URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Submission: On August 02 via api from TR — Scanned from US

Summary

This website contacted 46 IPs in 4 countries across 32 domains to perform 253 HTTP transactions. The main IP is 2606:4700::6810:ddab, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.darkreading.com. The Cisco Umbrella rank of the primary domain is 160544.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 9th 2024. Valid for: 10 months.
This is the only time www.darkreading.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
85 2606:4700::68... 13335 (CLOUDFLAR...)
13 151.101.66.137 54113 (FASTLY)
2 2607:f8b0:400... 15169 (GOOGLE)
13 2606:4700::68... 13335 (CLOUDFLAR...)
18 172.253.62.154 15169 (GOOGLE)
1 2a03:2880:f00... 32934 (FACEBOOK)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 157.240.229.1 32934 (FACEBOOK)
1 1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
4 3.162.125.49 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
1 172.253.62.157 15169 (GOOGLE)
8 2607:f8b0:400... 15169 (GOOGLE)
10 142.251.179.156 15169 (GOOGLE)
22 23.221.242.22 16625 (AKAMAI-AS)
1 52.86.20.97 14618 (AMAZON-AES)
16 108.138.64.36 16509 (AMAZON-02)
2 7 34.117.77.79 396982 (GOOGLE-CL...)
1 129.158.248.135 31898 (ORACLE-BM...)
7 142.251.111.101 15169 (GOOGLE)
2 2a05:d018:94a... 16509 (AMAZON-02)
1 2600:9000:24f... 16509 (AMAZON-02)
1 104.18.11.34 13335 (CLOUDFLAR...)
1 18.160.41.53 16509 (AMAZON-02)
1 13.249.39.4 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 99.84.191.77 16509 (AMAZON-02)
1 13.249.39.75 16509 (AMAZON-02)
2 104.18.37.149 13335 (CLOUDFLAR...)
3 52.55.58.100 14618 (AMAZON-AES)
2 2607:f8b0:400... 15169 (GOOGLE)
1 44.193.116.81 14618 (AMAZON-AES)
1 18.160.46.102 16509 (AMAZON-02)
2 18.194.248.254 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2602:816:5001... 54113 (FASTLY)
2 185.221.87.23 54113 (FASTLY)
1 172.253.115.99 15169 (GOOGLE)
1 54.167.127.96 14618 (AMAZON-AES)
1 2 52.4.115.144 14618 (AMAZON-AES)
2 2 35.244.154.8 15169 (GOOGLE)
2 2 15.197.193.217 16509 (AMAZON-02)
2 2 107.23.203.136 14618 (AMAZON-AES)
2 3 18.207.77.150 14618 (AMAZON-AES)
253 46
Apex Domain
Subdomains
Transfer
86 darkreading.com
www.darkreading.com — Cisco Umbrella Rank: 160544
c.darkreading.com
711 KB
23 moatads.com
z.moatads.com — Cisco Umbrella Rank: 1247
mb.moatads.com — Cisco Umbrella Rank: 1987
px.moatads.com — Cisco Umbrella Rank: 1015
119 KB
21 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280
www3.doubleclick.net — Cisco Umbrella Rank: 19709
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
236 KB
20 celtra.com
ads.celtra.com — Cisco Umbrella Rank: 5452
cache-ssl.celtra.com — Cisco Umbrella Rank: 6275
track.celtra.com — Cisco Umbrella Rank: 6090
164 KB
18 googlesyndication.com
2332d90f7fe5d7eb5e5211c1387dd142.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
tpc.googlesyndication.com — Cisco Umbrella Rank: 203
240 KB
13 google.com
marketingplatform.google.com — Cisco Umbrella Rank: 12212
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662
analytics.google.com — Cisco Umbrella Rank: 238
www.google.com — Cisco Umbrella Rank: 10
76 KB
13 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 554
294 KB
13 contentstack.com
eu-images.contentstack.com — Cisco Umbrella Rank: 55547
364 KB
8 ml314.com
ml314.com — Cisco Umbrella Rank: 3108
in.ml314.com — Cisco Umbrella Rank: 17091
15 KB
4 informa.com
static.iris.informa.com — Cisco Umbrella Rank: 162926
2 MB
4 gstatic.com
fonts.gstatic.com
66 KB
3 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1596
2 KB
3 treasuredata.com
cdn.treasuredata.com — Cisco Umbrella Rank: 19054
eu01.in.treasuredata.com — Cisco Umbrella Rank: 53304
20 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
294 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1261
863 B
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 505
1 KB
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 689
832 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 319
1 KB
2 nr-data.net
bam.eu01.nr-data.net — Cisco Umbrella Rank: 11782
1006 B
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 84
13 KB
2 iiris.com
api.iiris.com — Cisco Umbrella Rank: 385150
2 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1335
script.hotjar.com — Cisco Umbrella Rank: 2017
62 KB
2 ubembed.com
6600d6d98e534115970f9529a45f3195.js.ubembed.com — Cisco Umbrella Rank: 740539
assets.ubembed.com — Cisco Umbrella Rank: 26103
50 KB
2 amazonaws.com
cognito-identity.eu-west-1.amazonaws.com — Cisco Umbrella Rank: 6547
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
91 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 1453
32 KB
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 4716
232 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1859
201 B
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 2461
15 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 1019
309 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1223
7 KB
253 32
Domain Requested by
84 www.darkreading.com www.darkreading.com
19 px.moatads.com www.darkreading.com
19 securepubads.g.doubleclick.net www.darkreading.com
pagead2.googlesyndication.com
16 cache-ssl.celtra.com ads.celtra.com
www.darkreading.com
13 cdn.cookielaw.org www.darkreading.com
cdn.cookielaw.org
13 eu-images.contentstack.com www.darkreading.com
10 pagead2.googlesyndication.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
www.darkreading.com
10 fundingchoicesmessages.google.com www.darkreading.com
7 ml314.com 2 redirects z.moatads.com
ml314.com
7 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.darkreading.com
4 static.iris.informa.com www.darkreading.com
4 fonts.gstatic.com fonts.googleapis.com
3 ps.eyeota.net 2 redirects
3 track.celtra.com www.darkreading.com
3 z.moatads.com securepubads.g.doubleclick.net
3 www.googletagmanager.com www.darkreading.com
2 sync.crwdcntrl.net 2 redirects
2 match.adsrvr.org 2 redirects
2 idsync.rlcdn.com 2 redirects
2 dpm.demdex.net 1 redirects
2 bam.eu01.nr-data.net www.darkreading.com
2 c.darkreading.com static.iris.informa.com
2 eu01.in.treasuredata.com www.darkreading.com
2 www.youtube.com www.darkreading.com
www.youtube.com
2 api.iiris.com www.darkreading.com
2 cognito-identity.eu-west-1.amazonaws.com www.darkreading.com
2 connect.facebook.net www.darkreading.com
2 fonts.googleapis.com www.darkreading.com
1 in.ml314.com ml314.com
1 www.google.com www.darkreading.com
1 js-agent.newrelic.com www.darkreading.com
1 vc.hotjar.io www.darkreading.com
1 ping.chartbeat.net www.darkreading.com
1 cdn.treasuredata.com www.darkreading.com
1 script.hotjar.com www.darkreading.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.darkreading.com
1 assets.ubembed.com www.darkreading.com
1 static.hotjar.com www.darkreading.com
1 6600d6d98e534115970f9529a45f3195.js.ubembed.com www.darkreading.com
1 static.chartbeat.com www.darkreading.com
1 mb.moatads.com z.moatads.com
1 ads.celtra.com www.darkreading.com
1 2332d90f7fe5d7eb5e5211c1387dd142.safeframe.googlesyndication.com www.darkreading.com
1 marketingplatform.google.com www.darkreading.com
1 www3.doubleclick.net 1 redirects
1 geolocation.onetrust.com www.darkreading.com
1 static.cloudflareinsights.com www.darkreading.com
253 48
Subject Issuer Validity Valid
darkreading.com
Cloudflare Inc ECC CA-3
2024-03-09 -
2024-12-31
10 months crt.sh
*.contentstack.com
Gandi RSA Domain Validation Secure Server CA 3
2024-07-11 -
2025-07-22
a year crt.sh
upload.video.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2024-03-01 -
2024-12-31
10 months crt.sh
*.g.doubleclick.net
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-05-11 -
2024-08-09
3 months crt.sh
cloudflareinsights.com
WE1
2024-07-06 -
2024-10-04
3 months crt.sh
*.google-analytics.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.gstatic.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2023-11-13 -
2024-11-12
a year crt.sh
static.iris.informa.com
Amazon RSA 2048 M03
2024-06-03 -
2025-07-01
a year crt.sh
*.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2023-10-25 -
2024-10-24
a year crt.sh
tpc.googlesyndication.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
celtra.com
Amazon RSA 2048 M02
2024-06-17 -
2025-07-16
a year crt.sh
event-horizon.gcp.bomm.in
WR3
2024-06-23 -
2024-09-21
3 months crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2024-06-20 -
2025-07-21
a year crt.sh
cognito-identity.eu-west-1.amazonaws.com
Amazon RSA 2048 M02
2024-04-07 -
2025-05-06
a year crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1
2024-05-15 -
2025-06-06
a year crt.sh
*.js.ubembed.com
E6
2024-06-11 -
2024-09-09
3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03
2024-05-22 -
2025-06-20
a year crt.sh
assets.ubembed.com
Amazon RSA 2048 M03
2023-12-06 -
2025-01-03
a year crt.sh
*.treasuredata.com
Amazon RSA 2048 M03
2024-06-18 -
2025-07-17
a year crt.sh
iiris.com
WE1
2024-06-28 -
2024-09-26
3 months crt.sh
*.chartbeat.net
Thawte TLS RSA CA G1
2023-11-20 -
2024-12-20
a year crt.sh
*.hotjar.io
Amazon ECDSA 256 M02
2024-02-07 -
2025-03-08
a year crt.sh
*.in.treasuredata.com
Amazon RSA 2048 M02
2024-04-24 -
2025-05-23
a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1
2024-03-21 -
2025-04-22
a year crt.sh
*.eu01.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1
2023-11-03 -
2024-10-01
a year crt.sh
*.ml314.com
Amazon RSA 2048 M02
2023-10-16 -
2024-11-12
a year crt.sh

This page contains 10 frames:

Primary Page: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Frame ID: 2BE6BA197D845272CFEBD2E8D1253651
Requests: 195 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 6EC77A3EEC712F24818ECB8919E47FBA
Requests: 1 HTTP requests in this frame

Frame: https://2332d90f7fe5d7eb5e5211c1387dd142.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3866133B3B719488A2E6DBA6A4B6B740
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYDWrWxKm9zMadpO1dS4Kn_1ILL3vNFu1ZUWFJMeCvdTOZL4cTAXZ18ebsD9guO6JToYjh974AWVWCjR98QJusUgzRsDjVnn56h1HBFMAR4kiN0wU1HDcKBCHt8XaHrxEneDnQMu6bej-jWi3yzSNAuDtjOnDNcy0UaA_hr00E_j2At9eUJff13qI4qzhPAnA5aw8MwrbP9Vcc9sK0J_R6aJuhKBGo2npk2rhkRxe4XRR-PGxR_comPlF2EaihWu4UWpen8tLTcp0gQ9GkUWQdQfIlvGITOHTQQBkglgP0qMmp1dhPyi_fPeL30QayLfLXh3TLbl1MycwTZkNbfIgC3MIhxQ82VRfREMddkMs7XOXoLRVy6XgJofLhLEMfTkECN2g&sai=AMfl-YQ4KTpejSHowgabzO1KitI4Ok986MrnUUfv9HDWOHrKCcTJ6-SHuvVcf9ppiJQZMFUp4KncLhgH169B4HLnmrD2oabT2yuxSLg17XjjIfibzDO2sW91juqNnO35f232FIDQkle8ajua5-luXTVfLUY&sig=Cg0ArKJSzFX79aTPKtwcEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 7312EC536B46A189698B0FB511817B58
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss03g-XblZNYNbVAKtyvRdNKsGpUDoBnueMWBmulf6gNgBpaTavZVpTtifLGIjCKWHuxVUJBxOeWt5I5QV-yZOl4NyqnD0Yo5lBlQxUN4V0IdFGUTv7LquSJEC2jlVWEfXVhH9RyIjOlGsD9wqLfk1BWu5txlWtgUOCb2yFvpRY8IsOID6aCODEjf-YpIbC6eyHZ73s8VHHomIDPC__G9xkj5KVA0Y6Bbgwbc2dlOx0Uos-9xTfYoID1bqqjTHTYziYAF_QYckRIZzMI0QAoJ12PzDF4O0iCGKWhuPjnJnJjv0jLKEmZcttdyNBtcKQe1P6zKgmtBaz5JCBE-c_0tUgrL5s-QznkhjGu5SJEow9YSZwVphUp0TB9na5ErquhoEKGao&sai=AMfl-YSDc2T8IVID_NFXV401vLMZmtO_JgJFvn101iSC2hpOttyjdEFyohdtdzw7tVrWRaT2m5bhJbZQVTpLDXOxYqlnPG6-6qKHb4gWjuV6qvsK0g1CYDxsy3K_5Y_KX574F2qc7I4q64HFBnibzGpnuJM&sig=Cg0ArKJSzA6dHoD4n4ZTEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 6C7C93F9F41DAABF19B24C39B2E5CB57
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvIYPWb5v_kdtoQJ7QPISOZBOFZG3vanf11tJdnK8yHLeGpUy91t2uoW1Yo8qjonhjymN47S0RiGnaHcUs-Mg9mcK4kSf1ZGDZ_We3S282QCYpDzEm5yR5Pig2PoS3kXKieN5YMjom3_f6vcocH-NirazW7NHB-p__5rQic_SUh6BUflTr29SWorxl_-ANYoqt7k76DX1N8l_wGRHvS9Dx4K_9CF0I4xNETK6WGPoVAIKfOHjOcWeyVDo1007NadGkgEa4Cs23wC8NJt4n4H0uc2T41YZuake60oeOaCTvSpsixqJXr2OnglARZfxVr1HU3tfmIFgM_n9grEANUQiatdfEa2Fqi1dia68AIdFkgHGJhyuJleg5xUkZFv-d2uNUfuyo&sai=AMfl-YSaZAJlR8sZDjJSyCJCKDhuQ2AtsGSWJqAx1SabZQxLicuma58XT1GcWu69fh7JsiJW8SSE4i6IqAheymYQodz_1sFuVX8NtdWFzQzclmSKJsfotbgwETpDX9GhKHBAT1bPaUx0Ubw4UGlAJkc0H01l&sig=Cg0ArKJSzDSBElZ10bPrEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 351FF59C0F80A23ACDF61879460EF3E9
Requests: 9 HTTP requests in this frame

Frame: data://truncated
Frame ID: A4DC1DC361F66D23B96D8584FA039538
Requests: 2 HTTP requests in this frame

Frame: https://cache-ssl.celtra.com/api/fonts/google/Lato:400/3_webfont.woff2?subset=BCDEGILORSTUVW
Frame ID: D233883D05AD3EC1FB196F289845BF0E
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3272F8ABF41CBE7741796E5ADEAB2AA4
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1B5B68EEE10B63462D33B9CD123D5D0E
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Black Basta Develops Custom Malware in Wake of Qakbot Takedown

Detected technologies

Overall confidence: 100%
Detected patterns
  • ubembed\.com

Overall confidence: 100%
Detected patterns
  • chartbeat\.js

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • moatads\.com

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Page Statistics

253
Requests

96 %
HTTPS

39 %
IPv6

32
Domains

48
Subdomains

46
IPs

4
Countries

4520 kB
Transfer

12705 kB
Size

39
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 102
  • https://www3.doubleclick.net/ HTTP 301
  • https://marketingplatform.google.com/about/enterprise/
Request Chain 245
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3646000189433446416&redir= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3646000189433446416&redir=
Request Chain 246
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3646000189433446416 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzY0NjAwMDE4OTQzMzQ0NjQxNhAAGg0IrdWxtQYSBQjoBxAAQgBKAA HTTP 307
  • https://ml314.com/csync.ashx?fp=b68de5f3dddbb15c7dd0e4bfaaf461c0d0051f025d272492837c747b5a15f164f4cb09cee1a4f8eb&person_id=3646000189433446416&eid=50082
Request Chain 247
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
  • https://ml314.com/utsync.ashx?eid=53819&et=0&fp=75815118-9f95-4dfa-8d38-a50cb7f5c70b&gdpr=0&gdpr_consent=
Request Chain 248
  • https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3646000189433446416 HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3646000189433446416 HTTP 302
  • https://ml314.com/csync.ashx?fp=c92bf32525d366224bccdb2d390f2f40&eid=50146&person_id=3646000189433446416
Request Chain 249
  • https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
  • https://ml314.com/utsync.ashx?eid=50052&et=0&fp=27IebYdpXpoZ9UHGNOvkFzmtnVOdXN3gUgNwJ5zh_PYQ&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_pid%3Dr8hrb20 HTTP 302
  • https://ml314.com/csync.ashx?fp=27IebYdpXpoZ9UHGNOvkFzmtnVOdXN3gUgNwJ5zh_PYQ&person_id=3646000189433446416&eid=50052&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_pid%3Dr8hrb20 HTTP 302
  • https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20

