www.darkreading.com Open in urlscan Pro
2606:4700::6810:ddab Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Submission: On August 15 via api (August 15th 2024, 2:13:59 am UTC) from TR — Scanned from DE

Summary HTTP 131 Redirects Links 37 Behaviour Indicators

Summary

This website contacted 31 IPs in 4 countries across 25 domains to perform 131 HTTP transactions. The main IP is 2606:4700::6810:ddab, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.darkreading.com. The Cisco Umbrella rank of the primary domain is 160544.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 9th 2024. Valid for: 10 months.

This is the only time www.darkreading.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 63	2606:4700::68... 2606:4700::6810:ddab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
15	2606:4700::68... 2606:4700::6812:562a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f27... 2a03:2880:f277:1e8:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1c7f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
3	18.245.86.39 18.245.86.39	16509 (AMAZON-02) (AMAZON-02)
1	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
2	2a05:d018:94a... 2a05:d018:94a:8a00:50f4:1a8d:acea:bd29	16509 (AMAZON-02) (AMAZON-02)
3	185.221.85.3 185.221.85.3	206998 (NEW-2) (NEW-2)
2	172.64.150.107 172.64.150.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:216... 2600:9000:2165:9a00:18:1fcd:354:4b41	16509 (AMAZON-02) (AMAZON-02)
1	104.18.11.34 104.18.11.34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.192.32 18.66.192.32	16509 (AMAZON-02) (AMAZON-02)
1	108.138.36.71 108.138.36.71	16509 (AMAZON-02) (AMAZON-02)
1	54.230.228.47 54.230.228.47	16509 (AMAZON-02) (AMAZON-02)
1	44.197.36.28 44.197.36.28	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	52.85.65.120 52.85.65.120	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.79 18.66.112.79	16509 (AMAZON-02) (AMAZON-02)
2	18.157.233.212 18.157.233.212	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:e0ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
131	31

63 2606:4700::6810:ddab (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.66.137 (San Francisco, United States)

ASN54113 (FASTLY, US)

eu-images.contentstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700::6812:562a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f277:1e8:face:b00c:0:4420 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1c7f (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www3.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

marketingplatform.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.245.86.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-39.fra60.r.cloudfront.net

static.iris.informa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:94a:8a00:50f4:1a8d:acea:bd29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

cognito-identity.eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.221.85.3 (Ireland)

ASN206998 (NEW-2, IE)

bam.eu01.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.150.107 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

api.iiris.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2165:9a00:18:1fcd:354:4b41 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.11.34 (None, )

ASN13335 (CLOUDFLARENET, US)

6600d6d98e534115970f9529a45f3195.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-32.muc50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-71.muc50.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.228.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-47.muc50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.197.36.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-36-28.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.65.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-65-120.muc50.r.cloudfront.net

cdn.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-79.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.157.233.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-233-212.eu-central-1.compute.amazonaws.com

eu01.in.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:e0ab (United States)

ASN13335 (CLOUDFLARENET, US)

c.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	darkreading.com 1 redirects www.darkreading.com — Cisco Umbrella Rank: 160544 c.darkreading.com	712 KB
15	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 554	394 KB
11	contentstack.com eu-images.contentstack.com — Cisco Umbrella Rank: 55547	390 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	293 KB
3	treasuredata.com cdn.treasuredata.com — Cisco Umbrella Rank: 19054 eu01.in.treasuredata.com — Cisco Umbrella Rank: 53304	20 KB
3	nr-data.net bam.eu01.nr-data.net — Cisco Umbrella Rank: 11782	2 KB
3	informa.com static.iris.informa.com — Cisco Umbrella Rank: 162926	2 MB
3	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662 marketingplatform.google.com — Cisco Umbrella Rank: 12212	130 KB
3	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280 www3.doubleclick.net — Cisco Umbrella Rank: 19709	180 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1335 script.hotjar.com — Cisco Umbrella Rank: 2017	62 KB
2	ubembed.com 6600d6d98e534115970f9529a45f3195.js.ubembed.com — Cisco Umbrella Rank: 740539 assets.ubembed.com — Cisco Umbrella Rank: 26103	50 KB
2	iiris.com api.iiris.com — Cisco Umbrella Rank: 385150	2 KB
2	amazonaws.com cognito-identity.eu-west-1.amazonaws.com — Cisco Umbrella Rank: 6547	2 KB
2	gstatic.com fonts.gstatic.com	66 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	91 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 4716	232 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3123
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1859	201 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 2461	15 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157	64 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 1453	32 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 1019	312 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1223	7 KB
1	instagram.com www.instagram.com — Cisco Umbrella Rank: 1555	22 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1 KB
131	25

	Domain	Requested by
62	www.darkreading.com	1 redirects www.darkreading.com
15	cdn.cookielaw.org	www.darkreading.com
11	eu-images.contentstack.com	www.darkreading.com
5	www.googletagmanager.com	www.darkreading.com
3	bam.eu01.nr-data.net	www.darkreading.com
3	static.iris.informa.com	www.darkreading.com
2	c.darkreading.com	static.iris.informa.com
2	eu01.in.treasuredata.com	www.darkreading.com
2	api.iiris.com	www.darkreading.com
2	cognito-identity.eu-west-1.amazonaws.com	www.darkreading.com
2	fundingchoicesmessages.google.com	www.darkreading.com
2	fonts.gstatic.com	fonts.googleapis.com
2	connect.facebook.net	www.darkreading.com
2	securepubads.g.doubleclick.net	www.darkreading.com
1	vc.hotjar.io	www.darkreading.com
1	cdn.treasuredata.com	www.darkreading.com
1	region1.google-analytics.com	www.darkreading.com
1	ping.chartbeat.net
1	script.hotjar.com	www.darkreading.com
1	assets.ubembed.com	www.darkreading.com
1	static.hotjar.com	www.darkreading.com
1	6600d6d98e534115970f9529a45f3195.js.ubembed.com	www.darkreading.com
1	static.chartbeat.com	www.darkreading.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	js-agent.newrelic.com	www.darkreading.com
1	marketingplatform.google.com	www.darkreading.com
1	www3.doubleclick.net	1 redirects
1	geolocation.onetrust.com	www.darkreading.com
1	static.cloudflareinsights.com	www.darkreading.com
1	www.instagram.com	www.darkreading.com
1	fonts.googleapis.com	www.darkreading.com
131	31

This site contains links to these domains. Also see Links.

Domain
www.informa.com
dr-resources.darkreading.com
twitter.com
www.linkedin.com
www.facebook.com
www.youtube.com
news.google.com
www.twitter.com
www.reddit.com
www.group-ib.com
www.blackhat.com
iw-resources.informationweek.com
www.informationweek.com
informationweek.com
info.wrightsmedia.com
www.informatech.com
www.onetrust.com

Subject Issuer	Validity	Valid
darkreading.com Cloudflare Inc ECC CA-3	`2024-03-09` - `2024-12-31`	10 months	crt.sh
*.contentstack.com Gandi RSA Domain Validation Secure Server CA 3	`2024-07-11` - `2025-07-22`	a year	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
cookielaw.org WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-24` - `2024-08-22`	3 months	crt.sh
*.www.instagram.com DigiCert SHA2 High Assurance Server CA	`2024-05-24` - `2024-08-22`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-07-06` - `2024-10-04`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
geolocation.onetrust.com WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
static.iris.informa.com Amazon RSA 2048 M03	`2024-06-03` - `2025-07-01`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
cognito-identity.eu-west-1.amazonaws.com Amazon RSA 2048 M02	`2024-04-07` - `2025-05-06`	a year	crt.sh
*.eu01.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2023-11-03` - `2024-10-01`	a year	crt.sh
iiris.com WE1	`2024-06-28` - `2024-09-26`	3 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2024-05-15` - `2025-06-06`	a year	crt.sh
*.js.ubembed.com E6	`2024-08-09` - `2024-11-07`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
assets.ubembed.com Amazon RSA 2048 M03	`2023-12-06` - `2025-01-03`	a year	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
*.treasuredata.com Amazon RSA 2048 M03	`2024-06-18` - `2025-07-17`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-02-07` - `2025-03-08`	a year	crt.sh
*.in.treasuredata.com Amazon RSA 2048 M02	`2024-04-24` - `2025-05-23`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Frame ID: C56C13B6624FB5ED43F1856EE0A75626
Requests: 124 HTTP requests in this frame

Frame: https://www.darkreading.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/cc21665cd7b9/main.js
Frame ID: 2B3AB06021D4EFCA082F049E9AB890D0
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-5523ZCM
Frame ID: 6D2173E513F31DDBB5E54245EBDD6BAB
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-WB8Q7XR
Frame ID: EE55131A33AFE593D12E90FE999005A3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ransomware Group Behind Major Indonesian Attack Wears Many Masks

Detected technologies

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

131
Requests

98 %
HTTPS

61 %
IPv6

25
Domains

31
Subdomains

31
IPs

4
Countries

4115 kB
Transfer

10277 kB
Size

16
Cookies

37 Outgoing links

These are links going to different origins than the main page.

URL: https://www.informa.com/
Title: Informa PLC

Search URL Search Domain Scan URL

URL: https://www.informa.com/about-us/
Title: ABOUT US

Search URL Search Domain Scan URL

URL: https://www.informa.com/investors/
Title: INVESTOR RELATIONS

Search URL Search Domain Scan URL

URL: https://www.informa.com/talent/
Title: TALENT

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/free/w_defa3135/prgm.cgi
Title: Newsletter Sign-Up

Search URL Search Domain Scan URL

URL: https://twitter.com/DarkReading

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/dark-reading/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/darkreadingcom/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@DarkReadingOfficialYT

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMKmknwswtq63Aw?ceid=US:en&oc=3&hl=en-US&gl=US

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite/?url=https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer/sharer.php?u=https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Search URL Search Domain Scan URL

URL: http://www.twitter.com/intent/tweet?url=https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks&title=Ransomware%20Group%20Behind%20Major%20Indonesian%20Attack%20Wears%20Many%20Masks

Search URL Search Domain Scan URL

URL: https://www.group-ib.com/blog/brain-cipher-ransomware/
Title: related to at least three other groups

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa6707&ch=SBX&cid=_upcoming_webinars_8.500001458&_mc=_upcoming_webinars_8.500001458
Title: CISO Perspectives: How to make AI an Accelerator, Not a Blocker

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_manf82&ch=SBX&cid=_upcoming_webinars_8.500001468&_mc=_upcoming_webinars_8.500001468
Title: Your guide to the great SIEM migration

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_mend23&ch=SBX&cid=_upcoming_webinars_8.500001467&_mc=_upcoming_webinars_8.500001467
Title: How to Find and Fix Application Vulnerabilities

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_wiza58&ch=SBX&cid=_upcoming_webinars_8.500001460&_mc=_upcoming_webinars_8.500001460
Title: Securing Your Cloud Assets

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa6764&ch=SBX&cid=_upcoming_webinars_8.500001470&_mc=_upcoming_webinars_8.500001470
Title: Determining Exposure and Risk In The Event of a Breach

Search URL Search Domain Scan URL

URL: https://www.blackhat.com/upcoming.html#europe?cid=_session_16.500321&_mc=_session_16.500321
Title: Black Hat Europe - December 9-12 - Learn More

Search URL Search Domain Scan URL

URL: https://www.blackhat.com/sector/2024/?cid=_session_16.500320&_mc=_session_16.500320
Title: SecTor - Canada's IT Security Conference Oct 22-24 - Learn More

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_cybo171&ch=&cid=_analytics_7.300006016&_mc=_analytics_7.300006016
Title: Managing Third-Party Risk Through Situational Awareness

Search URL Search Domain Scan URL

URL: https://iw-resources.informationweek.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_ingg253&ch=sbx&cid=_analytics_7.300006014&_mc=_analytics_7.300006014
Title: 2024 InformationWeek US IT Salary Report

Search URL Search Domain Scan URL

URL: https://www.informationweek.com/whitepaper/security-monitoring/cloud-security/privileged-access-management-checklist/429733?cid=_analytics_7.300005907&_mc=_analytics_7.300005907
Title: Privileged Access Management Checklist

Search URL Search Domain Scan URL

URL: https://informationweek.com/whitepaper/cloud-security/security-management-and-analytics/sans-institute-survey-the-state-of-cloud-security/427033?cid=_analytics_7.300005899&_mc=_analytics_7.300005899
Title: SANS Institute Survey: The State of Cloud Security

Search URL Search Domain Scan URL

URL: https://informationweek.com/whitepaper/software/information-management/forrester-report-the-total-economic-impactandtrade-of-bizagi%E2%80%99s-low-code-intelligent-process-automation-platform/429123?cid=_analytics_7.300005896&_mc=_analytics_7.300005896
Title: Forrester Report: The Total Economic Impact Of Bizagi's Low-Code Intelligent Process Automation Platform

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_cybo171&ch=&cid=_whitepaper_14.500005743&_mc=_whitepaper_14.500005743
Title: Managing Third-Party Risk Through Situational Awareness

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_drah13&ch=SBX&cid=_whitepaper_14.500005713&_mc=_whitepaper_14.500005713
Title: OT Threat Intelligence Report: Fuxnet ICS Malware

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_logr40&ch=SBX&cid=_whitepaper_14.500005704&_mc=_whitepaper_14.500005704
Title: Threat Hunting in the Cloud: Adapting to the New Landscape

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_logr41&ch=SBX&cid=_whitepaper_14.500005703&_mc=_whitepaper_14.500005703
Title: Threat Hunting's Evolution:From On-Premises to the Cloud

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_manf77&ch=SBX&cid=_whitepaper_14.500005667&_mc=_whitepaper_14.500005667
Title: A Year in Review of Zero-Days Exploited In-the-Wild in 2023

Search URL Search Domain Scan URL

URL: https://info.wrightsmedia.com/informa-licensing-reprints-request
Title: Reprints

Search URL Search Domain Scan URL

URL: https://www.informatech.com/

Search URL Search Domain Scan URL

URL: https://www.informa.com/privacy-policy/
Title: Privacy|

Search URL Search Domain Scan URL

URL: https://www.informatech.com/terms-and-conditions/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79

https://www.darkreading.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.darkreading.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/cc21665cd7b9/main.js

