09:23:10	Name: __ar_v4 Value: %7CT6GUPQIK5REDFO6FQ66AFC%3A20241029%3A1%7CEVDJK3NJVNGOVI5VCRVBAG%3A20241029%3A1%7CBGADGTOCERDUTMB3R375WW%3A20241029%3A1
.3lift.com/	1970-01-21 02:47:10	Name: tluidp Value: 1379747589352432492172
.3lift.com/	1970-01-21 02:47:10	Name: tluid Value: 1379747589352432492172
.doubleclick.net/	1970-01-21 10:13:34	Name: IDE Value: AHWqTUlBoVrwMXS6cRovM3S0wzBPpDdYeYTjZXqB4ve5xTShvFJWYj5FZWsoGwGbDaM
.linkedin.com/	1970-01-21 02:47:10	Name: li_sugr Value: 57ea8e16-63c0-4adf-9d72-828bf78aac5c
.linkedin.com/	1970-01-21 09:23:10	Name: bcookie Value: "v=2&b04cb5e7-73cb-49ae-8668-663f924c010e"
.linkedin.com/	1970-01-21 00:39:00	Name: lidc Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2968:u=1:x=1:i=1730254427:t=1730340827:v=2:sig=AQGoxad7coR6WHhuDXPdyIRvszAwsIzM"
.d.adroll.com/	1970-01-21 10:06:22	Name: __adroll Value: b762c01a48b8611641ef8ee8fc50e87c-g_1730254427-a_1730254426
.adroll.com/	1970-01-21 10:06:22	Name: __adroll_shared Value: b762c01a48b8611641ef8ee8fc50e87c-g_1730254427-a_1730254426
x.adroll.com/	1969-12-31 23:59:59	Name: ar_debug Value: 1
.barracuda.com/	1970-01-21 02:47:10	Name: _fbp Value: fb.1.1730254427164.832010863427017359
.linkedin.com/	1970-01-21 01:20:46	Name: UserMatchHistory Value: AQJMeAzxtmVu3QAAAZLbM1Qn91YJpGewj77O-NHyVcuG-r1pWgK3WuPWIDgXUBPTRYrkE8_x1IGCCw
.linkedin.com/	1970-01-21 01:20:46	Name: AnalyticsSyncHistory Value: AQKQ8D9t3nqc3gAAAZLbM1QnuK6e1EnfDrh-AyZUsTLRDFNAchVh_tlD6UIrrVjmAV3BghRcBSnavpVzyNY9uA
.www.linkedin.com/	1970-01-21 09:23:10	Name: bscookie Value: "v=1&202410300213479fbad63a-ee72-4d24-808b-153ca2e62399AQElH6hpMa4kYmZZNKDmKj9k1NM1OnRo"