253 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
www.darkreading.com/threat-intelligence/
272 KB
53 KB
Document
General
Full URL
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faf537023005bd476da413caf4f5c84613788df6df91384f5942ebaa1dc2f41c
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
public, max-age=300, s-maxage=300, stale-while-revalidate=1500, stale-if-error=3600
cf-cache-status
EXPIRED
cf-ray
8acb922648f552e9-LAX
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 02 Aug 2024 05:12:06 GMT
last-modified
Fri, 02 Aug 2024 05:12:06 GMT
server
cloudflare
strict-transport-security
max-age=3153600000
vary
Accept-Encoding
Blackpast_ciaobucharestAlamy.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt162f580252069912/66aaa74df04649296ad6c603/
4 KB
4 KB
Image
General
Full URL
https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt162f580252069912/66aaa74df04649296ad6c603/Blackpast_ciaobucharestAlamy.jpg?width=1280&auto=webp&quality=10&format=jpg&disable=upscale&blur=40
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
contentstack /
Resource Hash
29d9c4c37447dbf2f47104a4f513dbac6cb89f270a86d625e27a0af96b310ec8
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
fastly-io-served-by
vpop-etou8240197
x-cache
HIT, HIT
fastly-io-info
ifsz=3294853 idim=1920x1080 ifmt=png ofsz=3674 odim=1280x720 ofmt=webp
filename1
custom
content-disposition
inline; filename=Blackpast_ciaobucharestAlamy.webp
fastly-stats
io=1
content-length
3674
x-request-id
8dcb7452e8269126f0821a1254a2c334
x-served-by
cache-ams2100097-AMS, cache-lax-kwhp1940129-LAX
x-runtime
52ms
server
contentstack
x-timer
S1722575527.835297,VS0,VE2
x-contentstack-organization
blt5948195ac13977b0
etag
"riUMvuR4uVa5v4zJZj1sbHSpFuW9166rQa6Eejwy9A0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
content-disposition, content-type, cache-control, status, content-length
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
23, 0
styles.generated-EQE5VKIA.css
www.darkreading.com/build/_assets/
8 KB
3 KB
Stylesheet
General
Full URL
https://www.darkreading.com/build/_assets/styles.generated-EQE5VKIA.css
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a7794489e038e117a4d6bafaf74444a1be64759c4866affef12db1f49ae5a0f
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 17 Jun 2024 14:36:48 GMT
server
cloudflare
age
3699884
etag
W/"1e34-19026a11000"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb9231ac9352e9-LAX
brand.generated-GJLBHFTG.css
www.darkreading.com/build/_assets/
476 KB
59 KB
Stylesheet
General
Full URL
https://www.darkreading.com/build/_assets/brand.generated-GJLBHFTG.css
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b29f999f3b5c2fc8ad62b79bf870cb309773dc6abbbcd0d836ea45a43d94d1c0
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
670598
cf-polished
origSize=488536
etag
W/"77458-190e9339818"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb9231ac9552e9-LAX
css2
fonts.googleapis.com/
21 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fb121c45f498cba0f88de6e2235d95cf3307bb9ed5376f6a793b8253a520592f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 02 Aug 2024 05:12:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 02 Aug 2024 05:07:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 02 Aug 2024 05:12:06 GMT
OtAutoBlock.js
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/
698 KB
127 KB
Script
General
Full URL
https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/OtAutoBlock.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bef8c9e1cd6bba25a5e7115d3b7a61a6ce406eaae651a82963069b98f7d39f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 02 Aug 2024 05:12:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
48973
content-md5
6CFV9VgY0bTzBc3YT/3fgw==
content-length
129426
x-ms-lease-status
unlocked
last-modified
Wed, 15 May 2024 14:54:00 GMT
server
cloudflare
etag
0x8DC74EEDACCD490
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
0ceae01a-301e-00a2-12d7-a68cf5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8acb9232595b5269-LAX
expires
Sat, 03 Aug 2024 05:12:06 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
21 KB
7 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1505aa0792421f831935f4761a95f31462a3dd097c8bd00ad8e9c765c8065517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 02 Aug 2024 05:12:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Wbr2pAeg61Hfi+2FuD0cYA==
age
46784
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6882
x-ms-lease-status
unlocked
last-modified
Wed, 31 Jul 2024 06:32:31 GMT
server
cloudflare
etag
0x8DCB12A8E9833A9
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
eb661063-101e-009b-2e7a-e31eb2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8acb9232595f5269-LAX
gpt.js
securepubads.g.doubleclick.net/tag/js/
99 KB
31 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
fcda17ce03d2d328860362704e1285dbefb50d849b58d93041425255a7c80e52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31729
x-xss-protection
0
server
cafe
etag
487 / 19937 / 31085717 / config-hash: 6632576684418354489
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 02 Aug 2024 05:12:07 GMT
informaLogoWhite-RZAE7EJI.png
www.darkreading.com/build/_assets/
2 KB
2 KB
Image
General
Full URL
https://www.darkreading.com/build/_assets/informaLogoWhite-RZAE7EJI.png
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8b5050c00e65112ae30afa040177c7af59fafecf502c995f29073cc00d06666
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Wed, 26 Jun 2024 13:05:54 GMT
server
cloudflare
age
2714308
cf-polished
origSize=4020
etag
W/"fb4-19054a71350"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
8acb9231aca252e9-LAX
content-length
2114
Blackpast_ciaobucharestAlamy.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt162f580252069912/66aaa74df04649296ad6c603/
304 KB
304 KB
Image
General
Full URL
https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt162f580252069912/66aaa74df04649296ad6c603/Blackpast_ciaobucharestAlamy.jpg?width=1280&auto=webp&quality=95&format=jpg&disable=upscale
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
contentstack /
Resource Hash
52d1499d47eabb2cf6c32a97836616e8a88cdeb15a9b4f50f40161f7399b4c09
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
fastly-io-served-by
vpop-etou8240197
x-cache
HIT, HIT
fastly-io-info
ifsz=3294853 idim=1920x1080 ifmt=png ofsz=311322 odim=1280x720 ofmt=webp
filename1
custom
content-disposition
inline; filename=Blackpast_ciaobucharestAlamy.webp
fastly-stats
io=1
content-length
311322
x-request-id
8dcb7452e8269126f0821a1254a2c334
x-served-by
cache-ams2100097-AMS, cache-lax-kwhp1940129-LAX
x-runtime
52ms
server
contentstack
x-timer
S1722575527.835148,VS0,VE2
x-contentstack-organization
blt5948195ac13977b0
etag
"xEYIRztc4By4k78L1mRMyps5D3OxBZJu6UofPZz35DQ"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
content-disposition, content-type, cache-control, status, content-length
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
23, 0
email-decode.min.js
www.darkreading.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
851 B
Script
General
Full URL
https://www.darkreading.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 30 Jul 2024 21:56:14 GMT
server
cloudflare
etag
W/"66a9617e-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
8acb92323d4952e9-LAX
expires
Sun, 04 Aug 2024 05:12:06 GMT
manifest-9078239D.js
www.darkreading.com/build/
41 KB
3 KB
Script
General
Full URL
https://www.darkreading.com/build/manifest-9078239D.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f01566ab1f520bd2162926ecf7e8ae5e3c30ade0bb78304fc1abb1eff4c5aa19
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 31 Jul 2024 12:26:51 GMT
server
cloudflare
age
134739
etag
W/"a28f-19108c1e6f8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb9231ac9852e9-LAX
entry.client-VXPJFK4D.js
www.darkreading.com/build/
462 B
451 B
Script
General
Full URL
https://www.darkreading.com/build/entry.client-VXPJFK4D.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eae0cd3b8a59b8e0a2a8494c2b6cad5abef8647b9e52064c11802a2f8eb959de
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
615193
cf-polished
origSize=463
etag
W/"1cf-190e9339818"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb9231ac9a52e9-LAX
chunk-XWIFJKM6.js
www.darkreading.com/build/_shared/
40 KB
13 KB
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-XWIFJKM6.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c99753a9a0b95a19d14edb17048794e536ab0ac8782f0953e208b6a567dcb4d7
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 18 Jul 2024 09:10:18 GMT
server
cloudflare
age
1272808
cf-polished
origSize=41413
etag
W/"a1c5-190c51b4890"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb9231ac9b52e9-LAX
chunk-2MCAGYUB.js
www.darkreading.com/build/_shared/
214 KB
69 KB
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-2MCAGYUB.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eec75e095590cdb68f03a5bae61904050fd1a4763c1c3be62e3b92c406a3c42f
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 18 Jul 2024 09:10:18 GMT
server
cloudflare
age
1272807
cf-polished
origSize=219386
etag
W/"358fa-190c51b4890"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb9231ac9e52e9-LAX
chunk-63EVRDSK.js
www.darkreading.com/build/_shared/
7 KB
3 KB
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-63EVRDSK.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbd7ba9c2af7dabc67644196dacd718139ba839fb3d1c232169c48929dac551a
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 17 Jun 2024 14:36:48 GMT
server
cloudflare
age
3699884
cf-polished
origSize=6881
etag
W/"1ae1-19026a11000"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb9231ac9f52e9-LAX
chunk-ADMCF34Z.js
www.darkreading.com/build/_shared/
953 B
600 B
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-ADMCF34Z.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79611d23ecaa67700bdea21cd1c64be8f870003ce33517e2a3b8be885823982d
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 17 Jun 2024 14:36:48 GMT
server
cloudflare
age
3699884
cf-polished
origSize=954
etag
W/"3ba-19026a11000"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb9231aca052e9-LAX
chunk-EU6TSQJG.js
www.darkreading.com/build/_shared/
2 KB
870 B
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-EU6TSQJG.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20cbb68c751096ffcc7228c8264d233c80ef2a40a2a25acbcbeb53a3c7b0d524
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 17 Jun 2024 14:36:48 GMT
server
cloudflare
age
3699884
cf-polished
origSize=1765
etag
W/"6e5-19026a11000"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb9231aca152e9-LAX
chunk-RZRUW7QG.js
www.darkreading.com/build/_shared/
99 B
186 B
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-RZRUW7QG.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eab917741c3d4e12a18565a289081249c60345a6928685b785db8877999fa181
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 17 Jun 2024 14:36:48 GMT
server
cloudflare
age
3699884
cf-polished
origSize=100
etag
W/"64-19026a11000"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320ce752e9-LAX
chunk-CXTUEGTB.js
www.darkreading.com/build/_shared/
79 KB
28 KB
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-CXTUEGTB.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c76ad683e48497ff9a3388f72b041877c526705246c8f6266bcde1b1e71f652
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
670597
cf-polished
origSize=81143
etag
W/"13cf7-190e9339818"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320ce852e9-LAX
chunk-QMHVXKWP.js
www.darkreading.com/build/_shared/
2 KB
775 B
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-QMHVXKWP.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb14372c5124cf43b1cfbc986f07213bf37a625aeb35fdf184b307283ac45f67
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
670597
cf-polished
origSize=1832
etag
W/"728-190e9339818"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320ce952e9-LAX
chunk-CZQQJKCG.js
www.darkreading.com/build/_shared/
99 B
210 B
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-CZQQJKCG.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eab917741c3d4e12a18565a289081249c60345a6928685b785db8877999fa181
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 08 Jul 2024 15:41:34 GMT
server
cloudflare
age
1941632
cf-polished
origSize=100
etag
W/"64-1909301e7b0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320ceb52e9-LAX
chunk-B7M2L5OV.js
www.darkreading.com/build/_shared/
99 B
233 B
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-B7M2L5OV.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eab917741c3d4e12a18565a289081249c60345a6928685b785db8877999fa181
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 17 Jun 2024 14:36:48 GMT
server
cloudflare
age
3699884
cf-polished
origSize=100
etag
W/"64-19026a11000"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320ced52e9-LAX
chunk-DJPTXYOW.js
www.darkreading.com/build/_shared/
11 KB
3 KB
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-DJPTXYOW.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8d720f3982758409a145c582eb25ac8aeb09b14a0073fe0d3cf0524d1c1c60d
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
670597
cf-polished
origSize=11029
etag
W/"2b15-190e9339818"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320cee52e9-LAX
chunk-OAZE4OAL.js
www.darkreading.com/build/_shared/
1 KB
787 B
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-OAZE4OAL.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
207cac597f53290d66aca8c2165d6f4465e98a10c819c0a24d048c4be2c6048d
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
670597
cf-polished
origSize=1478
etag
W/"5c6-190e9339818"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320cef52e9-LAX
chunk-R6EIBCBL.js
www.darkreading.com/build/_shared/
99 B
209 B
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-R6EIBCBL.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eab917741c3d4e12a18565a289081249c60345a6928685b785db8877999fa181
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
615193
cf-polished
origSize=100
etag
W/"64-190e9339818"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320cf152e9-LAX
chunk-VZQVWFLO.js
www.darkreading.com/build/_shared/
99 B
161 B
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-VZQVWFLO.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eab917741c3d4e12a18565a289081249c60345a6928685b785db8877999fa181
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
615193
cf-polished
origSize=100
etag
W/"64-190e9339818"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320cf352e9-LAX
chunk-SQAZXDZA.js
www.darkreading.com/build/_shared/
99 B
175 B
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-SQAZXDZA.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eab917741c3d4e12a18565a289081249c60345a6928685b785db8877999fa181
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 31 Jul 2024 12:26:51 GMT
server
cloudflare
age
97553
cf-polished
origSize=100
etag
W/"64-19108c1e6f8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320cf552e9-LAX
chunk-3MF3FZGU.js
www.darkreading.com/build/_shared/
381 B
329 B
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-3MF3FZGU.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1b6acb0496775ac9c619f93255050a6dd6b9d75032a623e7b1a02862722ade1
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
670597
cf-polished
origSize=382
etag
W/"17e-190e9339818"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320cf652e9-LAX
chunk-PTRXUMRP.js
www.darkreading.com/build/_shared/
23 KB
6 KB
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-PTRXUMRP.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e826dd5b9d11f5d78de53f85aa64b409a400025b17a14628e6a57453eaaab1e
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
670597
cf-polished
origSize=23327
etag
W/"5b1f-190e9339818"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320cf752e9-LAX
chunk-DA6QKOVK.js
www.darkreading.com/build/_shared/
99 B
155 B
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-DA6QKOVK.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eab917741c3d4e12a18565a289081249c60345a6928685b785db8877999fa181
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 17 Jun 2024 14:36:48 GMT
server
cloudflare
age
3699884
cf-polished
origSize=100
etag
W/"64-19026a11000"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320cf852e9-LAX
chunk-SEGGM2ZZ.js
www.darkreading.com/build/_shared/
103 KB
32 KB
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-SEGGM2ZZ.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09a2b95a0b11ac7d292a9e793f9cff2414998d0e8ecdbee7d4941fac82c2db4f
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
670597
cf-polished
origSize=105209
etag
W/"19af9-190e9339818"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320cf952e9-LAX
chunk-PHWCNBU7.js
www.darkreading.com/build/_shared/
1 KB
778 B
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-PHWCNBU7.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fb04e3bc995f10042bc7db9b9784fb00045d2298639fc71c497c0ff6b404436
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
670597
cf-polished
origSize=1475
etag
W/"5c3-190e9339818"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320cfa52e9-LAX
chunk-3IW6QH4C.js
www.darkreading.com/build/_shared/
3 KB
1 KB
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-3IW6QH4C.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09077d0e34ff67e6f7aec9ad6dda93d2e3901dd2a0e516523dd2a1994f08f496
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
670597
cf-polished
origSize=3453
etag
W/"d7d-190e9339818"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320cfd52e9-LAX
chunk-QVUW3IXO.js
www.darkreading.com/build/_shared/
99 B
157 B
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-QVUW3IXO.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eab917741c3d4e12a18565a289081249c60345a6928685b785db8877999fa181
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 17 Jun 2024 14:36:48 GMT
server
cloudflare
age
3699884
cf-polished
origSize=100
etag
W/"64-19026a11000"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320cff52e9-LAX
chunk-SDR4T2CD.js
www.darkreading.com/build/_shared/
99 B
155 B
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-SDR4T2CD.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eab917741c3d4e12a18565a289081249c60345a6928685b785db8877999fa181
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
615193
cf-polished
origSize=100
etag
W/"64-190e9339818"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320d0052e9-LAX
chunk-TO5QOUNY.js
www.darkreading.com/build/_shared/
3 KB
1 KB
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-TO5QOUNY.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e0f52f1c3519b5a755cffc538a2d90d1098c4dd57d75368868e5a74ef226fc9
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
670597
cf-polished
origSize=3056
etag
W/"bf0-190e9339818"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320d0352e9-LAX
chunk-5NTYFR4K.js
www.darkreading.com/build/_shared/
576 KB
174 KB
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-5NTYFR4K.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
814eb03221d2a16c4b0f30039f502fa3d83e46b88cfda579995e9c6a7c49d7cf
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
670597
cf-polished
origSize=589962
etag
W/"9008a-190e9339818"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320d0552e9-LAX
chunk-IW54JVOH.js
www.darkreading.com/build/_shared/
857 B
540 B
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-IW54JVOH.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1639ab736e293da0c001360c710b776a18aad38af6d40ecfb83a4d6a8cb05bf7
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 17 Jun 2024 14:36:48 GMT
server
cloudflare
age
3699884
cf-polished
origSize=858
etag
W/"35a-19026a11000"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320d0652e9-LAX
root-WBVVRMG7.js
www.darkreading.com/build/
34 KB
11 KB
Script
General
Full URL
https://www.darkreading.com/build/root-WBVVRMG7.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8326135c9adb070c92a610d40a85d7a65b9507bf60659945b4a83de74b0d5131
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
670597
cf-polished
origSize=35214
etag
W/"898e-190e9339818"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320d0752e9-LAX
chunk-ED7QE4BI.js
www.darkreading.com/build/_shared/
142 B
195 B
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-ED7QE4BI.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a41b31d3fc11a54b030a945602bfb18ff6fb5e7dd4272bd93b1494419fc20d3
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 18 Jul 2024 09:10:18 GMT
server
cloudflare
age
1272661
cf-polished
origSize=143
etag
W/"8f-190c51b4890"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320d0852e9-LAX
chunk-4NLSVKGZ.js
www.darkreading.com/build/_shared/
2 KB
720 B
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-4NLSVKGZ.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb0b9fb5525f1abb50e2c469b11eb9a77ee295f86254bcc49c7ddaab8b6ea32b
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
670597
cf-polished
origSize=2027
etag
W/"7eb-190e9339818"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320d0952e9-LAX
chunk-KIT53THS.js
www.darkreading.com/build/_shared/
7 KB
3 KB
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-KIT53THS.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89a31cc28305328e6286135596b0a619f65ee86249dc69645a3ad5969d268a73
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
670597
cf-polished
origSize=7409
etag
W/"1cf1-190e9339818"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320d0a52e9-LAX
chunk-JSR73AOE.js
www.darkreading.com/build/_shared/
99 B
200 B
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-JSR73AOE.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eab917741c3d4e12a18565a289081249c60345a6928685b785db8877999fa181
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 18 Jul 2024 09:10:18 GMT
server
cloudflare
age
1272661
cf-polished
origSize=100
etag
W/"64-190c51b4890"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320d0b52e9-LAX
chunk-PFKESUVJ.js
www.darkreading.com/build/_shared/
10 KB
3 KB
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-PFKESUVJ.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
573ddec66f7dfac9aa2e71fcaddc9b1519ab84360ba544ee9c3aa47d6d400c5d
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
670597
cf-polished
origSize=10497
etag
W/"2901-190e9339818"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320d0c52e9-LAX
chunk-PVBKFYGF.js
www.darkreading.com/build/_shared/
1 KB
675 B
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-PVBKFYGF.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf062aebb3576e3a0dcdee88ddd230977e476ec8111094f73986132179cd999a
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
670597
cf-polished
origSize=1217
etag
W/"4c1-190e9339818"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320d0d52e9-LAX
chunk-CTB75QWX.js
www.darkreading.com/build/_shared/
1 KB
625 B
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-CTB75QWX.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
add64aa865ea78b09ab156cac6ab99057d3d4d0417b85859ccf6b946f43fabbb
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
670597
cf-polished
origSize=1259
etag
W/"4eb-190e9339818"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320d1052e9-LAX
chunk-K7YKQ2EE.js
www.darkreading.com/build/_shared/
1 KB
637 B
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-K7YKQ2EE.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
104e580ee9ded6ca043c6320a497e9801e8d21d9023581043030e6b2ee1c3ebe
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
670598
cf-polished
origSize=1150
etag
W/"47e-190e9339818"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320d1152e9-LAX
chunk-PRCKDWH4.js
www.darkreading.com/build/_shared/
2 KB
1 KB
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-PRCKDWH4.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b62b882057a5ea64cb173f7adb7e8745b26478c8bc1f6e10577272ddff1bb024
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
670597
cf-polished
origSize=2326
etag
W/"916-190e9339818"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320d1352e9-LAX
chunk-RVA2QFCO.js
www.darkreading.com/build/_shared/
9 KB
3 KB
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-RVA2QFCO.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19013c52291f6421ef83000035ce9367a49098e581d71a08f2b8d0955654b931
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
670597
cf-polished
origSize=9173
etag
W/"23d5-190e9339818"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320d1452e9-LAX
chunk-XR4V2CM7.js
www.darkreading.com/build/_shared/
4 KB
2 KB
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-XR4V2CM7.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca60bee2d73b3042d1065a52b798c4c1d48148420bd393574d6d7f51aa4448e6
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
615193
cf-polished
origSize=4070
etag
W/"fe6-190e9339818"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320d1652e9-LAX
chunk-EDYNTQCA.js
www.darkreading.com/build/_shared/
3 KB
1 KB
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-EDYNTQCA.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
234982bfdb09e74e6ffed1105d3ccea28b9b662598859f24718d4e731ad4c0cd
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
615193
cf-polished
origSize=3162
etag
W/"c5a-190e9339818"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320d1952e9-LAX
chunk-ZTTTVCFE.js
www.darkreading.com/build/_shared/
154 KB
50 KB
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-ZTTTVCFE.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d93cdd0bee642d75a6d6a3333f9a8a27d3ba42814bb1e8727d16e8c3193e742
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
104148
cf-polished
origSize=157257
etag
W/"26649-190e9339818"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320d1a52e9-LAX
chunk-Q5M6CNOF.js
www.darkreading.com/build/_shared/
3 KB
1 KB
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-Q5M6CNOF.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0bc92d528506b0008667aa2da2f9ca0e7ed67bafdd12b8c12f2ec0fa8e24850
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
670597
cf-polished
origSize=3232
etag
W/"ca0-190e9339818"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320d1d52e9-LAX
chunk-N4XAGGO6.js
www.darkreading.com/build/_shared/
962 B
642 B
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-N4XAGGO6.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9729547ca3b4334c654b82c3a287c80a90a22ff0bc6368038a8671d29fb259b0
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
670597
cf-polished
origSize=963
etag
W/"3c3-190e9339818"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320d2052e9-LAX
chunk-7WX3BG7O.js
www.darkreading.com/build/_shared/
594 B
414 B
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-7WX3BG7O.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2aa218236f7f4a84cf7078e8b3015b981a39802358c465c520329dfe3a93c6f
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 17 Jun 2024 14:36:48 GMT
server
cloudflare
age
3699884
cf-polished
origSize=595
etag
W/"253-19026a11000"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320d2252e9-LAX
chunk-UZ63H2XS.js
www.darkreading.com/build/_shared/
6 KB
2 KB
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-UZ63H2XS.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
101446dc8fe0f3046d9a0a6a6f3a76a68693612a9d883b13a73d4c60adb958a6
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
670597
cf-polished
origSize=5986
etag
W/"1762-190e9339818"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320d2452e9-LAX
chunk-3E6FXJPO.js
www.darkreading.com/build/_shared/
419 KB
57 KB
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-3E6FXJPO.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de864fc639cebc9640788140b6b53eac2e02109be06f06ab7f4852be138d6aaf
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
670244
cf-polished
origSize=429086
etag
W/"68c1e-190e9339818"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320d2652e9-LAX
chunk-NQ5C6OA7.js
www.darkreading.com/build/_shared/
165 KB
23 KB
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-NQ5C6OA7.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2176b511334c7ea2e0efc89a79741b9ecd8635ffa2ab79a4d2ffb9ed0f1fc498
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
670597
cf-polished
origSize=168630
etag
W/"292b6-190e9339818"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320d2952e9-LAX
chunk-W3HFIHUM.js
www.darkreading.com/build/_shared/
1 KB
788 B
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-W3HFIHUM.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2879b45d8eefe0fd8f2c07db53ce7f9caae774eedbacde042834c541acf87bd
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
670244
cf-polished
origSize=1242
etag
W/"4da-190e9339818"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320d2a52e9-LAX
chunk-MHE2M6XH.js
www.darkreading.com/build/_shared/
44 KB
14 KB
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-MHE2M6XH.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fabd3386134c2df88f8b68931622fe609badcf594d4765e8b200e93052ae0aa
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
670597
cf-polished
origSize=45337
etag
W/"b119-190e9339818"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320d2c52e9-LAX
chunk-FJ2CADCS.js
www.darkreading.com/build/_shared/
7 KB
3 KB
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-FJ2CADCS.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ffa9f5ea62caabe0ae413f1dbef3538d57ac5d2051991db8cc9fc56e86f42a4
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 17 Jun 2024 14:36:48 GMT
server
cloudflare
age
3699884
cf-polished
origSize=7443
etag
W/"1d13-19026a11000"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320d2d52e9-LAX
chunk-WPKPIEJO.js
www.darkreading.com/build/_shared/
730 B
401 B
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-WPKPIEJO.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48cfba98f7980f38b326785218cd95ab4ced2af09203030e48c5ef4d63d32bd9
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
670243
cf-polished
origSize=731
etag
W/"2db-190e9339818"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320d2e52e9-LAX
chunk-P3JYJ3BP.js
www.darkreading.com/build/_shared/
955 B
550 B
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-P3JYJ3BP.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c2ccbc617a103858ce0e47e88f148317d5e66eb43f33839fd4d59936d675c2a
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
670597
cf-polished
origSize=956
etag
W/"3bc-190e9339818"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320d3052e9-LAX
chunk-IJ353W5V.js
www.darkreading.com/build/_shared/
99 B
212 B
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-IJ353W5V.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eab917741c3d4e12a18565a289081249c60345a6928685b785db8877999fa181
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 17 Jun 2024 14:36:48 GMT
server
cloudflare
age
3699884
cf-polished
origSize=100
etag
W/"64-19026a11000"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320d3152e9-LAX
chunk-O5OSGOEN.js
www.darkreading.com/build/_shared/
99 B
155 B
Script
General
Full URL
https://www.darkreading.com/build/_shared/chunk-O5OSGOEN.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eab917741c3d4e12a18565a289081249c60345a6928685b785db8877999fa181
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 17 Jun 2024 14:36:48 GMT
server
cloudflare
age
3699884
cf-polished
origSize=100
etag
W/"64-19026a11000"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320d3252e9-LAX
$topic.$slug._index-IKB7AR5Y.js
www.darkreading.com/build/routes/
199 KB
61 KB
Script
General
Full URL
https://www.darkreading.com/build/routes/$topic.$slug._index-IKB7AR5Y.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dcea5960daba62d0281c8ba7957e8a363845e295f22f8de31470a137a2af750
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
670597
cf-polished
origSize=203533
etag
W/"31b0d-190e9339818"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92320d3352e9-LAX
sdk.js
connect.facebook.net/en_US/
3 KB
4 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b96f5254c00003049e3bb23ff531b2a96ad34591932bf71869f8ccfc7f3c2808
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 02 Aug 2024 05:12:07 GMT
content-md5
8yTl3HAgIwjG2JNnNrPT7A==
document-policy
force-load-at-top
x-fb-server-load
46
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=118, rtx=0, c=12, mss=1297, tbw=2799, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug
arKSpI2YjnEMUHSmQNq8BI8BqcFKtwlxhLwqOhpmTTrkyW30qubh/a8xVpQbIuFYVSX5fFN3YcnNaONDm3jx1A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
47edce0914b3d32533b5b47903212e87
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"f519868c6681605e1a067dfd2db306a3"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Fri, 02 Aug 2024 05:14:52 GMT
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/
19 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer
https://www.darkreading.com/
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:07 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
server
cloudflare
etag
W/"2024.6.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8acb92356eda7c73-LAX
4b083961-e2ac-4755-8801-f7c83a5fb187.json
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/
6 KB
3 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/4b083961-e2ac-4755-8801-f7c83a5fb187.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30ac95fbea6ac28a43d8b4a46f7a694d4f52bf97e7e910e548f29b8376393cf4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 02 Aug 2024 05:12:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
48974
content-md5
hC36EuFyPoi+34xrtwLkcQ==
content-length
1995
x-ms-lease-status
unlocked
last-modified
Wed, 15 May 2024 14:53:59 GMT
server
cloudflare
etag
0x8DC74EEDA46A11C
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
6fc27e9d-c01e-0052-22d7-a65c9b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8acb92353e421020-LAX
expires
Sat, 03 Aug 2024 05:12:07 GMT
gtm.js
www.googletagmanager.com/
390 KB
115 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5523ZCM
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
75efcb8deb87be5120d6b1bacf0726c5a8d11c378f803da785a9ba696962c381
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
117864
x-xss-protection
0
last-modified
Fri, 02 Aug 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 02 Aug 2024 05:12:07 GMT
gtm.js
www.googletagmanager.com/
233 KB
79 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WB8Q7XR
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
27883545e131618539f153114dccf20a5cc1c1e85fa4e63f51edd9966b223a33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80961
x-xss-protection
0
last-modified
Fri, 02 Aug 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 02 Aug 2024 05:12:07 GMT
Bars-F4G2A5NO.svg
www.darkreading.com/build/_assets/
554 B
333 B
Image
General
Full URL
https://www.darkreading.com/build/_assets/Bars-F4G2A5NO.svg
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4d00cfee02d472b0c80124f87c00a8cb8ea5610201ebbf922d894d2fea4db1
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:07 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
620913
etag
W/"22a-190e9339818"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000, immutable
cf-ray
8acb9234cfd452e9-LAX
Search-T2ANYVG5.svg
www.darkreading.com/build/_assets/
493 B
432 B
Image
General
Full URL
https://www.darkreading.com/build/_assets/Search-T2ANYVG5.svg
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
592356a6c52e99185da7862c1bc4929308efd3618e8f1c8e1dd665abf205ee62
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:07 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 26 Jun 2024 13:05:54 GMT
server
cloudflare
age
2551649
etag
W/"1ed-19054a71350"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000, immutable
cf-ray
8acb9234cfd852e9-LAX
ChevronDown-PF4EH6J6.svg
www.darkreading.com/build/_assets/
449 B
352 B
Image
General
Full URL
https://www.darkreading.com/build/_assets/ChevronDown-PF4EH6J6.svg
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
882c0ef9f4096af29e037f9ba9dcbc71a46605828ae12a77002c0fa5e00c309a
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:07 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 17 Jun 2024 14:36:48 GMT
server
cloudflare
age
3699885
etag
W/"1c1-19026a11000"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000, immutable
cf-ray
8acb9234cfda52e9-LAX
Clock-MSX4SBCD.svg
www.darkreading.com/build/_assets/
471 B
371 B
Image
General
Full URL
https://www.darkreading.com/build/_assets/Clock-MSX4SBCD.svg
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae59b218ab2a4bdc90c9da5d696d7c14eb10c26ddfe9882dc74f4e4e0deb7255
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:07 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 17 Jun 2024 14:36:48 GMT
server
cloudflare
age
3699884
etag
W/"1d7-19026a11000"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000, immutable
cf-ray
8acb9234cfdf52e9-LAX
Linkedin-VQUF3EEQ.svg
www.darkreading.com/build/_assets/
400 B
337 B
Image
General
Full URL
https://www.darkreading.com/build/_assets/Linkedin-VQUF3EEQ.svg
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fe6411146e7aabcda85d71ec42eabe4fe5fb199f0e9ad759bfa78a42a853535
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:07 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 17 Jun 2024 14:36:48 GMT
server
cloudflare
age
3699884
etag
W/"190-19026a11000"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000, immutable
cf-ray
8acb9234dfe752e9-LAX
Facebook-CJB5G2HY.svg
www.darkreading.com/build/_assets/
272 B
299 B
Image
General
Full URL
https://www.darkreading.com/build/_assets/Facebook-CJB5G2HY.svg
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58016ccef8b151b18ba8a751a7666689dcb78facc25a8710434d2e8629a83142
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:07 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 08 Jul 2024 15:41:34 GMT
server
cloudflare
age
1940996
etag
W/"110-1909301e7b0"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000, immutable
cf-ray
8acb9234dfed52e9-LAX
Twitter-WD5AOEQ7.svg
www.darkreading.com/build/_assets/
404 B
349 B
Image
General
Full URL
https://www.darkreading.com/build/_assets/Twitter-WD5AOEQ7.svg
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8f35a67f2129d433d9a690160ea7f637686033f5055199a7788f1bb500fe0e6
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:07 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
615193
etag
W/"194-190e9339818"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000, immutable
cf-ray
8acb9234dfee52e9-LAX
Email-47H7P533.svg
www.darkreading.com/build/_assets/
777 B
545 B
Image
General
Full URL
https://www.darkreading.com/build/_assets/Email-47H7P533.svg
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ef59df86d3826ee2048c7707b14be9a819ffe3ce87ca7e989511ac24e447812
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:07 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 17 Jun 2024 14:36:48 GMT
server
cloudflare
age
3699884
etag
W/"309-19026a11000"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000, immutable
cf-ray
8acb9234dff052e9-LAX
Reddit-5TRN6TDE.svg
www.darkreading.com/build/_assets/
1 KB
711 B
Image
General
Full URL
https://www.darkreading.com/build/_assets/Reddit-5TRN6TDE.svg
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7dd61f31dd9d4d1b9e2b24e139ddcaef62287a13664cdb50544ea421f1a1899
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:07 GMT
strict-transport-security
max-age=3153600000
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 24 Jun 2024 07:54:16 GMT
server
cloudflare
age
3106596
etag
W/"471-190493d0c40"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000, immutable
cf-ray
8acb9234dff352e9-LAX
Printer-U5RDBVFZ.svg
www.darkreading.com/build/_assets/
741 B
527 B
Image
General
Full URL
https://www.darkreading.com/build/_assets/Printer-U5RDBVFZ.svg
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b75529201e97f7566ae404c0bd803c64ce29092a13c8e1893369ef3c32c6337
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:07 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 17 Jun 2024 14:36:48 GMT
server
cloudflare
age
3699884
etag
W/"2e5-19026a11000"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000, immutable
cf-ray
8acb9234dff552e9-LAX
ChalkBoard-7VYJPH3F.svg
www.darkreading.com/build/_assets/
752 B
506 B
Image
General
Full URL
https://www.darkreading.com/build/_assets/ChalkBoard-7VYJPH3F.svg
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62eee22f7f92913689361d7cad70e166c1f0fe52937c1269996cffaa712e60f7
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:07 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 18 Jul 2024 09:10:18 GMT
server
cloudflare
age
803783
etag
W/"2f0-190c51b4890"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000, immutable
cf-ray
8acb9234dffb52e9-LAX
ChevronRight-W5LPP5NG.svg
www.darkreading.com/build/_assets/
305 B
287 B
Image
General
Full URL
https://www.darkreading.com/build/_assets/ChevronRight-W5LPP5NG.svg
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8a03522223cf64474a1f91e02c8069ea5560a23266b37b476d7602a621f0c38
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:07 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 17 Jun 2024 14:36:48 GMT
server
cloudflare
age
3699883
etag
W/"131-19026a11000"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000, immutable
cf-ray
8acb9234dffe52e9-LAX
Date-KJRS72FO.svg
www.darkreading.com/build/_assets/
1 KB
500 B
Image
General
Full URL
https://www.darkreading.com/build/_assets/Date-KJRS72FO.svg
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed870769c4fd967977ef0930a14927ac6035d0a9fcd9db0bcef385da69bea2eb
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:07 GMT
strict-transport-security
max-age=3153600000
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 17 Jun 2024 14:36:48 GMT
server
cloudflare
age
3699883
etag
W/"54d-19026a11000"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000, immutable
cf-ray
8acb9235283e52e9-LAX
Document-NG4YMZFA.svg
www.darkreading.com/build/_assets/
801 B
435 B
Image
General
Full URL
https://www.darkreading.com/build/_assets/Document-NG4YMZFA.svg
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b475b63a797144d91a4b2e34499ab7321bdf6d298d5f1177ec1fa3f5d3b4e0e
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:07 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 17 Jun 2024 14:36:48 GMT
server
cloudflare
age
3699880
etag
W/"321-19026a11000"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000, immutable
cf-ray
8acb9235283f52e9-LAX
Youtube-S4PSC4UA.svg
www.darkreading.com/build/_assets/
570 B
391 B
Image
General
Full URL
https://www.darkreading.com/build/_assets/Youtube-S4PSC4UA.svg
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b21643da63b2c4ecc10d42f29531dd1830ea86dc7fa876cf0e0d570b76bbb3c
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:07 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 17 Jun 2024 14:36:48 GMT
server
cloudflare
age
3699883
etag
W/"23a-19026a11000"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000, immutable
cf-ray
8acb9235284152e9-LAX
RSS-3XFHIVCK.svg
www.darkreading.com/build/_assets/
632 B
433 B
Image
General
Full URL
https://www.darkreading.com/build/_assets/RSS-3XFHIVCK.svg
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff5c6ccd23219200d1ba0f66c328e5c014b436bc783b6ce18873dd9d6ac216c6
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:07 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 17 Jun 2024 14:36:48 GMT
server
cloudflare
age
3699883
etag
W/"278-19026a11000"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000, immutable
cf-ray
8acb9235284252e9-LAX
GoogleNews-6O72APW7.svg
www.darkreading.com/build/_assets/
897 B
568 B
Image
General
Full URL
https://www.darkreading.com/build/_assets/GoogleNews-6O72APW7.svg
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62a683fb450f7fa9845bc05412211a15a4b09b406db0c7fcb6fe2fe18acff1ad
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:07 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 17 Jun 2024 14:36:48 GMT
server
cloudflare
age
3699883
etag
W/"381-19026a11000"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000, immutable
cf-ray
8acb9235284452e9-LAX
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 13:20:25 GMT
x-content-type-options
nosniff
age
229902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48444
x-xss-protection
0
last-modified
Mon, 29 Jul 2024 22:51:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Jul 2025 13:20:25 GMT
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa0ZL7SUc.woff2
fonts.gstatic.com/s/inter/v18/
18 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa0ZL7SUc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62cc01daef72c3ea76a258445368d2f4ab8d05a91f91c53fd12f7c42e3325942
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 21:03:09 GMT
x-content-type-options
nosniff
age
202138
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18740
x-xss-protection
0
last-modified
Mon, 29 Jul 2024 22:47:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Jul 2025 21:03:09 GMT
Logo_-_Dark_Reading.svg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte9ead971f13c662e/65437029846d7c040a6e588d/
3 KB
2 KB
Image
General
Full URL
https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte9ead971f13c662e/65437029846d7c040a6e588d/Logo_-_Dark_Reading.svg?width=476&auto=webp&quality=80&disable=upscale
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
contentstack /
Resource Hash
c3c2e2538dd857e04bb340d6230c8eeedca607d219bceba19897333cbd74b4f3
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:07 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-error
not a supported image format
strict-transport-security
max-age=31557600
content-encoding
gzip
fastly-io-served-by
vpop-etou8240194
x-cache
HIT, HIT
filename1
custom
content-disposition
inline; filename=Logo_-_Dark_Reading.svg+xml
fastly-stats
io=1
content-length
1435
x-request-id
e4b4a79401a1e1542eb46b248b18ae91
x-served-by
cache-ams2100138-AMS, cache-lax-kwhp1940129-LAX
x-runtime
76ms
server
contentstack
x-timer
S1722575527.213947,VS0,VE60
x-contentstack-organization
blt5948195ac13977b0
vary
Accept
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
content-disposition, content-type, cache-control, status, content-length
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
6595, 0
ElizabethMontalbano.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt3a8c7badad2ca168/64f15cd2b4c236805e4fddad/
2 KB
2 KB
Image
General
Full URL
https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt3a8c7badad2ca168/64f15cd2b4c236805e4fddad/ElizabethMontalbano.jpg?width=100&auto=webp&quality=80&disable=upscale
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
contentstack /
Resource Hash
77f6b55cfd1440472c8a84c8f8814291f8ae57e64f9af315a37215cf0877ce87
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:07 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
fastly-io-served-by
vpop-etou8240192
x-cache
HIT, HIT
fastly-io-info
ifsz=98905 idim=310x310 ifmt=jpeg ofsz=2016 odim=100x100 ofmt=webp
filename1
custom
content-disposition
inline; filename=ElizabethMontalbano.webp
fastly-stats
io=1
content-length
2016
x-request-id
6e412442e2f0fef37155d0dc41a75762
x-served-by
cache-ams2100143-AMS, cache-lax-kwhp1940129-LAX
x-runtime
115ms
server
contentstack
x-timer
S1722575527.214338,VS0,VE2
x-contentstack-organization
blt5948195ac13977b0
etag
"1QIQy4d5ocPPzyUc+8Uv6RsNo3DPfZTjSU5N9uUrtDE"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
content-disposition, content-type, cache-control, status, content-length
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
1133, 0
VMware-Schoening-Alamy.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt32b9968819e79d5d/66a93453f24439161f73bfaf/
19 KB
20 KB
Image
General
Full URL
https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt32b9968819e79d5d/66a93453f24439161f73bfaf/VMware-Schoening-Alamy.jpg?width=700&auto=webp&quality=80&disable=upscale
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
contentstack /
Resource Hash
d4a889f3bc07deec3fa428c486e999ad08fabc87afd430821e770a579b1696ef
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:07 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
fastly-io-served-by
vpop-etou8240192
x-cache
HIT, HIT
fastly-io-info
ifsz=3687936 idim=8256x4644 ifmt=jpeg ofsz=19956 odim=700x394 ofmt=webp
filename1
custom
content-disposition
inline; filename=VMware-Schoening-Alamy.webp
fastly-stats
io=1
content-length
19956
x-request-id
88d33576a0d39e02f18807c5d9f098eb
x-served-by
cache-ams21045-AMS, cache-lax-kwhp1940129-LAX
x-runtime
37ms
server
contentstack
x-timer
S1722575527.214545,VS0,VE2
x-contentstack-organization
blt5948195ac13977b0
etag
"3pWuDGg3wDxWNH3g30drqjCNeuyUO3N0pnPP+22hIC8"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
content-disposition, content-type, cache-control, status, content-length
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
13, 0
thief-Brian_Jackson-Alamy.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt43c820f749b62939/66a8efffeb73913797469d0b/
10 KB
10 KB
Image
General
Full URL
https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt43c820f749b62939/66a8efffeb73913797469d0b/thief-Brian_Jackson-Alamy.jpg?width=700&auto=webp&quality=80&disable=upscale
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
contentstack /
Resource Hash
5c2a923cf0e8f52116427cf22bfe97330ed735daaafff6322da0993fb4ad3c45
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:07 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
fastly-io-served-by
vpop-etou8240199
x-cache
HIT, HIT
fastly-io-info
ifsz=1073876 idim=5200x2925 ifmt=jpeg ofsz=9990 odim=700x394 ofmt=webp
filename1
custom
content-disposition
inline; filename=thief-Brian_Jackson-Alamy.webp
fastly-stats
io=1
content-length
9990
x-request-id
58834f05e60ca2e56b952d3d038ee848
x-served-by
cache-ams21076-AMS, cache-lax-kwhp1940129-LAX
x-runtime
59ms
server
contentstack
x-timer
S1722575527.214528,VS0,VE2
x-contentstack-organization
blt5948195ac13977b0
etag
"DeSaHKjJIqLw7IQwhh/XnUTUmOuYp5qN8Nzw9bMIZqg"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
content-disposition, content-type, cache-control, status, content-length
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
38, 0
servicenow_rafapress_shutterstock.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltd68d51e357e3e24b/66a7eb2182d5134061f107b2/
21 KB
22 KB
Image
General
Full URL
https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltd68d51e357e3e24b/66a7eb2182d5134061f107b2/servicenow_rafapress_shutterstock.jpg?width=700&auto=webp&quality=80&disable=upscale
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
contentstack /
Resource Hash
d2c2b1c6a0e4bf823ce5296f1518eb18866e74ef09af717922108ec47c13d746
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:07 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
fastly-io-served-by
img01-europe-west3
x-cache
HIT, HIT
fastly-io-info
ifsz=332528 idim=1920x1080 ifmt=jpeg ofsz=21978 odim=700x394 ofmt=webp
filename1
custom
content-disposition
inline; filename=servicenow_rafapress_shutterstock.webp
fastly-stats
io=1
content-length
21978
x-request-id
b4d30e14c29c97b8123339ce3e661af4
x-served-by
cache-ams21024-AMS, cache-lax-kwhp1940129-LAX
x-runtime
51ms
server
contentstack
x-timer
S1722575527.214510,VS0,VE13
x-contentstack-organization
blt5948195ac13977b0
etag
"1rQcRxX7QGMRrnxTTevPJbM/kJbQVsDCPnKmqO01nic"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
content-disposition, content-type, cache-control, status, content-length
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
191, 0
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
71 B
309 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4da8a6638ad70698ad3d01aa0ef124aebe35c297685c0796b174822f597b1d09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
8acb923888cc0910-LAX
access-control-allow-headers
Content-Type
sdk.js
connect.facebook.net/en_US/
304 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=088f3b32131470f1cf283050ad04a3ef
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
3977558f158d4731f2d87374815e2e8109d4551d3149fc52dad57cf4dedeecf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.darkreading.com/
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 02 Aug 2024 05:12:07 GMT
content-md5
ut8sr0F9rGvesUaDAOAUVw==
document-policy
force-load-at-top
x-fb-server-load
39
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
89156
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=120, rtx=0, c=24, mss=1232, tbw=8042, tp=13, tpl=0, uplat=0, ullat=-1
x-fb-debug
UtzbymbX+X0jkVckEXXDKFaAWCJj2rIXFCkSj8PmNh7eAI8cgPOLlLswjeuuq7cNBzoltNb/ZA4AgEeZQNha6Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
6da7418d81f130431f4a8cc6058bfa0d
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"437e772e5f2c111bd9abbf31922a742d"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Sat, 02 Aug 2025 04:03:46 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/
474 KB
148 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
c5e1629c5fdb7d18753448f9095701331d3ece89f2e44513c517efaefd24610b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 04:49:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
1352
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
151374
x-xss-protection
0
server
cafe
etag
16932859754834633169
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 02 Aug 2025 04:49:35 GMT
styles.generated-EQE5VKIA.css
www.darkreading.com/build/_assets/
8 KB
0
Stylesheet
General
Full URL
https://www.darkreading.com/build/_assets/styles.generated-EQE5VKIA.css
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a7794489e038e117a4d6bafaf74444a1be64759c4866affef12db1f49ae5a0f