Request Chain 91

https://www3.doubleclick.net/ HTTP 301
https://marketingplatform.google.com/about/enterprise/

131 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request ransomware-group-behind-major-indonesian-attack-wears-many-masks Show response
www.darkreading.com/threat-intelligence/ 262 KB
51 KB 49ms
25ms Document
text/html 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ace365700ba6e7b06be770bfb8af0c67126d768ef54e70108e05414e77c7afb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age: 152
cache-control: public, max-age=300, s-maxage=300, stale-while-revalidate=1500, stale-if-error=3600
cf-cache-status: HIT
cf-ray: 8b35aaf4c80a91db-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 15 Aug 2024 02:13:51 GMT
last-modified: Thu, 15 Aug 2024 02:11:19 GMT
server: cloudflare
strict-transport-security: max-age=3153600000
vary: Accept-Encoding

GET
H2 200 Masks-travelstock44-Alamy.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt7e493144beaaf8f4/66bd06b2402b6e413365b318/ 5 KB
5 KB 36ms
8ms Image
image/webp 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt7e493144beaaf8f4/66bd06b2402b6e413365b318/Masks-travelstock44-Alamy.jpg?width=1280&auto=webp&quality=10&format=jpg&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

ac9f137402e803caf00dbba3ca1af87ccb929845ed1f60ab1c8e9a6a1913ed7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: vpop-etou8240195
age: 23981
x-cache: HIT, HIT
fastly-io-info: ifsz=4741923 idim=7952x4473 ifmt=jpeg ofsz=4794 odim=1280x720 ofmt=webp
filename1: custom
content-disposition: inline; filename=Masks-travelstock44-Alamy.webp
fastly-stats: io=1
content-length: 4794
x-request-id: b6cbdf5fdc699ea67803f5ba1ee3b933
x-served-by: cache-ams2100094-AMS, cache-fra-eddf8230029-FRA
x-runtime: 56ms
server: contentstack
x-timer: S1723688032.546227,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "yNCz5wFOfEiiOh2mGThAjw+FIvWxJh6X++P8J3du9Ys"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 styles.generated-IVZR5GKI.css
www.darkreading.com/build/_assets/ 9 KB
3 KB 32ms
31ms Stylesheet
text/css 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_assets/styles.generated-IVZR5GKI.css

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00907159439e9ef97101ea78b51d2eb301b245edcd7ecaa75f8e59f76c587794

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542666
etag: W/"22b7-191327b7388"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5186691db-FRA

GET
H2 200 brand.generated-JVAYUVCA.css
www.darkreading.com/build/_assets/ 481 KB
60 KB 35ms
35ms Stylesheet
text/css 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_assets/brand.generated-JVAYUVCA.css

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e6bba94202d12311c71ae3bf0bd9150e3963e289e2cf27c1424c0e9e23656b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542666
cf-polished: origSize=494281
etag: W/"78ac9-191327b7388"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5186891db-FRA

GET
H2 200 css2
fonts.googleapis.com/ 21 KB
1 KB 49ms
27ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb121c45f498cba0f88de6e2235d95cf3307bb9ed5376f6a793b8253a520592f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 15 Aug 2024 02:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 15 Aug 2024 01:15:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Aug 2024 02:13:51 GMT

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/ 698 KB
127 KB 70ms
48ms Script
application/x-javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/OtAutoBlock.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bef8c9e1cd6bba25a5e7115d3b7a61a6ce406eaae651a82963069b98f7d39f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 15 Aug 2024 02:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 948
content-md5: 6CFV9VgY0bTzBc3YT/3fgw==
content-length: 129426
x-ms-lease-status: unlocked
last-modified: Wed, 15 May 2024 14:54:00 GMT
server: cloudflare
etag: 0x8DC74EEDACCD490
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0ceae01a-301e-00a2-12d7-a68cf5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8b35aaf5491392a7-FRA
expires: Fri, 16 Aug 2024 02:13:51 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 52ms
31ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1505aa0792421f831935f4761a95f31462a3dd097c8bd00ad8e9c765c8065517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 15 Aug 2024 02:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Wbr2pAeg61Hfi+2FuD0cYA==
age: 66661
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6882
x-ms-lease-status: unlocked
last-modified: Tue, 13 Aug 2024 06:29:30 GMT
server: cloudflare
etag: 0x8DCBB6149C9BAB8
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f56b62c7-b01e-003c-70b1-ed2751000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8b35aaf5391292a7-FRA

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 105 KB
32 KB 40ms
24ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff2ae6dc8eaf8e53d0a1bb261ef50519b34125cb0274928c44164d4599c3a352

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32594
x-xss-protection: 0
server: cafe
etag: 774 / 19950 / m202408080101 / config-hash: 10237371488836777627
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 15 Aug 2024 02:13:51 GMT

GET
H2 200 informaLogoWhite-RZAE7EJI.png
www.darkreading.com/build/_assets/ 2 KB
2 KB 43ms
39ms Image
image/png 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/informaLogoWhite-RZAE7EJI.png

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8b5050c00e65112ae30afa040177c7af59fafecf502c995f29073cc00d06666

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542532
cf-polished: origSize=4020
etag: W/"fb4-191327b7388"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 8b35aaf5288191db-FRA
content-length: 2114

GET
H2 200 Masks-travelstock44-Alamy.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt7e493144beaaf8f4/66bd06b2402b6e413365b318/ 282 KB
282 KB 14ms
7ms Image
image/webp 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt7e493144beaaf8f4/66bd06b2402b6e413365b318/Masks-travelstock44-Alamy.jpg?width=1280&auto=webp&quality=95&format=jpg&disable=upscale

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

220ced5aa59deb00845e2d683d56bab71b441d9958cc1df4840ee1543459b49b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: vpop-etou8240195
x-cache: HIT, HIT
fastly-io-info: ifsz=4741923 idim=7952x4473 ifmt=jpeg ofsz=288258 odim=1280x720 ofmt=webp
filename1: custom
content-disposition: inline; filename=Masks-travelstock44-Alamy.webp
fastly-stats: io=1
content-length: 288258
x-request-id: b6cbdf5fdc699ea67803f5ba1ee3b933
x-served-by: cache-ams2100094-AMS, cache-fra-eddf8230029-FRA
x-runtime: 56ms
server: contentstack
x-timer: S1723688032.546157,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "7cBkx7ngCxa1cqJ4uxFLwqDcGaRrzXLB1yQQ2zkmrNE"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 3, 0

GET
H2 200 email-decode.min.js Show response
www.darkreading.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
854 B 17ms
7ms Script
application/javascript 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 07 Aug 2024 09:35:25 GMT
server: cloudflare
etag: W/"66b33fdd-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8b35aaf588cb91db-FRA
expires: Sat, 17 Aug 2024 02:13:51 GMT

GET
H2 200 manifest-D1BD523C.js Show response
www.darkreading.com/build/ 32 KB
3 KB 28ms
23ms Script
application/javascript 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/manifest-D1BD523C.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea91d767853b2692daad5c119e7e84b44bd32af9b8e891013a5195ec87ffb218

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542622
etag: W/"815d-191327b7388"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5286d91db-FRA

GET
H2 200 entry.client-VXPJFK4D.js Show response
www.darkreading.com/build/ 462 B
447 B 27ms
23ms Script
application/javascript 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/entry.client-VXPJFK4D.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eae0cd3b8a59b8e0a2a8494c2b6cad5abef8647b9e52064c11802a2f8eb959de

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542618
cf-polished: origSize=463
etag: W/"1cf-191327b7388"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5286e91db-FRA

GET
H2 200 chunk-XWIFJKM6.js Show response
www.darkreading.com/build/_shared/ 40 KB
13 KB 33ms
29ms Script
application/javascript 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-XWIFJKM6.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c99753a9a0b95a19d14edb17048794e536ab0ac8782f0953e208b6a567dcb4d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542392
cf-polished: origSize=41413
etag: W/"a1c5-191327b7388"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5286f91db-FRA

GET
H2 200 chunk-2MCAGYUB.js Show response
www.darkreading.com/build/_shared/ 214 KB
69 KB 40ms
36ms Script
application/javascript 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-2MCAGYUB.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eec75e095590cdb68f03a5bae61904050fd1a4763c1c3be62e3b92c406a3c42f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542625
cf-polished: origSize=219386
etag: W/"358fa-191327b7388"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5287091db-FRA

GET
H2 200 chunk-63EVRDSK.js Show response
www.darkreading.com/build/_shared/ 7 KB
3 KB 30ms
26ms Script
application/javascript 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-63EVRDSK.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbd7ba9c2af7dabc67644196dacd718139ba839fb3d1c232169c48929dac551a

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542622
cf-polished: origSize=6881
etag: W/"1ae1-191327b7388"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5287291db-FRA

GET
H2 200 chunk-ADMCF34Z.js Show response
www.darkreading.com/build/_shared/ 953 B
600 B 38ms
34ms Script
application/javascript 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-ADMCF34Z.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79611d23ecaa67700bdea21cd1c64be8f870003ce33517e2a3b8be885823982d

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542618
cf-polished: origSize=954
etag: W/"3ba-191327b7388"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5287391db-FRA

GET
H2 200 chunk-EU6TSQJG.js Show response
www.darkreading.com/build/_shared/ 2 KB
870 B 28ms
24ms Script
application/javascript 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-EU6TSQJG.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20cbb68c751096ffcc7228c8264d233c80ef2a40a2a25acbcbeb53a3c7b0d524

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542622
cf-polished: origSize=1765
etag: W/"6e5-191327b7388"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5287591db-FRA

GET
H2 200 chunk-RZRUW7QG.js Show response
www.darkreading.com/build/_shared/ 99 B
155 B 34ms
30ms Script
application/javascript 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-RZRUW7QG.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eab917741c3d4e12a18565a289081249c60345a6928685b785db8877999fa181

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542622
cf-polished: origSize=100
etag: W/"64-191327b7388"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5287691db-FRA

GET
H2 200 chunk-CZQQJKCG.js Show response
www.darkreading.com/build/_shared/ 99 B
155 B 32ms
28ms Script
application/javascript 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-CZQQJKCG.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eab917741c3d4e12a18565a289081249c60345a6928685b785db8877999fa181

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542622
cf-polished: origSize=100
etag: W/"64-191327b7388"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5287791db-FRA

GET
H2 200 chunk-B7M2L5OV.js Show response
www.darkreading.com/build/_shared/ 99 B
182 B 32ms
28ms Script
application/javascript 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-B7M2L5OV.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eab917741c3d4e12a18565a289081249c60345a6928685b785db8877999fa181

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542618
cf-polished: origSize=100
etag: W/"64-191327b7388"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5287891db-FRA

GET
H2 200 chunk-67NRKQQN.js Show response
www.darkreading.com/build/_shared/ 11 KB
3 KB 37ms
33ms Script
application/javascript 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-67NRKQQN.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

857d443484485788878201929ecc19312eb0597600a3f72ac7ee524d81339b00

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542622
cf-polished: origSize=10983
etag: W/"2ae7-191327b7388"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5287991db-FRA

GET
H2 200 chunk-EXFQW4VK.js Show response
www.darkreading.com/build/_shared/ 1 KB
766 B 41ms
38ms Script
application/javascript 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-EXFQW4VK.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60ab0861a6b9950a9af9a2097d2131f1b7d36c62481174d0dda660191c4976eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542625
cf-polished: origSize=1387
etag: W/"56b-191327b7388"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5287a91db-FRA

GET
H2 200 chunk-R6EIBCBL.js Show response
www.darkreading.com/build/_shared/ 99 B
155 B 37ms
34ms Script
application/javascript 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-R6EIBCBL.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eab917741c3d4e12a18565a289081249c60345a6928685b785db8877999fa181

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542622
cf-polished: origSize=100
etag: W/"64-191327b7388"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5287c91db-FRA

GET
H2 200 chunk-VZQVWFLO.js Show response
www.darkreading.com/build/_shared/ 99 B
155 B 41ms
38ms Script
application/javascript 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-VZQVWFLO.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eab917741c3d4e12a18565a289081249c60345a6928685b785db8877999fa181

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542618
cf-polished: origSize=100
etag: W/"64-191327b7388"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5287f91db-FRA

GET
H2 200 chunk-SQAZXDZA.js Show response
www.darkreading.com/build/_shared/ 99 B
155 B 37ms
34ms Script
application/javascript 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-SQAZXDZA.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eab917741c3d4e12a18565a289081249c60345a6928685b785db8877999fa181

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542618
cf-polished: origSize=100
etag: W/"64-191327b7388"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5288091db-FRA

GET
H2 200 chunk-DA6QKOVK.js Show response
www.darkreading.com/build/_shared/ 99 B
178 B 46ms
43ms Script
application/javascript 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-DA6QKOVK.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eab917741c3d4e12a18565a289081249c60345a6928685b785db8877999fa181

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542612
cf-polished: origSize=100
etag: W/"64-191327b7388"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5288391db-FRA

GET
H2 200 chunk-CLBEOEX3.js Show response
www.darkreading.com/build/_shared/ 3 KB
1 KB 39ms
36ms Script
application/javascript 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-CLBEOEX3.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c94639b13d3858733c2d83a4348ac9434ab74361ceb089ccfcbfb10774e4661

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542625
cf-polished: origSize=3453
etag: W/"d7d-191327b7388"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5288491db-FRA

GET
H2 200 chunk-QVUW3IXO.js Show response
www.darkreading.com/build/_shared/ 99 B
182 B 53ms
50ms Script
application/javascript 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-QVUW3IXO.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eab917741c3d4e12a18565a289081249c60345a6928685b785db8877999fa181

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542622
cf-polished: origSize=100
etag: W/"64-191327b7388"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5288691db-FRA

GET
H2 200 chunk-SDR4T2CD.js Show response
www.darkreading.com/build/_shared/ 99 B
156 B 42ms
39ms Script
application/javascript 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-SDR4T2CD.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eab917741c3d4e12a18565a289081249c60345a6928685b785db8877999fa181

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542618
cf-polished: origSize=100
etag: W/"64-191327b7388"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5288791db-FRA