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://blog.barracuda.com/.rum/@adobe/helix-rum-js@%5E2/dist/rum-standalone.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	URL: https://blog.barracuda.com/2024/10/29/blacksuit-ransomware--8-years--6-names--1-cybercrime-syndicate Message: Refused to load the script 'https://cdn.printfriendly.com/printfriendly.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com *.highcharts.com assets.barracuda.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.googletagmanager.com/ Message: Refused to frame 'https://td.doubleclick.net/' because it violates the following Content Security Policy directive: "frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com *.vidyard.com unpkg.com".
security	error	URL: https://tag.demandbase.com/ Message: Refused to frame 'https://s.company-target.com/' because it violates the following Content Security Policy directive: "frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com *.vidyard.com unpkg.com".
security	error	URL: https://s.adroll.com/ Message: Refused to frame 'https://x.adroll.com/' because it violates the following Content Security Policy directive: "frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com *.vidyard.com unpkg.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com .highcharts.com assets.barracuda.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api.company-target.com
app.barracuda.com
blog.barracuda.com
cdn.cookielaw.org
cdn.printfriendly.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
eb2.3lift.com
geolocation.onetrust.com
id.rlcdn.com
ipv4.d.adroll.com
p.typekit.net
px.ads.linkedin.com
px4.ads.linkedin.com
s.adroll.com
segments.company-target.com
snap.licdn.com
stats.g.doubleclick.net
tag-logger.demandbase.com
tag.demandbase.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.linkedin.com
x.adroll.com
cdn.printfriendly.com
13.107.42.14
13.226.34.111
13.226.94.12
142.250.65.238
142.251.41.2
20.226.161.182
2001:4860:4802:34::181
2600:141b:1c00:6::17df:d13e
2600:141b:1c00:8::1728:b337
2600:141b:1c00:8::1728:b338
2600:1f18:61c0:2205:aa08:c47d:50ee:d74b
2600:1f18:61c0:2209:5334:8b9a:311c:e340
2600:9000:23cb:6800:6:9280:1080:93a1
2600:9000:2511:800:1d:8d6d:3b40:93a1
2600:9000:2840:d000:14:fd89:5ac0:93a1
2606:4700:4400::ac40:9b77
2606:4700::6812:572a
2607:f8b0:4004:c06::9d
2607:f8b0:4006:807::200e
2607:f8b0:4006:821::2008
2620:1ec:21::14
2a03:2880:f10e:83:face:b00c:0:25de
3.95.95.71
31.13.80.12
35.244.154.8
52.223.22.214
52.85.61.60
01ec7bdb75d92fb874059c36aadc85fa8e1c1c6ae69ee20040cc2230adb76b78
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747
0e34bdd06d72971f987a3c2d4bfe225316929cc2c051cb25ebc4094e89594fc7
121f0686e2734a9ed25b1caea7ef4b1bb6cb3daad9c4ecb37e099973a28d5180
1345c30696fdb8d45b285cff41c65d49615506474e2a43953a9117ca67fae6a3
14cc688727c79579ba4141b0b69e5b5c2c28459503aa6557fb84adfd767b48ea
1636daeadf68320a8ff084924ab12632028d06a02bcb2de4febd953b14ab074b
16f1be7697fc2f333cf516604ee180dcbc22f312a3fdd5bd0fda30c805a37341
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f0040095340adb7d81ee99f6fb7d7a6138a3e11389c7c09353407b6399aa3ca
203987ff8bd021893a06303e163eeb294647081d8376b725bdacbc414cc4d035
2425711604ea242bbe21daa15ae93b57916cd24f2b7df7637dd7a9786fdf189a
247f3be41e4d44afac56c74180f05cfc753c2c4618a88b4ed63fd84c5996dc2b
29abb1fb7cf50134f1124d0250ebf84ca38c8be090b37b0432d4f137c1c2fd31
32969a2c12d8f281399374d6bf9e443579492dc93f3086c75b9efcd53fb9e796
330fd6d564dff1313d98d4b80e4f7244d1ea1adfd8ea65b4f0bcc34d424137ae
34983ec5da74c95f7b9aba9e7abd42ca76b95cde4c06f476f6bfeb5547bd85ef
38e9ade7cb9f7a31a4525f2a70c4bdd2529340926202641bbbda8d655df8c0c3
392623b41791c2963c936369e6649f1135b3c6265df76eae29965318863b2543
3af17c0057b9dbee141939e0015594c78c9f823b5f6788fde963f9490c392040
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3ddf2ecfcce74cbec75ccd67a7f591dba759130d4a3c985e9dfad155a8bbfa71
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46b0dc3066786d9507f347b076d34abc4c6f92f32ba5ff9d61d109c6b2b9b2d2
476bc717be861c9abe30f8c2504ec49c7c5333275be99a6a5385feae22c9c9e4
4941fe01fcfc5d5cb4efbb321e7c4fccb12b531f349771343df16248f23b070c
4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da