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 17 Jun 2024 14:36:48 GMT
server
cloudflare
age
3699884
etag
W/"1e34-19026a11000"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb9231ac9352e9-LAX
brand.generated-GJLBHFTG.css
www.darkreading.com/build/_assets/
476 KB
0
Stylesheet
General
Full URL
https://www.darkreading.com/build/_assets/brand.generated-GJLBHFTG.css
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b29f999f3b5c2fc8ad62b79bf870cb309773dc6abbbcd0d836ea45a43d94d1c0

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:23:11 GMT
server
cloudflare
age
670598
cf-polished
origSize=488536
etag
W/"77458-190e9339818"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8acb9231ac9552e9-LAX
css2
fonts.googleapis.com/
21 KB
0
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fb121c45f498cba0f88de6e2235d95cf3307bb9ed5376f6a793b8253a520592f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 02 Aug 2024 05:07:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 02 Aug 2024 05:12:06 GMT
Close-KKOYAUD6.svg
www.darkreading.com/build/_assets/
468 B
361 B
Image
General
Full URL
https://www.darkreading.com/build/_assets/Close-KKOYAUD6.svg
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c5241d16e330997faadd10a7bb3457aa44e48fd5e25ad469b2713f74550de4d
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:07 GMT
strict-transport-security
max-age=3153600000
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 17 Jun 2024 14:36:48 GMT
server
cloudflare
age
3699664
etag
W/"1d4-19026a11000"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92390cf352e9-LAX
/
marketingplatform.google.com/about/enterprise/
Redirect Chain
  • https://www3.doubleclick.net/
  • https://marketingplatform.google.com/about/enterprise/
0
0
Fetch
General
Full URL
https://marketingplatform.google.com/about/enterprise/
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Server
2607:f8b0:4004:c21::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Redirect headers

date
Fri, 02 Aug 2024 05:00:51 GMT
x-content-type-options
nosniff
server
sffe
age
677
content-type
text/html; charset=UTF-8
location
https://marketingplatform.google.com/about/enterprise/
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
251
x-xss-protection
0
expires
Fri, 02 Aug 2024 05:30:51 GMT
iris-recommend.js
static.iris.informa.com/widgets/v3/
1 MB
1 MB
Script
General
Full URL
https://static.iris.informa.com/widgets/v3/iris-recommend.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.125.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-49.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e56bb0d75fa46f23163c334f4ec6675e9a9ad2784ea5ead53d7ceb05eb4b366b

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:09 GMT
x-amz-version-id
BLu_4EL7s2BnJnIDD_tjWsvN9a4lpwKO
via
1.1 0d9fa547d973207140747f5567b6a0fa.cloudfront.net (CloudFront)
last-modified
Mon, 15 Jul 2024 12:06:25 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P3
etag
"5553b13bebc131b16ba395c1ea5fe299"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
1518697
x-amz-cf-id
Siv9ia5CHYSa4gRYmcQ5BAmLT1GdKe7ER_MqFH4b4ZRcRXuzpuKeIQ==
informaLogoWhite-RZAE7EJI.png
www.darkreading.com/build/_assets/
2 KB
0
Image
General
Full URL
https://www.darkreading.com/build/_assets/informaLogoWhite-RZAE7EJI.png
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8b5050c00e65112ae30afa040177c7af59fafecf502c995f29073cc00d06666

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Wed, 26 Jun 2024 13:05:54 GMT
server
cloudflare
age
2714308
cf-polished
origSize=4020
etag
W/"fb4-19054a71350"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
8acb9231aca252e9-LAX
content-length
2114
Blackpast_ciaobucharestAlamy.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt162f580252069912/66aaa74df04649296ad6c603/
304 KB
0
Image
General
Full URL
https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt162f580252069912/66aaa74df04649296ad6c603/Blackpast_ciaobucharestAlamy.jpg?width=1280&auto=webp&quality=95&format=jpg&disable=upscale
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
contentstack /
Resource Hash
52d1499d47eabb2cf6c32a97836616e8a88cdeb15a9b4f50f40161f7399b4c09

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:06 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
vpop-etou8240197
x-cache
HIT, HIT
fastly-io-info
ifsz=3294853 idim=1920x1080 ifmt=png ofsz=311322 odim=1280x720 ofmt=webp
filename1
custom
content-disposition
inline; filename=Blackpast_ciaobucharestAlamy.webp
fastly-stats
io=1
content-length
311322
x-request-id
8dcb7452e8269126f0821a1254a2c334
x-served-by
cache-ams2100097-AMS, cache-lax-kwhp1940129-LAX
x-runtime
52ms
server
contentstack
x-timer
S1722575527.835148,VS0,VE2
x-contentstack-organization
blt5948195ac13977b0
etag
"xEYIRztc4By4k78L1mRMyps5D3OxBZJu6UofPZz35DQ"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
content-disposition, content-type, cache-control, status, content-length
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
23, 0
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/
47 KB
0
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 13:20:25 GMT
x-content-type-options
nosniff
age
229902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48444
x-xss-protection
0
last-modified
Mon, 29 Jul 2024 22:51:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Jul 2025 13:20:25 GMT
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa0ZL7SUc.woff2
fonts.gstatic.com/s/inter/v18/
18 KB
0
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa0ZL7SUc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62cc01daef72c3ea76a258445368d2f4ab8d05a91f91c53fd12f7c42e3325942
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 21:03:09 GMT
x-content-type-options
nosniff
age
202138
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18740
x-xss-protection
0
last-modified
Mon, 29 Jul 2024 22:47:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Jul 2025 21:03:09 GMT
Logo_-_Dark_Reading.svg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte9ead971f13c662e/65437029846d7c040a6e588d/
3 KB
0
Image
General
Full URL
https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte9ead971f13c662e/65437029846d7c040a6e588d/Logo_-_Dark_Reading.svg?width=476&auto=webp&quality=80&disable=upscale
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
contentstack /
Resource Hash
c3c2e2538dd857e04bb340d6230c8eeedca607d219bceba19897333cbd74b4f3

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:07 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-error
not a supported image format
content-encoding
gzip
fastly-io-served-by
vpop-etou8240194
x-cache
HIT, HIT
filename1
custom
content-disposition
inline; filename=Logo_-_Dark_Reading.svg+xml
fastly-stats
io=1
content-length
1435
x-request-id
e4b4a79401a1e1542eb46b248b18ae91
x-served-by
cache-ams2100138-AMS, cache-lax-kwhp1940129-LAX
x-runtime
76ms
server
contentstack
x-timer
S1722575527.213947,VS0,VE60
x-contentstack-organization
blt5948195ac13977b0
vary
Accept
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
content-disposition, content-type, cache-control, status, content-length
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
6595, 0
ElizabethMontalbano.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt3a8c7badad2ca168/64f15cd2b4c236805e4fddad/
2 KB
0
Image
General
Full URL
https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt3a8c7badad2ca168/64f15cd2b4c236805e4fddad/ElizabethMontalbano.jpg?width=100&auto=webp&quality=80&disable=upscale
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
contentstack /
Resource Hash
77f6b55cfd1440472c8a84c8f8814291f8ae57e64f9af315a37215cf0877ce87

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:07 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
vpop-etou8240192
x-cache
HIT, HIT
fastly-io-info
ifsz=98905 idim=310x310 ifmt=jpeg ofsz=2016 odim=100x100 ofmt=webp
filename1
custom
content-disposition
inline; filename=ElizabethMontalbano.webp
fastly-stats
io=1
content-length
2016
x-request-id
6e412442e2f0fef37155d0dc41a75762
x-served-by
cache-ams2100143-AMS, cache-lax-kwhp1940129-LAX
x-runtime
115ms
server
contentstack
x-timer
S1722575527.214338,VS0,VE2
x-contentstack-organization
blt5948195ac13977b0
etag
"1QIQy4d5ocPPzyUc+8Uv6RsNo3DPfZTjSU5N9uUrtDE"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
content-disposition, content-type, cache-control, status, content-length
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
1133, 0
VMware-Schoening-Alamy.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt32b9968819e79d5d/66a93453f24439161f73bfaf/
19 KB
0
Image
General
Full URL
https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt32b9968819e79d5d/66a93453f24439161f73bfaf/VMware-Schoening-Alamy.jpg?width=700&auto=webp&quality=80&disable=upscale
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
contentstack /
Resource Hash
d4a889f3bc07deec3fa428c486e999ad08fabc87afd430821e770a579b1696ef

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:07 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
vpop-etou8240192
x-cache
HIT, HIT
fastly-io-info
ifsz=3687936 idim=8256x4644 ifmt=jpeg ofsz=19956 odim=700x394 ofmt=webp
filename1
custom
content-disposition
inline; filename=VMware-Schoening-Alamy.webp
fastly-stats
io=1
content-length
19956
x-request-id
88d33576a0d39e02f18807c5d9f098eb
x-served-by
cache-ams21045-AMS, cache-lax-kwhp1940129-LAX
x-runtime
37ms
server
contentstack
x-timer
S1722575527.214545,VS0,VE2
x-contentstack-organization
blt5948195ac13977b0
etag
"3pWuDGg3wDxWNH3g30drqjCNeuyUO3N0pnPP+22hIC8"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
content-disposition, content-type, cache-control, status, content-length
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
13, 0
thief-Brian_Jackson-Alamy.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt43c820f749b62939/66a8efffeb73913797469d0b/
10 KB
0
Image
General
Full URL
https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt43c820f749b62939/66a8efffeb73913797469d0b/thief-Brian_Jackson-Alamy.jpg?width=700&auto=webp&quality=80&disable=upscale
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
contentstack /
Resource Hash
5c2a923cf0e8f52116427cf22bfe97330ed735daaafff6322da0993fb4ad3c45

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:07 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
vpop-etou8240199
x-cache
HIT, HIT
fastly-io-info
ifsz=1073876 idim=5200x2925 ifmt=jpeg ofsz=9990 odim=700x394 ofmt=webp
filename1
custom
content-disposition
inline; filename=thief-Brian_Jackson-Alamy.webp
fastly-stats
io=1
content-length
9990
x-request-id
58834f05e60ca2e56b952d3d038ee848
x-served-by
cache-ams21076-AMS, cache-lax-kwhp1940129-LAX
x-runtime
59ms
server
contentstack
x-timer
S1722575527.214528,VS0,VE2
x-contentstack-organization
blt5948195ac13977b0
etag
"DeSaHKjJIqLw7IQwhh/XnUTUmOuYp5qN8Nzw9bMIZqg"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
content-disposition, content-type, cache-control, status, content-length
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
38, 0
servicenow_rafapress_shutterstock.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltd68d51e357e3e24b/66a7eb2182d5134061f107b2/
21 KB
0
Image
General
Full URL
https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltd68d51e357e3e24b/66a7eb2182d5134061f107b2/servicenow_rafapress_shutterstock.jpg?width=700&auto=webp&quality=80&disable=upscale
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
contentstack /
Resource Hash
d2c2b1c6a0e4bf823ce5296f1518eb18866e74ef09af717922108ec47c13d746