GET
H2 200 chunk-AFBZCYVE.js Show response
www.darkreading.com/build/_shared/ 3 KB
1 KB 46ms
43ms Script
application/javascript 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-AFBZCYVE.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb94cbeefd6b5cf414c8f1d32d00226f374a7a26a962e55ad179cc5871978a83

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542622
cf-polished: origSize=3056
etag: W/"bf0-191327b7388"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5288891db-FRA

GET
H2 200 chunk-DCUU76P6.js Show response
www.darkreading.com/build/_shared/ 2 MB
439 KB 62ms
60ms Script
application/javascript 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-DCUU76P6.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ec5ab5db25d1413fd2ff9aa8cf659f18eddd7db0a7d30427d35debe435ca3de

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542625
cf-polished: origSize=1787713
etag: W/"1b4741-191327b7388"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5288991db-FRA

GET
H2 200 chunk-3ALGTY57.js Show response
www.darkreading.com/build/_shared/ 8 KB
4 KB 57ms
54ms Script
application/javascript 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-3ALGTY57.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba4e35ef406aaa468df2936fc0472ea6c984bb3df0c4e49d76e3d98e287eac00

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542625
cf-polished: origSize=8196
etag: W/"2004-191327b7388"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5288a91db-FRA

GET
H2 200 root-ZJ7BHWYF.js Show response
www.darkreading.com/build/ 34 KB
11 KB 46ms
44ms Script
application/javascript 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/root-ZJ7BHWYF.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17ffe3e6ca8f3e4478661ecb29be4fce47e58a0c836b3f0ab3e818b09d864329

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542625
cf-polished: origSize=35058
etag: W/"88f2-191327b7388"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5288b91db-FRA

GET
H2 200 chunk-ED7QE4BI.js Show response
www.darkreading.com/build/_shared/ 142 B
212 B 46ms
43ms Script
application/javascript 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-ED7QE4BI.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a41b31d3fc11a54b030a945602bfb18ff6fb5e7dd4272bd93b1494419fc20d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542618
cf-polished: origSize=143
etag: W/"8f-191327b7388"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5288c91db-FRA

GET
H2 200 chunk-Q4P2UZ2X.js Show response
www.darkreading.com/build/_shared/ 2 KB
926 B 48ms
45ms Script
application/javascript 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-Q4P2UZ2X.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7a946a638d856e25819c71d3c1f1d94c017308d52ff38fc6490cdea324fc345

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542622
cf-polished: origSize=1953
etag: W/"7a1-191327b7388"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5288d91db-FRA

GET
H2 200 chunk-JSR73AOE.js Show response
www.darkreading.com/build/_shared/ 99 B
159 B 45ms
43ms Script
application/javascript 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-JSR73AOE.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eab917741c3d4e12a18565a289081249c60345a6928685b785db8877999fa181

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542622
cf-polished: origSize=100
etag: W/"64-191327b7388"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5288e91db-FRA

GET
H2 200 chunk-LQ3733GQ.js Show response
www.darkreading.com/build/_shared/ 1 KB
624 B 51ms
49ms Script
application/javascript 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-LQ3733GQ.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a207f6d1ceb4cc7466026f65bbdc7148247eaea973d2bd9a333c978646eb629

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542625
cf-polished: origSize=1105
etag: W/"451-191327b7388"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5289091db-FRA

GET
H2 200 chunk-665EJMD3.js Show response
www.darkreading.com/build/_shared/ 9 KB
3 KB 49ms
47ms Script
application/javascript 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-665EJMD3.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bb001c513726a866207818abff09314a53336ef7818e374a6589cc4b0577b96

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542622
cf-polished: origSize=8950
etag: W/"22f6-191327b7388"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5289191db-FRA

GET
H2 200 chunk-H35E3HS7.js Show response
www.darkreading.com/build/_shared/ 4 KB
2 KB 44ms
42ms Script
application/javascript 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-H35E3HS7.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3911d100f8fad60ac5b82a8662dc25834f26d89a97855cda4628f68b12eb2584

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542622
cf-polished: origSize=4095
etag: W/"fff-191327b7388"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5289291db-FRA

GET
H2 200 chunk-YAGPFSKF.js Show response
www.darkreading.com/build/_shared/ 3 KB
1 KB 43ms
41ms Script
application/javascript 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-YAGPFSKF.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6c26da7fd9126f616d8070b4e3bf38d178c53ba0da1f4bf24afea9613feb235

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542625
cf-polished: origSize=3232
etag: W/"ca0-191327b7388"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5289391db-FRA

GET
H2 200 chunk-5RPQOSHS.js Show response
www.darkreading.com/build/_shared/ 962 B
644 B 57ms
55ms Script
application/javascript 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-5RPQOSHS.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcb7401da9774a9b180ca4b13171ad071f52443587e03347ecc45d10848f203c

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542392
cf-polished: origSize=963
etag: W/"3c3-191327b7388"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5289591db-FRA

GET
H2 200 chunk-7WX3BG7O.js Show response
www.darkreading.com/build/_shared/ 594 B
414 B 68ms
66ms Script
application/javascript 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-7WX3BG7O.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2aa218236f7f4a84cf7078e8b3015b981a39802358c465c520329dfe3a93c6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542618
cf-polished: origSize=595
etag: W/"253-191327b7388"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5289691db-FRA

GET
H2 200 chunk-M55M6N4Q.js Show response
www.darkreading.com/build/_shared/ 955 B
549 B 49ms
48ms Script
application/javascript 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-M55M6N4Q.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23003e1fb39bd11477da8c1563005b542ead9daa0549e2412fa3241886d96eb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542622
cf-polished: origSize=956
etag: W/"3bc-191327b7388"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5289791db-FRA

GET
H2 200 chunk-IJ353W5V.js Show response
www.darkreading.com/build/_shared/ 99 B
155 B 54ms
52ms Script
application/javascript 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-IJ353W5V.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eab917741c3d4e12a18565a289081249c60345a6928685b785db8877999fa181

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542622
cf-polished: origSize=100
etag: W/"64-191327b7388"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5289891db-FRA

GET
H2 200 chunk-O5OSGOEN.js Show response
www.darkreading.com/build/_shared/ 99 B
161 B 55ms
54ms Script
application/javascript 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-O5OSGOEN.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eab917741c3d4e12a18565a289081249c60345a6928685b785db8877999fa181

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542618
cf-polished: origSize=100
etag: W/"64-191327b7388"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5289a91db-FRA

GET
H2 200 $topic.$slug._index-A5W75XGO.js Show response
www.darkreading.com/build/routes/ 63 KB
21 KB 68ms
66ms Script
application/javascript 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/routes/$topic.$slug._index-A5W75XGO.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e803506996de1509f6a71c03e97ae94e78bc514f526533031b1d0e96f9962627

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542622
cf-polished: origSize=64219
etag: W/"fadb-191327b7388"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf5289b91db-FRA

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
4 KB 39ms
8ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2849ea8969fb694df0fb783360609fa02d80b6065f3b35143464df2537324e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 15 Aug 2024 02:13:51 GMT
content-md5: EB2GvlpgFEa2g1cyinAaLQ==
document-policy: force-load-at-top
x-fb-server-load: 35
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1328, tbw=2807, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug: v7+A+wRctWVK8nyHH2T0Dbgv7u+GNY420ol1mJvZW0+/Ye4gP0w1KguPuYqVayQxsV2+gOVWKagDtSjHLxe5Rw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 10c81a08e07cbf7c2ab2b474f88a7862
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "e16f83b1d1ff47d849d2d8e56356654a"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Thu, 15 Aug 2024 02:17:54 GMT

GET
H2 200 embed.js Show response
www.instagram.com/ 57 KB
22 KB 208ms
178ms Script
application/x-javascript 2a03:2880:f277:1e8:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.instagram.com/embed.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f277:1e8:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6a4527371a869e094a670ff7777cc515e8d04cca97d64d8e933ac80f9e99ea9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: zstd
x-content-type-options: nosniff
date: Thu, 15 Aug 2024 02:13:51 GMT
content-md5: KWRFFsLegbu/H+6d4wCnYg==
document-policy: force-load-at-top
edge-control: cache-maxage=1200s
x-fb-server-load: 49
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20560
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown", permissions_policy="https://www.instagram.com/error/ig_web_error_reports/"
x-fb-debug: BAvceIyyJoeXqjQ5LNvoChp8tiNf2InefeCn9MUdyyOtkG9LWClyp99cNPBDgkyqSsciUNaTLTOI65enBMkE8Q==
x-fb-content-md5: b90b92d0a8f1f5d4f9cb7de863360c34
x-stack: www
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "6070e5e104a596d0117da03dafab9092"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(self), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Thu, 15 Aug 2024 02:33:51 GMT

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 66ms
47ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8b35aaf61e231d92-FRA

GET
H2 200 4b083961-e2ac-4755-8801-f7c83a5fb187.json Show response
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/ 6 KB
3 KB 38ms
23ms XHR
application/x-javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/4b083961-e2ac-4755-8801-f7c83a5fb187.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30ac95fbea6ac28a43d8b4a46f7a694d4f52bf97e7e910e548f29b8376393cf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 15 Aug 2024 02:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 19960
content-md5: hC36EuFyPoi+34xrtwLkcQ==
content-length: 1995
x-ms-lease-status: unlocked
last-modified: Wed, 15 May 2024 14:53:59 GMT
server: cloudflare
etag: 0x8DC74EEDA46A11C
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6fc27e9d-c01e-0052-22d7-a65c9b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8b35aaf618c4bbe3-FRA
expires: Fri, 16 Aug 2024 02:13:51 GMT

GET
H2 200 Bars-F4G2A5NO.svg
www.darkreading.com/build/_assets/ 554 B
329 B 23ms
22ms Image
image/svg+xml 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Bars-F4G2A5NO.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e4d00cfee02d472b0c80124f87c00a8cb8ea5610201ebbf922d894d2fea4db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542392
etag: W/"22a-191327b7388"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf6194391db-FRA

GET
H2 200 Search-T2ANYVG5.svg
www.darkreading.com/build/_assets/ 493 B
452 B 23ms
22ms Image
image/svg+xml 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Search-T2ANYVG5.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

592356a6c52e99185da7862c1bc4929308efd3618e8f1c8e1dd665abf205ee62

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542569
etag: W/"1ed-191327b7388"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf6294591db-FRA

GET
H2 200 ChevronDown-PF4EH6J6.svg
www.darkreading.com/build/_assets/ 449 B
364 B 28ms
27ms Image
image/svg+xml 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/ChevronDown-PF4EH6J6.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

882c0ef9f4096af29e037f9ba9dcbc71a46605828ae12a77002c0fa5e00c309a

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542611
etag: W/"1c1-191327b7388"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf6294691db-FRA

GET
H2 200 Clock-MSX4SBCD.svg
www.darkreading.com/build/_assets/ 471 B
395 B 27ms
24ms Image
image/svg+xml 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Clock-MSX4SBCD.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae59b218ab2a4bdc90c9da5d696d7c14eb10c26ddfe9882dc74f4e4e0deb7255

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542618
etag: W/"1d7-191327b7388"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf6294f91db-FRA

GET
H2 200 Linkedin-VQUF3EEQ.svg
www.darkreading.com/build/_assets/ 400 B
338 B 34ms
30ms Image
image/svg+xml 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Linkedin-VQUF3EEQ.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fe6411146e7aabcda85d71ec42eabe4fe5fb199f0e9ad759bfa78a42a853535

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542621
etag: W/"190-191327b7388"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf6295091db-FRA

GET
H2 200 Facebook-CJB5G2HY.svg
www.darkreading.com/build/_assets/ 272 B
270 B 29ms
26ms Image
image/svg+xml 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Facebook-CJB5G2HY.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58016ccef8b151b18ba8a751a7666689dcb78facc25a8710434d2e8629a83142

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542621
etag: W/"110-191327b7388"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf6295191db-FRA

GET
H2 200 Twitter-WD5AOEQ7.svg
www.darkreading.com/build/_assets/ 404 B
345 B 24ms
21ms Image
image/svg+xml 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Twitter-WD5AOEQ7.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8f35a67f2129d433d9a690160ea7f637686033f5055199a7788f1bb500fe0e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542618
etag: W/"194-191327b7388"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf6295391db-FRA

GET
H2 200 Email-47H7P533.svg
www.darkreading.com/build/_assets/ 777 B
514 B 35ms
32ms Image
image/svg+xml 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Email-47H7P533.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ef59df86d3826ee2048c7707b14be9a819ffe3ce87ca7e989511ac24e447812

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542621
etag: W/"309-191327b7388"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf6295591db-FRA

GET
H2 200 Reddit-5TRN6TDE.svg
www.darkreading.com/build/_assets/ 1 KB
679 B 46ms
44ms Image
image/svg+xml 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Reddit-5TRN6TDE.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7dd61f31dd9d4d1b9e2b24e139ddcaef62287a13664cdb50544ea421f1a1899

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542618
etag: W/"471-191327b7388"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf6295791db-FRA

GET
H2 200 Printer-U5RDBVFZ.svg
www.darkreading.com/build/_assets/ 741 B
526 B 30ms
28ms Image
image/svg+xml 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Printer-U5RDBVFZ.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b75529201e97f7566ae404c0bd803c64ce29092a13c8e1893369ef3c32c6337

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542618
etag: W/"2e5-191327b7388"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf6295991db-FRA

GET
H2 200 ChalkBoard-7VYJPH3F.svg
www.darkreading.com/build/_assets/ 752 B
505 B 25ms
23ms Image
image/svg+xml 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/ChalkBoard-7VYJPH3F.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62eee22f7f92913689361d7cad70e166c1f0fe52937c1269996cffaa712e60f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542618
etag: W/"2f0-191327b7388"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf6295a91db-FRA

GET
H2 200 ChevronRight-W5LPP5NG.svg
www.darkreading.com/build/_assets/ 305 B
287 B 30ms
28ms Image
image/svg+xml 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/ChevronRight-W5LPP5NG.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8a03522223cf64474a1f91e02c8069ea5560a23266b37b476d7602a621f0c38

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542621
etag: W/"131-191327b7388"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf6295b91db-FRA