5177a9def40007c506332292e8482f14a29f4aac54570bb27288328fbe198820
5937568be9badf44aa03c40cf5c06a33ec5fadeb92605694fc1485e416c937fb
5ed6e7d3ff56083a1596a6640bf8d61372a59d43df3832b28e43db78097c1b47
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
659ea9f7ac5d3c9037da23d13f85498a55c6d386c637dd2999bbcbc904084cd3
668c6828672fa8600b7a0632cb328ee63a31361be6734987b04985fcd9d08d4f
689a6a3883d0edac137cbb2aa2a1b1bf310d369cd42184d6f3bfce728165f9a4
690af93ae961048c14bf29508e15a1b1052bf61fdd23a1ab9f94a095b43f2ebe
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6c496fcbe60fec78dc1b86a9136644d9a97cae20df32be3e9a4a62ce7bd0e6a6
6e2d7d60f9124415b31d3febaab11d851a4ca679ac122688591acb3a1f901417
6f4a9a6d7d17b485daf9995ce913842473dff469dd74fa8fe2b730471f000eaf
71cfd0bf781e3f393bca283fc9d44777a2036985a4ffe9abedf14909e63a8aef
72cf5dc87a1d16687bcadbeafc5436e576e1a4374d338eb3704b165969c2abe0
7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521
788e13062637eec87f998fb1ca0b33fdce66fbc5b05d68ddea2e6f11ba466c2c
7abff666ecb3f4aa7ceb076cc27af4f404c83ad375b76b6aa1a999e844c6adb9
81fadfd9148bc4e0b755aa74a2f892264855d11d5fa5a2a372f9d4c1358e86bc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84de47ed6481524074cd5e375bb773f01b59fa6452539b3b60cdb916914ca0e1
95646e0746b1c78d25899886984afa82c521da866557e09b443a17d05e234f2e
9786300ad98d5d2a5d668903f72cbfdf98275e556a1e842b8163663425284cee
9b837aa419d6cbf9b8d876c50ce46df77b5e1d70a88d33a4132db523f0a8a0c4
9da108dad761c24f3bf92790c83882472843e3d06d8bdda8743f4187c1d93c23
a30199dc4b0fb3a02863ada8d58f4491ba215661bb2391fe1655d8e75e787649
a33128c94dd3c425bc3f4a9ba389a1f3d7a75233e8cb788ea80f8f43a3d68423
a5abdd6df1d760db1c6749fd92ce2d8a037cb411bc4849da3277cbedab35b8f5
a7bfb2ef6587c1531e20cf111d0095577485ba06f89e933e95f3ce9b1c5890f5
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aa7cfefb24051850e7eea890d015415748eae8b8084c3e710bdf46d799c257bb
ab24c94a6c443c60e36e879960bf136e69dc08402883c0292d3a44a8da98474a
ac9c69c1f6df29993331f7e3f9b7ec6d343575d60f4a5795456422e33bcf15d2
ad8caeb7b64eea0fb1ab370dfd8bebfbfccd7bef986abd415f7a495a09a8e1f0
adf2523156431815d7acccfb2fb25ea818fb3b231d1ba0c20df2377fd815192a
ae55c313220f063fdb3dc157a89a22e6a20a400cdd5b639a5aabfa4ae91e476a
b07871da02311868c31ab6ac5a4e78cc877f118acd854857f6f51519f3ddbbc9
b825cc32ded55e1caa04b70f4b7f0f3010cfbbff4e1d89a035666b649ba2f782
b87ef2efd898acfddc8308449b24a558eca1e77f8e66802f03fab8c5d063d92a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c250924012fdc9ea9516b30650895201cd167dbd49c9d148924f30881abfa393
c40da8018356b16f1cb78babdfe38139c129d453b965fd6d0d9d8c637c063ca6
c4d04d2b6a041dde11c80d8332f983a58c1031c663ab4f42230899cb82adf4a7
c4dcf1d72acbe2bfd136649ccbd6db931817e80b60441c95cf57b6cdb36a5e0b
cc6061367e4f3d946a4ed9bee8fb906e2db5738c15126084ab3c137e5e8004b1
ceb4ce0bba67a12e21af094eb24293d7ea8bffaffc237a1cd90394c7588eaec9
cfcbe25d611e3cd005ea556aeb269ca4395d124b5c583b4bd0eefabd2c1a8fa3
d1d9490b446cf79c9b7e0503f229b5051947797373a14fca1d5621ea7dc1e369
d392efc23c03ef13a82d4026c90c93e033f4fbd68454edec92f865358e17d3b3
d7ff8e6a9195e90e19699804f73e091aab3ab52265c972808f403fa9d3171c05
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfbb960bd83d748588476e7e26fc34b8ab093c3cb762b60268a8ce66350f283f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2
ee536a0a449e09427b5693405097b4dc758bceed3e4cc35bd53a7ef83218b279
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efad755939e511f2bc1feb0d58d6014006e8598a4d431f27a66dd59e14fc19cb
f80899af01e1c97f66fa3f437c183b0c9668bf723c5ad83d54bdfc258a055eec
fb39703b5a0f97dcbc12a0dec622b3c4cf187958f5a838db3d70e5dfa528fb77
fbafece58e723a3541c65b858938222a7d4a81e103aa7e5c69d8a361c32d4ce7

blog.barracuda.com Open in urlscan Pro 20.226.161.182 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

104 Requests

94 %HTTPS

59 %IPv6

18 Domains

28 Subdomains

26 IPs

3 Countries

3278 kBTransfer

7425 kBSize

35 Cookies

73 Outgoing links

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

blog.barracuda.com Open in urlscan Pro
20.226.161.182 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

94 %
HTTPS

59 %
IPv6

18
Domains

28
Subdomains

26
IPs

3
Countries

3278 kB
Transfer

7425 kB
Size

35
Cookies

104 HTTP transactions
15 data transactions