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:07 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
img01-europe-west3
x-cache
HIT, HIT
fastly-io-info
ifsz=332528 idim=1920x1080 ifmt=jpeg ofsz=21978 odim=700x394 ofmt=webp
filename1
custom
content-disposition
inline; filename=servicenow_rafapress_shutterstock.webp
fastly-stats
io=1
content-length
21978
x-request-id
b4d30e14c29c97b8123339ce3e661af4
x-served-by
cache-ams21024-AMS, cache-lax-kwhp1940129-LAX
x-runtime
51ms
server
contentstack
x-timer
S1722575527.214510,VS0,VE13
x-contentstack-organization
blt5948195ac13977b0
etag
"1rQcRxX7QGMRrnxTTevPJbM/kJbQVsDCPnKmqO01nic"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
content-disposition, content-type, cache-control, status, content-length
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
191, 0
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202404.1.0/
448 KB
109 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202404.1.0/otBannerSdk.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05c58c759cab8d50d5e7f9d3b2faedcc0dd45fa3fb50899a224363a1dea93605
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 02 Aug 2024 05:12:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
OwLk2N0IZ0eq8ykUTltEhw==
age
25889
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
111077
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 21:54:14 GMT
server
cloudflare
etag
0x8DCA5E1D524AD71
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4785b082-901e-0046-71cb-d74d1c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8acb9239a9995269-LAX
3834
fundingchoicesmessages.google.com/i/
201 KB
67 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/3834?ers=3
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cfdbdbc93450edb7ba059602f12bb8bb86d4bf8cc2752e51f2391f81f467b766
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yV-RAUxeWDAVfW6l38t2MA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:08 GMT
content-security-policy
script-src 'report-sample' 'nonce-yV-RAUxeWDAVfW6l38t2MA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw1pBiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiD8_Psf6G4iT_p1nLQFid62LrP5AvCTiIuuRxIusBx9fZD0JxIYKl1idgXh6_SXW-UAsxMOx4urGrWwCHefuX2NU0kjKL4xPzs8rKcpMKi3JL0pLTkstTi0qSy2KNzIwMjEwNzbUMzCJLzAAANGFQxg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
en.json
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/018e79f4-6dd9-7d17-a403-dabf1d831b28/
85 KB
22 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/018e79f4-6dd9-7d17-a403-dabf1d831b28/en.json
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11c333b7dfa958bc65b659d11d673c2cd498ede56ad02283eb6d6855067e999b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 02 Aug 2024 05:12:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
43011
content-md5
wpn7fTMQGEG3xTIxsTKhhQ==
content-length
21825
x-ms-lease-status
unlocked
last-modified
Wed, 15 May 2024 14:54:11 GMT
server
cloudflare
etag
0x8DC74EEE1423F49
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
e6d9d664-a01e-000d-71d7-a6ae65000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8acb923afe671020-LAX
expires
Sat, 03 Aug 2024 05:12:08 GMT
otFloatingRoundedIcon.json
cdn.cookielaw.org/scripttemplates/202404.1.0/assets/
16 KB
4 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202404.1.0/assets/otFloatingRoundedIcon.json
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31556181b378d1e27d769a0c4bd113d5957786a8381b08a214b4d949fef5face
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 02 Aug 2024 05:12:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
WZ+o9E7yd9fHl8KJxq40hg==
age
10132
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3828
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 21:54:08 GMT
server
cloudflare
etag
0x8DCA5E1D177D547
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
152b3b9d-601e-00db-5c39-d8375c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8acb923baf8c1020-LAX
otPcPanel.json
cdn.cookielaw.org/scripttemplates/202404.1.0/assets/v2/
64 KB
13 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202404.1.0/assets/v2/otPcPanel.json
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14a1fa4b518b9bcff7664518a2f8cd4d91205d82d58c87a9bf5553da729e3ea2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 02 Aug 2024 05:12:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
9fUyEwIYwWMBHnNwB9fqDA==
age
10132
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12886
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 21:54:09 GMT
server
cloudflare
etag
0x8DCA5E1D24E5859
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
c1697ae3-201e-0093-125b-d805c1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8acb923baf901020-LAX
otCookieSettingsButton.json
cdn.cookielaw.org/scripttemplates/202404.1.0/assets/
5 KB
2 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202404.1.0/assets/otCookieSettingsButton.json
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fb7c176325267082e94a7131fed5e157516e6805cee3ac6f6a93340a947d640
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 02 Aug 2024 05:12:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
OcfgokklGfIji4FmboZWQQ==
age
43011
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1738
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 21:54:08 GMT
server
cloudflare
etag
0x8DCA5E1D1F3583D
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
e1f8914a-701e-0003-7064-d8908d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8acb923baf911020-LAX
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202404.1.0/assets/
24 KB
4 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202404.1.0/assets/otCommonStyles.css
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06c0edbfc1b871fb45195265f5faad3e23191305f6ff2125557a9fbc287c8992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 02 Aug 2024 05:12:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
4ErYmXXFNbMLrnc9DrDTsg==
age
10132
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 21:54:20 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
2bb59586-a01e-0023-0ae7-d7fc41000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8acb923bbf991020-LAX
ot_close.svg
cdn.cookielaw.org/logos/static/
651 B
623 B
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_close.svg
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 02 Aug 2024 05:12:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
pcXWFGpuVeSg/jVnYCseRg==
age
46834
x-ms-lease-status
unlocked
last-modified
Wed, 31 Jul 2024 06:32:33 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
33bccd68-101e-0018-3a4e-e3be1f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8acb923c4cc85269-LAX
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/
497 B
509 B
Fetch
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 02 Aug 2024 05:12:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
48826
x-ms-lease-status
unlocked
last-modified
Wed, 31 Jul 2024 06:32:33 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
21d62a66-501e-0097-1d20-e3f043000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8acb923c592f1020-LAX
Informa_Logo_1Line_Indigo_Grad_RGB_(1)_(1).jpg
cdn.cookielaw.org/logos/c1f53e84-9f05-4169-a854-85052b63c50b/724200a4-c7bf-4cfc-b5e4-6fd233e9a65a/7b6ffe88-5d17-4e54-888e-06853c2bdf86/
896 B
1 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/c1f53e84-9f05-4169-a854-85052b63c50b/724200a4-c7bf-4cfc-b5e4-6fd233e9a65a/7b6ffe88-5d17-4e54-888e-06853c2bdf86/Informa_Logo_1Line_Indigo_Grad_RGB_(1)_(1).jpg
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3969804522a0b32cd9dbe609047076c5a239cf16e0c0ebe4b8c71c812c53b9f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 02 Aug 2024 05:12:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Hi//myLOtJxrHC7ESjrzhQ==
age
26521
content-length
896
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Wed, 06 Dec 2023 23:26:51 GMT
server
cloudflare
etag
0x8DBF6B2D3A8CB7E
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
8840d73a-801e-0021-28f2-281df8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8acb923c6cf95269-LAX
powered_by_logo.svg
cdn.cookielaw.org/logos/static/
5 KB
2 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 02 Aug 2024 05:12:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
10463
x-ms-lease-status
unlocked
last-modified
Wed, 31 Jul 2024 06:32:34 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
b6e98926-901e-004d-047c-e35568000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8acb923c6cfd5269-LAX
AGSKWxWppYgNOrnemYZMShk4TzXNCWwp7DW0CotjtiG6BDhxWEtW07hng0uWqRSEMwZjbDnpUa-QGCFIVNPR6sLJ3rrP2S9zcmXQ3R84AiM1D-EqCDXPSvSUjML8Nv4DLvd09vifYHn7dQ==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWppYgNOrnemYZMShk4TzXNCWwp7DW0CotjtiG6BDhxWEtW07hng0uWqRSEMwZjbDnpUa-QGCFIVNPR6sLJ3rrP2S9zcmXQ3R84AiM1D-EqCDXPSvSUjML8Nv4DLvd09vifYHn7dQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIyNTc1NTI4LDc4ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuZGFya3JlYWRpbmcuY29tL3RocmVhdC1pbnRlbGxpZ2VuY2UvYmxhY2stYmFzdGEtZGV2ZWxvcHMtY3VzdG9tLW1hbHdhcmUtaW4td2FrZS1vZi1xYWtib3QtdGFrZWRvd24iLG51bGwsW1s4LCI5QUxPZWVJX3BtZyJdLFs5LCJlbi1VUyJdLFsyMiwidHJ1ZSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7cfce308a664516bd8e3466e840724c5a082849aad7bffd228a72f3cbb70a8ab
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-I9B1pX6c31hbGY9Cdxz2ZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:08 GMT
content-security-policy
script-src 'report-sample' 'nonce-I9B1pX6c31hbGY9Cdxz2ZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmII0JBiOHHrNtMFID7vdIfpOhBLfH3JpAXETukzWEOA2Kd-BmscELfePMc6HYg_Pz7H-huIk_6dZy0BYneti6z-QLwk4iLrkcSLrAcfX2Q9CcSGCpdYnYF4ev0l1vlALMTDseLqxq1sAhe271_MrKSRlF8Yn5yfV1KUmVRakl-UlpyWWpxaVJZaFG9kYGRiYG5sqGdgEl9gAAD4_kgT"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 6EC7
0
0
Document
General
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
135
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
28869
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Aug 2024 05:09:54 GMT
expires
Fri, 02 Aug 2024 05:59:54 GMT
last-modified
Mon, 29 Jul 2024 19:44:55 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
981 B
542 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=143065297215549&correlator=788077020772024&eid=44809527%2C31085717%2C31079525%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407290201&ptt=17&impl=fif&gdpr=0&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&eri=32&sc=1&cookie_enabled=1&abxe=1&dt=1722575528877&lmt=1722575526&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&vis=1&psz=1600x6644&msz=1600x0&fws=0&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1722575526594&idt=1468&prev_scp=pos%3Dbigsky_v%26ptype%3Darticle%26nid%3Dblt4e6eeaebfb498b22%26aid%3D463726%26reg%3Danonymous&cust_params=welcad%3Doff%26gdpr_banner%3Don&adks=2064109412&frm=20&eoidce=1
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
9c1a45366625aa9d9b466b12ab861ed0fa480db97248e08835d4eb1cad42a883
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
512
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.darkreading.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
14 KB
6 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=143065297215549&correlator=788077020772024&eid=44809527%2C31085717%2C31079525%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407290201&ptt=17&impl=fif&gdpr=0&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&eri=32&sc=1&cookie_enabled=1&abxe=1&dt=1722575528887&lmt=1722575526&adxs=800&adys=299&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&vis=1&psz=1036x5977&msz=1036x0&fws=4&ohw=1600&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1722575526594&idt=1468&prev_scp=pos%3Dwallpaper_v%26ptype%3Darticle%26nid%3Dblt4e6eeaebfb498b22%26aid%3D463726%26reg%3Danonymous&cust_params=welcad%3Doff%26gdpr_banner%3Don%26pterm%3Dthreat-intelligence%26sterm%3Dvulnerabilities-threats%252C%2520cyberattacks-data-breaches%26contentFormat%3Dnews%26contributor%3Delizabeth-montalbano-contributing-writer%26isSponsored%3Dfalse%26gatedWithExternalForm%3Dfalse%26gatedWithSiteReg%3Dfalse%26paidGating%3Dfalse&adks=3568718387&frm=20&eoidce=1
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
73d5e1cfda769355e9acdf4240b02be47599fc541f1eb24c2984e7a9683a4a13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6026
x-xss-protection
0
google-lineitem-id
6715770153
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138477219601
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.darkreading.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
787 B
372 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=143065297215549&correlator=788077020772024&eid=44809527%2C31085717%2C31079525%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407290201&ptt=17&impl=fif&gdpr=0&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=3&sfv=1-0-40&ists=1&eri=32&sc=1&cookie_enabled=1&abxe=1&dt=1722575528891&lmt=1722575526&adxs=800&adys=300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&vis=1&psz=1036x5977&msz=1036x1&fws=4&ohw=1600&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1722575526594&idt=1468&prev_scp=pos%3Doop_v%26ptype%3Darticle%26nid%3Dblt4e6eeaebfb498b22%26aid%3D463726%26reg%3Danonymous&cust_params=welcad%3Doff%26gdpr_banner%3Don%26pterm%3Dthreat-intelligence%26sterm%3Dvulnerabilities-threats%252C%2520cyberattacks-data-breaches%26contentFormat%3Dnews%26contributor%3Delizabeth-montalbano-contributing-writer%26isSponsored%3Dfalse%26gatedWithExternalForm%3Dfalse%26gatedWithSiteReg%3Dfalse%26paidGating%3Dfalse&adks=4281914279&frm=20&eoidce=1
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
066ccd2ff2244eab628da774d59d3a3e4abeabdf870ecb7458bb7a9074222256
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
342
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.darkreading.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
787 B
368 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=143065297215549&correlator=788077020772024&eid=44809527%2C31085717%2C31079525%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407290201&ptt=17&impl=fif&gdpr=0&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=4&sfv=1-0-40&eri=32&sc=1&cookie_enabled=1&abxe=1&dt=1722575528894&lmt=1722575526&adxs=800&adys=301&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&vis=1&psz=1036x5977&msz=1036x1&fws=4&ohw=1600&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1722575526594&idt=1468&prev_scp=pos%3Dfloor_v%26ptype%3Darticle%26nid%3Dblt4e6eeaebfb498b22%26aid%3D463726%26reg%3Danonymous&cust_params=welcad%3Doff%26gdpr_banner%3Don%26pterm%3Dthreat-intelligence%26sterm%3Dvulnerabilities-threats%252C%2520cyberattacks-data-breaches%26contentFormat%3Dnews%26contributor%3Delizabeth-montalbano-contributing-writer%26isSponsored%3Dfalse%26gatedWithExternalForm%3Dfalse%26gatedWithSiteReg%3Dfalse%26paidGating%3Dfalse&adks=1131225635&frm=20&eoidce=1
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
9974c5c4ec25816fd5a6f6db0ca1fe87686696e3d6914bb90bf39e16ad5fbf12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
338
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.darkreading.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
794 B
378 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=143065297215549&correlator=788077020772024&eid=44809527%2C31085717%2C31079525%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407290201&ptt=17&impl=fif&gdpr=0&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=5&sfv=1-0-40&eri=32&sc=1&cookie_enabled=1&abxe=1&dt=1722575528896&lmt=1722575526&adxs=800&adys=6226&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&vis=1&psz=1036x5977&msz=1036x1&fws=4&ohw=1600&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1722575526594&idt=1468&prev_scp=pos%3Dadhesion_v%26ptype%3Darticle%26nid%3Dblt4e6eeaebfb498b22%26aid%3D463726%26reg%3Danonymous&cust_params=welcad%3Doff%26gdpr_banner%3Don%26pterm%3Dthreat-intelligence%26sterm%3Dvulnerabilities-threats%252C%2520cyberattacks-data-breaches%26contentFormat%3Dnews%26contributor%3Delizabeth-montalbano-contributing-writer%26isSponsored%3Dfalse%26gatedWithExternalForm%3Dfalse%26gatedWithSiteReg%3Dfalse%26paidGating%3Dfalse&adks=3728273033&frm=20&eoidce=1
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
4c9ffc0b1851547ba66b0ed2250b3ebf6588c42290202b5934c6231ee9a84b4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
348
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.darkreading.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
47 KB
18 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=143065297215549&correlator=788077020772024&eid=44809527%2C31085717%2C31079525%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407290201&ptt=17&impl=fif&gdpr=0&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=6&sfv=1-0-40&eri=32&sc=1&cookie_enabled=1&abxe=1&dt=1722575528898&lmt=1722575526&adxs=436&adys=274&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&vis=1&psz=1036x5977&msz=1036x50&fws=4&ohw=1600&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1722575526594&idt=1468&prev_scp=pos%3D728_1v%26ptype%3Darticle%26nid%3Dblt4e6eeaebfb498b22%26aid%3D463726%26reg%3Danonymous&cust_params=welcad%3Doff%26gdpr_banner%3Don%26pterm%3Dthreat-intelligence%26sterm%3Dvulnerabilities-threats%252C%2520cyberattacks-data-breaches%26contentFormat%3Dnews%26contributor%3Delizabeth-montalbano-contributing-writer%26isSponsored%3Dfalse%26gatedWithExternalForm%3Dfalse%26gatedWithSiteReg%3Dfalse%26paidGating%3Dfalse&adks=206257688&frm=20&eoidce=1
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
64eff7b36426259382aef0654917c7ebed2cc866a87c5d975c9b45acd7ed7075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18173
x-xss-protection
0
google-lineitem-id
6405684951
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138482815237
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.darkreading.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
31 KB
13 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=143065297215549&correlator=788077020772024&eid=44809527%2C31085717%2C31079525%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407290201&ptt=17&impl=fif&gdpr=0&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=5x5&ifi=7&sfv=1-0-40&eri=32&sc=1&cookie_enabled=1&abxe=1&dt=1722575528900&lmt=1722575526&adxs=1154&adys=588&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&vis=1&psz=324x37&msz=324x5&fws=4&ohw=1600&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1722575526594&idt=1468&prev_scp=pos%3Dresource_v%26ptype%3Darticle%26nid%3Dblt4e6eeaebfb498b22%26aid%3D463726%26reg%3Danonymous&cust_params=welcad%3Doff%26gdpr_banner%3Don%26pterm%3Dthreat-intelligence%26sterm%3Dvulnerabilities-threats%252C%2520cyberattacks-data-breaches%26contentFormat%3Dnews%26contributor%3Delizabeth-montalbano-contributing-writer%26isSponsored%3Dfalse%26gatedWithExternalForm%3Dfalse%26gatedWithSiteReg%3Dfalse%26paidGating%3Dfalse&adks=630980475&frm=20&eoidce=1
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
0773e22420c5ba45dbfe78f2e7fa2139b7a8931e5868a3c87a7aca4c610a3f18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13731
x-xss-protection
0
google-lineitem-id
6715770153
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138476655617
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.darkreading.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
47 KB
18 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=143065297215549&correlator=788077020772024&eid=44809527%2C31085717%2C31079525%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407290201&ptt=17&impl=fif&gdpr=0&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x100%7C300x250%7C300x600&ifi=8&sfv=1-0-40&eri=32&sc=1&cookie_enabled=1&abxe=1&dt=1722575528903&lmt=1722575526&adxs=1006&adys=672&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&vis=1&psz=324x5494&msz=324x100&fws=4&ohw=1600&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1722575526594&idt=1468&prev_scp=pos%3D300_1v%26ptype%3Darticle%26nid%3Dblt4e6eeaebfb498b22%26aid%3D463726%26reg%3Danonymous&cust_params=welcad%3Doff%26gdpr_banner%3Don%26pterm%3Dthreat-intelligence%26sterm%3Dvulnerabilities-threats%252C%2520cyberattacks-data-breaches%26contentFormat%3Dnews%26contributor%3Delizabeth-montalbano-contributing-writer%26isSponsored%3Dfalse%26gatedWithExternalForm%3Dfalse%26gatedWithSiteReg%3Dfalse%26paidGating%3Dfalse&adks=2192439130&frm=20&eoidce=1
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
f9f9215c1c79e4ebc34bd4cf1006455b1b1a22c28c18a5b688b8c2718ddf4a13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18164
x-xss-protection
0
google-lineitem-id
6715770153
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138476655131
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.darkreading.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
790 B
376 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=143065297215549&correlator=788077020772024&eid=44809527%2C31085717%2C31079525%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407290201&ptt=17&impl=fif&gdpr=0&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50&fluid=height&ifi=9&sfv=1-0-40&eri=32&sc=1&cookie_enabled=1&abxe=1&dt=1722575528905&lmt=1722575526&adxs=1156&adys=1144&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&vis=1&psz=324x1044&msz=324x0&fws=4&ohw=1600&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1722575526594&idt=1468&prev_scp=pos%3Dnative_vertical_1v%26ptype%3Darticle%26nid%3Dblt4e6eeaebfb498b22%26aid%3D463726%26reg%3Danonymous&cust_params=welcad%3Doff%26gdpr_banner%3Don%26pterm%3Dthreat-intelligence%26sterm%3Dvulnerabilities-threats%252C%2520cyberattacks-data-breaches%26contentFormat%3Dnews%26contributor%3Delizabeth-montalbano-contributing-writer%26isSponsored%3Dfalse%26gatedWithExternalForm%3Dfalse%26gatedWithSiteReg%3Dfalse%26paidGating%3Dfalse&adks=921769895&frm=20&eoidce=1
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
82ab13511cbb33162dadafe8f89d141efbe1abff9a90ab747ea98145bd3137f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
346
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.darkreading.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2332d90f7fe5d7eb5e5211c1387dd142.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3866
0
0
Document
General
Full URL
https://2332d90f7fe5d7eb5e5211c1387dd142.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Aug 2024 05:12:09 GMT
expires
Fri, 02 Aug 2024 05:12:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxUR82H44blOSVp1yydeRXtscgx_zJCVRhVAhlMvzml8VDM3tN9XCaoSz_GrqBSJk_V-jRpAsx4XS9ZHk1mxZn0EMPW0mPqBPA64t0immj7DoynockC-R_F7JKf2y9KbjpBLVV3IRA==
fundingchoicesmessages.google.com/f/
10 KB
5 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUR82H44blOSVp1yydeRXtscgx_zJCVRhVAhlMvzml8VDM3tN9XCaoSz_GrqBSJk_V-jRpAsx4XS9ZHk1mxZn0EMPW0mPqBPA64t0immj7DoynockC-R_F7JKf2y9KbjpBLVV3IRA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIyNTc1NTI4LDk1MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vd3d3LmRhcmtyZWFkaW5nLmNvbS90aHJlYXQtaW50ZWxsaWdlbmNlL2JsYWNrLWJhc3RhLWRldmVsb3BzLWN1c3RvbS1tYWx3YXJlLWluLXdha2Utb2YtcWFrYm90LXRha2Vkb3duIixudWxsLFtbOCwiOUFMT2VlSV9wbWciXSxbOSwiZW4tVVMiXSxbMjIsInRydWUiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c911eea363a61cb8b41a19e027db5e575b827e524bc8646175ef2bfa782cd88
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-k9kqA9ZYEATC4xhbzuUDuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:09 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-k9kqA9ZYEATC4xhbzuUDuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw1ZBiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiD8_Psf6G4iT_p1nLQFid62LrP5AvCTiIuuRxIusBx9fZD0JxIYKl1idgXh6_SXW-UAsxM2x8urGrWwCF7Y-F1TSSMovjE_OzyspykwqLckvSktOSy1OLSpLLYo3MjAyMTA3NtQzMIkvMAAAi3dCkw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7312
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYDWrWxKm9zMadpO1dS4Kn_1ILL3vNFu1ZUWFJMeCvdTOZL4cTAXZ18ebsD9guO6JToYjh974AWVWCjR98QJusUgzRsDjVnn56h1HBFMAR4kiN0wU1HDcKBCHt8XaHrxEneDnQMu6bej-jWi3yzSNAuDtjOnDNcy0UaA_hr00E_j2At9eUJff13qI4qzhPAnA5aw8MwrbP9Vcc9sK0J_R6aJuhKBGo2npk2rhkRxe4XRR-PGxR_comPlF2EaihWu4UWpen8tLTcp0gQ9GkUWQdQfIlvGITOHTQQBkglgP0qMmp1dhPyi_fPeL30QayLfLXh3TLbl1MycwTZkNbfIgC3MIhxQ82VRfREMddkMs7XOXoLRVy6XgJofLhLEMfTkECN2g&sai=AMfl-YQ4KTpejSHowgabzO1KitI4Ok986MrnUUfv9HDWOHrKCcTJ6-SHuvVcf9ppiJQZMFUp4KncLhgH169B4HLnmrD2oabT2yuxSLg17XjjIfibzDO2sW91juqNnO35f232FIDQkle8ajua5-luXTVfLUY&sig=Cg0ArKJSzFX79aTPKtwcEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 02 Aug 2024 05:12:09 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7312
203 KB
63 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f156.1e100.net
Software
cafe /
Resource Hash
84b2a8c2c5bde5b690dc44c9d525edc8113d18cd7bf516ad8fa93c782c02a443
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 04:31:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
2463
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64460
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 02 Aug 2024 05:31:06 GMT
moatad.js
z.moatads.com/informagamdisplay218733383007/ Frame 7312
334 KB
114 KB
Script
General
Full URL
https://z.moatads.com/informagamdisplay218733383007/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.242.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-242-22.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0d34727332063f774893813c408c607378e8bc4fdb149c4240506d68a60e1016
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 02 Aug 2024 05:12:09 GMT
content-md5
QJHNrDBfcXv3UQNbo+QeWQ==
storage-tier
Standard
content-length
116132
opc-meta-btime
2024-04-22T05:24:04Z
opc-meta-mtime
1713763444
last-modified
Mon, 22 Apr 2024 20:15:35 GMT
opc-request-id
iad-1:7hnUzCigsU_9sG7WWEaQQ7TnWHhcJI_HPNST_IW55HLwGh3L-Kb9mwCBcK3xa5_0
x-api-id
native
etag
4ce382b0-cbcf-4573-9d8b-73958aee2ed7
vary
Accept-Encoding
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type
application/x-javascript
version-id
4756ac60-173a-40ae-b103-6357ce170256
access-control-allow-origin
*
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control
max-age=29264
access-control-allow-credentials
true
accept-ranges
bytes
view
securepubads.g.doubleclick.net/pcs/ Frame 6C7C
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss03g-XblZNYNbVAKtyvRdNKsGpUDoBnueMWBmulf6gNgBpaTavZVpTtifLGIjCKWHuxVUJBxOeWt5I5QV-yZOl4NyqnD0Yo5lBlQxUN4V0IdFGUTv7LquSJEC2jlVWEfXVhH9RyIjOlGsD9wqLfk1BWu5txlWtgUOCb2yFvpRY8IsOID6aCODEjf-YpIbC6eyHZ73s8VHHomIDPC__G9xkj5KVA0Y6Bbgwbc2dlOx0Uos-9xTfYoID1bqqjTHTYziYAF_QYckRIZzMI0QAoJ12PzDF4O0iCGKWhuPjnJnJjv0jLKEmZcttdyNBtcKQe1P6zKgmtBaz5JCBE-c_0tUgrL5s-QznkhjGu5SJEow9YSZwVphUp0TB9na5ErquhoEKGao&sai=AMfl-YSDc2T8IVID_NFXV401vLMZmtO_JgJFvn101iSC2hpOttyjdEFyohdtdzw7tVrWRaT2m5bhJbZQVTpLDXOxYqlnPG6-6qKHb4gWjuV6qvsK0g1CYDxsy3K_5Y_KX574F2qc7I4q64HFBnibzGpnuJM&sig=Cg0ArKJSzA6dHoD4n4ZTEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 02 Aug 2024 05:12:09 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240731/r20110914/client/ Frame 6C7C
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240731/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 13:27:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
56654
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1229
x-xss-protection
0
server
cafe
etag
16544991220582087243
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Aug 2024 13:27:55 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 6C7C
203 KB
0
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f156.1e100.net
Software
cafe /
Resource Hash
84b2a8c2c5bde5b690dc44c9d525edc8113d18cd7bf516ad8fa93c782c02a443
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 04:31:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
2463
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64460
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 02 Aug 2024 05:31:06 GMT
moatad.js
z.moatads.com/informagamdisplay218733383007/ Frame 6C7C
334 KB
0
Script
General
Full URL
https://z.moatads.com/informagamdisplay218733383007/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.242.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-242-22.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0d34727332063f774893813c408c607378e8bc4fdb149c4240506d68a60e1016
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
QJHNrDBfcXv3UQNbo+QeWQ==
storage-tier
Standard
content-length
116132
opc-meta-btime
2024-04-22T05:24:04Z
opc-meta-mtime
1713763444
last-modified
Mon, 22 Apr 2024 20:15:35 GMT
opc-request-id
iad-1:7hnUzCigsU_9sG7WWEaQQ7TnWHhcJI_HPNST_IW55HLwGh3L-Kb9mwCBcK3xa5_0
x-api-id
native
etag
4ce382b0-cbcf-4573-9d8b-73958aee2ed7
vary
Accept-Encoding
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type
application/x-javascript
version-id
4756ac60-173a-40ae-b103-6357ce170256
access-control-allow-origin
*
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control
max-age=29264
access-control-allow-credentials
true
accept-ranges
bytes
17377699095591836677
tpc.googlesyndication.com/simgad/ Frame 6C7C
42 KB
42 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/17377699095591836677
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ccb03c4a9d3a11e8d613744ad1e61c0639173a1cbeec054d03983aad0f0c322c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Thu, 01 Aug 2024 07:07:51 GMT
x-content-type-options
nosniff
age
79458
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42563
x-xss-protection
0
last-modified
Thu, 11 Jul 2024 08:26:49 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 01 Aug 2025 07:07:51 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 351F
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvIYPWb5v_kdtoQJ7QPISOZBOFZG3vanf11tJdnK8yHLeGpUy91t2uoW1Yo8qjonhjymN47S0RiGnaHcUs-Mg9mcK4kSf1ZGDZ_We3S282QCYpDzEm5yR5Pig2PoS3kXKieN5YMjom3_f6vcocH-NirazW7NHB-p__5rQic_SUh6BUflTr29SWorxl_-ANYoqt7k76DX1N8l_wGRHvS9Dx4K_9CF0I4xNETK6WGPoVAIKfOHjOcWeyVDo1007NadGkgEa4Cs23wC8NJt4n4H0uc2T41YZuake60oeOaCTvSpsixqJXr2OnglARZfxVr1HU3tfmIFgM_n9grEANUQiatdfEa2Fqi1dia68AIdFkgHGJhyuJleg5xUkZFv-d2uNUfuyo&sai=AMfl-YSaZAJlR8sZDjJSyCJCKDhuQ2AtsGSWJqAx1SabZQxLicuma58XT1GcWu69fh7JsiJW8SSE4i6IqAheymYQodz_1sFuVX8NtdWFzQzclmSKJsfotbgwETpDX9GhKHBAT1bPaUx0Ubw4UGlAJkc0H01l&sig=Cg0ArKJSzDSBElZ10bPrEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 02 Aug 2024 05:12:09 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240731/r20110914/client/ Frame 351F
3 KB
0
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240731/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 13:27:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
56654
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1229
x-xss-protection
0
server
cafe
etag
16544991220582087243
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Aug 2024 13:27:55 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 351F
203 KB
0
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f156.1e100.net
Software
cafe /
Resource Hash
84b2a8c2c5bde5b690dc44c9d525edc8113d18cd7bf516ad8fa93c782c02a443
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 04:31:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
2463
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64460
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 02 Aug 2024 05:31:06 GMT
moatad.js
z.moatads.com/informagamdisplay218733383007/ Frame 351F
334 KB
0
Script
General
Full URL
https://z.moatads.com/informagamdisplay218733383007/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.242.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-242-22.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0d34727332063f774893813c408c607378e8bc4fdb149c4240506d68a60e1016
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
QJHNrDBfcXv3UQNbo+QeWQ==
storage-tier
Standard
content-length
116132
opc-meta-btime
2024-04-22T05:24:04Z
opc-meta-mtime
1713763444
last-modified
Mon, 22 Apr 2024 20:15:35 GMT
opc-request-id
iad-1:7hnUzCigsU_9sG7WWEaQQ7TnWHhcJI_HPNST_IW55HLwGh3L-Kb9mwCBcK3xa5_0
x-api-id
native
etag
4ce382b0-cbcf-4573-9d8b-73958aee2ed7
vary
Accept-Encoding
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type
application/x-javascript
version-id
4756ac60-173a-40ae-b103-6357ce170256
access-control-allow-origin
*
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control
max-age=29264
access-control-allow-credentials
true
accept-ranges
bytes
7099032341991955530
tpc.googlesyndication.com/simgad/ Frame 351F
36 KB
36 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/7099032341991955530
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5b100bcfba574c656c862d0cd3d1f77495c22d074c334933ac98e0d41516d0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Thu, 01 Aug 2024 11:59:18 GMT
x-content-type-options
nosniff
age
61971
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37087
x-xss-protection
0
last-modified
Fri, 24 May 2024 18:06:50 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 01 Aug 2025 11:59:18 GMT
web.js
ads.celtra.com/20d08f4a/ Frame 7312
15 KB
5 KB
Script
General
Full URL
https://ads.celtra.com/20d08f4a/web.js?&accountId=44b74b35&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsudvnAdipXVJUm08YQ2R0DNPxd_ywvxErvKsoUPKoC3cYxwWi3xwtcLJa62AYv_NxePhReqBFJAvBkZJyGyTRcmG1EkpFsxtCa3na6blFV--nHmRjDgoOaJPYd3nKpoz-kEZ8yg1WPpwSwA8io60tnh01xNeVC0XNT4l11sIIHNOy-4LeqcpDNf6fg48GNsxi2BUNSQx_8dTYe0mEbdlN030_QrChiAE6sfisvjd2ylHyYDvmOFcK0AlaPgQV5vk6cWC5jkSgga5V7GfjQt5XQVkKCEadwxLSBQlHL1Q80zheBvVb7vHphaAhaZUPrdrm0B3vvqjUd23aWjgehYDJQF2FW8Bm76UNNdAHLucCcDlA3qCyZ-N5RfX0Gzy7pBDbyp76YgXQ%26sai%3DAMfl-YSqa-EmJ8jcALXTzrO5TCD7_EjHjl-qLV6cxtvT9SXLTasnR0t4b1xz3xLNnjS6B3Gt3FzH_6303S-7xntH9SdDV47Q-YD3PnCfuYMGw3axe5Fh5oTG1sz0vxChtZcWN8sJq2xNMfC3qE5Nw1olUM8%26sig%3DCg0ArKJSzA7nGadTfH51EAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&expandDirection=undefined&clickEvent=advertiser&iosAdvId=&androidAdvId=&externalAdServer=DFPPremium&tagVersion=html-standard-7&eas.JWVjaWQh=138476655617&externalCreativeId=138476655617&externalPlacementId=22339890152&externalSiteId=22316126855&externalSiteName=darkreading.com&externalLineItemId=6715770153&externalCampaignId=3543809234&externalAdvertiserId=4994984344&coppa=0&scriptId=celtra-script-1&clientTimestamp=1722575529.234&clientTimeZoneOffsetInMinutes=600&hostPageLoadId=4015766025292402
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.86.20.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-20-97.compute-1.amazonaws.com
Software
/
Resource Hash
9741f21cfd39b2c9dcef1d2386b3fba1441b1ad6d7b47812106390f668060bea

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Aug 2024 05:12:08 GMT
content-encoding
gzip
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
content-length
5178
Expires
0
truncated
/ Frame 6C7C
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a662556a94ff0aa7b3f4fd17b98c02e43b57209875284c14046aacf311ddc52

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 351F
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7fd1c521aea4b97009560954eb911b3793b2088f1ca65e70065de6470ee40b9

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A4DC
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52f134d923e0e980ce8c1fe28d45ff4411a8aba1baee5197a4ddd6111c09eb5e

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame A4DC
0
29 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQNSNSyJ2r7JtDI16EuKAO08T9xTRNE0Q_V2dUrJ_08Ao1bZApWc-B138G18zNH7HehhLkL5RH9unbDeEar0aPj4pTknNdKShnVRII6OqOoBva7rH2S87BC38ddkONfpfBysB37WfVb-O1QjEzEEL44xDz0y79LPF8ZI-8nA-pg6gFGA1LlbY_mAJm0vKcGHNJr2pIebHo1gyi0vQv37p6-V9-k83NwKlzKPD-rwDChO_3tdDuVH2Rmxc_PC60y9OLg1LD7bEEgWBDD2R-T0OSKL5y1bas4zkdsYIhC5dLZio0WWG_vRy1PYZCTEGdeOMdmbyDF1_vist5CQnvcQZiZc2oIkEMUiiHylxdRBO6JpbyK0SHv3koRWzQ-CHgMIrmC7kjXH4&sai=AMfl-YQ9RcSl7jHSLI8cIBR4zbPleagk1sDSkdttEWsNPcXwA2j4w4KU18qtTnX8Yd-sxGM__8INFU6YOHWGkodmlBQxYe032LrJwWmrqgHGP_Ppe0on0Pk6EC1astCDzAMEfB71wGZBvMKp473uFy-oaNAE&sig=Cg0ArKJSzOqAnDL2c68dEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 02 Aug 2024 05:12:09 GMT
12732187785327180184
tpc.googlesyndication.com/simgad/
78 KB
78 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/12732187785327180184?
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2244da3a5adfa1dbfa70335e963ac109abf6b9ffb4a201d54ef9f8da4fe25d6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Thu, 01 Aug 2024 14:30:50 GMT
x-content-type-options
nosniff
age
52879
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79526
x-xss-protection
0
last-modified
Fri, 24 May 2024 18:05:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 01 Aug 2025 14:30:50 GMT
web.js
cache-ssl.celtra.com/api/creatives/e169a14f/compiled/ Frame 7312
624 KB
135 KB
Script
General
Full URL
https://cache-ssl.celtra.com/api/creatives/e169a14f/compiled/web.js?v=36-1816ea23&secure=1&cachedVariantChoices=W10-&isPurposePreview=0&eventMetadataExperiment=newMeta&inmobi=0&adx-in-banner-video=1
Requested by
Host: ads.celtra.com
URL: https://ads.celtra.com/20d08f4a/web.js?&accountId=44b74b35&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsudvnAdipXVJUm08YQ2R0DNPxd_ywvxErvKsoUPKoC3cYxwWi3xwtcLJa62AYv_NxePhReqBFJAvBkZJyGyTRcmG1EkpFsxtCa3na6blFV--nHmRjDgoOaJPYd3nKpoz-kEZ8yg1WPpwSwA8io60tnh01xNeVC0XNT4l11sIIHNOy-4LeqcpDNf6fg48GNsxi2BUNSQx_8dTYe0mEbdlN030_QrChiAE6sfisvjd2ylHyYDvmOFcK0AlaPgQV5vk6cWC5jkSgga5V7GfjQt5XQVkKCEadwxLSBQlHL1Q80zheBvVb7vHphaAhaZUPrdrm0B3vvqjUd23aWjgehYDJQF2FW8Bm76UNNdAHLucCcDlA3qCyZ-N5RfX0Gzy7pBDbyp76YgXQ%26sai%3DAMfl-YSqa-EmJ8jcALXTzrO5TCD7_EjHjl-qLV6cxtvT9SXLTasnR0t4b1xz3xLNnjS6B3Gt3FzH_6303S-7xntH9SdDV47Q-YD3PnCfuYMGw3axe5Fh5oTG1sz0vxChtZcWN8sJq2xNMfC3qE5Nw1olUM8%26sig%3DCg0ArKJSzA7nGadTfH51EAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&expandDirection=undefined&clickEvent=advertiser&iosAdvId=&androidAdvId=&externalAdServer=DFPPremium&tagVersion=html-standard-7&eas.JWVjaWQh=138476655617&externalCreativeId=138476655617&externalPlacementId=22339890152&externalSiteId=22316126855&externalSiteName=darkreading.com&externalLineItemId=6715770153&externalCampaignId=3543809234&externalAdvertiserId=4994984344&coppa=0&scriptId=celtra-script-1&clientTimestamp=1722575529.234&clientTimeZoneOffsetInMinutes=600&hostPageLoadId=4015766025292402
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.64.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-64-36.iad12.r.cloudfront.net
Software
Apache /
Resource Hash
97f429f49f999c69b49615a47784cb87f8fc30bafc5fbb37ab12bccb549fec8e