GET
H2 200 Date-KJRS72FO.svg
www.darkreading.com/build/_assets/ 1 KB
498 B 33ms
31ms Image
image/svg+xml 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Date-KJRS72FO.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed870769c4fd967977ef0930a14927ac6035d0a9fcd9db0bcef385da69bea2eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542621
etag: W/"54d-191327b7388"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf6295d91db-FRA

GET
H2 200 Document-NG4YMZFA.svg
www.darkreading.com/build/_assets/ 801 B
427 B 34ms
33ms Image
image/svg+xml 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Document-NG4YMZFA.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b475b63a797144d91a4b2e34499ab7321bdf6d298d5f1177ec1fa3f5d3b4e0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542621
etag: W/"321-191327b7388"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf6295e91db-FRA

GET
H2 200 Youtube-S4PSC4UA.svg
www.darkreading.com/build/_assets/ 570 B
391 B 26ms
23ms Image
image/svg+xml 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Youtube-S4PSC4UA.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b21643da63b2c4ecc10d42f29531dd1830ea86dc7fa876cf0e0d570b76bbb3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542618
etag: W/"23a-191327b7388"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf6396091db-FRA

GET
H2 200 RSS-3XFHIVCK.svg
www.darkreading.com/build/_assets/ 632 B
421 B 29ms
26ms Image
image/svg+xml 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/RSS-3XFHIVCK.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff5c6ccd23219200d1ba0f66c328e5c014b436bc783b6ce18873dd9d6ac216c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542621
etag: W/"278-191327b7388"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf6396191db-FRA

GET
H2 200 GoogleNews-6O72APW7.svg
www.darkreading.com/build/_assets/ 897 B
558 B 37ms
34ms Image
image/svg+xml 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/GoogleNews-6O72APW7.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62a683fb450f7fa9845bc05412211a15a4b09b406db0c7fcb6fe2fe18acff1ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 127016
etag: W/"381-191327b7388"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aaf6396291db-FRA

GET
H2 200 UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/ 47 KB
48 KB 46ms
8ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 13:58:37 GMT
x-content-type-options: nosniff
age: 130514
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48444
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 13:58:37 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa0ZL7SUc.woff2
fonts.gstatic.com/s/inter/v18/ 18 KB
18 KB 48ms
16ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa0ZL7SUc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62cc01daef72c3ea76a258445368d2f4ab8d05a91f91c53fd12f7c42e3325942

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 13:58:12 GMT
x-content-type-options: nosniff
age: 130539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18740
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:47:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 13:58:12 GMT

GET
H2 200 Logo_-_Dark_Reading.svg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte9ead971f13c662e/65437029846d7c040a6e588d/ 3 KB
2 KB 19ms
12ms Image
image/svg+xml 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte9ead971f13c662e/65437029846d7c040a6e588d/Logo_-_Dark_Reading.svg?width=476&auto=webp&quality=80&disable=upscale

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

c3c2e2538dd857e04bb340d6230c8eeedca607d219bceba19897333cbd74b4f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
strict-transport-security: max-age=31557600
content-encoding: gzip
fastly-io-served-by: vpop-etou8240194
age: 5512031
x-cache: HIT, HIT
filename1: custom
content-disposition: inline; filename=Logo_-_Dark_Reading.svg+xml
fastly-stats: io=1
content-length: 1435
x-request-id: f555168da4fd2b1379ee5ef757e5ea4d
x-served-by: cache-ams2100138-AMS, cache-fra-eddf8230029-FRA
x-runtime: 135ms
server: contentstack
x-timer: S1723688032.734069,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
vary: Accept
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 818, 3

GET
H2 200 Dark_Reading_Logo_Global_k.png
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltc8a6395802cafad0/654e0d60123f32040a075bab/ 4 KB
5 KB 25ms
19ms Image
image/webp 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltc8a6395802cafad0/654e0d60123f32040a075bab/Dark_Reading_Logo_Global_k.png?width=700&auto=webp&quality=80&disable=upscale

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

93b04b3312ba8f544f1590d50d4ce790bf1363e77d98d2bfb39e8babc6c5b922

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img05-europe-west2
x-cache: HIT, HIT
fastly-io-info: ifsz=20304 idim=650x200 ifmt=png ofsz=4448 odim=650x200 ofmt=webp
filename1: custom
content-disposition: inline; filename=Dark_Reading_Logo_Global_k.webp
fastly-stats: io=1
content-length: 4448
x-request-id: 2b758690cd7691a87652d5fe06e001be
x-served-by: cache-ams21061-AMS, cache-fra-eddf8230029-FRA
x-runtime: 80ms
server: contentstack
x-timer: S1723688032.734980,VS0,VE4
x-contentstack-organization: blt5948195ac13977b0
etag: "+P6yk1vKUcL6TjXVjG346FUIHOsJ0N+ZyF1cSDipIjc"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 10, 0

GET
H2 200 Nate-Nelson_(1).jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt00df7fa701809c8c/64f15c901c6887515143a4d1/ 3 KB
4 KB 22ms
16ms Image
image/webp 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt00df7fa701809c8c/64f15c901c6887515143a4d1/Nate-Nelson_(1).jpg?width=100&auto=webp&quality=80&disable=upscale

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

0f155ecc49cf3427c761b27ef11fcc6d210fb27a9355d70fd5a30e5f1893452a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img02-europe-west2
age: 3788420
x-cache: HIT, HIT
fastly-io-info: ifsz=234689 idim=881x923 ifmt=jpeg ofsz=3376 odim=100x105 ofmt=webp
filename1: custom
content-disposition: inline; filename=Nate-Nelson_(1).webp
fastly-stats: io=1
content-length: 3376
x-request-id: b59871c387f23bdedc07c4127ab539dd
x-served-by: cache-ams12769-AMS, cache-fra-eddf8230029-FRA
x-runtime: 123ms
server: contentstack
x-timer: S1723688032.734312,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "qPc4Ej0Icam3tgfIlB+gqtt4GyFe8VrlHnMKfkTmDM4"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 13, 1

GET
H2 200 TippaPatt-AI-code-shutterstock.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt5f435ad2bd1455e4/66b67e858365acc482f6d26e/ 26 KB
26 KB 17ms
11ms Image
image/webp 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt5f435ad2bd1455e4/66b67e858365acc482f6d26e/TippaPatt-AI-code-shutterstock.jpg?width=700&auto=webp&quality=80&disable=upscale

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

5749a427abb1ef8076c627249ec6157ec01017887b719e5f8caffb586cf6234b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: vpop-etou8240195
age: 452057
x-cache: HIT, HIT
fastly-io-info: ifsz=269767 idim=1920x1080 ifmt=jpeg ofsz=26414 odim=700x394 ofmt=webp
filename1: custom
content-disposition: inline; filename=TippaPatt-AI-code-shutterstock.webp
fastly-stats: io=1
content-length: 26414
x-request-id: 1c18f05d51feac7ede0119bc0cfe7c2b
x-served-by: cache-ams21060-AMS, cache-fra-eddf8230029-FRA
x-runtime: 43ms
server: contentstack
x-timer: S1723688032.734306,VS0,VE0
x-contentstack-organization: blt5948195ac13977b0
etag: "YDPdmBHJB35Hbk9lgZ3TbhO/Lrf00twRzsCmGKEJnt0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 240, 2

GET
H2 200 Blue_screen_of_death-Maurice_Savage-Alamy.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte38db877744128d6/66b53bfdd67a131b5e98054e/ 15 KB
15 KB 19ms
13ms Image
image/webp 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte38db877744128d6/66b53bfdd67a131b5e98054e/Blue_screen_of_death-Maurice_Savage-Alamy.jpg?width=700&auto=webp&quality=80&disable=upscale

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

bf716a9d8788ba1733e3b09dd594c8cf7c921ad80823d418ab6e1a7d401f25e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: vpop-etou8240196
age: 306422
x-cache: HIT, HIT
fastly-io-info: ifsz=3454270 idim=5298x2982 ifmt=jpeg ofsz=15074 odim=700x394 ofmt=webp
filename1: custom
content-disposition: inline; filename=Blue_screen_of_death-Maurice_Savage-Alamy.webp
fastly-stats: io=1
content-length: 15074
x-request-id: f79b56ce792440daf7d94188fa1338dd
x-served-by: cache-ams2100102-AMS, cache-fra-eddf8230029-FRA
x-runtime: 125ms
server: contentstack
x-timer: S1723688032.734313,VS0,VE0
x-contentstack-organization: blt5948195ac13977b0
etag: "Z+AZYsZ0T8mvtQTxVrKx3PWTZ7ZP5Mn5k6HZRnYyp10"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 29, 2

GET
H2 200 crowdstrike_T.Schneider_shutterstock.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltd399556d3a8abf22/669fd6cd436379475fe4953d/ 12 KB
13 KB 21ms
14ms Image
image/webp 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltd399556d3a8abf22/669fd6cd436379475fe4953d/crowdstrike_T.Schneider_shutterstock.jpg?width=700&auto=webp&quality=80&disable=upscale

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

8378c555c9d55bf6576ca6eef9216498e2f340bc3c86f1cb3c8d55a5784aaab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: vpop-etou8240192
age: 763922
x-cache: HIT, HIT
fastly-io-info: ifsz=209076 idim=1920x1080 ifmt=jpeg ofsz=12400 odim=700x394 ofmt=webp
filename1: custom
content-disposition: inline; filename=crowdstrike_T.Schneider_shutterstock.webp
fastly-stats: io=1
content-length: 12400
x-request-id: af10db72e8fd1320cccd21f4bcdda9f4
x-served-by: cache-ams21074-AMS, cache-fra-eddf8230029-FRA
x-runtime: 61ms
server: contentstack
x-timer: S1723688032.734293,VS0,VE0
x-contentstack-organization: blt5948195ac13977b0
etag: "yWFAbDSdXEKXEj2lhFzvOz3UWdvODw4bpMNFnz5fcRo"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 27, 2

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 66 B
312 B 45ms
27ms XHR
application/json 2606:4700::6812:1c7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c7f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 8b35aaf6ac10691f-FRA
access-control-allow-headers: Content-Type

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/ 474 KB
148 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4914b807405c17918f0690e7ab75bfb6eba6053859cc7eb477f0482c255b8075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 18:39:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27236
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 151130
x-xss-protection: 0
server: cafe
etag: 11205447520193479331
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 14 Aug 2025 18:39:55 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 305 KB
87 KB 20ms
11ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=40658d4913c15b26ce2f135a1c9e3971

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2fc7dbae68d116fec327705f0bcde7fb6e6dbeea8a0ee2a64b4a561798742551

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 15 Aug 2024 02:13:51 GMT
content-md5: bOC7Su6MFZkpQzDdiZzp9g==
document-policy: force-load-at-top
x-fb-server-load: 34
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 89136
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4361, tp=9, tpl=0, uplat=1, ullat=-1
x-fb-debug: r1R6Wt/KmfT6BbHCDsbwoB9M1WHPtrWJOjJzG8jnTeGfliDLBUMA4C9LXw1RFpIK9WnMgjNiAG3g33F2vJ+3aw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 9ccff94f23a87cb25bab07a9bb171207
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "8118c604e49c3e44cdc1e3c1ecd3d321"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Thu, 14 Aug 2025 22:52:23 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202404.1.0/ 448 KB
109 KB 17ms
15ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202404.1.0/otBannerSdk.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05c58c759cab8d50d5e7f9d3b2faedcc0dd45fa3fb50899a224363a1dea93605

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 15 Aug 2024 02:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: OwLk2N0IZ0eq8ykUTltEhw==
age: 15180
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 111077
x-ms-lease-status: unlocked
last-modified: Tue, 16 Jul 2024 21:54:14 GMT
server: cloudflare
etag: 0x8DCA5E1D524AD71
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4785b082-901e-0046-71cb-d74d1c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8b35aaf7299f92a7-FRA

GET
H2

200

main.js Show response
www.darkreading.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/cc21665cd7b9/ Frame 2B3A
Redirect Chain

https://www.darkreading.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.darkreading.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/cc21665cd7b9/main.js?

8 KB
4 KB

14ms
14ms

Script
application/javascript

2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/cc21665cd7b9/main.js?