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 07:24:18 GMT
content-encoding
gzip
via
1.1 f588325f7617672d954c4267c8bee1ea.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P1
age
164871
x-cache
Hit from cloudfront
content-length
137505
server
Apache
etag
"952d5fa8b8843f371b54c08a46f22fa8bbd42d43569c93644a387b18878d51ef"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control
max-age=31556926
access-control-allow-credentials
false
accept-ranges
bytes
x-amz-cf-id
5NTnSibzny45BRLHQXBHb2NajkFBEeC7lJWNGSxnrdnNNSGEhIY6WA==
truncated
/ Frame 7312
167 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
564c2eac-11e7-47a6-b504-2a8db066b443
https://www.darkreading.com/ Frame 7312
167 B
0
Image
General
Full URL
blob:https://www.darkreading.com/564c2eac-11e7-47a6-b504-2a8db066b443
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
167
Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 6C7C
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvAonNJkOeT6wrqtgUFfpYI8wjYn74ZZ6FO0pG5YKaJlXOb5k05Q3lI5ci9DDRl3PeD_3uisU1bN_CXcyJAYTw09TBTT6o6jvgbAOfz0CPtCOZ8by1QN6qnDOPOeJPU_Nrjgmp9pP8AUBaypnrV9YxUNGM3sVhExfv-ySTaXmGZA3z6VBdBgkM1RMuBPhVOcx2bbYcT4olUnXOQ8ngzfHtJdU75379SMQXX362d-c1GQcRaVzy68lHHJVyE8SyhoB_JXa_TxBzteoHdaL5nZKBi9eZdX7Wz5FRQgo32Wi4Q5AllEcXJwm4dD6ak6aJjTq0iIUpvLg5jlBcdHE6euPJdQPSKX-c0uVj-LZCfGqKkqyBOB1UqPN8xA9Oyrb1dzajmhnzFWQ&sai=AMfl-YTqB_YIDThsYIYSCTWCnR1brrGj9TnBlgJ04uZorfUsy0wrFiKUvnY8sGFODZgusUvmckRFLXWh-zS80pG_tKLZGzHzcADiRyFd_I_DJKEqFg26MOuC07uXTsK_SMap6J9DRoWeeF8nl9uH5ZM_cQs&sig=Cg0ArKJSzOBHhD412eU9EAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 02 Aug 2024 05:12:10 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 351F
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQe4cGdlBN8hVOwsojf3tgnhXYzjSEDGbYKcv0tjuKcTgeTeGmzM993_8lekr0Mtipf87yE-anl6PAApnSOCrMrcj3IuUpf46xB135gn-pRlQDy1ga3ORciivuBn54K6H5buaM93p8WjAdAWSTj7uj-IvqaW9CrmZcPkx-oAavGBlyObDNfDx592_yAIriOjxzafu0iCz62rpLeuUyPxhKvqrJ3Ie5Kri6FVHQvyWgud2r69KE3q2hQ3eIhBKIO6_k25aQTRSHaMB_BdpX0JqS8WAsoA_pWRBFbQ7CBzEVCHNgBqCcjVhgX1w6TNi0tHi6E2ecuOAgECvExo_fj0nXBmxWRYxfSFL9mrmY_yL2_MeQRF5O5xTzS_pj1AKmPdT8KStm6Q&sai=AMfl-YT4uY-X-O7t7_HegRWSwNKLSK598QSjD6tO3NhyrRaESt0FsGL3-WjbjvX8WVIdHtcWmCYRpjCFuQDpsQornyMe5bOwDN3cXnQU39fK-YkrxiVvMTQAn2vNjjjyzA4YFw-cABKM9in483f4BFNDlwfd&sig=Cg0ArKJSzL6XtkfKTh4VEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 02 Aug 2024 05:12:10 GMT
truncated
/ Frame 7312
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a894b23e756ff962a75774406e7df68a2eb2ef0259a30f5da25fe973d8f6365

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C7C
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Aug 2024 05:12:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7312
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Aug 2024 05:12:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 351F
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Aug 2024 05:12:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tag.aspx
ml314.com/ Frame 7312
38 KB
13 KB
Script
General
Full URL
https://ml314.com/tag.aspx?172024
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d0e12af8c4e560fe89643639e0c3ed4dc76125c62adeb2879b761d73dbaecf50

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 04:20:54 GMT
via
1.1 google
content-encoding
br
age
3076
x-guploader-uploadid
AHxI1nMBBZGzggYSQgBuX8ALOOH-ivz4GE11RYNgOQ7EGGQs6Rnd5Srmv8Ki-t6005GEOYE9mw8
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12522
last-modified
Wed, 24 Jul 2024 19:30:50 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1721849450340665
x-goog-hash
crc32c=6sDw2Q==, md5=YyYW/xWCXwMKqzORpY7wQg==
content-type
application/javascript
cache-id
LAX
cache-control
public,max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
39162
accept-ranges
bytes
n.js
mb.moatads.com/
86 B
265 B
Script
General
Full URL
https://mb.moatads.com/n.js?e=35&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.E%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-aaloXHTrNoCnNCdOZzEnaNb66Z%2BcTnsOSyy9oU9P6JZYWukXqqJkIhT%2FncgZbY1D8fQ%3D&rs=1-MxqwasQST%2BDrDg%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1285&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&i=INFORMA_GAM_DISPLAY1&hp=1&sst=1&wf=1&ra=1&sgs=3&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1722575529877&de=188433730894&m=0&ar=9cc5b3e58a7-clean&iw=b63ee96&q=2&cb=0&ym=0&cu=1722575529877&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4994984344%3A3543809234%3A6715770153%3A138476655617&zMoatPS=resource_v&zMoatSZ=5x5&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&id=1&ii=4&bo=22316126855&bp=22339890152&bd=resource_v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=informagamdisplay218733383007&fd=1&it=500&ti=0&ih=2&pe=1%3A2595%3A2595%3A0%3A2606&fs=208210&na=653308574&cs=0&callback=MoatDataJsonpRequest_58410508
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.158.248.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
62f56e1e3fcf8eacd1e726ab224db39a06bd0669ab46c96fa867a3a0deb45fcf

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:10 GMT
server
istio-envoy
etag
"173df974e4836eb1e0bf69d1d67fdf06779e3a78"
content-type
text/html; charset=UTF-8
cache-control
max-age=900
x-envoy-upstream-service-time
12
timing-allow-origin
*
content-length
86
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=17&i=INFORMA_GAM_DISPLAY1&hp=1&sst=1&wf=1&ra=1&sgs=3&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1722575529877&de=188433730894&m=0&ar=9cc5b3e58a7-clean&iw=b63ee96&q=3&cb=0&ym=0&cu=1722575529877&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4994984344%3A3543809234%3A6715770153%3A138476655617&zMoatPS=resource_v&zMoatSZ=5x5&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&id=1&ii=4&bo=22316126855&bp=22339890152&bd=resource_v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=informagamdisplay218733383007&fd=1&it=500&ti=0&ih=2&pe=1%3A2595%3A2595%3A0%3A2606&fs=208210&na=1110029396&cs=0
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.242.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-242-22.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Aug 2024 05:12:10 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 02 Aug 2024 05:12:10 GMT
ads
fundingchoicesmessages.google.com/f/AGSKWxVNi9SZdva9ics2saBUl_LGnX0ohX4Y_eLr7cmSqonKxZLO7-FEZEXRT8ZxtOfYbZDx7QPsB7FitVJKEsLpTQFlYR0o99OGAMRUWrSfueqLVsX4Kp6PPStxgNjgRlx8i-hQry7fkC5sPWUraMbUVSle5-fHY...
54 B
109 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVNi9SZdva9ics2saBUl_LGnX0ohX4Y_eLr7cmSqonKxZLO7-FEZEXRT8ZxtOfYbZDx7QPsB7FitVJKEsLpTQFlYR0o99OGAMRUWrSfueqLVsX4Kp6PPStxgNjgRlx8i-hQry7fkC5sPWUraMbUVSle5-fHYe0PNk3Aa7jBXgyPh6JvbX4eH1XKCO-p/_/KalahariAds./samsung_ad._728-90./728x90l./ads?callback
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.101 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f101.1e100.net
Software
ESF /
Resource Hash
f6783594ab60ef77144e1c3f9b0dbf07ed47a46f47319efc8e27407ed82a2d78
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-03LocYNTDaGwCqc8wUY4fA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:10 GMT
content-security-policy
script-src 'report-sample' 'nonce-03LocYNTDaGwCqc8wUY4fA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw15BiOHHrNtMFID7vdIfpOhBLfH3JpAXETukzWEOA2Kd-BmscELfePMc6HYg_Pz7H-huIk_6dZy0BYneti6z-QLwk4iLrkcSLrAcfX2Q9CcSGCpdYnYF4ev0l1vlALMTNserqxq1sAgseL1dW0kjKL4xPzs8rKcpMKi3JL0pLTkstTi0qSy2KNzIwMjEwNzbUMzCJLzAAAKPMR3Q"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/
47 B
67 B
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f156.1e100.net
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 10:11:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
68424
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
server
cafe
etag
13036835877489095579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Aug 2024 10:11:46 GMT
AGSKWxUlNlMuazcB6auHWcgWwD_MUevgmgUjr_niWRPC3wdPKBzRkO-c1_UhlkHFxy4IHtIHx5fhHJ6NXsXAFNFqyyRdqSYfysbxHOLXOweQy8G7ePJF-hMfzashEK1dpdvkbvENdwvAKg==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUlNlMuazcB6auHWcgWwD_MUevgmgUjr_niWRPC3wdPKBzRkO-c1_UhlkHFxy4IHtIHx5fhHJ6NXsXAFNFqyyRdqSYfysbxHOLXOweQy8G7ePJF-hMfzashEK1dpdvkbvENdwvAKg==
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.101 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Lok31E6vuupzPYMdl3QCkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Aug 2024 05:12:10 GMT
content-security-policy
script-src 'report-sample' 'nonce-Lok31E6vuupzPYMdl3QCkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtDikmLw0ZBicEqfwRoCxJ8fn2P9DcTuWhdZ_YF4ScRF1iOJF1mn119inQ_EQjwcq65u3MomMOHGhzmMSi5J-YXxyfl5Jal5JbqJKcW6IHZRZlJpSX4RCju1DKQiJz89PTMvPd7IwMjEwNzYUM_APL7AAACBsjKK"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.darkreading.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUlNlMuazcB6auHWcgWwD_MUevgmgUjr_niWRPC3wdPKBzRkO-c1_UhlkHFxy4IHtIHx5fhHJ6NXsXAFNFqyyRdqSYfysbxHOLXOweQy8G7ePJF-hMfzashEK1dpdvkbvENdwvAKg==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUlNlMuazcB6auHWcgWwD_MUevgmgUjr_niWRPC3wdPKBzRkO-c1_UhlkHFxy4IHtIHx5fhHJ6NXsXAFNFqyyRdqSYfysbxHOLXOweQy8G7ePJF-hMfzashEK1dpdvkbvENdwvAKg==
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.101 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mJoESR5fuZkJmJghIy6Qug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Aug 2024 05:12:10 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mJoESR5fuZkJmJghIy6Qug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtDikmLw0ZBicEqfwRoCxJ8fn2P9DcTuWhdZ_YF4ScRF1iOJF1mn119inQ_EQjwcq65u3Mom0DDx2jRGJZek_ML45Py8ktS8Et3ElGJdELsoM6m0JL8IhZ1aBlKRk5-enpmXHm9kYGRiYG5sqGdgHl9gAABfYjIT"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.darkreading.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUlNlMuazcB6auHWcgWwD_MUevgmgUjr_niWRPC3wdPKBzRkO-c1_UhlkHFxy4IHtIHx5fhHJ6NXsXAFNFqyyRdqSYfysbxHOLXOweQy8G7ePJF-hMfzashEK1dpdvkbvENdwvAKg==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUlNlMuazcB6auHWcgWwD_MUevgmgUjr_niWRPC3wdPKBzRkO-c1_UhlkHFxy4IHtIHx5fhHJ6NXsXAFNFqyyRdqSYfysbxHOLXOweQy8G7ePJF-hMfzashEK1dpdvkbvENdwvAKg==
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.101 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FX83UcJYIXByvRzcMfuF_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Aug 2024 05:12:10 GMT
content-security-policy
script-src 'report-sample' 'nonce-FX83UcJYIXByvRzcMfuF_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtDikmJw0ZBicEqfwRoCxJ8fn2P9DcTuWhdZ_YF4ScRF1iOJF1mn119inQ_EQjwcq65u3Mom8OLgjC2MSi5J-YXxyfl5Jal5JbqJKcW6IHZRZlJpSX4RCju1DKQiJz89PTMvPd7IwMjEwNzYUM_APL7AAAB-fDKD"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.darkreading.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUlNlMuazcB6auHWcgWwD_MUevgmgUjr_niWRPC3wdPKBzRkO-c1_UhlkHFxy4IHtIHx5fhHJ6NXsXAFNFqyyRdqSYfysbxHOLXOweQy8G7ePJF-hMfzashEK1dpdvkbvENdwvAKg==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUlNlMuazcB6auHWcgWwD_MUevgmgUjr_niWRPC3wdPKBzRkO-c1_UhlkHFxy4IHtIHx5fhHJ6NXsXAFNFqyyRdqSYfysbxHOLXOweQy8G7ePJF-hMfzashEK1dpdvkbvENdwvAKg==
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.101 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-EyxLxflNrdP4JOi3WsbVrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Aug 2024 05:12:10 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-EyxLxflNrdP4JOi3WsbVrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtDikmJw05BicEqfwRoCxJ8fn2P9DcTuWhdZ_YF4ScRF1iOJF1mn119inQ_EQjwcq65u3MomsKPj8UZGJZek_ML45Py8ktS8Et3ElGJdELsoM6m0JL8IhZ1aBlKRk5-enpmXHm9kYGRiYG5sqGdgHl9gAAB1fTJk"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.darkreading.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXcwfhn0FXsWwsle1BV6ofvzbmmMBUU3WD_1muCFNYudxI67E3TraZi_I6lDEM15ZnLqlpbEnSc6YgK_4p243efQWIx2qn4JO1HD050GoJgB5OM50jilFL-29pmHQyrs8sOayzXpA==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXcwfhn0FXsWwsle1BV6ofvzbmmMBUU3WD_1muCFNYudxI67E3TraZi_I6lDEM15ZnLqlpbEnSc6YgK_4p243efQWIx2qn4JO1HD050GoJgB5OM50jilFL-29pmHQyrs8sOayzXpA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIyNTc1NTMwLDE0NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cuZGFya3JlYWRpbmcuY29tL3RocmVhdC1pbnRlbGxpZ2VuY2UvYmxhY2stYmFzdGEtZGV2ZWxvcHMtY3VzdG9tLW1hbHdhcmUtaW4td2FrZS1vZi1xYWtib3QtdGFrZWRvd24iLG51bGwsW1s4LCI5QUxPZWVJX3BtZyJdLFs5LCJlbi1VUyJdLFsyMiwidHJ1ZSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.101 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f101.1e100.net
Software
ESF /
Resource Hash
5796613df509bde37287fb6add65bbc76f433df30a29ace601763fa8335050ca
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rWujMHjcsYBF8xfhEKAk7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:10 GMT
content-security-policy
script-src 'report-sample' 'nonce-rWujMHjcsYBF8xfhEKAk7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmII0JBiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiD8_Psf6G4iT_p1nLQFid62LrP5AvCTiIuuRxIusBx9fZD0JxIYKl1idgXh6_SXW-UAsxM2x6urGrWwCFyatyVPSSMovjE_OzyspykwqLckvSktOSy1OLSpLLYo3MjAyMTA3NtQzMIkvMAAAjNBClg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=17&i=INFORMA_GAM_DISPLAY1&hp=1&sst=1&wf=1&ra=1&sgs=3&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1722575529950&de=176802194964&m=0&ar=9cc5b3e58a7-clean&iw=b63ee96&q=7&cb=0&ym=0&cu=1722575529950&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=80029947%3A3265433495%3A6405684951%3A138482815237&zMoatPS=728_1v&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&id=1&ii=4&bo=22316126855&bp=22339890152&bd=728_1v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=informagamdisplay218733383007&fd=1&it=500&ti=0&ih=2&pe=1%3A2595%3A2595%3A0%3A2606&fs=208210&na=1226549138&cs=0
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.242.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-242-22.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Aug 2024 05:12:10 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 02 Aug 2024 05:12:10 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7312
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOUQ61x1WiVKvDNBdJ9FCISiHSwdHnZsYE32kPrRR20CusY1zRQ-ZE3GFaw_5vcdg-efpcWeuBNvHYJ9xqNYD4kSmZVUH1j5efSFK7urkZZ8pvks7BEkFa-gG81awFMZXRQLsw662FTIpOxuLx-J0Mt94tfMo95oeCKciZOwkobgHi4xtFtsa7cingcPZqLZ5LPYAIsjIqf7aWz8m3D_uBlcf1pflr6V52l8TXfMmS4Tq38E2b4bMRFbnG6krn4555qVxSfmdK8txEs96014b0AwSvtwaQu59q4wOQrn4E58fpwdE9PejTMX5jOfjM7Bp8Ly73hADdMSYIQIYdCipG2i-7dZBdgpt2P-_pXPKYeSlTdxZj8NOh0cfX4Zn599kbkAzdiA&sai=AMfl-YSzI98Ipq7rA_DPiKAxzXZ82DcJ6fNDOYCj5KE5x6DkicfOaMe-Z7Kvcm32NK3ovvjt7iCgFdvNQoNq5fCh97KABiNDEXivt6u301K_VG6K0Gg3nofePXGC8kzwdPGb9qEeuHJFaGCxpCKQUhxScfY&sig=Cg0ArKJSzLhLLnPRrVZ5EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 02 Aug 2024 05:12:10 GMT
/
cognito-identity.eu-west-1.amazonaws.com/ Frame
0
0
Preflight
General
Full URL
https://cognito-identity.eu-west-1.amazonaws.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d018:94a:8a00:b0a6:9d44:1ea3:2198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-amz-target
Access-Control-Request-Method
POST
Origin
https://www.darkreading.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-amz-target
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age
172800
content-length
0
date
Fri, 02 Aug 2024 05:12:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-amzn-requestid
39d2dda5-9af7-44a9-81a5-189560621971
/
cognito-identity.eu-west-1.amazonaws.com/
2 KB
2 KB
XHR
General
Full URL
https://cognito-identity.eu-west-1.amazonaws.com/
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d018:94a:8a00:b0a6:9d44:1ea3:2198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
696fd9837942f80f496230205de42227112060e6bef1c28d38b4a212ec6d1bdd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.darkreading.com/
X-Amz-Target
AWSCognitoIdentityService.GetCredentialsForIdentity
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-amz-json-1.1

Response headers

access-control-allow-origin
*
date
Fri, 02 Aug 2024 05:12:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid
2d2a3d01-28cf-49fb-a716-6116d993549c
content-length
1804
content-type
application/x-amz-json-1.1
AGSKWxVCIv12M_SlN0I74M9h7WcQGVzQ2JjkWo1rrNIFwSG1XEdaVpUwQys9GW031q01cTZiqOoAI_682mRXFb99cHDN_8YHLF_5IDT9_LEMtQBfPQJqCGVXXhkng1gSTwvNASH_hnq6Aw==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVCIv12M_SlN0I74M9h7WcQGVzQ2JjkWo1rrNIFwSG1XEdaVpUwQys9GW031q01cTZiqOoAI_682mRXFb99cHDN_8YHLF_5IDT9_LEMtQBfPQJqCGVXXhkng1gSTwvNASH_hnq6Aw==
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.101 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f101.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ljvF-t1ypzyUI30a_A1aAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Aug 2024 05:12:10 GMT
content-security-policy
script-src 'report-sample' 'nonce-ljvF-t1ypzyUI30a_A1aAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtDikmJw15BicEqfwRoCxJ8fn2P9DcTuWhdZ_YF4ScRF1iOJF1mn119inQ_EQjwcq65u3Mom0LCs5zKTkktSfmF8cn5eSWpeiW5iSrEuiF2UmVRakl-Ewk4tA6nIyU9Pz8xLjzcyMDIxMDc21DMwjy8wAABfSTIX"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.darkreading.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&sst=1&wf=1&ra=1&sgs=3&vb=9&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F17377699095591836677&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.E%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-aaloXHTrNoCnNCdOZzEnaNb66Z%2BcTnsOSyy9oU9P6JZYWukXqqJkIhT%2FncgZbY1D8fQ%3D&rs=1-MxqwasQST%2BDrDg%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1285&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&id=1&ii=4&f=0&j=&t=1722575529950&de=176802194964&cu=1722575529950&m=23&ar=9cc5b3e58a7-clean&iw=b63ee96&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6683&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2595%3A2595%3A0%3A2606&as=0&ag=5&an=0&gf=5&gg=0&ix=5&ic=5&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=5&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9&cd=0&ah=9&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=80029947%3A3265433495%3A6405684951%3A138482815237&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&zMoatDev=Desktop&zMoatDfpSlotId=728_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=208210&na=127883189&cs=0
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.242.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-242-22.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Aug 2024 05:12:10 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 02 Aug 2024 05:12:10 GMT
3_webfont.woff2
cache-ssl.celtra.com/api/fonts/google/Lato:400/ Frame D233
4 KB
4 KB
Font
General
Full URL
https://cache-ssl.celtra.com/api/fonts/google/Lato:400/3_webfont.woff2?subset=BCDEGILORSTUVW
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.64.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-64-36.iad12.r.cloudfront.net
Software
Apache /
Resource Hash
4e3544834b91e44441b532b1543211033bbf7dfdb06b1c540c6539ce2f04c806

Request headers

Referer
https://www.darkreading.com/
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 19 Jun 2024 12:24:13 GMT
via
1.1 fcb94596db202c75ac0e559b3183be72.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
IAD12-P1
age
3775678
etag
"4e3544834b91e44441b532b1543211033bbf7dfdb06b1c540c6539ce2f04c806"
x-cache
Hit from cloudfront
content-type
application/font-woff2
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control
max-age=31556926
access-control-allow-credentials
false
accept-ranges
bytes
content-length
4052
x-amz-cf-id
8dr79hkV45KDgZ4vOJY0uaPWronZ-hUn6roCX_CsxoHDNw-NKMziGQ==
A-review-of-zero-day-in-the-wild-exploits-in-2023.jpg
cache-ssl.celtra.com/api/blobs/d1b9ffd9b9bcef1ccaaf93dc71aa77e94073bdd595b0312a522902e4048e03ba/ Frame D233
1 KB
2 KB
Image
General
Full URL
https://cache-ssl.celtra.com/api/blobs/d1b9ffd9b9bcef1ccaaf93dc71aa77e94073bdd595b0312a522902e4048e03ba/A-review-of-zero-day-in-the-wild-exploits-in-2023.jpg?transform=crush&quality=85&resize=52x80
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.64.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-64-36.iad12.r.cloudfront.net
Software
Apache /
Resource Hash
a7f7e7120f65ced72019a47c32b3f8b3c7f14966885f84eb047103e27da93b5a

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 20 Jun 2024 10:17:29 GMT
via
1.1 f588325f7617672d954c4267c8bee1ea.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
IAD12-P1
age
3696881
etag
"a7f7e7120f65ced72019a47c32b3f8b3c7f14966885f84eb047103e27da93b5a"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control
max-age=31556926
access-control-allow-credentials
false
accept-ranges
bytes
content-length
1206
x-amz-cf-id
f5pJgqEem7p0IB2CM79_sF-1mJb3cNncxlLsJmjKeg1_xfZT1IKXGA==
Google-cyber-threat-int.jpg
cache-ssl.celtra.com/api/blobs/22da53e1dbefafa099520483d0aaf9e98d1545b1a8d856f502aa5651b183bebb/ Frame D233
1 KB
2 KB
Image
General
Full URL
https://cache-ssl.celtra.com/api/blobs/22da53e1dbefafa099520483d0aaf9e98d1545b1a8d856f502aa5651b183bebb/Google-cyber-threat-int.jpg?transform=crush&quality=85&resize=64x80
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.64.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-64-36.iad12.r.cloudfront.net
Software
Apache /
Resource Hash
30c46df157b1d0b6d3a33ba0954f7762bf1560a8779e9170b1f997349aaa32f0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 20 Jun 2024 10:17:29 GMT
via
1.1 f588325f7617672d954c4267c8bee1ea.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
IAD12-P1
age
3696881
etag
"30c46df157b1d0b6d3a33ba0954f7762bf1560a8779e9170b1f997349aaa32f0"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control
max-age=31556926
access-control-allow-credentials
false
accept-ranges
bytes
content-length
1468
x-amz-cf-id
rKGCn58H8F9sDusjUfNHYiCBQlo7YkkM2GN-zJyWonZB4M0k9tm28w==
Google-Threat-Intelligence.jpg
cache-ssl.celtra.com/api/blobs/2559606912c9f71588e778d3582b018b0ec97bc0f714b55053ca0b8ffa5f8e30/ Frame D233
919 B
1 KB
Image
General
Full URL
https://cache-ssl.celtra.com/api/blobs/2559606912c9f71588e778d3582b018b0ec97bc0f714b55053ca0b8ffa5f8e30/Google-Threat-Intelligence.jpg?transform=crush&quality=85&resize=63x80
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.64.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-64-36.iad12.r.cloudfront.net
Software
Apache /
Resource Hash
a2feea9c604fe3a6ec7c86bfc3e34ebaa062840bfbd2eda7af6a2ce68156c3b2

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 20 Jun 2024 10:17:29 GMT
via
1.1 f588325f7617672d954c4267c8bee1ea.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
IAD12-P1
age
3696881
etag
"a2feea9c604fe3a6ec7c86bfc3e34ebaa062840bfbd2eda7af6a2ce68156c3b2"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control
max-age=31556926
access-control-allow-credentials
false
accept-ranges
bytes
content-length
919
x-amz-cf-id
fnMu_ALlBmNOnJA-Xqy-xFubwz5APAduUyTMnW2OBalnFot_xAlHlw==
Google-Threat-Horizons-Report.jpg
cache-ssl.celtra.com/api/blobs/e32201531ee74624f51143875b5265f82746932597ded745f74447f9f33bc901/ Frame D233
1 KB
2 KB
Image
General
Full URL
https://cache-ssl.celtra.com/api/blobs/e32201531ee74624f51143875b5265f82746932597ded745f74447f9f33bc901/Google-Threat-Horizons-Report.jpg?transform=crush&quality=85&resize=63x80
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.64.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-64-36.iad12.r.cloudfront.net
Software
Apache /
Resource Hash
73626e5d7b99f06394009e62277c9f90b03d5b3d605cf1b35c94ce4b9ed7f937

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 20 Jun 2024 10:17:29 GMT
via
1.1 f588325f7617672d954c4267c8bee1ea.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
IAD12-P1
age
3696881
etag
"73626e5d7b99f06394009e62277c9f90b03d5b3d605cf1b35c94ce4b9ed7f937"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control
max-age=31556926
access-control-allow-credentials
false
accept-ranges
bytes
content-length
1215
x-amz-cf-id
i08olEFo493AlTO4Y_CJmkwa9zjkSCH1q-014_idS1E0CJdtWY_a5A==
The-Forrester-Wave.jpg
cache-ssl.celtra.com/api/blobs/f875b73be018390d959b7f2b2ab16f510274cc714de6c5236a571daf4b50126b/ Frame D233
1 KB
2 KB
Image
General
Full URL
https://cache-ssl.celtra.com/api/blobs/f875b73be018390d959b7f2b2ab16f510274cc714de6c5236a571daf4b50126b/The-Forrester-Wave.jpg?transform=crush&quality=85&resize=63x80
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.64.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-64-36.iad12.r.cloudfront.net
Software
Apache /
Resource Hash
4465c8c331808a84b6e2ef158016d65962499ec31af66f3dca151bd044a3de73

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 20 Jun 2024 10:17:30 GMT
via
1.1 f588325f7617672d954c4267c8bee1ea.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
IAD12-P1
age
3696880
etag
"4465c8c331808a84b6e2ef158016d65962499ec31af66f3dca151bd044a3de73"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control
max-age=31556926
access-control-allow-credentials
false
accept-ranges
bytes
content-length
1093
x-amz-cf-id
X91IagXxt7zpv2f4RuOyYZNRTYa2WLNIQTh87mfKD-P7mJWSBfupKA==
activeview
pagead2.googlesyndication.com/pcs/ Frame 6C7C
42 B
65 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss4avc0xbBq33KVyKLf0VVpuZujUlioxWZtn03__bTXMyaEjVRrvntGDq-bsAnmx0W303lm69PHZv04JfCnqFiL6_1twoJ79LCKqujis3aevr7OhDeknvc_jaieEi6ZJ7pmoMRhasjMo-xRdUwKXSt0GaK3BU2AIrQ&sig=Cg0ArKJSzKmRtzykEWeKEAE&id=lidar2&mcvt=1032&p=249,436,339,1164&mtos=1032,1032,1032,1032,1032&tos=1032,0,0,0,0&v=20240731&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=206257688&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1850832900&rst=1722575529151&rpt=557&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Aug 2024 05:12:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 351F
42 B
65 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssHd-mYNVuLu-SgGVzITGcmd2cep6UulqcTmN77OwjofcRRkbc2a_jhW98iHPxuZCyDaU2FlhwkjWLYQJ1-rd6U5VdeThCUmARNjxjjQ_aTa0JvFMhTb66h6212TmHhEJLx3dUNe6uGBGwhx0cd6LLmmq_tP2HCsck&sig=Cg0ArKJSzDIkznLbeQVNEAE&id=lidar2&mcvt=1035&p=661,1006,911,1306&mtos=1035,1035,1035,1035,1035&tos=1035,0,0,0,0&v=20240731&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2192439130&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1850832900&rst=1722575529188&rpt=568&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Aug 2024 05:12:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
celtra%20icons_link-wht.svg
cache-ssl.celtra.com/api/blobs/adbd4dd590300081e85e79620feb4ef2099545eb351826a0c485b5a8925f5a42/ Frame D233
579 B
1 KB
Image
General
Full URL
https://cache-ssl.celtra.com/api/blobs/adbd4dd590300081e85e79620feb4ef2099545eb351826a0c485b5a8925f5a42/celtra%20icons_link-wht.svg
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.64.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-64-36.iad12.r.cloudfront.net
Software
Apache /
Resource Hash
adbd4dd590300081e85e79620feb4ef2099545eb351826a0c485b5a8925f5a42

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 19 Jun 2024 14:24:36 GMT
via
1.1 f588325f7617672d954c4267c8bee1ea.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
IAD12-P1
age
3768454
etag
"adbd4dd590300081e85e79620feb4ef2099545eb351826a0c485b5a8925f5a42"
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control
max-age=31556926
access-control-allow-credentials
false
accept-ranges
bytes
content-length
579
x-amz-cf-id
t2YER_vF9AesQdLkYN5gTt2vLJkfNNadKnpxrolhgoKbpxLXzAV8sQ==
celtra%20icons_link-liteblu.svg
cache-ssl.celtra.com/api/blobs/bc68d014dbe298b5dc8db74a0dff93ac3f457318242ee5bf2aa1d5283bffac97/ Frame D233
574 B
1 KB
Image
General
Full URL
https://cache-ssl.celtra.com/api/blobs/bc68d014dbe298b5dc8db74a0dff93ac3f457318242ee5bf2aa1d5283bffac97/celtra%20icons_link-liteblu.svg
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.64.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-64-36.iad12.r.cloudfront.net
Software
Apache /
Resource Hash
bc68d014dbe298b5dc8db74a0dff93ac3f457318242ee5bf2aa1d5283bffac97

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 19 Jun 2024 15:57:12 GMT
via
1.1 f588325f7617672d954c4267c8bee1ea.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
IAD12-P1
age
3762898
etag
"bc68d014dbe298b5dc8db74a0dff93ac3f457318242ee5bf2aa1d5283bffac97"
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control
max-age=31556926
access-control-allow-credentials
false
accept-ranges
bytes
content-length
574
x-amz-cf-id
Aq5FgkwCMlMZ9oUdrZ8eQU2MqgyLuSN942Ulj1YfhPU2KwZJD7eubQ==
celtra%20icons_x-wht.svg
cache-ssl.celtra.com/api/blobs/57d1477701e49ed374c87b472142454b4625a243c95e4b65483555d8dd4c1f2a/ Frame D233
447 B
916 B
Image
General
Full URL
https://cache-ssl.celtra.com/api/blobs/57d1477701e49ed374c87b472142454b4625a243c95e4b65483555d8dd4c1f2a/celtra%20icons_x-wht.svg
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.64.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-64-36.iad12.r.cloudfront.net
Software
Apache /
Resource Hash
57d1477701e49ed374c87b472142454b4625a243c95e4b65483555d8dd4c1f2a

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 19 Jun 2024 17:36:54 GMT
via
1.1 f588325f7617672d954c4267c8bee1ea.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
IAD12-P1
age
3756916
etag
"57d1477701e49ed374c87b472142454b4625a243c95e4b65483555d8dd4c1f2a"
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control
max-age=31556926
access-control-allow-credentials
false
accept-ranges
bytes
content-length
447
x-amz-cf-id
dQxBq11xcm2cfr2z9FWy8acVMHcwwagShczAh8PtqIxovU0Wz4pxhQ==
celtra%20icons_x-liteblu.svg
cache-ssl.celtra.com/api/blobs/ee1a4cac46f898dfd7bd1593385ed5ef2bc9a23155a13da83381559ee35787eb/ Frame D233
450 B
919 B
Image
General
Full URL
https://cache-ssl.celtra.com/api/blobs/ee1a4cac46f898dfd7bd1593385ed5ef2bc9a23155a13da83381559ee35787eb/celtra%20icons_x-liteblu.svg
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.64.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-64-36.iad12.r.cloudfront.net
Software
Apache /
Resource Hash
ee1a4cac46f898dfd7bd1593385ed5ef2bc9a23155a13da83381559ee35787eb

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 21 Jun 2024 21:41:37 GMT
via
1.1 f588325f7617672d954c4267c8bee1ea.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
IAD12-P1
age
3569433
etag
"ee1a4cac46f898dfd7bd1593385ed5ef2bc9a23155a13da83381559ee35787eb"
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control
max-age=31556926
access-control-allow-credentials
false
accept-ranges
bytes
content-length
450
x-amz-cf-id
lXVVyUDmKaAIPfHmsi9D1dB9ORwJZcnuetR9GUHKrlXkJRwxTzFsag==
celtra%20icons_face-wht.svg
cache-ssl.celtra.com/api/blobs/768c6797a6ffb5f2ea191ffded4131ae7c83f3a3d22d3afa5daf1254c0c70bbe/ Frame D233
549 B
1017 B
Image
General
Full URL
https://cache-ssl.celtra.com/api/blobs/768c6797a6ffb5f2ea191ffded4131ae7c83f3a3d22d3afa5daf1254c0c70bbe/celtra%20icons_face-wht.svg
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.64.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-64-36.iad12.r.cloudfront.net
Software
Apache /
Resource Hash
768c6797a6ffb5f2ea191ffded4131ae7c83f3a3d22d3afa5daf1254c0c70bbe

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 19 Jun 2024 11:14:47 GMT
via
1.1 f588325f7617672d954c4267c8bee1ea.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
IAD12-P1
age
3779843
etag
"768c6797a6ffb5f2ea191ffded4131ae7c83f3a3d22d3afa5daf1254c0c70bbe"
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control
max-age=31556926
access-control-allow-credentials
false
accept-ranges
bytes
content-length
549
x-amz-cf-id
4A6FwK3qhQWFaRDY4JQhiHrTszZvcYa-9hWMcxOWCLar2uzag7THyg==
celtra%20icons_face-liteblu.svg
cache-ssl.celtra.com/api/blobs/e43d18975ec3fb8d36379a2947a5f7f057b4b8bbab063188d781831500627b68/ Frame D233
552 B
1022 B
Image
General
Full URL
https://cache-ssl.celtra.com/api/blobs/e43d18975ec3fb8d36379a2947a5f7f057b4b8bbab063188d781831500627b68/celtra%20icons_face-liteblu.svg
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.64.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-64-36.iad12.r.cloudfront.net
Software
Apache /
Resource Hash
e43d18975ec3fb8d36379a2947a5f7f057b4b8bbab063188d781831500627b68

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 19 Jun 2024 15:36:44 GMT
via
1.1 f588325f7617672d954c4267c8bee1ea.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
IAD12-P1
age
3764126
etag
"e43d18975ec3fb8d36379a2947a5f7f057b4b8bbab063188d781831500627b68"
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control
max-age=31556926
access-control-allow-credentials
false
accept-ranges
bytes
content-length
552
x-amz-cf-id
pNzcnCGx3vgD77DS_e5PKHU7LqCnVUDG6t8_KA4PIkNGvXaTq_P4CQ==
celtra%20icons_yout-wht.svg
cache-ssl.celtra.com/api/blobs/cb2778bbe6a181131e60639b0dbbea7a49696c20204cccb14fd13aca26b53190/ Frame D233
499 B
965 B
Image
General
Full URL
https://cache-ssl.celtra.com/api/blobs/cb2778bbe6a181131e60639b0dbbea7a49696c20204cccb14fd13aca26b53190/celtra%20icons_yout-wht.svg
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.64.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-64-36.iad12.r.cloudfront.net
Software
Apache /
Resource Hash
cb2778bbe6a181131e60639b0dbbea7a49696c20204cccb14fd13aca26b53190

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 19 Jun 2024 11:14:47 GMT
via
1.1 f588325f7617672d954c4267c8bee1ea.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
IAD12-P1
age
3779843
etag
"cb2778bbe6a181131e60639b0dbbea7a49696c20204cccb14fd13aca26b53190"
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control
max-age=31556926
access-control-allow-credentials
false
accept-ranges
bytes
content-length
499
x-amz-cf-id
QeFMc2peueu4YlNI9F0yCWFQIap-WGlY-pPE6UcFw5Ii6J3g83nq0Q==
celtra%20icons_yout-liteblu.svg
cache-ssl.celtra.com/api/blobs/8d5c7061646a392d68f14895bdbf7d9d286c821b0fa62b8edc9c05b38fe7b222/ Frame D233
502 B
969 B
Image
General
Full URL
https://cache-ssl.celtra.com/api/blobs/8d5c7061646a392d68f14895bdbf7d9d286c821b0fa62b8edc9c05b38fe7b222/celtra%20icons_yout-liteblu.svg
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.64.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-64-36.iad12.r.cloudfront.net
Software
Apache /
Resource Hash
8d5c7061646a392d68f14895bdbf7d9d286c821b0fa62b8edc9c05b38fe7b222

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 19 Jun 2024 15:57:13 GMT
via
1.1 f588325f7617672d954c4267c8bee1ea.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
IAD12-P1
age
3762897
etag
"8d5c7061646a392d68f14895bdbf7d9d286c821b0fa62b8edc9c05b38fe7b222"
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control
max-age=31556926
access-control-allow-credentials
false
accept-ranges
bytes
content-length
502
x-amz-cf-id
0GFckNeiDwNeuRHROjjNuBVnQJqmK7mxubntVsy3s1T23HFeglAR0A==
GC_Security_wordmark_rgb%20(1).png
cache-ssl.celtra.com/api/blobs/3f744c4d8572bbd92f5ebdcf3e969f82d8413c6a090e619985e6da3a3923f935/ Frame D233
2 KB
3 KB
Image
General
Full URL
https://cache-ssl.celtra.com/api/blobs/3f744c4d8572bbd92f5ebdcf3e969f82d8413c6a090e619985e6da3a3923f935/GC_Security_wordmark_rgb%20(1).png?transform=crush&quality=256&resize=100x67
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.64.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-64-36.iad12.r.cloudfront.net
Software
Apache /
Resource Hash
084fa97c30e1c546202822d0f0ed643b669b750f5703f6002c8e25315b439044

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 21 Jun 2024 21:41:37 GMT
via
1.1 f588325f7617672d954c4267c8bee1ea.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
IAD12-P1
age
3569433
etag
"084fa97c30e1c546202822d0f0ed643b669b750f5703f6002c8e25315b439044"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control
max-age=31556926
access-control-allow-credentials
false
accept-ranges
bytes
content-length
2518
x-amz-cf-id
8ITkZE-J9LjmtfvsFDu4cOGarYXcHb1BDDaa85Ykb4pgysXGfCKPOg==
js
www.googletagmanager.com/gtag/
297 KB
99 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f7f8f24fd5f176ff83fd2a6b6caacb0b97cc2fda81b90cb8e85f5f06a49a3c93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
101267
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 02 Aug 2024 05:12:10 GMT
iris-t.js
static.iris.informa.com/widgets/v3.0/
79 KB
79 KB
Script
General
Full URL
https://static.iris.informa.com/widgets/v3.0/iris-t.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.125.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-49.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35bbaf39a449ccd5f8187d9ad0c345b234b9e0c011ac23ae181cd1e7d308bdc4

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:12 GMT
x-amz-version-id
dlaJotV_Gz4O7cqm42eVJp8uZLGpWllN
via
1.1 0d9fa547d973207140747f5567b6a0fa.cloudfront.net (CloudFront)
last-modified
Tue, 30 Jul 2024 11:59:35 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P3
etag
"fbc10e2b062735815acd18ff52ac647a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
80499
x-amz-cf-id
USdeR0Wqs_jEE4MAoQwhyptpfbwJER5VM-9BUQfDNySo4DT089fwJA==
chartbeat.js
static.chartbeat.com/js/
38 KB
15 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f3:6800:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 16:13:11 GMT
content-encoding
gzip
via
1.1 96cac0ffcf3fb8fed4b2230b5bdeca6c.cloudfront.net (CloudFront)
last-modified
Wed, 05 Jun 2024 00:13:00 GMT
server
nginx
x-amz-cf-pop
IAD55-P2
age
46740
etag
W/"665fad8c-9895"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
G0B-C3kJFruO7hIOkarCEEC1xWljhAT8Mpy9DdMiB3ZwJfhwXOKL2w==
expires
Fri, 02 Aug 2024 16:13:11 GMT
/
6600d6d98e534115970f9529a45f3195.js.ubembed.com/
430 B
699 B
Script
General
Full URL
https://6600d6d98e534115970f9529a45f3195.js.ubembed.com/
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f04ba1a87741dc74ced9a18627c404b7ea4d3f0645998696b579fff1d60deadf

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:11 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
4041
etag
W/"a0190252511bc8c23905bec1d9d8ac5500f826af"
vary
Accept-Encoding, Referer
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate
cf-ray
8acb924d3e942b72-LAX
hotjar-2610568.js
static.hotjar.com/c/
16 KB
6 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-2610568.js?sv=6
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.41.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-41-53.iad55.r.cloudfront.net
Software
/
Resource Hash
9d4073889e01180136926776e6e0f2bf0ac84e593dbc131e9380d988e2534139
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:04 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 a770e75e0ebdb44f23f7a7ef20bbbffa.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P1
age
7
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/114d397c95b8c50f03e71f10d6855943
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
x-amz-cf-id
6KzP0kBsdYqQ2-QrXNCEejYieSrJ2Kwpi7NKOW98WYYbfI5BYYbKpA==
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=17&i=INFORMA_GAM_DISPLAY1&hp=1&sst=1&wf=1&ra=1&sgs=3&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1722575529978&de=284445935507&m=0&ar=9cc5b3e58a7-clean&iw=b63ee96&q=11&cb=0&ym=0&cu=1722575529978&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4994984344%3A3543809234%3A6715770153%3A138476655131&zMoatPS=300_1v&zMoatSZ=300x250&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&id=1&ii=4&bo=22316126855&bp=22339890152&bd=300_1v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=informagamdisplay218733383007&fd=1&it=500&ti=0&ih=2&pe=1%3A2595%3A2595%3A0%3A2606&fs=208210&na=652825898&cs=0
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.242.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-242-22.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Aug 2024 05:12:10 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 02 Aug 2024 05:12:10 GMT
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&sst=1&wf=1&ra=1&sgs=3&vb=9&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F7099032341991955530&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.E%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-aaloXHTrNoCnNCdOZzEnaNb66Z%2BcTnsOSyy9oU9P6JZYWukXqqJkIhT%2FncgZbY1D8fQ%3D&rs=1-MxqwasQST%2BDrDg%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1285&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&id=1&ii=4&f=0&j=&t=1722575529978&de=284445935507&cu=1722575529978&m=9&ar=9cc5b3e58a7-clean&iw=b63ee96&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6683&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2595%3A2595%3A0%3A2606&as=0&ag=2&an=0&gf=2&gg=0&ix=2&ic=2&ez=1&aj=1&pg=100&pf=0&ib=1&cc=0&bw=2&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3&cd=0&ah=3&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4994984344%3A3543809234%3A6715770153%3A138476655131&bo=22316126855&bp=22339890152&bd=300_1v&zMoatPS=300_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=300x250&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&zMoatDev=Desktop&zMoatDfpSlotId=300_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=208210&na=323155991&cs=0
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.242.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-242-22.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Aug 2024 05:12:11 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 02 Aug 2024 05:12:11 GMT
bundle.js
assets.ubembed.com/universalscript/releases/v0.183.0/
183 KB
49 KB
Script
General
Full URL
https://assets.ubembed.com/universalscript/releases/v0.183.0/bundle.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.39.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-39-4.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c39fa609f4a9b43e493115c723b102147f9025008bd24841e7732c5f253edd51

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 24 May 2024 17:52:37 GMT
content-encoding
gzip
via
1.1 c6b0d1d85b2590c57ac754bf9e61944e.cloudfront.net (CloudFront)
last-modified
Fri, 24 May 2024 17:48:37 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C1
age
6002375
etag
W/"ce1f9daa5bfa548f0417f378eb40974e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-id
KtIsg9wLlp5XWis_QIax74eDWRc6U02P_BQCHTNOXag5tphmntoQzQ==
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&sst=1&wf=1&ra=1&sgs=3&vb=9&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.E%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-aaloXHTrNoCnNCdOZzEnaNb66Z%2BcTnsOSyy9oU9P6JZYWukXqqJkIhT%2FncgZbY1D8fQ%3D&rs=1-MxqwasQST%2BDrDg%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1285&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&id=1&ii=4&f=0&j=&t=1722575529978&de=284445935507&cu=1722575529978&m=1028&ar=9cc5b3e58a7-clean&iw=b63ee96&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6735&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2595%3A2595%3A0%3A2606&as=1&ag=1022&an=2&gi=1&gf=1022&gg=2&ix=1022&ic=1022&ez=1&ck=1022&kw=822&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1022&bx=2&ci=1022&jz=822&dj=1&aa=0&ad=723&cn=0&gk=723&gl=0&ik=723&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=822&cd=3&ah=822&am=3&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4994984344%3A3543809234%3A6715770153%3A138476655131&bo=22316126855&bp=22339890152&bd=300_1v&zMoatPS=300_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=300x250&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&zMoatDev=Desktop&zMoatDfpSlotId=300_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=208210&na=1586688560&cs=0
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.242.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-242-22.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Aug 2024 05:12:11 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 02 Aug 2024 05:12:11 GMT
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-1X1EHQ3PFR&gtm=45je47v0v873922772z8891172384za200zb891172384&_p=1722575527103&_gaz=1&gcs=G1--&gcd=13l3l3l3l7&npa=1&dma=0&tcfd=10000&tag_exp=95250753&gdid=dYWJhMj&cid=959816986.1722575531&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dr=&dl=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&dt=Black%20Basta%20Develops%20Custom%20Malware%20in%20Wake%20of%20Qakbot%20Takedown&sid=1722575531&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_type=article&ep.content_format=News&ep.content_publish_date=Aug%2001%2C%202024&ep.content_sub_brand=value%20not%20set&ep.content_buyer_journey=value%20not%20set&ep.content_id=blt4e6eeaebfb498b22&ep.content_title=Black%20Basta%20Develops%20Custom%20Malware%20in%20Wake%20of%20Qakbot%20Takedown&ep.content_legacy_path=value%20not%20set&ep.content_contributor=Elizabeth%20Montalbano&ep.content_keyword=value%20not%20set&ep.content_series=value%20not%20set&ep.content_sponsor=value%20not%20set&ep.content_main_topic=Threat%20Intelligence&ep.content_additional_topics=Vulnerabilities%20%26%20Threats%2CCyberattacks%20%26%20Data%20Breaches&ep.gtm_container_detail=GTM-5523ZCM%7C116&ep.ad_unit_path_code=3834%2Fdarkreading.home%2Farticle%2Fthreat-intelligence&ep.content_program=value%20not%20set&ep.content_group=Threat%20Intelligence&ep.content_all_topics=cyberattacks%20%26%20data%20breaches%7Cthreat%20intelligence%7Cvulnerabilities%20%26%20threats&tfd=6556
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Aug 2024 05:12:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.darkreading.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
257 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1X1EHQ3PFR&cid=959816986.1722575531&gtm=45je47v0v873922772z8891172384za200zb891172384&aip=1&dma=0&gcs=G1--&gcd=13l3l3l3l7&npa=1&frm=0&tag_exp=95250753
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Aug 2024 05:12:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.darkreading.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&sst=1&wf=1&ra=1&sgs=3&vb=9&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.E%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-aaloXHTrNoCnNCdOZzEnaNb66Z%2BcTnsOSyy9oU9P6JZYWukXqqJkIhT%2FncgZbY1D8fQ%3D&rs=1-MxqwasQST%2BDrDg%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1285&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&id=1&ii=4&f=0&j=&t=1722575529978&de=284445935507&cu=1722575529978&m=1029&ar=9cc5b3e58a7-clean&iw=b63ee96&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6735&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2595%3A2595%3A0%3A2606&as=1&ag=1022&an=1022&gi=1&gf=1022&gg=1022&ix=1022&ic=1022&ez=1&ck=1022&kw=822&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1022&bx=1022&ci=1022&jz=822&dj=1&aa=0&ad=723&cn=723&gk=723&gl=723&ik=723&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=822&cd=822&ah=822&am=822&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4994984344%3A3543809234%3A6715770153%3A138476655131&bo=22316126855&bp=22339890152&bd=300_1v&zMoatPS=300_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=300x250&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&zMoatDev=Desktop&zMoatDfpSlotId=300_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=208210&na=1457305154&cs=0
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.242.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-242-22.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Aug 2024 05:12:11 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 02 Aug 2024 05:12:11 GMT
modules.8da33a8f469c3b5ffcec.js
script.hotjar.com/
223 KB
56 KB
Script
General
Full URL
https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.191.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-191-77.iad89.r.cloudfront.net
Software
/
Resource Hash
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 14:23:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 3924198dd88678a1cab97875f32b6f20.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C2
age
226145
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56385
last-modified
Tue, 30 Jul 2024 14:22:40 GMT
etag
"0728625a147ca79276a1790b9cf3175d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
MjlGlL9GfxVIlBxZ4w8MyuvBNDFFA0g8Ik1PFdf6bg0mcA95SmSX_A==
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&sst=1&wf=1&ra=1&sgs=3&vb=9&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.E%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-aaloXHTrNoCnNCdOZzEnaNb66Z%2BcTnsOSyy9oU9P6JZYWukXqqJkIhT%2FncgZbY1D8fQ%3D&rs=1-MxqwasQST%2BDrDg%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1285&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&id=1&ii=4&f=0&j=&t=1722575529978&de=284445935507&cu=1722575529978&m=1031&ar=9cc5b3e58a7-clean&iw=b63ee96&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6735&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2595%3A2595%3A0%3A2606&as=1&ag=1022&an=1022&gi=1&gf=1022&gg=1022&ix=1022&ic=1022&ez=1&ck=1022&kw=822&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1022&bx=1022&ci=1022&jz=822&dj=1&aa=0&ad=723&cn=723&gk=723&gl=723&ik=723&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=822&cd=822&ah=822&am=822&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4994984344%3A3543809234%3A6715770153%3A138476655131&bo=22316126855&bp=22339890152&bd=300_1v&zMoatPS=300_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=300x250&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&zMoatDev=Desktop&zMoatDfpSlotId=300_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=208210&na=482151956&cs=0
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.242.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-242-22.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Aug 2024 05:12:11 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 02 Aug 2024 05:12:11 GMT
ZGFya3JlYWRpbmcuY29t.json
static.iris.informa.com/widgets/config/cdl/
24 B
492 B
Fetch
General
Full URL
https://static.iris.informa.com/widgets/config/cdl/ZGFya3JlYWRpbmcuY29t.json
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.125.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-49.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ced6d94498388b24b48c4e2aa311815357ab9489c735aedd7725e0b18a02433e

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
rR96SWqxdC6RFg.yCtn7XL4AuxoTa4oV
date
Fri, 02 Aug 2024 05:12:12 GMT
via
1.1 af08bb104c29fffb75d24691c869c256.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P3
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
24
last-modified
Tue, 28 Feb 2023 08:49:48 GMT
server
AmazonS3
etag
"d14dcd26bd0521dd67cdde302d3ac4a2"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
m0GjLg3Nr3iy9K_NyjNJW4H24H_ilNBQpWgW4e0impuhWlU5TjB3TA==
sp.js
static.iris.informa.com/widgets/v3.0/sp/v3.21.0/
77 KB
78 KB
Script
General
Full URL
https://static.iris.informa.com/widgets/v3.0/sp/v3.21.0/sp.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.125.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-49.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
297f7c6e2e5141be50a472401472c07dbe025b762bcad89ffaf795fddbd04fd0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:12 GMT
x-amz-version-id
1ALvrmwUb4TZErpuiV2ML7ptP6fNjRJ_
via
1.1 0d9fa547d973207140747f5567b6a0fa.cloudfront.net (CloudFront)
last-modified
Wed, 05 Jun 2024 10:44:59 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P3
etag
"365e4a519f91d5dbf473dad2feba1288"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
79216
x-amz-cf-id
REJmXpVLLMijTwOCKb3fNtDr0xAFhuC1fWmHv-x-T_VRhC49m-cOzw==
td.min.js
cdn.treasuredata.com/sdk/3.0/
58 KB
20 KB
Script
General
Full URL
https://cdn.treasuredata.com/sdk/3.0/td.min.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.249.39.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-39-75.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
262f87d47643975a4633b675fc224c7a178d99e579e5d767f4a43ca7cc0bb9de

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 25 Jul 2024 19:51:13 GMT
Content-Encoding
gzip
Via
1.1 041a4887d523cabe8177e269cc358162.cloudfront.net (CloudFront)
Age
638459
X-Amz-Cf-Pop
IAD89-C1
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Last-Modified
Mon, 05 Jul 2021 08:58:13 GMT
Server
AmazonS3
Etag
W/"4b9abb36767431f05495228eb82edf01"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=315360000
X-Amz-Cf-Id
wZV4nwdzcG06_tYCMfEQspahnEmnq5P_tZfAr4mO1Z00p_dZBIwGLw==
darkreading
api.iiris.com/v3/recommend/public/content/similar-items/it/cybersecurity/ Frame
0
0
Preflight
General
Full URL
https://api.iiris.com/v3/recommend/public/content/similar-items/it/cybersecurity/darkreading?item=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&limit=4&mode=db&item_age=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.149 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-amz-date,x-amz-security-token
Access-Control-Request-Method
GET
Origin
https://www.darkreading.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,X-Api-Key,application_id,iris_profile_id,sponsor_id
access-control-allow-methods
DELETE,GET,POST,PUT,OPTIONS
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8acb9250ed8f7c5b-LAX
content-length
0
content-type
application/json
date
Fri, 02 Aug 2024 05:12:12 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-apigw-id
b3Wa7GHYDoEFssw=
x-amzn-requestid
0a0a0dad-d139-47c7-a553-d008c2996b26
x-content-type-options
nosniff
darkreading
api.iiris.com/v3/recommend/public/content/similar-items/it/cybersecurity/
4 KB
2 KB
XHR
General
Full URL
https://api.iiris.com/v3/recommend/public/content/similar-items/it/cybersecurity/darkreading?item=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&limit=4&mode=db&item_age=12
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.149 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce270fe1277206f84b156d33a4c6c82bb03e72de5f14613231a284727549a253
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'self'; block-all-mixed-content; font-src 'self' https: data:; frame-ancestors 'self'; img-src 'self' data:; object-src 'none'; script-src 'self'; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; require-trusted-types-for 'script'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY, DENY
X-Xss-Protection 1; mode=block, 0