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c38d0d44ba831f6b487dc8ff7418d952c30742e9ecd59adde5ba08ec33c9d8c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8b35aaf81a7b91db-FRA

Redirect headers

date: Thu, 15 Aug 2024 02:13:51 GMT
server: cloudflare
vary: Accept-Encoding
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/cc21665cd7b9/main.js?
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8b35aaf729f891db-FRA
content-length: 0

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/018e79f4-6dd9-7353-baf3-73e0b04d3d84/ 124 KB
29 KB 37ms
37ms Fetch
application/x-javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/018e79f4-6dd9-7353-baf3-73e0b04d3d84/en.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8337ca47cb236fe809acbdb3415447b502b070238e57e4de13ab0cafc24aaf03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 15 Aug 2024 02:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 76370
content-md5: NM9jaqqvWMdT/igJIWbKfQ==
content-length: 29187
x-ms-lease-status: unlocked
last-modified: Wed, 15 May 2024 14:54:13 GMT
server: cloudflare
etag: 0x8DC74EEE2D5C3D2
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 15d177f5-b01e-00fb-702e-cb5b90000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8b35aaf84b4abbe3-FRA
expires: Fri, 16 Aug 2024 02:13:52 GMT

GET
H2 200 iab2V2Data.json Show response
cdn.cookielaw.org/vendorlist/ 588 KB
76 KB 19ms
18ms Fetch
application/x-javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/vendorlist/iab2V2Data.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f832c764b6f453323743c976586ce9443740a911b12eca61cfa34fbff05c1262

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 15 Aug 2024 02:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Drk6+4OEd5LcP5xXHZgIQw==
age: 27025
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 77602
x-ms-lease-status: unlocked
last-modified: Wed, 14 Aug 2024 16:08:15 GMT
server: cloudflare
etag: 0x8DCBC7B4E1002D5
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 25a83881-901e-00a3-4e64-ee5feb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8b35aaf84b4dbbe3-FRA
expires: Fri, 16 Aug 2024 02:13:52 GMT

GET
H2 200 otTCF.js Show response
cdn.cookielaw.org/scripttemplates/202404.1.0/ 60 KB
17 KB 15ms
15ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202404.1.0/otTCF.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e40e7b46b99c06e47841ff53e4417b6c887631d383aac28114e4ab83ccddc6f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 15 Aug 2024 02:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 2mF/Y3j/YZYG0un7qB35lA==
age: 64705
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 17104
x-ms-lease-status: unlocked
last-modified: Tue, 16 Jul 2024 21:54:12 GMT
server: cloudflare
etag: 0x8DCA5E1D4276D0F
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e1a7684f-701e-0021-1a4f-d8febb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8b35aaf849f892a7-FRA

GET
H2 200 3834 Show response
fundingchoicesmessages.google.com/i/ 203 KB
67 KB 253ms
38ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/3834?ers=3

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca68cb6dc7c61430409c94995fb3ccd31ed22e67602e8b3f4dea6ab0e7cb0914

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nEYg9jC1K2jn0hIvo0vG1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:52 GMT
content-security-policy: script-src 'report-sample' 'nonce-nEYg9jC1K2jn0hIvo0vG1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw0ZBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViJP-nWctAmJ3rYus_kC8JOIi66HEi6yGCpdYHYF4ev0l1vlAfH_dJdbnQLz34yXWo0DsyHGZ1ROIhXg4Hpz4upVN4Me99dMYlTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMLAyN9QyM4gsMAGE6RW8"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Nate-Nelson_(1).jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt00df7fa701809c8c/64f15c901c6887515143a4d1/ 34 KB
34 KB 8ms
7ms Image
image/webp 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt00df7fa701809c8c/64f15c901c6887515143a4d1/Nate-Nelson_(1).jpg?width=400&auto=webp&quality=80&disable=upscale

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/build/_shared/chunk-2MCAGYUB.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

2deefa30437796b66867cb9f98f24cb81a0c86c217efc3fe1878e99d05aa7fa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:52 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img06-europe-west2
x-cache: HIT, HIT
fastly-io-info: ifsz=234689 idim=881x923 ifmt=jpeg ofsz=34424 odim=400x419 ofmt=webp
filename1: custom
content-disposition: inline; filename=Nate-Nelson_(1).webp
fastly-stats: io=1
content-length: 34424
x-request-id: 75ca84e6df6b95c79966d873c0fd36d3
x-served-by: cache-ams12769-AMS, cache-fra-eddf8230029-FRA
x-runtime: 109ms
server: contentstack
x-timer: S1723688032.116483,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "pIRvw9z7DNHi5RzuiQAsbHWcaGZRQn0S0LNPfjz9vso"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 Logo_-_Dark_Reading.svg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt6aed714e279eeb34/6542104467527c040a9b2014/ 3 KB
2 KB 9ms
8ms Image
image/svg+xml 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt6aed714e279eeb34/6542104467527c040a9b2014/Logo_-_Dark_Reading.svg?width=700&auto=webp&quality=80&disable=upscale

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/build/_shared/chunk-2MCAGYUB.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

c3c2e2538dd857e04bb340d6230c8eeedca607d219bceba19897333cbd74b4f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:52 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
strict-transport-security: max-age=31557600
content-encoding: gzip
fastly-io-served-by: vpop-etou8240194
age: 1911020
x-cache: HIT, HIT
filename1: custom
content-disposition: inline; filename=Logo_-_Dark_Reading.svg+xml
fastly-stats: io=1
content-length: 1435
x-request-id: d4b782134806b6f21022357b26458d23
x-served-by: cache-ams2100132-AMS, cache-fra-eddf8230029-FRA
x-runtime: 60ms
server: contentstack
x-timer: S1723688032.125031,VS0,VE0
x-contentstack-organization: blt5948195ac13977b0
vary: Accept
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 5868, 3

GET
H2 200 InformaTechBTYB_240x60.webp
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte88e1a0b459f2cef/6500460020e2ed10ea731cb1/ 3 KB
3 KB 8ms
8ms Image
image/webp 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte88e1a0b459f2cef/6500460020e2ed10ea731cb1/InformaTechBTYB_240x60.webp?width=700&auto=webp&quality=80&disable=upscale

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/build/_shared/chunk-2MCAGYUB.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

1e4cf50411cbc9b156d5c372320c2c8b01a8d441958e4b271ad78215529218bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:52 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img05-europe-west2
age: 5001537
x-cache: HIT, HIT
fastly-io-info: ifsz=3188 idim=240x60 ifmt=webp ofsz=3188 odim=240x60 ofmt=webp
filename1: custom
content-disposition: inline; filename=InformaTechBTYB_240x60.webp
fastly-stats: io=1
content-length: 3188
fastly-io-warning: Failed to shrink image
x-served-by: cache-ams21031-AMS, cache-fra-eddf8230029-FRA
x-runtime: 78ms
x-request-id: bb84219c604678c80960df3cea80f705
server: contentstack
x-timer: S1723688032.125146,VS0,VE0
x-contentstack-organization: blt5948195ac13977b0
etag: "pkD6a0Rma21em3P5Mv4CkA4qBMXy9RPt+bBYq5Z3qQo"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 192, 3

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 395 KB
116 KB 203ms
36ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5523ZCM

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7fe714765d446282ca46dbd1f605e6c28d0b8d7527d21668c634d3e5e7b78c10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118702
x-xss-protection: 0
last-modified: Thu, 15 Aug 2024 00:59:12 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Aug 2024 02:13:52 GMT

GET
H2 200 ns.html
www.googletagmanager.com/ Frame 6D21 0
0 52ms
21ms Document
text/html 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-5523ZCM

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-length: 92
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 15 Aug 2024 02:13:52 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-xss-protection: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 235 KB
80 KB 192ms
27ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WB8Q7XR

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

da3768b8c870ab2e2cad0a7a4ffc018f5b1c97be102ee04f141b69dc3a23c5e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81577
x-xss-protection: 0
last-modified: Thu, 15 Aug 2024 00:59:12 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Aug 2024 02:13:52 GMT

GET
H2 200 ns.html
www.googletagmanager.com/ Frame EE55 0
0 49ms
20ms Document
text/html 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-WB8Q7XR

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-length: 92
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 15 Aug 2024 02:13:52 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-xss-protection: 0

HEAD
H2

200

/
marketingplatform.google.com/about/enterprise/
Redirect Chain

https://www3.doubleclick.net/
https://marketingplatform.google.com/about/enterprise/

0
0

112ms
15ms

Fetch
text/html

2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marketingplatform.google.com/about/enterprise/
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Protocol: H2
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Redirect headers

date: Thu, 15 Aug 2024 02:10:34 GMT
x-content-type-options: nosniff
server: sffe
age: 198
content-type: text/html; charset=UTF-8
location: https://marketingplatform.google.com/about/enterprise/
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0
expires: Thu, 15 Aug 2024 02:40:34 GMT

GET
H2 200 iris-recommend.js Show response
static.iris.informa.com/widgets/v3/ 1 MB
1 MB 296ms
132ms Script
application/javascript 18.245.86.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/v3/iris-recommend.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-39.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e56bb0d75fa46f23163c334f4ec6675e9a9ad2784ea5ead53d7ceb05eb4b366b

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:53 GMT
x-amz-version-id: BLu_4EL7s2BnJnIDD_tjWsvN9a4lpwKO
via: 1.1 cba0902b20d884568adf673bab9438e6.cloudfront.net (CloudFront)
last-modified: Mon, 15 Jul 2024 12:06:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
etag: "5553b13bebc131b16ba395c1ea5fe299"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 1518697
x-amz-cf-id: g-dRJiIxptj-wo7YfGpPusfZU3MkzxQHPoUIzQIrTHbIHxF9MStV-w==

GET
H2 200 otFloatingRoundedIcon.json Show response
cdn.cookielaw.org/scripttemplates/202404.1.0/assets/ 16 KB
4 KB 18ms
18ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202404.1.0/assets/otFloatingRoundedIcon.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31556181b378d1e27d769a0c4bd113d5957786a8381b08a214b4d949fef5face

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 15 Aug 2024 02:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: WZ+o9E7yd9fHl8KJxq40hg==
age: 14269
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3828
x-ms-lease-status: unlocked
last-modified: Tue, 16 Jul 2024 21:54:08 GMT
server: cloudflare
etag: 0x8DCA5E1D177D547
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 152b3b9d-601e-00db-5c39-d8375c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8b35aaf97c84bbe3-FRA

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/202404.1.0/assets/v2/ 64 KB
13 KB 19ms
19ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202404.1.0/assets/v2/otPcPanel.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14a1fa4b518b9bcff7664518a2f8cd4d91205d82d58c87a9bf5553da729e3ea2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 15 Aug 2024 02:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 9fUyEwIYwWMBHnNwB9fqDA==
age: 20769
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12886
x-ms-lease-status: unlocked
last-modified: Tue, 16 Jul 2024 21:54:09 GMT
server: cloudflare
etag: 0x8DCA5E1D24E5859
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: c1697ae3-201e-0093-125b-d805c1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8b35aaf97c85bbe3-FRA

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/202404.1.0/assets/ 5 KB
2 KB 20ms
20ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202404.1.0/assets/otCookieSettingsButton.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fb7c176325267082e94a7131fed5e157516e6805cee3ac6f6a93340a947d640

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 15 Aug 2024 02:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: OcfgokklGfIji4FmboZWQQ==
age: 68206
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1738
x-ms-lease-status: unlocked
last-modified: Tue, 16 Jul 2024 21:54:08 GMT
server: cloudflare
etag: 0x8DCA5E1D1F3583D
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: e1f8914a-701e-0003-7064-d8908d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8b35aaf97c86bbe3-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202404.1.0/assets/ 24 KB
4 KB 17ms
17ms Fetch
text/css 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202404.1.0/assets/otCommonStyles.css

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06c0edbfc1b871fb45195265f5faad3e23191305f6ff2125557a9fbc287c8992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 15 Aug 2024 02:13:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: 4ErYmXXFNbMLrnc9DrDTsg==
age: 78415
x-ms-lease-status: unlocked
last-modified: Tue, 16 Jul 2024 21:54:20 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 2bb59586-a01e-0023-0ae7-d7fc41000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8b35aaf97c87bbe3-FRA

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
600 B 17ms
17ms Image
image/svg+xml 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 15 Aug 2024 02:13:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 38288
x-ms-lease-status: unlocked
last-modified: Wed, 14 Aug 2024 02:31:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: f32a1058-a01e-00e4-524e-ee8080000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8b35aaf9fa6792a7-FRA

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
538 B 25ms
25ms Fetch
image/svg+xml 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 15 Aug 2024 02:13:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 78415
x-ms-lease-status: unlocked
last-modified: Tue, 13 Aug 2024 06:29:35 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: a0626ba2-901e-00ec-3c58-ed9bf3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8b35aafa0cccbbe3-FRA

GET
H2 200 Informa_Logo_1Line_Indigo_Grad_RGB_(1)_(1).jpg
cdn.cookielaw.org/logos/c1f53e84-9f05-4169-a854-85052b63c50b/018f7bc0-c9dd-7851-8e77-1ea8e9b227c2/745ebb74-0544-4303-bf19-067b7dd76fb8/ 896 B
1 KB 22ms
21ms Image
image/jpeg 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/c1f53e84-9f05-4169-a854-85052b63c50b/018f7bc0-c9dd-7851-8e77-1ea8e9b227c2/745ebb74-0544-4303-bf19-067b7dd76fb8/Informa_Logo_1Line_Indigo_Grad_RGB_(1)_(1).jpg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3969804522a0b32cd9dbe609047076c5a239cf16e0c0ebe4b8c71c812c53b9f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 15 Aug 2024 02:13:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Hi//myLOtJxrHC7ESjrzhQ==
age: 35303
content-length: 896
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Wed, 15 May 2024 10:16:23 GMT
server: cloudflare
etag: 0x8DC74C8129A47B4
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 599fa8d8-b01e-003b-3cd7-a60337000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8b35aafa2a7d92a7-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 21ms
21ms Image
image/svg+xml 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 15 Aug 2024 02:13:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 6865
x-ms-lease-status: unlocked
last-modified: Wed, 14 Aug 2024 17:05:12 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 705f206a-801e-007b-5b7d-eef83a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8b35aafa2a8092a7-FRA

GET
H2 200 AGSKWxX-FF6TKgA72-2hqKsvUl847oTs6Eq6xooZE-VRXMdsmOSxuKH6RUGpMrXSh_teL06L1iFnST7fWEQJKBeQeXjXiJDDHTccPCKPBiIe-8cBz8LJSbOP8pV1NSAxGM4tTqW9ozEqBQ== Show response
fundingchoicesmessages.google.com/f/ 420 KB
63 KB 81ms
80ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX-FF6TKgA72-2hqKsvUl847oTs6Eq6xooZE-VRXMdsmOSxuKH6RUGpMrXSh_teL06L1iFnST7fWEQJKBeQeXjXiJDDHTccPCKPBiIe-8cBz8LJSbOP8pV1NSAxGM4tTqW9ozEqBQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIzNjg4MDMyLDM5NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuZGFya3JlYWRpbmcuY29tL3RocmVhdC1pbnRlbGxpZ2VuY2UvcmFuc29td2FyZS1ncm91cC1iZWhpbmQtbWFqb3ItaW5kb25lc2lhbi1hdHRhY2std2VhcnMtbWFueS1tYXNrcyIsbnVsbCxbWzgsIllXcDc3UWd2LVJnIl0sWzksImRlIl0sWzIyLCJ0cnVlIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

30eb904acd4fac261a1e663a19387b5b16ce81e674e935a0739d4898e944b2d4

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-VyI90ciz1NV20cpYsXPsrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:52 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-VyI90ciz1NV20cpYsXPsrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw0pBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViJP-nWctAmJ3rYus_kC8JOIi66HEi6yGCpdYHYF4ev0l1vlAfH_dJdbnQLz34yXWo0DsyHGZ1ROIhXg4Hpz4upVNYMPnt1cZlTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMLAyN9QyM4gsMAGw6Rbc"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nr-spa-1.264.0.min.js Show response
js-agent.newrelic.com/ 110 KB
32 KB 145ms
7ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1.264.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3e1292bc5ba29cb4eedbe81561ac86bd0dce1129a3262dd7033669c42b64ef20

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: FkefU_LeT3SwMP9VPGnqJDvHw33LVo9Q
content-encoding: br
via: 1.1 varnish
date: Thu, 15 Aug 2024 02:13:53 GMT
strict-transport-security: max-age=300
x-amz-request-id: VFMZTSY1DZ0GPFGJ
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 32013
x-amz-id-2: RlJMqb4EnUDGW3ENeeojuSPM6YN3bLC0TGVBFtk27GVS97N7M5BCTj5ZMQBK/2g5dcTBG8UyneA=
x-served-by: cache-fra-eddf8230116-FRA
last-modified: Tue, 06 Aug 2024 22:33:26 GMT
server: AmazonS3
etag: "d445c6ab99f8d2940df12996faeaccc0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 24594

POST
H2 204 rum Show response
www.darkreading.com/cdn-cgi/ 0
185 B 17ms
16ms XHR
text/plain 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/cdn-cgi/rum?