Request headers

Accept
application/json, text/plain, */*
X-Amz-Security-Token
IQoJb3JpZ2luX2VjEJ7//////////wEaCWV1LXdlc3QtMSJHMEUCIQDEpQvi2DMMwiCbe41pPkeJSSht6wWOAOgpcsTZOKrJwwIgfVgMJq6XNXP5NEuEMWe9PTYPCWV1EuWOad36UbYgJ/Uq0gUIhv//////////ARADGgwwNTYwNDMxNzA4OTkiDLeYPw7S2KnfZBVKliqmBYPbv+kyX80GlGUlueHk5uwpb8ZkCcOjIlU7UMSxWlw40lIkaLFltajSoJZnCQo0OiDdgtiqHKHjzsMqsanzRU1DQm+BsgOvwj77FJqaRhv4uoTNr7/jN5MvyRfNV9T4rIIcclddTJcBwpa5VIr9wF/rFNtxuZYZKzM3dmlVavH/HHwSeB87UuvalTHDcqVEmQhJW/x/qW0N3f1ZNZvnXGERf/jenyB5IzeaKzmlaONErSDbqfxqK08jpKx7Zc3Y9JYXTzWyqjGcSspsov6qf3D8Dw2R0B90Wuav0D9ns5h6EatHPjBIU64TCzyJpYf98XMR3RqhQQ5etsxm7O7NBhREk5dfiS7ZebUwSSY7V4oHOy1LBVtiP4CHZWZtkfkMyYABm64bTzznobbVpEdQs+xeg60GhOr9lx54/Cy/9kUUbhJi3pZOMbkT8JgrtqI6RCL8H9iBiy0YS1Zfp4OV0fTUhzfOpKtOxlFqHCVKYUIKWHYINqRwI3LvIBQUOg+WbDXzlP+tYDnNtctAzxrUsmf/jufYjMtF9YmGk1rZr2LHs079XqNwwZX8pGud+1eRBJElWK4F+u9rA7fGTtTaScrReH43vZX0seD8e8CGI0xjyO1eceBK+VliMkvc049cf0Oa2jLRoJOMl0EsBM+vln5sfaoS+PJ/vB1LbNhd5t8TFHAxzNxdleobm+HAgR05Vf7JbLx7GJbedhB2aa5qDuHWYC4yc7bVnhdtWAOdJ1a6K/QDxzTd4FKxCpe4cq1RVJFA5ghvoXFn2FNlaeWgr9xb43ly5+VyQ09ugFBa48JdEfURbH7TPD7HckuQsxJsrAuat4SAAbR30vH9IZDob3pAiUVLKftP5UQ3NaZl/NB94KCsYX09i1JjDkSrLhePwTEokQfxuzCr1bG1BjrdApy6sOnQ8/enSK7UVCza8HJampmMVj6I+cl1N52/phaBZDX6kG90Na1bjsbkdyG9Hj1sauAQA3+wO8gTHtAK8vQJi/FvvHCjKnh4zjzU0kifiFg/6bBfFePoq3TLTKcsj2uksiQYIhyX/6B4A+EMdzSxnL9gNVdZVoRD+bu1sgLfABKMKTexDjoliwXGlefw8N0YuVaM4MX7tdHoiBqE7sRHLrjfOYxUh0B0Pj6SDOmmHN4zgVBBHKEI+q7nq8hp7CZmDG2Q4e+n9Vv8YipfxG+aL8sKdl8zUzHIEioOKXGggf7Y2b9V5t5wby42d5H186xUR2l45vZVfuPojC6VMX0pAaBs94srqh4F+6fTBHXbqQctN/ZcF6YK8wCJnsQp6X1aZcsNDKw2xdmBF4BkRTiJx+UYJqG2qaZF1CJVjNUl39LddSpErHuFa0f9CsqvB4kRAGUW5THgp0ByvQQ=
Referer
https://www.darkreading.com/
x-amz-date
20240802T051211Z
Authorization
AWS4-HMAC-SHA256 Credential=ASIAQ2DDO5RJT7XDQQ27/20240802/eu-west-1/execute-api/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token, Signature=b98dcb46405afc7730708ee217eeeaad0e05dfcbae4922f6b34b607aff98f051
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:12 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
x-amzn-remapped-content-length
3861
x-amzn-remapped-server
uvicorn
x-permitted-cross-domain-policies
none
content-security-policy
default-src 'self'; base-uri 'self'; block-all-mixed-content; font-src 'self' https: data:; frame-ancestors 'self'; img-src 'self' data:; object-src 'none'; script-src 'self'; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; require-trusted-types-for 'script'
content-encoding
gzip
cross-origin-embedder-policy
unsafe-none
x-amzn-requestid
06332080-c518-490c-9358-af8d56cd744b
x-amzn-remapped-connection
keep-alive
x-dns-prefetch-control
off
cf-cache-status
DYNAMIC
x-amz-apigw-id
b3Wa9G7zjoEF0hw=
x-xss-protection
1; mode=block, 0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
cross-origin-opener-policy
unsafe-none
x-download-options
noopen
x-frame-options
DENY, DENY
content-type
application/json
access-control-allow-origin
*
origin-agent-cluster
?1
cache-control
no-cache, no-store, must-revalidate,
cf-ray
8acb925438d07c5b-LAX
x-amzn-remapped-date
Fri, 02 Aug 2024 05:12:12 GMT
expires
0
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&sst=1&wf=1&ra=1&sgs=3&vb=9&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.E%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-aaloXHTrNoCnNCdOZzEnaNb66Z%2BcTnsOSyy9oU9P6JZYWukXqqJkIhT%2FncgZbY1D8fQ%3D&rs=1-MxqwasQST%2BDrDg%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1285&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&id=1&ii=4&f=0&j=&t=1722575529950&de=176802194964&cu=1722575529950&m=1065&ar=9cc5b3e58a7-clean&iw=b63ee96&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6735&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2595%3A2595%3A0%3A2606&as=1&ag=1056&an=5&gi=1&gf=1056&gg=5&ix=1056&ic=1056&ez=1&ck=1056&kw=851&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1056&bx=5&ci=1056&jz=851&dj=1&aa=0&ad=955&cn=0&gk=955&gl=0&ik=955&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=851&cd=9&ah=851&am=9&xd=00&rf=0&re=1&ft=955&fv=0&fw=955&wb=1&cl=0&at=0&d=80029947%3A3265433495%3A6405684951%3A138482815237&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&zMoatDev=Desktop&zMoatDfpSlotId=728_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=208210&na=1238856355&cs=0
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.242.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-242-22.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Aug 2024 05:12:11 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 02 Aug 2024 05:12:11 GMT
eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzIyNTc1NTI5eDkyNDE4Y2NlMGJlOWNjeDE5MDEzMzkwIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIxMDQxNDk0MDUzMjc0MDc2OCIsImluZGV4I...
track.celtra.com/json/
35 B
266 B
Ping
General
Full URL
https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzIyNTc1NTI5eDkyNDE4Y2NlMGJlOWNjeDE5MDEzMzkwIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIxMDQxNDk0MDUzMjc0MDc2OCIsImluZGV4IjowLCJjbGllbnRUaW1lc3RhbXAiOjE3MjI1NzU1MzAuNjQ1LCJuYW1lIjoiY29udGFpbmVyQmVjYW1lVmlld2FibGUiLCJiZWFjb24iOnRydWV9LHsic2Vzc2lvbklkIjoiczE3MjI1NzU1Mjl4OTI0MThjY2UwYmU5Y2N4MTkwMTMzOTAiLCJhY2NvdW50SWQiOiI0NGI3NGIzNSIsInN0cmVhbSI6ImFkRXZlbnRzIiwiaW5zdGFudGlhdGlvbiI6IjEwNDE0OTQwNTMyNzQwNzY4IiwiaW5kZXgiOjEsImNsaWVudFRpbWVzdGFtcCI6MTcyMjU3NTUzMC42NTksInNjb3BlIjoiZ2xvYmFsIiwidXNlckFnZW50IjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTI3LjAuMC4wIFNhZmFyaS81MzcuMzYiLCJvcmllbnRhdGlvbiI6MCwidG9wbW9zdFJlYWNoYWJsZVdpbmRvdyI6eyJ3aWR0aCI6MTYwMCwiaGVpZ2h0IjoxMjAwfSwiaG9zdFdpbmRvdyI6eyJ3aWR0aCI6NSwiaGVpZ2h0Ijo1fSwibmVzdGluZyI6eyJpZnJhbWUiOnRydWUsImZyaWVuZGx5SWZyYW1lIjp0cnVlLCJpYWJGcmllbmRseUlmcmFtZSI6dHJ1ZSwiaG9zdGlsZUlmcmFtZSI6ZmFsc2UsImlmcmFtZURlcHRoIjoxfSwicGFnZVZpc2liaWxpdHlBcGkiOnRydWUsInJlcXVlc3RBbmltYXRpb25GcmFtZSI6dHJ1ZSwidG9wV2luZG93TmF0aXZlUkFGU3VwcG9ydGVkIjp0cnVlLCJhbGxvd05vbk5hdGl2ZVJBRkZvclZpZXdhYmxlVGltZVVzZWQiOmZhbHNlLCJjbGllbnRUaW1lWm9uZU9mZnNldEluTWludXRlcyI6NjAwLCJzdXBwb3J0c0NvbnRhaW5lclZpZXdhYmlsaXR5Ijp0cnVlLCJzdXBwb3J0c0NvbnRhaW5lckluaXRpYWxWaWV3YWJpbGl0eSI6dHJ1ZSwidGFnUGFyZW50V2lkdGgiOjAsInRhZ1BhcmVudEhlaWdodCI6MCwiYW1wRGV0ZWN0ZWQiOmZhbHNlLCJhbXBOZXN0aW5nTGV2ZWwiOiIiLCJzYWZlRnJhbWVEZXRlY3RlZCI6ZmFsc2UsImZldGNoU3VwcG9ydGVkIjp0cnVlLCJhc2FwRW5hYmxlZCI6bnVsbCwibmF0aXZlUHJvbWlzZXNTdXBwb3J0ZWQiOnRydWUsImJlYWNvblN1cHBvcnRlZCI6dHJ1ZSwiSW50ZXJzZWN0aW9uT2JzZXJ2ZXJTdXBwb3J0ZWQiOnRydWUsImlzTXV0YXRpb25PYnNlcnZlclN1cHBvcnRlZCI6dHJ1ZSwid2ViVmlldyI6bnVsbCwiaXNXaW5kb3dPcGVuTmF0aXZlIjp0cnVlLCJwcm90b0xvYWRpbmciOnsiZGF0YUxvYWRTdGF0dXMiOiJzdXBwb3J0ZWQiLCJibG9iTG9hZFN0YXR1cyI6InN1cHBvcnRlZCJ9LCJ0b3BXaW5kb3dMb2NhdGlvbiI6Imh0dHBzOi8vd3d3LmRhcmtyZWFkaW5nLmNvbSIsInRvcFdpbmRvd0xvY2F0aW9uTGVuZ3RoIjoyNywibmFtZSI6ImVudmlyb25tZW50SW5mbyIsImJlYWNvbiI6dHJ1ZX0seyJzZXNzaW9uSWQiOiJzMTcyMjU3NTUyOXg5MjQxOGNjZTBiZTljY3gxOTAxMzM5MCIsImFjY291bnRJZCI6IjQ0Yjc0YjM1Iiwic3RyZWFtIjoiYWRFdmVudHMiLCJpbnN0YW50aWF0aW9uIjoiMTA0MTQ5NDA1MzI3NDA3NjgiLCJpbmRleCI6MiwiY2xpZW50VGltZXN0YW1wIjoxNzIyNTc1NTMxLjUzNiwibmFtZSI6ImNyZWF0aXZlTG9hZGVkIiwidmlld2FiaWxpdHkwME1lYXN1cmFibGUiOnRydWUsInZpZXdhYmlsaXR5NTAxTWVhc3VyYWJsZSI6dHJ1ZSwidmlld2FibGVUaW1lTWVhc3VyYWJsZSI6dHJ1ZSwiY2RuVmFyaWFudCI6Im5vbmUiLCJiZWFjb24iOnRydWV9LHsic2Vzc2lvbklkIjoiczE3MjI1NzU1Mjl4OTI0MThjY2UwYmU5Y2N4MTkwMTMzOTAiLCJhY2NvdW50SWQiOiI0NGI3NGIzNSIsInN0cmVhbSI6ImFkRXZlbnRzIiwiaW5zdGFudGlhdGlvbiI6IjEwNDE0OTQwNTMyNzQwNzY4IiwiaW5kZXgiOjMsImNsaWVudFRpbWVzdGFtcCI6MTcyMjU3NTUzMS41NTYsIm5hbWUiOiJ2aWV3cG9ydFBsYWNlbWVudEdlb21ldHJ5IiwicGFnZURpbWVuc2lvbnMiOnsiaGVpZ2h0Ijo2NzM1LCJ3aWR0aCI6MTYwMH0sInZpZXdwb3J0UG9zaXRpb25SZWN0Ijp7IndpZHRoIjoxNjAwLCJoZWlnaHQiOjEyMDAsImxlZnQiOjAsInRvcCI6MH0sImZpcnN0UGxhY2VtZW50UG9zaXRpb25SZWN0Ijp7ImxlZnQiOjEwMDYsInRvcCI6NjI0LjQ4NDM3NSwid2lkdGgiOjMwMCwiaGVpZ2h0Ijo2MDB9LCJiZWFjb24iOnRydWV9XX0=?crc32c=3300458274
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.55.58.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-58-100.compute-1.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Aug 2024 05:12:11 GMT
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
35
Expires
0
eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzIyNTc1NTI5eDkyNDE4Y2NlMGJlOWNjeDE5MDEzMzkwIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIxMDQxNDk0MDUzMjc0MDc2OCIsImluZGV4I...
track.celtra.com/json/
35 B
266 B
Ping
General
Full URL
https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzIyNTc1NTI5eDkyNDE4Y2NlMGJlOWNjeDE5MDEzMzkwIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIxMDQxNDk0MDUzMjc0MDc2OCIsImluZGV4Ijo0LCJjbGllbnRUaW1lc3RhbXAiOjE3MjI1NzU1MzEuNTYxLCJuYW1lIjoidmlld2FibGUwMCIsImNyaXRlcmlvbiI6eyJuYW1lIjoiQ29yZSIsInJhdGlvIjowLCJ0aW1lIjowfSwiYmVhY29uIjp0cnVlfSx7InNlc3Npb25JZCI6InMxNzIyNTc1NTI5eDkyNDE4Y2NlMGJlOWNjeDE5MDEzMzkwIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIxMDQxNDk0MDUzMjc0MDc2OCIsImluZGV4Ijo1LCJjbGllbnRUaW1lc3RhbXAiOjE3MjI1NzU1MzEuNTczLCJ1bml0TmFtZSI6ImJhbm5lciIsInVuaXRWYXJpYW50TG9jYWxJZCI6bnVsbCwic2NyZWVuTG9jYWxJZCI6MTM2OCwic2NyZWVuVGl0bGUiOiJSZXNvdXJjZXMiLCJzY3JlZW5Jc01hc3RlciI6ZmFsc2UsIm9iamVjdExvY2FsSWQiOm51bGwsIm9iamVjdE5hbWUiOm51bGwsIm9iamVjdENsYXp6IjpudWxsLCJpbml0aWF0aW9uVGltZXN0YW1wIjoxNzIyNTc1NTMxLjU3MywibmFtZSI6InNjcmVlblNob3duIiwiYmVhY29uIjp0cnVlfSx7InNlc3Npb25JZCI6InMxNzIyNTc1NTI5eDkyNDE4Y2NlMGJlOWNjeDE5MDEzMzkwIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIxMDQxNDk0MDUzMjc0MDc2OCIsImluZGV4Ijo2LCJjbGllbnRUaW1lc3RhbXAiOjE3MjI1NzU1MzEuNTc0LCJuYW1lIjoiY3JlYXRpdmVSZW5kZXJlZCIsImJlYWNvbiI6dHJ1ZX1dfQ==?crc32c=994655177
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.55.58.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-58-100.compute-1.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Aug 2024 05:12:11 GMT
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
35
Expires
0
iframe_api
www.youtube.com/ Frame D233
993 B
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3e7e2cf202d63f5433c0a41d0a6b8e1ec25aac18d1c4e249bfed2c18697379c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:11 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Fri, 02 Aug 2024 05:12:11 GMT
eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzIyNTc1NTI5eDkyNDE4Y2NlMGJlOWNjeDE5MDEzMzkwIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIxMDQxNDk0MDUzMjc0MDc2OCIsImluZGV4I...
track.celtra.com/json/
35 B
266 B
Ping
General
Full URL
https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzIyNTc1NTI5eDkyNDE4Y2NlMGJlOWNjeDE5MDEzMzkwIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIxMDQxNDk0MDUzMjc0MDc2OCIsImluZGV4Ijo3LCJjbGllbnRUaW1lc3RhbXAiOjE3MjI1NzU1MzEuNjA4LCJuYW1lIjoidmlld2FibGVUaW1lIiwiZnJvbSI6MTcyMjU3NTUzMS41NjIsInRvIjoxNzIyNTc1NTMxLjU2MiwiYmVhY29uIjp0cnVlfV19?crc32c=2466322380
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.55.58.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-58-100.compute-1.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Aug 2024 05:12:11 GMT
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
35
Expires
0
ping
ping.chartbeat.net/
43 B
201 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=darkreading.com&p=%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&u=CM3jzoCY86ZwDk9h9N&d=darkreading.com&g=53678&g0=Threat%20Intelligence&g1=Elizabeth%20Montalbano&g4=article&n=1&f=00001&c=0&x=0&m=0&y=6735&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&b=6978&t=BSzDpECFhE1gDIbBY5Bl50D_17ljV&V=147&i=Black%20Basta%20Develops%20Custom%20Malware%20in%20Wake%20of%20Qakbot%20Takedown&tz=600&sn=1&sv=CHC7wpyAmdnC8beNRCWvklqZBvc0&sr=external&sd=1&im=067b2fff&_
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.116.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-116-81.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
0
pragma
no-cache
date
Fri, 02 Aug 2024 05:12:11 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
content-type
image/gif
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&sst=1&wf=1&ra=1&sgs=3&vb=9&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.E%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-aaloXHTrNoCnNCdOZzEnaNb66Z%2BcTnsOSyy9oU9P6JZYWukXqqJkIhT%2FncgZbY1D8fQ%3D&rs=1-MxqwasQST%2BDrDg%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1285&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&id=1&ii=4&f=0&j=&t=1722575529950&de=176802194964&cu=1722575529950&m=1066&ar=9cc5b3e58a7-clean&iw=b63ee96&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6735&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2595%3A2595%3A0%3A2606&as=1&ag=1056&an=1056&gi=1&gf=1056&gg=1056&ix=1056&ic=1056&ez=1&ck=1056&kw=851&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1056&bx=1056&ci=1056&jz=851&dj=1&aa=0&ad=955&cn=955&gk=955&gl=955&ik=955&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=851&cd=851&ah=851&am=851&xd=00&rf=0&re=1&ft=955&fv=955&fw=955&wb=1&cl=0&at=0&d=80029947%3A3265433495%3A6405684951%3A138482815237&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&zMoatDev=Desktop&zMoatDfpSlotId=728_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=208210&na=1971462514&cs=0
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.242.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-242-22.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Aug 2024 05:12:11 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 02 Aug 2024 05:12:11 GMT
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&sst=1&wf=1&ra=1&sgs=3&vb=9&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.E%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-aaloXHTrNoCnNCdOZzEnaNb66Z%2BcTnsOSyy9oU9P6JZYWukXqqJkIhT%2FncgZbY1D8fQ%3D&rs=1-MxqwasQST%2BDrDg%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1285&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&id=1&ii=4&f=0&j=&t=1722575529950&de=176802194964&cu=1722575529950&m=1067&ar=9cc5b3e58a7-clean&iw=b63ee96&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6735&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2595%3A2595%3A0%3A2606&as=1&ag=1056&an=1056&gi=1&gf=1056&gg=1056&ix=1056&ic=1056&ez=1&ck=1056&kw=851&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1056&bx=1056&ci=1056&jz=851&dj=1&aa=0&ad=955&cn=955&gk=955&gl=955&ik=955&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=851&cd=851&ah=851&am=851&xd=00&rf=0&re=1&ft=955&fv=955&fw=955&wb=1&cl=0&at=0&d=80029947%3A3265433495%3A6405684951%3A138482815237&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&zMoatDev=Desktop&zMoatDfpSlotId=728_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=208210&na=1240127984&cs=0
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.242.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-242-22.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Aug 2024 05:12:11 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 02 Aug 2024 05:12:11 GMT
2610568
vc.hotjar.io/sessions/
0
232 B
XHR
General
Full URL
https://vc.hotjar.io/sessions/2610568?s=0.25&r=0.18903234660698698
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.46.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-46-102.iad55.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 02 Aug 2024 05:12:12 GMT
cache-control
no-store
via
1.1 c378d79f6d61c9af35c366d426990acc.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P2
x-amz-cf-id
LL2b37LhOJNSYYCIdaci4FqwZ8cqO7f2oaXb9gHQJHb9dxZnELGwJA==
x-cache
Miss from cloudfront
js_pageviews_itcyber_darkreading
eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/ Frame
0
0
Preflight
General
Full URL
https://eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/js_pageviews_itcyber_darkreading?modified=1722575531887
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.248.254 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-248-254.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-td-fetch-api,x-td-write-key
Access-Control-Request-Method
POST
Origin
https://www.darkreading.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, X-Requested-With, X-TD-Write-Key, X-TD-Fetch-Api, Content-Type
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.darkreading.com
access-control-max-age
7200
cache-control
no-store
date
Fri, 02 Aug 2024 05:12:12 GMT
strict-transport-security
max-age=31536000
js_pageviews_itcyber_darkreading
eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/
16 B
495 B
Fetch
General
Full URL
https://eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/js_pageviews_itcyber_darkreading?modified=1722575531887
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.248.254 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-248-254.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

X-TD-Write-Key
100/bb9cbe21de3db7a5428506d7528e45b2c801a48c
Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
X-TD-Fetch-Api
true
Content-Type
application/json

Response headers

date
Fri, 02 Aug 2024 05:12:13 GMT
strict-transport-security
max-age=31536000
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-origin
https://www.darkreading.com
p3p
CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Authorization, X-Requested-With, X-TD-Write-Key, X-TD-Fetch-Api, Content-Type
content-length
16
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&sst=1&wf=1&ra=1&sgs=3&vb=9&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.E%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-aaloXHTrNoCnNCdOZzEnaNb66Z%2BcTnsOSyy9oU9P6JZYWukXqqJkIhT%2FncgZbY1D8fQ%3D&rs=1-MxqwasQST%2BDrDg%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1285&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&id=1&ii=4&f=0&j=&t=1722575529950&de=176802194964&cu=1722575529950&m=1285&ar=9cc5b3e58a7-clean&iw=b63ee96&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6735&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2595%3A2595%3A0%3A2606&as=1&ag=1277&an=1056&gi=1&gf=1277&gg=1056&ix=1277&ic=1277&ez=1&ck=1056&kw=851&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1277&bx=1056&ci=1056&jz=851&dj=1&aa=1&ad=1176&cn=955&gn=1&gk=1176&gl=955&ik=1176&co=1176&cp=1060&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1060&cd=851&ah=1060&am=851&xd=00&rf=0&re=1&ft=1176&fv=955&fw=955&wb=1&cl=0&at=0&d=80029947%3A3265433495%3A6405684951%3A138482815237&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&zMoatDev=Desktop&zMoatDfpSlotId=728_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=208210&na=1803943266&cs=0
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.242.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-242-22.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Aug 2024 05:12:11 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 02 Aug 2024 05:12:11 GMT
www-widgetapi.js
www.youtube.com/s/player/bd3293c9/www-widgetapi.vflset/ Frame D233
31 KB
11 KB
Script
General
Full URL
https://www.youtube.com/s/player/bd3293c9/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1db2c0444aac40cc0d8cfc5cef921f9d8ef04c5e3b49dd0df39cf25a7132473
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 03:01:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
7829
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10557
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 04:11:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 02 Aug 2025 03:01:43 GMT
ed0
c.darkreading.com/com.iiris/ Frame
0
0
Preflight
General
Full URL
https://c.darkreading.com/com.iiris/ed0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:deab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.darkreading.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.darkreading.com
access-control-max-age
600
cf-cache-status
DYNAMIC
cf-ray
8acb92543dfd2f4a-LAX
content-length
0
date
Fri, 02 Aug 2024 05:12:12 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
ed0
c.darkreading.com/com.iiris/
2 B
222 B
Ping
General
Full URL
https://c.darkreading.com/com.iiris/ed0
Requested by
Host: static.iris.informa.com
URL: https://static.iris.informa.com/widgets/v3.0/sp/v3.21.0/sp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 02 Aug 2024 05:12:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
https://www.darkreading.com
access-control-allow-credentials
true
cf-ray
8acb92589a1d52e9-LAX
content-length
2
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&sst=1&wf=1&ra=1&sgs=3&vb=9&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.E%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-aaloXHTrNoCnNCdOZzEnaNb66Z%2BcTnsOSyy9oU9P6JZYWukXqqJkIhT%2FncgZbY1D8fQ%3D&rs=1-MxqwasQST%2BDrDg%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1285&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&id=1&ii=4&f=0&j=&t=1722575529978&de=284445935507&cu=1722575529978&m=1471&ar=9cc5b3e58a7-clean&iw=b63ee96&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6735&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2595%3A2595%3A0%3A2606&as=1&ag=1465&an=1022&gi=1&gf=1465&gg=1022&ix=1465&ic=1465&ez=1&ck=1022&kw=822&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1465&bx=1022&ci=1022&jz=822&dj=1&aa=1&ad=1166&cn=723&gn=1&gk=1166&gl=723&ik=1166&co=1166&cp=1251&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1251&cd=822&ah=1251&am=822&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4994984344%3A3543809234%3A6715770153%3A138476655131&bo=22316126855&bp=22339890152&bd=300_1v&zMoatPS=300_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=300x250&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&zMoatDev=Desktop&zMoatDfpSlotId=300_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=208210&na=1989591701&cs=0
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.242.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-242-22.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Aug 2024 05:12:12 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 02 Aug 2024 05:12:12 GMT
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&sst=1&wf=1&ra=1&sgs=3&vb=9&kq=1&lo=4&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.darkreading.com%2F%2Fthreat-intelligence%2F-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.E%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-aaloXHTrNoCnNCdOZzEnaNb66Z%2BcTnsOSyy9oU9P6JZYWukXqqJkIhT%2FncgZbY1D8fQ%3D&rs=1-MxqwasQST%2BDrDg%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1285&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&id=1&ii=4&f=0&j=&t=1722575529877&de=188433730894&cu=1722575529877&m=1746&ar=9cc5b3e58a7-clean&iw=b63ee96&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6735&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=96&vx=96%3A-%3A-&pe=1%3A2595%3A2595%3A0%3A2606&as=0&ag=83&an=0&gf=0&gg=0&ix=0&ic=0&ez=1&aj=1&pg=96&pf=0&ib=1&cc=0&bw=83&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=165&cd=0&ah=165&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4994984344%3A3543809234%3A6715770153%3A138476655617&bo=22316126855&bp=22339890152&bd=resource_v&zMoatPS=resource_v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=5x5&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&zMoatDev=Desktop&zMoatDfpSlotId=resource_v&hv=Celtra%20API&ab=3&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=208210&na=771106153&cs=0
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.242.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-242-22.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Aug 2024 05:12:12 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 02 Aug 2024 05:12:12 GMT
nr-spa-1.263.0.min.js
js-agent.newrelic.com/
109 KB
32 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-spa-1.263.0.min.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2602:816:5001::39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a974fe46929964e7412266b8e9875d6bde9a2ea653f4575545816411ebbf1d3c
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.darkreading.com/
Origin
https://www.darkreading.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
oLb1otsUXa7Z.za6PGrVFedM1_vPvjuZ
content-encoding
br
via
1.1 varnish
date
Fri, 02 Aug 2024 05:12:12 GMT
strict-transport-security
max-age=300
x-amz-request-id
E1PJ2DH7811ZWZAQ
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
31897
x-amz-id-2
zvK/9JAAft34C88LVdGOPTJOe7g9Vxhsll7O9NqB14icxLd5EGEyFL3E2KzUd5yJA+sr5gKBPmI=
x-served-by
cache-lax-kwhp1940139-LAX
last-modified
Thu, 25 Jul 2024 23:28:25 GMT
server
AmazonS3
etag
"251fca68c40d5bfc49721a4b1d3a8b47"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
69534
sodar
pagead2.googlesyndication.com/getconfig/
17 KB
13 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202407290201&st=env
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f156.1e100.net
Software
cafe /
Resource Hash
180d4deaa6a8b5b4fc89387011a4c0f365d655cd734b4f0b5ca0cd81f2281f40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12930
x-xss-protection
0
rum
www.darkreading.com/cdn-cgi/
0
208 B
XHR
General
Full URL
https://www.darkreading.com/cdn-cgi/rum?
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-NewRelic-ID
Vw8EV1VXABAFVVVSAggEVlE=
Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
tracestate
3288925@nr=0-1-3936348-538480682-e337a716224ae3cc----1722575532315
traceparent
00-909fda42847d786e9c971fce6100eeac-e337a716224ae3cc-01
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM5MzYzNDgiLCJhcCI6IjUzODQ4MDY4MiIsImlkIjoiZTMzN2E3MTYyMjRhZTNjYyIsInRyIjoiOTA5ZmRhNDI4NDdkNzg2ZTljOTcxZmNlNjEwMGVlYWMiLCJ0aSI6MTcyMjU3NTUzMjMxNSwidGsiOiIzMjg4OTI1In19
content-type
application/json