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
tracestate: 3288925@nr=0-1-3936348-538600199-6746fba10f2e66b6----1723688032953
traceparent: 00-938aefd79ef208ac0bbdf810d8345678-6746fba10f2e66b6-01
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM5MzYzNDgiLCJhcCI6IjUzODYwMDE5OSIsImlkIjoiNjc0NmZiYTEwZjJlNjZiNiIsInRyIjoiOTM4YWVmZDc5ZWYyMDhhYzBiYmRmODEwZDgzNDU2NzgiLCJ0aSI6MTcyMzY4ODAzMjk1MywidGsiOiIzMjg4OTI1In19
content-type: application/json

Response headers

date: Thu, 15 Aug 2024 02:13:52 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.darkreading.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8b35aafdffa191db-FRA

POST
H2 200 / Show response
cognito-identity.eu-west-1.amazonaws.com/ 2 KB
2 KB 55ms
55ms XHR
application/x-amz-json-1.1 2a05:d018:94a:8a00:50f4:1a8d:acea:bd29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.eu-west-1.amazonaws.com/

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:94a:8a00:50f4:1a8d:acea:bd29 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

29929c3ebc27f7ee874575f63e2a9179252ddc9bddb7cb22fceed8c8f975b22c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.darkreading.com/
X-Amz-Target: AWSCognitoIdentityService.GetCredentialsForIdentity
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-amz-json-1.1

Response headers

access-control-allow-origin: *
date: Thu, 15 Aug 2024 02:13:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid: 2dc2ea9f-5f6e-425d-ac23-16556143a6bb
content-length: 1804
content-type: application/x-amz-json-1.1

OPTIONS
H2 200 /
cognito-identity.eu-west-1.amazonaws.com/ Frame 0
0 121ms
28ms Preflight 2a05:d018:94a:8a00:50f4:1a8d:acea:bd29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.eu-west-1.amazonaws.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:94a:8a00:50f4:1a8d:acea:bd29 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-amz-target
Access-Control-Request-Method: POST
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-amz-target
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age: 172800
content-length: 0
date: Thu, 15 Aug 2024 02:13:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amzn-requestid: 8af1d54b-6fea-4e30-822b-3fc20537919d

GET
H2 200 darkreading-DSJITCUD.ico
www.darkreading.com/build/_assets/ 7 KB
3 KB 23ms
22ms Other
image/x-icon 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_assets/darkreading-DSJITCUD.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4af04cf7a5f045d2a21abb3f93d90f175680f07b9ccecb1d5559864b9716cca

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:53 GMT
strict-transport-security: max-age=3153600000
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 08 Aug 2024 14:53:57 GMT
server: cloudflare
age: 542624
etag: W/"1cee-191327b7388"
vary: Accept-Encoding
content-type: image/x-icon
cache-control: public, max-age=31536000, immutable
cf-ray: 8b35aafe980791db-FRA

POST
H/1.1 200
OK NRJS-26ae6a3b09493bbcc87 Show response
bam.eu01.nr-data.net/1/ 150 B
748 B 103ms
55ms XHR
text/plain 185.221.85.3
NEW-2

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/1/NRJS-26ae6a3b09493bbcc87?a=538600199&sa=1&v=1.264.0&t=Unnamed%20Transaction&rst=1606&ck=0&s=1449598f2605fd10&ref=https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks&ptid=264549ca0a710cc8&af=err,spa,xhr,stn,ins&be=50&fe=1401&dc=354&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1723688031464,%22n%22:0,%22f%22:0,%22dn%22:8,%22dne%22:8,%22c%22:8,%22s%22:14,%22ce%22:25,%22rq%22:25,%22rp%22:50,%22rpe%22:58,%22di%22:402,%22ds%22:404,%22de%22:404,%22dc%22:1446,%22l%22:1446,%22le%22:1451%7D,%22navigation%22:%7B%7D%7D&fp=341&fcp=341
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.221.85.3 , Ireland, ASN206998 (NEW-2, IE),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a5d7866972caabd60df827fd964e18f939ce0cfd0b96b449f5fa9170441f89c

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Thu, 15 Aug 2024 02:13:53 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 3
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.darkreading.com
access-control-expose-headers: Date
access-control-allow-credentials: true
CF-Ray: 8b35aafef862996f-FRA
timing-allow-origin: https://www.darkreading.com

OPTIONS
H2 200 darkreading
api.iiris.com/v3/recommend/public/content/similar-items/it/cybersecurity/ Frame 0
0 132ms
101ms Preflight
application/json 172.64.150.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.iiris.com/v3/recommend/public/content/similar-items/it/cybersecurity/darkreading?item=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fransomware-group-behind-major-indonesian-attack-wears-many-masks&limit=4&mode=db&item_age=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.107 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amz-date,x-amz-security-token
Access-Control-Request-Method: GET
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,X-Api-Key,application_id,iris_profile_id,sponsor_id
access-control-allow-methods: DELETE,GET,POST,PUT,OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8b35aaff5c6f4d94-FRA
content-length: 0
content-type: application/json
date: Thu, 15 Aug 2024 02:13:53 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-apigw-id: chyfPFq5DoEFXew=
x-amzn-requestid: b886385b-27a8-4f2d-9893-3d7512a4a9c1
x-content-type-options: nosniff

GET
H2 200 darkreading Show response
api.iiris.com/v3/recommend/public/content/similar-items/it/cybersecurity/ 4 KB
2 KB 188ms
188ms XHR
application/json 172.64.150.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.107 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

042227beff95cc10c30a562f5ba83b24f7dcacf7267c44a18aba3583acd46d22

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; block-all-mixed-content; font-src 'self' https: data:; frame-ancestors 'self'; img-src 'self' data:; object-src 'none'; script-src 'self'; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; require-trusted-types-for 'script'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, DENY
X-Xss-Protection	1; mode=block, 0

Request headers

Accept: application/json, text/plain, */*
X-Amz-Security-Token: IQoJb3JpZ2luX2VjENP//////////wEaCWV1LXdlc3QtMSJGMEQCIA6sXFTRmFHAxAs8Wonkttv0rB4+NgoARc06yK70PCG/AiAzVMd4in8cgI3mUtSrGVY0D/s/MPi7bkZy3+dgl0oD0yrSBQjL//////////8BEAMaDDA1NjA0MzE3MDg5OSIMCxHOCxDx0wOrXSgbKqYF6GONsc14EQcB+nDYE7ojlc3AubwJHlPh3EpzFP4Kp/SrZeCRX+YyyeUVB4s4bGASOSAicQ9tiUixEz9RIMXJTQvkFhq5E2bqwfUqRG1UejO1olNaPZqWt48XWC5vtrKFO7tQ2V/E3pRu0/jlNHl51f0ZHNOfaMGeIiCSUCEwBI0z8SMg7oA2B/NRciMI9veX3NHnV+R6InGsM8ETPImTrCRFIsWLefjNrejp9txnRB0V2P2+3RWnLsKjuVyfIfH4GFTAJNFAdig1qqs4H8EMMp/sArz7nlPNptAXHp6LJKIuSnzsZIhgq/24nTYKjhwMr8hWkoGAYPDiAkl/j0aA/PGkGvTJZ6hv+iS6DBxPEkj+1tASMyYCfrCj+R283vXKK8BhBEQa3DyVwPnXdm5al1xj3X3yPtUkW5DPYdnuluBIYmGPsjZE1HsIVCpkLTmKNG0l/XadHOSDaRAh9d5bNLQdWqAdDsjIqig/yamWKi2bItE/BEjpvYyf4tvIAdu/xTSVMI5x3Eir5VIzh0NjD8sVJcRDLkPHPy9/zQY07gHhGS5sg9mn3QYOCTDWFxkTVekly1WP2EXJodhWaiMDmUX4wQYs79/53UUPseTrLxQn+Xg8A2aoyQOR1HoMQ6dWxKynw8oE08klhSG9/3USZj3IXCGshTXXatc0kmE9XfQS61X4vlBXCfXtYOLAEZQmvdPh9jzevAIAbY99IeVjk3tP2jy4RjG7urQSHV/CEfLjTxq96133gY/1h7AbbEP/Uxl0nZ2JXmCKmlAaqUJj2ScYFu+yjeTbWoY4jF3DMOI3IppHhNcu+ggzyM5wKmzqvZnPWkil6pcNFntAyw7HYv035I0poBtpRq2/Wx6iRzN1zQ9uCfLwAMLvLBQptsPPy0BXGkNmMOHI9bUGOt4C3bC6QXIGjUabR1GZsxMg1viXJfgBwMtZbIgTfhivB2faYjSZgw0nP5xwsAoZ92BfwHU2BCVFr2DtnBSYSd2DtmZqvd6ysvVhB8+0uNVbeYzaWdhq61lLtOvDsRdzBwXK4CZON3rjJSOBLts0G7xX01oU/PC28ZlMgUjKlp79bPTZqgoC3QzOnWQr9TUkWWpBn/yF0q/Au1iPAl87fsO2ethasvASD2ZbDtV8OhkRs1C3SSjQMu/rOvA6X6P5TLcmh5iNeZ35l2b5VE50/wKJcezVVJwtQTUTc3RxPHmmyj9L2wKlZiskoTDp15p721E0cne54IqO6ovBRfjnHy96M+hsSXGdMPZAINgqvrs47+piCDQE3CAdiwUtvr+0qNOMBHWUAZP03R0+9FKEeELBCvUGwVeBQMpsV72gehLW8DkEJsIjuZ5EVbvxoM7Ff/MqQoJVID5i9HO0TO2hoc4=
Referer: https://www.darkreading.com/
x-amz-date: 20240815T021353Z
Authorization: AWS4-HMAC-SHA256 Credential=ASIAQ2DDO5RJUNGMZ2RH/20240815/eu-west-1/execute-api/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token, Signature=e1cf4be5ba6b08b21a5a64d97b548a79db8a6f053041a0a35a027a03ed2eeb31
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
x-amzn-remapped-content-length: 3957
x-amzn-remapped-server: uvicorn
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self'; base-uri 'self'; block-all-mixed-content; font-src 'self' https: data:; frame-ancestors 'self'; img-src 'self' data:; object-src 'none'; script-src 'self'; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; require-trusted-types-for 'script'
content-encoding: gzip
cross-origin-embedder-policy: unsafe-none
x-amzn-requestid: 998393dd-389f-46a0-a889-e2e830d443fd
x-amzn-remapped-connection: keep-alive
x-dns-prefetch-control: off
cf-cache-status: DYNAMIC
x-amz-apigw-id: chyfQEFWjoEF60A=
x-xss-protection: 1; mode=block, 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
x-frame-options: DENY, DENY
content-type: application/json
access-control-allow-origin: *
origin-agent-cluster: ?1
cache-control: no-cache, no-store, must-revalidate,
cf-ray: 8b35aafffcbc4d94-FRA
x-amzn-remapped-date: Thu, 15 Aug 2024 02:13:53 GMT
expires: 0

POST
H/1.1 200
OK blobs Show response
bam.eu01.nr-data.net/browser/ 24 B
407 B 39ms
38ms XHR
image/gif 185.221.85.3
NEW-2

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/browser/blobs?browser_monitoring_key=NRJS-26ae6a3b09493bbcc87&type=BrowserSessionChunk&app_id=538600199&protocol_version=0&timestamp=1723688031340&attributes=entityGuid%3DMzkzNjM0OHxCUk9XU0VSfEFQUExJQ0FUSU9OfDUzODYwMDE5OQ%26harvestId%3D1449598f2605fd10_264549ca0a710cc8_1%26trace.firstTimestamp%3D1723688031340%26trace.lastTimestamp%3D1723688032791%26trace.nodes%3D26%26trace.originTimestamp%3D1723688031340%26agentVersion%3D1.264.0%26firstSessionHarvest%3Dtrue%26ptid%3D264549ca0a710cc8%26session%3D1449598f2605fd10
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.221.85.3 , Ireland, ASN206998 (NEW-2, IE),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Thu, 15 Aug 2024 02:13:53 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.darkreading.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 8b35aaff5893996f-FRA
Content-Length: 24

POST
H/1.1 200
OK NRJS-26ae6a3b09493bbcc87 Show response
bam.eu01.nr-data.net/events/1/ 24 B
407 B 61ms
44ms XHR
image/gif 185.221.85.3
NEW-2

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/events/1/NRJS-26ae6a3b09493bbcc87?a=538600199&sa=1&v=1.264.0&t=Unnamed%20Transaction&rst=1724&ck=0&s=1449598f2605fd10&ref=https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks&ptid=264549ca0a710cc8
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.221.85.3 , Ireland, ASN206998 (NEW-2, IE),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Thu, 15 Aug 2024 02:13:53 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.darkreading.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 8b35aaff882d2c22-FRA
Content-Length: 24

POST
H3 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
64 B 75ms
28ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G10-&gcd=13m3l3m2m5&tag_exp=0&rnd=1000327353.1723688035&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fransomware-group-behind-major-indonesian-attack-wears-many-masks&dma_cps=-&dma=1&npa=1&tcfd=10s5b&gdpr_consent=CQDZLIAQDZLIAAcABBENBBFgAAAAAEPgAChQAAAUvAJMNCogDLIkJCDQMIIEAKgrCAigQAAAAkDRAQAmDAp2BgEusJEAIAUAAwQAgABRkACAAASABCIAIACgQAAQCBQABgAQDAQAMDAAGACwEAgABAdAhTAggUCwASMyIhTAhCASCAlsqEEgCBBXCEIs8CCAREwUAAAJABWAAICwWBxJICViQQJcQbQAAEACAQQAVCKTswBBAGbLVXiybRlaQFo-YLntMAwAAAAA.YAAACHwAAAAA&gdpr=1&gtm=45He48c0n815523ZCMv891172384za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5523ZCM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Aug 2024 02:13:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 283 KB
97 KB 74ms
29ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a206798b4ba11b88a73649996bbeaf279660f4239d932015649335ff503dfe38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 99122
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 15 Aug 2024 02:13:55 GMT

GET
H2 200 iris-t.js Show response
static.iris.informa.com/widgets/v3.0/ 79 KB
79 KB 167ms
133ms Script
application/javascript 18.245.86.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/v3.0/iris-t.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-39.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 35bbaf39a449ccd5f8187d9ad0c345b234b9e0c011ac23ae181cd1e7d308bdc4

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:56 GMT
x-amz-version-id: dlaJotV_Gz4O7cqm42eVJp8uZLGpWllN
via: 1.1 cba0902b20d884568adf673bab9438e6.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jul 2024 11:59:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
etag: "fbc10e2b062735815acd18ff52ac647a"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 80499
x-amz-cf-id: B-DxpyxHozSv7mmfn-rvzYXwFNh5fblx-4X2flbunGztbxBLvYORpA==

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 38 KB
15 KB 136ms
6ms Script
application/x-javascript 2600:9000:2165:9a00:18:1fcd:354:4b41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2165:9a00:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 16:20:58 GMT
content-encoding: gzip
via: 1.1 0ef755569b0bb31a32a90b7cdddb6f18.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jun 2024 00:13:00 GMT
server: nginx
x-amz-cf-pop: MUC50-P6
age: 35577
etag: W/"665fad8c-9895"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: whdVIG0mC9O9kO214uTi7r71bq80N6ox-gOfLPpTfOq9vPPzXIyIYA==
expires: Thu, 15 Aug 2024 16:20:58 GMT

GET
H2 200 / Show response
6600d6d98e534115970f9529a45f3195.js.ubembed.com/ 435 B
696 B 147ms
17ms Script
application/javascript 104.18.11.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6600d6d98e534115970f9529a45f3195.js.ubembed.com/
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecca54a43e22e29ef1b5389bf2dc67b2be29e66009586602d18dbfb0ab68ba72

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:55 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 6453
etag: W/"3e81b1edd530a893a32d1bf900f942f05ebb9991"
vary: Accept-Encoding, Referer
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
cf-ray: 8b35ab0c9a73377c-FRA

GET
H2 200 hotjar-2610568.js Show response
static.hotjar.com/c/ 16 KB
6 KB 127ms
6ms Script
application/javascript 18.66.192.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2610568.js?sv=6

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-32.muc50.r.cloudfront.net

Software

Resource Hash

c80c92a238e3a6c6bd06ca351677ebef188413f924e942abd224c3d21bafb790

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:42 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 13
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/a49fb65b94b3c360b9d38472f21c9587
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: nDBsgzTXdpclqBaC99UdDRp4BaK2MywsKRE0GZkqZOh0uu18BYtgHg==

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.183.0/ 183 KB
49 KB 89ms
11ms Script
application/javascript 108.138.36.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.183.0/bundle.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-71.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c39fa609f4a9b43e493115c723b102147f9025008bd24841e7732c5f253edd51

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 24 May 2024 17:52:38 GMT
content-encoding: gzip
via: 1.1 a79cccd642ddc0038c3b0c4a9e7fcd6c.cloudfront.net (CloudFront)
last-modified: Fri, 24 May 2024 17:48:37 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 7114878
etag: W/"ce1f9daa5bfa548f0417f378eb40974e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: qjoD9AHUiyld9JqsRzgvU92YYs1FbtY8sLjrj0JwR-9RstzF_n_i6A==

GET
H2 200 modules.8da33a8f469c3b5ffcec.js Show response
script.hotjar.com/ 223 KB
56 KB 66ms
18ms Script
application/javascript 54.230.228.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.228.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-228-47.muc50.r.cloudfront.net

Software

Resource Hash

76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 14:23:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 4b3ef7616dbf62f98d54524f0218face.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P5
age: 1338649
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56385
last-modified: Tue, 30 Jul 2024 14:22:40 GMT
etag: "0728625a147ca79276a1790b9cf3175d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: Nsl736hECYNXL3sejzeCv6kuqwBa1YeMx45SG9c-zcOvVVc-Y6FBlg==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 327ms
109ms Image
image/gif 44.197.36.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=darkreading.com&p=%2Fthreat-intelligence%2Fransomware-group-behind-major-indonesian-attack-wears-many-masks&u=BFnrT3C0q41-1Cu-Q&d=darkreading.com&g=53678&g0=Threat%20Intelligence&g1=Nate%20Nelson&g4=article&n=1&f=00001&c=0&x=0&m=0&y=5036&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fransomware-group-behind-major-indonesian-attack-wears-many-masks&b=1446&t=CFYA2bYWU9fZicst7ek-KDJjNNl&V=147&i=Ransomware%20Group%20Behind%20Major%20Indonesian%20Attack%20Wears%20Many%20Masks&tz=-120&sn=1&sv=BJVazZoyYEsCloInpBN1kSCeRo1g&sr=external&sd=1&im=067b2fff&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.197.36.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-197-36-28.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: 0
pragma: no-cache
date: Thu, 15 Aug 2024 02:13:55 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
content-type: image/gif

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 63ms
15ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1X1EHQ3PFR&gtm=45je48c0v873922772z8891172384za200zb891172384&_p=1723688032151&gcs=G10-&gcd=13m3lPm2m7&npa=1&dma_cps=-&dma=1&tcfd=10s5b&tag_exp=0&gdid=dYWJhMj&cid=987931014.1723688035&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_s=1&dr=&dl=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fransomware-group-behind-major-indonesian-attack-wears-many-masks&dt=Ransomware%20Group%20Behind%20Major%20Indonesian%20Attack%20Wears%20Many%20Masks&sid=1723688035&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_type=article&ep.content_format=News&ep.content_publish_date=Aug%2015%2C%202024&ep.content_sub_brand=value%20not%20set&ep.content_buyer_journey=value%20not%20set&ep.content_id=blt2366a334781becae&ep.content_title=Ransomware%20Group%20Behind%20Major%20Indonesian%20Attack%20Wears%20Many%20Masks&ep.content_legacy_path=value%20not%20set&ep.content_contributor=Nate%20Nelson&ep.content_keyword=value%20not%20set&ep.content_series=value%20not%20set&ep.content_sponsor=value%20not%20set&ep.content_main_topic=Threat%20Intelligence&ep.content_additional_topics=Cyberattacks%20%26%20Data%20Breaches%2C%D0%A1loud%20Security%2CCyber%20Risk&ep.gtm_container_detail=GTM-5523ZCM%7C117&ep.ad_unit_path_code=3834%2Fdarkreading.home%2Fprogram%2Fdr-global-articles&ep.content_program=DR%20Global%20Articles&ep.content_group=Threat%20Intelligence&ep.content_all_topics=cyber%20risk%7Ccyberattacks%20%26%20data%20breaches%7Cthreat%20intelligence%7C%D1%81loud%20security&tfd=3981
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Aug 2024 02:13:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ZGFya3JlYWRpbmcuY29t.json
static.iris.informa.com/widgets/config/cdl/ 0
0

GET
H2 200 sp.js Show response
static.iris.informa.com/widgets/v3.0/sp/v3.21.0/ 77 KB
78 KB 152ms
132ms Script
application/javascript 18.245.86.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/v3.0/sp/v3.21.0/sp.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-39.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 297f7c6e2e5141be50a472401472c07dbe025b762bcad89ffaf795fddbd04fd0

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 02:13:56 GMT
x-amz-version-id: 1ALvrmwUb4TZErpuiV2ML7ptP6fNjRJ_
via: 1.1 cba0902b20d884568adf673bab9438e6.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jun 2024 10:44:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
etag: "365e4a519f91d5dbf473dad2feba1288"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 79216
x-amz-cf-id: vqZOW69xWRugmhOkorWhg1iSqM9JdKgJ_B4g3PwcabyvHYSJ7hgOSg==

GET
H/1.1 200
OK td.min.js Show response
cdn.treasuredata.com/sdk/3.0/ 58 KB
20 KB 66ms
18ms Script
application/javascript 52.85.65.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.treasuredata.com/sdk/3.0/td.min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.65.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-65-120.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 262f87d47643975a4633b675fc224c7a178d99e579e5d767f4a43ca7cc0bb9de

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 08:40:28 GMT
Content-Encoding: gzip
Via: 1.1 799a7df2b90bf4910cc065d26b088a04.cloudfront.net (CloudFront)
Age: 18380008
X-Amz-Cf-Pop: MUC50-P6
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Last-Modified: Mon, 05 Jul 2021 08:58:13 GMT
Server: AmazonS3
Etag: W/"4b9abb36767431f05495228eb82edf01"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=315360000
X-Amz-Cf-Id: dg-lN367M7F_NBwlVobKcK5hYlCGBqZP67-slOJ_T9L0TOxg-ygpcw==

GET
H2 204 2610568 Show response
vc.hotjar.io/sessions/ 0
232 B 88ms
37ms XHR
text/plain 18.66.112.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2610568?s=0.25&r=0.07328550957275004
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-79.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 15 Aug 2024 02:13:55 GMT
cache-control: no-store
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: 6H-Ivodsbiwe9eAwYu-sCx1LkeIhEWXKRuFLZl1VfQBJl-ZP3nsBqQ==
x-cache: Miss from cloudfront

OPTIONS
H2 204 js_pageviews_itcyber_darkreading
eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/ Frame 0
0 73ms
20ms Preflight 18.157.233.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/js_pageviews_itcyber_darkreading?modified=1723688035555

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.157.233.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-157-233-212.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-td-fetch-api,x-td-write-key
Access-Control-Request-Method: POST
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, X-Requested-With, X-TD-Write-Key, X-TD-Fetch-Api, Content-Type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.darkreading.com
access-control-max-age: 7200
cache-control: no-store
date: Thu, 15 Aug 2024 02:13:55 GMT
strict-transport-security: max-age=31536000

POST
H2 200 js_pageviews_itcyber_darkreading Show response
eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/ 16 B
496 B 66ms
26ms Fetch
application/json 18.157.233.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/js_pageviews_itcyber_darkreading?modified=1723688035555

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.157.233.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-157-233-212.eu-central-1.compute.amazonaws.com

Software

Resource Hash

56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-TD-Write-Key: 100/bb9cbe21de3db7a5428506d7528e45b2c801a48c
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
X-TD-Fetch-Api: true
Content-Type: application/json

Response headers

date: Thu, 15 Aug 2024 02:13:55 GMT
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: https://www.darkreading.com
p3p: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Authorization, X-Requested-With, X-TD-Write-Key, X-TD-Fetch-Api, Content-Type
content-length: 16

POST
H2 200 ed0
c.darkreading.com/com.iiris/ 2 B
232 B 133ms
131ms Ping
text/plain 2606:4700::6810:ddab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.darkreading.com/com.iiris/ed0

Requested by

Host: static.iris.informa.com
URL: https://static.iris.informa.com/widgets/v3.0/sp/v3.21.0/sp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Aug 2024 02:13:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: https://www.darkreading.com
access-control-allow-credentials: true
cf-ray: 8b35ab101a7c91db-FRA
content-length: 2

OPTIONS
H2 200 ed0
c.darkreading.com/com.iiris/ Frame 0
0 162ms
124ms Preflight 2606:4700::6810:e0ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.darkreading.com/com.iiris/ed0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e0ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.darkreading.com
access-control-max-age: 600
cf-cache-status: DYNAMIC
cf-ray: 8b35ab0f4cfe975f-FRA
content-length: 0
date: Thu, 15 Aug 2024 02:13:55 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.iris.informa.com
URL: https://static.iris.informa.com/widgets/config/cdl/ZGFya3JlYWRpbmcuY29t.json

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.darkreading.com/	1970-01-20 22:48:09	Name: __cf_bm Value: JZuI9ZhOOqLYnsqe3iZ_sDUGmi.KrhqEBBhUir8iIPM-1723688031-1.0.1.1-anERBj8OtVIEujYI27pxpQGOcxEYtcV.n3UX74O5pBT7GJNixEtsMIe7EWtUq7AKmkQtXrtN7_c0nKOiVnkvpw
.darkreading.com/	1970-01-21 03:07:20	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Aug+15+2024+04%3A13%3A52+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202404.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=c420b236-cc37-4439-9e95-0de9d280e347&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fransomware-group-behind-major-indonesian-attack-wears-many-masks&groups=C0002%3A0%2CC0003%3A0%2CC0001%3A1%2CC0004%3A0%2CV2STACK42%3A0
.js.ubembed.com/	1970-01-20 22:48:09	Name: __cf_bm Value: 5xpkblQeK4oqrUrpZfj05yEkuFX3zQpeK67i_PEKqu0-1723688035-1.0.1.1-v3a.SRcy_g6nC_6iEL.Hljg89rlVGyK9cJN1f6SKxzTImSiC52FG0PkHXqc8jAwRqQqS92RTMKYeLky37Q9Kvw
.darkreading.com/	1970-01-21 08:16:56	Name: _cb Value: BFnrT3C0q41-1Cu-Q
.darkreading.com/	1970-01-21 08:16:56	Name: _chartbeat2 Value: .1723688035346.1723688035346.1.BJVazZoyYEsCloInpBN1kSCeRo1g.1
.darkreading.com/	1970-01-20 22:48:09	Name: _cb_svref Value: external
.darkreading.com/	1970-01-21 08:24:08	Name: _ga_1X1EHQ3PFR Value: GS1.1.1723688035.1.0.1723688035.0.0.0
.darkreading.com/	1970-01-21 08:24:08	Name: _ga Value: GA1.1.987931014.1723688035
.darkreading.com/	1970-01-21 07:33:44	Name: _hjSessionUser_2610568 Value: eyJpZCI6ImQ5Zjc2NTNjLTAwZWQtNWVhOC1iZmJmLWFlOTMyM2I4NzdkZiIsImNyZWF0ZWQiOjE3MjM2ODgwMzU1MjAsImV4aXN0aW5nIjpmYWxzZX0=
.darkreading.com/	1970-01-20 22:48:09	Name: _hjSession_2610568 Value: eyJpZCI6IjgxYjkwY2ZmLWJiZGYtNGJjZS1hYzFmLTVjY2JlY2EzZmQ2NiIsImMiOjE3MjM2ODgwMzU1MjEsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.darkreading.com/	1970-01-21 08:24:08	Name: __td_signed Value: true
.darkreading.com/	1970-01-21 08:24:08	Name: _td Value: 9c312461-fddc-418e-8bac-1d5d2e139b0f
.darkreading.com/	1970-01-20 22:48:09	Name: _sp_ses.94c4 Value: *
.darkreading.com/	1970-01-21 08:24:08	Name: _sp_id.94c4 Value: dc9e55d3-daec-42de-961b-bce9c6168db6.1723688036.1.1723688036..f1c89411-a02b-45e3-841d-b974c26b57a8..1cd5b4d5-8be4-4580-bbfe-d062b107b934.1723688035678.1
.in.treasuredata.com/	1970-01-21 08:24:08	Name: _td_global Value: d3a22458-c99c-4d93-9e90-f54a641cf448
.darkreading.com/	1970-01-21 07:33:44	Name: sp Value: cf5acf70-0c7b-417a-9c42-22b20bf6e921

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.darkreading.com/threat-intelligence/ransomware-group-behind-major-indonesian-attack-wears-many-masks Message: Access to fetch at 'https://static.iris.informa.com/widgets/config/cdl/ZGFya3JlYWRpbmcuY29t.json' from origin 'https://www.darkreading.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://static.iris.informa.com/widgets/config/cdl/ZGFya3JlYWRpbmcuY29t.json Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=3153600000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6600d6d98e534115970f9529a45f3195.js.ubembed.com
api.iiris.com
assets.ubembed.com
bam.eu01.nr-data.net
c.darkreading.com
cdn.cookielaw.org
cdn.treasuredata.com
cognito-identity.eu-west-1.amazonaws.com
connect.facebook.net
eu-images.contentstack.com
eu01.in.treasuredata.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
geolocation.onetrust.com
js-agent.newrelic.com
marketingplatform.google.com
pagead2.googlesyndication.com
ping.chartbeat.net
region1.google-analytics.com
script.hotjar.com
securepubads.g.doubleclick.net
static.chartbeat.com
static.cloudflareinsights.com
static.hotjar.com
static.iris.informa.com
vc.hotjar.io
www.darkreading.com
www.googletagmanager.com
www.instagram.com
www3.doubleclick.net
static.iris.informa.com
104.18.11.34
108.138.36.71
151.101.66.137
172.64.150.107
18.157.233.212
18.245.86.39
18.66.112.79
18.66.192.32
185.221.85.3
2001:4860:4802:34::36
2600:9000:2165:9a00:18:1fcd:354:4b41
2602:816:5001::39
2606:4700::6810:5049
2606:4700::6810:ddab
2606:4700::6810:e0ab
2606:4700::6812:1c7f
2606:4700::6812:562a
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200e
2a00:1450:4001:81d::2008
2a00:1450:4001:828::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::200e
2a00:1450:4001:830::200a
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f277:1e8:face:b00c:0:4420
2a05:d018:94a:8a00:50f4:1a8d:acea:bd29
44.197.36.28
52.85.65.120
54.230.228.47
00907159439e9ef97101ea78b51d2eb301b245edcd7ecaa75f8e59f76c587794
042227beff95cc10c30a562f5ba83b24f7dcacf7267c44a18aba3583acd46d22
05c58c759cab8d50d5e7f9d3b2faedcc0dd45fa3fb50899a224363a1dea93605
06c0edbfc1b871fb45195265f5faad3e23191305f6ff2125557a9fbc287c8992
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0f155ecc49cf3427c761b27ef11fcc6d210fb27a9355d70fd5a30e5f1893452a
14a1fa4b518b9bcff7664518a2f8cd4d91205d82d58c87a9bf5553da729e3ea2
1505aa0792421f831935f4761a95f31462a3dd097c8bd00ad8e9c765c8065517
17ffe3e6ca8f3e4478661ecb29be4fce47e58a0c836b3f0ab3e818b09d864329
1e4cf50411cbc9b156d5c372320c2c8b01a8d441958e4b271ad78215529218bf
20cbb68c751096ffcc7228c8264d233c80ef2a40a2a25acbcbeb53a3c7b0d524
220ced5aa59deb00845e2d683d56bab71b441d9958cc1df4840ee1543459b49b
23003e1fb39bd11477da8c1563005b542ead9daa0549e2412fa3241886d96eb2
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
262f87d47643975a4633b675fc224c7a178d99e579e5d767f4a43ca7cc0bb9de
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2849ea8969fb694df0fb783360609fa02d80b6065f3b35143464df2537324e11
297f7c6e2e5141be50a472401472c07dbe025b762bcad89ffaf795fddbd04fd0
29929c3ebc27f7ee874575f63e2a9179252ddc9bddb7cb22fceed8c8f975b22c
2b21643da63b2c4ecc10d42f29531dd1830ea86dc7fa876cf0e0d570b76bbb3c
2deefa30437796b66867cb9f98f24cb81a0c86c217efc3fe1878e99d05aa7fa3
2fc7dbae68d116fec327705f0bcde7fb6e6dbeea8a0ee2a64b4a561798742551
30ac95fbea6ac28a43d8b4a46f7a694d4f52bf97e7e910e548f29b8376393cf4
30eb904acd4fac261a1e663a19387b5b16ce81e674e935a0739d4898e944b2d4
31556181b378d1e27d769a0c4bd113d5957786a8381b08a214b4d949fef5face
35bbaf39a449ccd5f8187d9ad0c345b234b9e0c011ac23ae181cd1e7d308bdc4
3911d100f8fad60ac5b82a8662dc25834f26d89a97855cda4628f68b12eb2584
3969804522a0b32cd9dbe609047076c5a239cf16e0c0ebe4b8c71c812c53b9f0
3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9
3a207f6d1ceb4cc7466026f65bbdc7148247eaea973d2bd9a333c978646eb629
3a41b31d3fc11a54b030a945602bfb18ff6fb5e7dd4272bd93b1494419fc20d3
3e1292bc5ba29cb4eedbe81561ac86bd0dce1129a3262dd7033669c42b64ef20
3ec5ab5db25d1413fd2ff9aa8cf659f18eddd7db0a7d30427d35debe435ca3de
4914b807405c17918f0690e7ab75bfb6eba6053859cc7eb477f0482c255b8075
4b475b63a797144d91a4b2e34499ab7321bdf6d298d5f1177ec1fa3f5d3b4e0e
56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9
5749a427abb1ef8076c627249ec6157ec01017887b719e5f8caffb586cf6234b
58016ccef8b151b18ba8a751a7666689dcb78facc25a8710434d2e8629a83142
592356a6c52e99185da7862c1bc4929308efd3618e8f1c8e1dd665abf205ee62
5a5d7866972caabd60df827fd964e18f939ce0cfd0b96b449f5fa9170441f89c
5bef8c9e1cd6bba25a5e7115d3b7a61a6ce406eaae651a82963069b98f7d39f9
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fb7c176325267082e94a7131fed5e157516e6805cee3ac6f6a93340a947d640
60ab0861a6b9950a9af9a2097d2131f1b7d36c62481174d0dda660191c4976eb
62a683fb450f7fa9845bc05412211a15a4b09b406db0c7fcb6fe2fe18acff1ad
62cc01daef72c3ea76a258445368d2f4ab8d05a91f91c53fd12f7c42e3325942
62eee22f7f92913689361d7cad70e166c1f0fe52937c1269996cffaa712e60f7
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6a4527371a869e094a670ff7777cc515e8d04cca97d64d8e933ac80f9e99ea9a
6bb001c513726a866207818abff09314a53336ef7818e374a6589cc4b0577b96
6ef59df86d3826ee2048c7707b14be9a819ffe3ce87ca7e989511ac24e447812
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
79611d23ecaa67700bdea21cd1c64be8f870003ce33517e2a3b8be885823982d
7b75529201e97f7566ae404c0bd803c64ce29092a13c8e1893369ef3c32c6337
7c94639b13d3858733c2d83a4348ac9434ab74361ceb089ccfcbfb10774e4661
7e6bba94202d12311c71ae3bf0bd9150e3963e289e2cf27c1424c0e9e23656b0
7fe6411146e7aabcda85d71ec42eabe4fe5fb199f0e9ad759bfa78a42a853535
7fe714765d446282ca46dbd1f605e6c28d0b8d7527d21668c634d3e5e7b78c10
8337ca47cb236fe809acbdb3415447b502b070238e57e4de13ab0cafc24aaf03
8378c555c9d55bf6576ca6eef9216498e2f340bc3c86f1cb3c8d55a5784aaab9
857d443484485788878201929ecc19312eb0597600a3f72ac7ee524d81339b00
882c0ef9f4096af29e037f9ba9dcbc71a46605828ae12a77002c0fa5e00c309a
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
93b04b3312ba8f544f1590d50d4ce790bf1363e77d98d2bfb39e8babc6c5b922
9e4d00cfee02d472b0c80124f87c00a8cb8ea5610201ebbf922d894d2fea4db1
a206798b4ba11b88a73649996bbeaf279660f4239d932015649335ff503dfe38
a2aa218236f7f4a84cf7078e8b3015b981a39802358c465c520329dfe3a93c6f
a8b5050c00e65112ae30afa040177c7af59fafecf502c995f29073cc00d06666
ac9f137402e803caf00dbba3ca1af87ccb929845ed1f60ab1c8e9a6a1913ed7c
ace365700ba6e7b06be770bfb8af0c67126d768ef54e70108e05414e77c7afb1
ae59b218ab2a4bdc90c9da5d696d7c14eb10c26ddfe9882dc74f4e4e0deb7255
b7dd61f31dd9d4d1b9e2b24e139ddcaef62287a13664cdb50544ea421f1a1899
ba4e35ef406aaa468df2936fc0472ea6c984bb3df0c4e49d76e3d98e287eac00
bcb7401da9774a9b180ca4b13171ad071f52443587e03347ecc45d10848f203c
bf716a9d8788ba1733e3b09dd594c8cf7c921ad80823d418ab6e1a7d401f25e3
c38d0d44ba831f6b487dc8ff7418d952c30742e9ecd59adde5ba08ec33c9d8c0
c39fa609f4a9b43e493115c723b102147f9025008bd24841e7732c5f253edd51
c3c2e2538dd857e04bb340d6230c8eeedca607d219bceba19897333cbd74b4f3
c6c26da7fd9126f616d8070b4e3bf38d178c53ba0da1f4bf24afea9613feb235
c80c92a238e3a6c6bd06ca351677ebef188413f924e942abd224c3d21bafb790
c8a03522223cf64474a1f91e02c8069ea5560a23266b37b476d7602a621f0c38
c99753a9a0b95a19d14edb17048794e536ab0ac8782f0953e208b6a567dcb4d7
ca68cb6dc7c61430409c94995fb3ccd31ed22e67602e8b3f4dea6ab0e7cb0914
cb94cbeefd6b5cf414c8f1d32d00226f374a7a26a962e55ad179cc5871978a83
cbd7ba9c2af7dabc67644196dacd718139ba839fb3d1c232169c48929dac551a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d7a946a638d856e25819c71d3c1f1d94c017308d52ff38fc6490cdea324fc345
d8f35a67f2129d433d9a690160ea7f637686033f5055199a7788f1bb500fe0e6
da3768b8c870ab2e2cad0a7a4ffc018f5b1c97be102ee04f141b69dc3a23c5e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40e7b46b99c06e47841ff53e4417b6c887631d383aac28114e4ab83ccddc6f7
e4af04cf7a5f045d2a21abb3f93d90f175680f07b9ccecb1d5559864b9716cca
e56bb0d75fa46f23163c334f4ec6675e9a9ad2784ea5ead53d7ceb05eb4b366b
e803506996de1509f6a71c03e97ae94e78bc514f526533031b1d0e96f9962627
ea91d767853b2692daad5c119e7e84b44bd32af9b8e891013a5195ec87ffb218
eab917741c3d4e12a18565a289081249c60345a6928685b785db8877999fa181
eae0cd3b8a59b8e0a2a8494c2b6cad5abef8647b9e52064c11802a2f8eb959de
ecca54a43e22e29ef1b5389bf2dc67b2be29e66009586602d18dbfb0ab68ba72
ed870769c4fd967977ef0930a14927ac6035d0a9fcd9db0bcef385da69bea2eb
eec75e095590cdb68f03a5bae61904050fd1a4763c1c3be62e3b92c406a3c42f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f832c764b6f453323743c976586ce9443740a911b12eca61cfa34fbff05c1262
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
fb121c45f498cba0f88de6e2235d95cf3307bb9ed5376f6a793b8253a520592f
ff2ae6dc8eaf8e53d0a1bb261ef50519b34125cb0274928c44164d4599c3a352
ff5c6ccd23219200d1ba0f66c328e5c014b436bc783b6ce18873dd9d6ac216c6

www.darkreading.com Open in urlscan Pro 2606:4700::6810:ddab Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

131 Requests

98 %HTTPS

61 %IPv6

25 Domains

31 Subdomains

31 IPs

4 Countries

4115 kBTransfer

10277 kBSize

16 Cookies

37 Outgoing links

Redirected requests

131 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.darkreading.com Open in urlscan Pro
2606:4700::6810:ddab Public Scan

Screenshot
Live screenshot

Full Image

131
Requests

98 %
HTTPS

61 %
IPv6

25
Domains

31
Subdomains

31
IPs

4
Countries

4115 kB
Transfer

10277 kB
Size

16
Cookies

131 HTTP transactions
0 data transactions