Response headers

date
Fri, 02 Aug 2024 05:12:12 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.darkreading.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
8acb92552ebc52e9-LAX
darkreading-DSJITCUD.ico
www.darkreading.com/build/_assets/
7 KB
3 KB
Other
General
Full URL
https://www.darkreading.com/build/_assets/darkreading-DSJITCUD.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ddab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4af04cf7a5f045d2a21abb3f93d90f175680f07b9ccecb1d5559864b9716cca
Security Headers
Name Value
Strict-Transport-Security max-age=3153600000

Request headers

Referer
https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:12 GMT
strict-transport-security
max-age=3153600000
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 17 Jun 2024 14:36:48 GMT
server
cloudflare
age
3699735
etag
W/"1cee-19026a11000"
vary
Accept-Encoding
content-type
image/x-icon
cache-control
public, max-age=31536000, immutable
cf-ray
8acb92553ed252e9-LAX
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 05:12:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 02 Aug 2024 05:12:12 GMT
NRJS-26ae6a3b09493bbcc87
bam.eu01.nr-data.net/1/
150 B
660 B
XHR
General
Full URL
https://bam.eu01.nr-data.net/1/NRJS-26ae6a3b09493bbcc87?a=514059305&v=1.263.0&to=MhBSZQoZWEEDU0ZaXgtafl4KFVdeC0pXV2QXHB8b&rst=7868&ck=0&s=088783d727f0996a&ref=https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown&ptid=572d2a985034ce10&tt=30926d5f93383030&af=err,spa,xhr,stn,ins&ap=118.516753&be=1919&fe=5720&dc=1042&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1722575524669,%22n%22:0,%22f%22:0,%22dn%22:4,%22dne%22:4,%22c%22:4,%22s%22:64,%22ce%22:144,%22rq%22:144,%22rp%22:1920,%22rpe%22:1929,%22di%22:2606,%22ds%22:2961,%22de%22:2961,%22dc%22:7627,%22l%22:7627,%22le%22:7639%7D,%22navigation%22:%7B%7D%7D&fp=2595&fcp=2595
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.221.87.23 , Ireland, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e4ab905d340d126da8be000f5f8adf2f53937c740847bd73120e7cc99697a2e6

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 02 Aug 2024 05:12:13 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.darkreading.com
access-control-expose-headers
Date
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
cross-origin-resource-policy
cross-origin
Connection
keep-alive
timing-allow-origin
https://www.darkreading.com
Content-Length
150
x-served-by
cache-lax-kwhp1940145-LAX
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3272
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.darkreading.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
87176
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 01 Aug 2024 04:59:16 GMT
expires
Fri, 01 Aug 2025 04:59:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1B5B
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f99.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TcN-ExVOt6sbVWru41OZCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.darkreading.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-TcN-ExVOt6sbVWru41OZCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 02 Aug 2024 05:12:12 GMT
expires
Fri, 02 Aug 2024 05:12:12 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&sst=1&wf=1&ra=1&sgs=3&vb=9&kq=1&lo=4&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.E%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-aaloXHTrNoCnNCdOZzEnaNb66Z%2BcTnsOSyy9oU9P6JZYWukXqqJkIhT%2FncgZbY1D8fQ%3D&rs=1-MxqwasQST%2BDrDg%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1285&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&id=1&ii=4&f=0&j=&t=1722575529877&de=188433730894&cu=1722575529877&m=2803&ar=9cc5b3e58a7-clean&iw=b63ee96&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6859&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=96&vx=96%3A96%3A-&pe=1%3A2595%3A2595%3A7639%3A2606&as=1&ag=1148&an=83&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1148&kw=1029&aj=1&pg=96&pf=96&ib=1&cc=1&bw=1148&bx=83&ci=1148&jz=1029&dj=1&aa=1&ad=1045&cn=0&gk=0&gl=0&ik=0&co=1045&cp=1029&cq=1&im=0&in=0&pd=0&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1029&cd=165&ah=1029&am=165&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4994984344%3A3543809234%3A6715770153%3A138476655617&bo=22316126855&bp=22339890152&bd=resource_v&zMoatPS=resource_v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=5x5&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&zMoatDev=Desktop&zMoatDfpSlotId=resource_v&hv=Exps%3A%20Celtra%20Banner%2FVideo%20%7C%20Celtra%20API&ab=3&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=208210&na=361924455&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.242.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-242-22.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Aug 2024 05:12:12 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 02 Aug 2024 05:12:12 GMT
utsync.ashx
ml314.com/ Frame 7312
684 B
1 KB
Script
General
Full URL
https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=62439&ct=js&pi=&fp=&clid=&if=1&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&pv=1722575530115_d6hqkimgj&bl=en-us&cb=5010704&return=&ht=&d=&dc=&si=1722575530115_d6hqkimgj&cid=&s=1600x1200&rp=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&v=2.7.4.212
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?172024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
c18da00df50fd49ef0af95e36f0cbc23e6352a26fc9486857c8433579141fd41

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Aug 2024 05:12:13 GMT
via
1.1 google
server
Google Frontend
content-type
application/javascript
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
ud.ashx
in.ml314.com/ Frame 7312
20 B
482 B
Script
General
Full URL
https://in.ml314.com/ud.ashx?topiclimit=&cb=172024&v=2.7.4.212
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?172024
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.127.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-127-96.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Fri, 02 Aug 2024 05:12:13 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public
Connection
keep-alive
Content-Length
138
Expires
Sat, 03 Aug 2024 05:12:13 GMT
demconf.jpg
dpm.demdex.net/ Frame 7312
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3646000189433446416&redir=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3646000189433446416&redir=
42 B
716 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3646000189433446416&redir=
Protocol
H2
Server
52.4.115.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-115-144.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

dcs
dcs-prod-va6-2-v062-07458f0eb.edge-va6.demdex.com 3 ms
pragma
no-cache
date
Fri, 02 Aug 2024 05:12:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
rwVEj/omQ8o=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-va6-2-v062-046d16f18.edge-va6.demdex.com 0 ms
pragma
no-cache
date
Fri, 02 Aug 2024 05:12:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
n1NLABP3SLw=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3646000189433446416&redir=
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
csync.ashx
ml314.com/ Frame 7312
Redirect Chain
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3646000189433446416
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzY0NjAwMDE4OTQzMzQ0NjQxNhAAGg0IrdWxtQYSBQjoBxAAQgBKAA
  • https://ml314.com/csync.ashx?fp=b68de5f3dddbb15c7dd0e4bfaaf461c0d0051f025d272492837c747b5a15f164f4cb09cee1a4f8eb&person_id=3646000189433446416&eid=50082
43 B
56 B
Image
General
Full URL
https://ml314.com/csync.ashx?fp=b68de5f3dddbb15c7dd0e4bfaaf461c0d0051f025d272492837c747b5a15f164f4cb09cee1a4f8eb&person_id=3646000189433446416&eid=50082
Protocol
H3
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 02 Aug 2024 05:12:13 GMT
via
1.1 google
server
Google Frontend
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 03 Aug 2024 05:12:13 GMT

Redirect headers

date
Fri, 02 Aug 2024 05:12:13 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ml314.com/csync.ashx?fp=b68de5f3dddbb15c7dd0e4bfaaf461c0d0051f025d272492837c747b5a15f164f4cb09cee1a4f8eb&person_id=3646000189433446416&eid=50082
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
utsync.ashx
ml314.com/ Frame 7312
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1
  • https://ml314.com/utsync.ashx?eid=53819&et=0&fp=75815118-9f95-4dfa-8d38-a50cb7f5c70b&gdpr=0&gdpr_consent=
43 B
61 B
Image
General
Full URL
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=75815118-9f95-4dfa-8d38-a50cb7f5c70b&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Aug 2024 05:12:13 GMT
via
1.1 google
server
Google Frontend
content-type
image/gif
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0,Sat, 03 Aug 2024 05:12:13 GMT

Redirect headers

location
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=75815118-9f95-4dfa-8d38-a50cb7f5c70b&gdpr=0&gdpr_consent=
date
Fri, 02 Aug 2024 05:12:13 GMT
server
Kestrel
content-length
241
csync.ashx
ml314.com/ Frame 7312
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3646000189433446416
  • https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3646000189433446416
  • https://ml314.com/csync.ashx?fp=c92bf32525d366224bccdb2d390f2f40&eid=50146&person_id=3646000189433446416
43 B
56 B
Image
General
Full URL
https://ml314.com/csync.ashx?fp=c92bf32525d366224bccdb2d390f2f40&eid=50146&person_id=3646000189433446416
Protocol
H3
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 02 Aug 2024 05:12:13 GMT
via
1.1 google
server
Google Frontend
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 03 Aug 2024 05:12:13 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Aug 2024 05:12:13 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://ml314.com/csync.ashx?fp=c92bf32525d366224bccdb2d390f2f40&eid=50146&person_id=3646000189433446416
cache-control
no-cache
x-server
10.40.6.35
content-length
0
expires
0
match
ps.eyeota.net/ Frame 7312
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
  • https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
  • https://ml314.com/utsync.ashx?eid=50052&et=0&fp=27IebYdpXpoZ9UHGNOvkFzmtnVOdXN3gUgNwJ5zh_PYQ&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_p...
  • https://ml314.com/csync.ashx?fp=27IebYdpXpoZ9UHGNOvkFzmtnVOdXN3gUgNwJ5zh_PYQ&person_id=3646000189433446416&eid=50052&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referre...
  • https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
70 B
440 B
Image
General
Full URL
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Protocol
HTTP/1.1
Server
18.207.77.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-77-150.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Date
Fri, 02 Aug 2024 05:12:14 GMT
Content-Length
70
Content-Type
image/gif

Redirect headers

date
Fri, 02 Aug 2024 05:12:14 GMT
via
1.1 google
server
Google Frontend
content-type
image/gif
location
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
x-cloud-trace-context
b749c2660383e695f924530ecd80db85
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Sat, 03 Aug 2024 05:12:14 GMT
NRJS-26ae6a3b09493bbcc87
bam.eu01.nr-data.net/events/1/
24 B
346 B
XHR
General
Full URL
https://bam.eu01.nr-data.net/events/1/NRJS-26ae6a3b09493bbcc87?a=514059305&v=1.263.0&to=MhBSZQoZWEEDU0ZaXgtafl4KFVdeC0pXV2QXHB8b&rst=8953&ck=0&s=088783d727f0996a&ref=https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown&ptid=572d2a985034ce10
Requested by
Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-develops-custom-malware-in-wake-of-qakbot-takedown
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.221.87.23 , Ireland, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 02 Aug 2024 05:12:13 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
image/gif
access-control-allow-origin
https://www.darkreading.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
24
x-served-by
cache-lax-kwhp1940139-LAX
sodar
pagead2.googlesyndication.com/pagead/
0
0

pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&sst=1&wf=1&ra=1&sgs=3&vb=9&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.E%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-aaloXHTrNoCnNCdOZzEnaNb66Z%2BcTnsOSyy9oU9P6JZYWukXqqJkIhT%2FncgZbY1D8fQ%3D&rs=1-MxqwasQST%2BDrDg%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1285&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&id=1&ii=4&f=0&j=&t=1722575529950&de=176802194964&cu=1722575529950&m=5144&ar=9cc5b3e58a7-clean&iw=b63ee96&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6859&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2595%3A2595%3A7639%3A2606&as=1&ag=5136&an=1277&gi=1&gf=5136&gg=1277&ix=5136&ic=5136&ez=1&ck=1056&kw=851&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5136&bx=1277&ci=1056&jz=851&dj=1&aa=1&ad=5035&cn=1176&gn=1&gk=5035&gl=1176&ik=5035&co=1176&cp=1060&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4939&cd=1060&ah=4939&am=1060&xd=00&rf=0&re=1&ft=4935&fv=1176&fw=955&wb=2&cl=0&at=0&d=80029947%3A3265433495%3A6405684951%3A138482815237&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&zMoatDev=Desktop&zMoatDfpSlotId=728_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=208210&na=918654232&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.242.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-242-22.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Aug 2024 05:12:15 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 02 Aug 2024 05:12:15 GMT
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&sst=1&wf=1&ra=1&sgs=3&vb=9&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.E%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-aaloXHTrNoCnNCdOZzEnaNb66Z%2BcTnsOSyy9oU9P6JZYWukXqqJkIhT%2FncgZbY1D8fQ%3D&rs=1-MxqwasQST%2BDrDg%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1285&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&id=1&ii=4&f=0&j=&t=1722575529978&de=284445935507&cu=1722575529978&m=5313&ar=9cc5b3e58a7-clean&iw=b63ee96&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6859&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A2595%3A2595%3A7639%3A2606&as=1&ag=1569&an=1465&gi=1&gf=1569&gg=1465&ix=1569&ic=1569&ez=1&ck=1022&kw=822&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1569&bx=1465&ci=1022&jz=822&dj=1&aa=1&ad=1270&cn=1166&gn=1&gk=1270&gl=1166&ik=1270&co=1166&cp=1251&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5107&cd=1251&ah=5107&am=1251&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4994984344%3A3543809234%3A6715770153%3A138476655131&bo=22316126855&bp=22339890152&bd=300_1v&zMoatPS=300_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=300x250&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&zMoatDev=Desktop&zMoatDfpSlotId=300_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=208210&na=1928662705&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.242.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-242-22.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Aug 2024 05:12:15 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 02 Aug 2024 05:12:15 GMT
pixel.gif
px.moatads.com/
0
0

pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&sst=1&wf=1&ra=1&sgs=3&vb=9&kq=1&lo=4&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.E%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-aaloXHTrNoCnNCdOZzEnaNb66Z%2BcTnsOSyy9oU9P6JZYWukXqqJkIhT%2FncgZbY1D8fQ%3D&rs=1-MxqwasQST%2BDrDg%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1285&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&id=1&ii=4&f=0&j=&t=1722575529877&de=188433730894&cu=1722575529877&m=6823&ar=9cc5b3e58a7-clean&iw=b63ee96&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6859&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=96&vx=96%3A96%3A-&pe=1%3A2595%3A2595%3A7639%3A2606&as=1&ag=5167&an=1148&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1148&kw=1029&aj=1&pg=96&pf=96&ib=1&cc=1&bw=5167&bx=1148&ci=1148&jz=1029&dj=1&aa=1&ad=5064&cn=1045&gk=0&gl=0&ik=0&co=1045&cp=1029&cq=1&im=0&in=0&pd=0&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5048&cd=1029&ah=5048&am=1029&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4994984344%3A3543809234%3A6715770153%3A138476655617&bo=22316126855&bp=22339890152&bd=resource_v&zMoatPS=resource_v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=5x5&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&zMoatDev=Desktop&zMoatDfpSlotId=resource_v&hv=Exps%3A%20Celtra%20Banner%2FVideo%20%7C%20Celtra%20API&ab=3&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=208210&na=1076234745&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.242.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-242-22.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Aug 2024 05:12:16 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 02 Aug 2024 05:12:16 GMT
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&sst=1&wf=1&ra=1&sgs=3&vb=9&kq=1&lo=4&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.E%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-aaloXHTrNoCnNCdOZzEnaNb66Z%2BcTnsOSyy9oU9P6JZYWukXqqJkIhT%2FncgZbY1D8fQ%3D&rs=1-MxqwasQST%2BDrDg%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1285&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&id=1&ii=4&f=0&j=&t=1722575529877&de=188433730894&cu=1722575529877&m=7025&ar=9cc5b3e58a7-clean&iw=b63ee96&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6859&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=96&vx=96%3A96%3A-&pe=1%3A2595%3A2595%3A7639%3A2606&as=1&ag=5369&an=5167&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1148&kw=1029&aj=1&pg=96&pf=96&ib=1&cc=1&bw=5369&bx=5167&ci=1148&jz=1029&dj=1&aa=1&ad=5266&cn=5064&gk=0&gl=0&ik=0&co=1045&cp=1029&cq=1&im=0&in=0&pd=0&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5249&cd=5048&ah=5249&am=5048&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4994984344%3A3543809234%3A6715770153%3A138476655617&bo=22316126855&bp=22339890152&bd=resource_v&zMoatPS=resource_v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=5x5&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&zMoatDev=Desktop&zMoatDfpSlotId=resource_v&hv=Exps%3A%20Celtra%20Banner%2FVideo%20%7C%20Celtra%20API&ab=3&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=208210&na=190978097&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.242.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-242-22.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.darkreading.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Aug 2024 05:12:16 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 02 Aug 2024 05:12:16 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202407290201&jk=143065297215549&bg=!UlGlUR7NAAZjy5caQ8s7ADQBe5WfOGfbOlRksnMEnuGzhOp39YE9zmqf9jeEK-IZjlyW3oZPLTPpN42sU_ABtCgJ_WRkAgAAAFNSAAAABWgBB34ANi8eQHF1_9NEqw7DzTwAKM9LXwnRzLqRzSrJhXRZqkxiWfC_n39lDtb9d0bb8-BYBqrBwpN8s5kCu4t83RL-QNeppWS4JFEuD1HqMuBHTlRuU_bi2QI550PAGA4wbvb_YVwgjPhtWTNHCON4TVPjujtX9Q17LWPQIB8P2u-M0SJP7unGWt16HQ9G-tsVobRAFxJDylOuzaw5VU8J1Ip2WwOAMAtuwCXdGlq40yZt9CimEeTd3z9rloE3WyDEbYlu962gmHE_4kDDOd8KQS429zlJzRsdxScohFKz4y2vurQjkZVL-_RglUcmHDaFwVsqS24xp0aVl0atCtlNKlrFRkr49PGLb5AlCCKM52yep1lqcPM3kzDZu9AbBWDhY4bNf6WLXPkCquzICX5ZG6d1VGVYsqBFCuD7aO0kGuYaD2zFPq2h1qa1m40ukExSjRO7xmZ-w5F82iNhZ75wTWTdulKnILYbZbT0D5mFNPBUMLt7_of9X0VEfz9aj7P7P_fv9obLnAFUg6DTcUDuc_ZttG6LaaVGRl6RryfEiAAEyxKdcvVkb8jP2wrioAmJiPCLN5k5yqtj9HmqtlQvwzk53agq812b2Jaq7-OKCfR59sYMx-CGk3kvN3m9hoVLhQOWSYYZNCJH79zWRNcF0TbnV5H2Fg435ib_T8Kvpf4AyPkdCt6VALr3OmfJYSDGnPza3odhCToMWIsUV7G_IhDEaaUAQkfgV8hA2uf7PqWBbXd0zKWuKgitjUu9k266V7YS2Jeexj86hlN-jrh3TY4kLurLoCaBJaBguW40rEz7tW07J81MUTSCzt20qxRgXOZtHVqCMdub0dvN9DKsIzxUjTljy26hL-fnOOtdyPArctzFzlG9Efo1FYDnikXW8xC5PyM7ERt86S2a5yTpRAL04HFW50ZJO9N3yGoU04l_4HxoK6N6WwsUI6uZZtWGvHzVXlEo_zJyS7o5xAFCWlt1b2GgexLkVLDAbokVCCpm81_5xwbFGg
Domain
px.moatads.com
URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&sst=1&wf=1&ra=1&sgs=3&vb=9&kq=1&lo=4&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.E%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-aaloXHTrNoCnNCdOZzEnaNb66Z%2BcTnsOSyy9oU9P6JZYWukXqqJkIhT%2FncgZbY1D8fQ%3D&rs=1-MxqwasQST%2BDrDg%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1285&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&id=1&ii=4&f=0&j=&t=1722575529877&de=188433730894&cu=1722575529877&m=6823&ar=9cc5b3e58a7-clean&iw=b63ee96&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6859&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=96&vx=96%3A96%3A-&pe=1%3A2595%3A2595%3A7639%3A2606&as=1&ag=5167&an=1148&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1148&kw=1029&aj=1&pg=96&pf=96&ib=1&cc=1&bw=5167&bx=1148&ci=1148&jz=1029&dj=1&aa=1&ad=5064&cn=1045&gk=0&gl=0&ik=0&co=1045&cp=1029&cq=1&im=0&in=0&pd=0&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5048&cd=1029&ah=5048&am=1029&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4994984344%3A3543809234%3A6715770153%3A138476655617&bo=22316126855&bp=22339890152&bd=resource_v&zMoatPS=resource_v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=5x5&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&zMoatDev=Desktop&zMoatDfpSlotId=resource_v&hv=Exps%3A%20Celtra%20Banner%2FVideo%20%7C%20Celtra%20API&ab=3&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=208210&na=1076234745&cs=0

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 function| OptanonWrapper object| NREUM object| webpackChunk:NRBA-1.263.0.PROD object| newrelic object| dataLayer object| __remixContext object| __remixManifest string| __reactRouterVersion object| __remixRouteModules object| __cfBeacon object| FB object| __remixRouter object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue object| otStubData object| google_tag_manager number| sessionPageCt string| originalLocation function| onYouTubeIframeAPIReady object| google_reactive_ads_global_state object| __buffer object| Optanon object| OneTrust function| gtag string| OnetrustActiveGroups string| OptanonActiveGroups object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NDVmNThmNzIxMmYwYzdjNmxvYWRlcl9qcw== string| NDVmNThmNzIxMmYwYzdjNmNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| google_tag_topics_state number| google_unique_id object| Moat#G26 boolean| Moat#EVA object| MoatSuperV26 boolean| attachedML boolean| google_empty_script_included boolean| 76cc8538-0c64-4baa-bacf-384b092df17d function| _ object| FontAwesomeConfig object| ___FONT_AWESOME___ object| __SENTRY__ object| iris-recommend-widget object| __CELTRA object| script object| _sf_async_config object| _elqQ function| hj object| _hjSettings object| gaGlobal object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| IIRISTracker object| GlobalSnowplowNamespace function| snowplow function| Treasure object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| ube object| GoogleGcLKhOms object| google_image_requests

39 Cookies

Domain/Path Name / Value
.darkreading.com/ Name: __cf_bm
Value: Aq6u.ZTdO29ni6w0WY_1roJ.4Pi7gU5PwJqjT03I.GE-1722575526-1.0.1.1-He5HQ9m2A.e.HD3B7N28J2EGhK7jHxy3I4sUCyX1W8gY.TQLrMFtB_cCdYvOGBi_ntl78SsiSLfvHhg53XGGPw
.darkreading.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Thu+Aug+01+2024+19%3A12%3A08+GMT-1000+(Hawaii-Aleutian+Standard+Time)&version=202404.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=cb0f3466-19d1-4380-adbc-28b079931686&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-develops-custom-malware-in-wake-of-qakbot-takedown&groups=C0001%3A1%2CC0003%3A1%2CSPD_BG%3A1%2CC0002%3A1%2CC0004%3A1
.darkreading.com/ Name: __gads
Value: ID=b072d65cdbf19524:T=1722575528:RT=1722575528:S=ALNI_MZf5UXD10dvnXVCaUhMqOQAs9Ii2Q
.darkreading.com/ Name: __gpi
Value: UID=00000ec637734bb6:T=1722575528:RT=1722575528:S=ALNI_MZtkctvT49b5kjAN4oB4lEaY5ZTSw
.darkreading.com/ Name: __eoi
Value: ID=bfec8a8ae963ecac:T=1722575528:RT=1722575528:S=AA-AfjYROUwFo_0KpGDJg_6OSFsK
.doubleclick.net/ Name: IDE
Value: AHWqTUnrSpuL-ILNQbeC2hjx1f6xoG3mQm-sLJuXQhT0yHzpT3kkldE9SLnlbIfKWvo
.darkreading.com/ Name: FCNEC
Value: %5B%5B%22AKsRol-CY7hRDbDovWg1uNI8L9Z1ilU0RdpOdARB7KaCs2VniIeFgY5GFIl8j6HswGb7OVhZa2LLBvh1p4VdBwPkYLUy1TL0Spp0xRMognntXRyOeEl5YmHogT0G-JxLAA9cYbo8JI7en-sbviJwvitlGpEBga43SQ%3D%3D%22%5D%5D
.darkreading.com/ Name: _gcl_au
Value: 1.1.1700003467.1722575531
.js.ubembed.com/ Name: __cf_bm
Value: UiuJmAqufZZXdGwzIjHc1yZ9M1lUkpZcFTpn1JgFe_4-1722575531-1.0.1.1-_.CBIB6CZp2K8B3ag.pqiKo5ZxwzMyHX7lkJyQ.O6xlunfggfVsjqfS5PrOmcZh3rYJSjxoBbor1BBNw.nsDIA
.darkreading.com/ Name: _ga_1X1EHQ3PFR
Value: GS1.1.1722575531.1.0.1722575531.60.0.0
.darkreading.com/ Name: _ga
Value: GA1.1.959816986.1722575531
.darkreading.com/ Name: _cb
Value: CM3jzoCY86ZwDk9h9N
.darkreading.com/ Name: _chartbeat2
Value: .1722575531637.1722575531637.1.CHC7wpyAmdnC8beNRCWvklqZBvc0.1
.darkreading.com/ Name: _cb_svref
Value: external
.darkreading.com/ Name: _hjSessionUser_2610568
Value: eyJpZCI6ImU3MDU5MDczLWQxNjUtNTE2MC1hOWVhLTI4MzExZmQ4ZGJmNSIsImNyZWF0ZWQiOjE3MjI1NzU1MzE4NTcsImV4aXN0aW5nIjpmYWxzZX0=
.darkreading.com/ Name: _hjSession_2610568
Value: eyJpZCI6ImVjZWYyZGFlLTc3NjMtNDkxZi1iMDRkLTQwYmMyYTAwM2Y2NSIsImMiOjE3MjI1NzU1MzE4NTksInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.darkreading.com/ Name: __td_signed
Value: true
.darkreading.com/ Name: _td
Value: 1969a0df-9111-4b60-bbef-2435038f780a
.youtube.com/ Name: YSC
Value: hKnWtbo-5TA
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: vuGms3B9LHk
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJVUxIEGgAgWw%3D%3D
.darkreading.com/ Name: _sp_ses.94c4
Value: *
.darkreading.com/ Name: _sp_id.94c4
Value: 6ee4f015-7e88-497f-a849-e7a53f2731c8.1722575532.1.1722575532..bb32dc9d-394c-48d3-b4cc-8ccf12aa1337..82be09cb-fc7e-4aa4-bd3c-a6052a124fb9.1722575532022.1
www.darkreading.com/ Name: _iris_cdl
Value: Ki50cmFkZXB1Yi5jb20=
.in.treasuredata.com/ Name: _td_global
Value: 20fd171b-6e31-45bd-aaf1-06244dd2b22a
.ml314.com/ Name: pi
Value: 3646000189433446416
.ml314.com/ Name: tp
Value: 4%253B08%252F02%252F2024%2B05%253A12%253A13%253B0
.rlcdn.com/ Name: rlas3
Value: OddeShy3kfpwzI225pVk3Nk/y6vwfm0x9btFQD4F5tw=
.adsrvr.org/ Name: TDID
Value: 75815118-9f95-4dfa-8d38-a50cb7f5c70b
.darkreading.com/ Name: sp
Value: 5846f37f-9218-40ac-ba00-537449a94a7d
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHZDB0cm8xahILCMrnjLz2rpk9EAUYBSABKAIyCwjSuaLojK-ZPRAFOAE.
.rlcdn.com/ Name: pxrc
Value: CK3VsbUGEgUI6AcQABIFCNtOEAA=
.demdex.net/ Name: demdex
Value: 21697297525428913031624545928465193055
.eyeota.net/ Name: mako_uid
Value: 1911180b65e-1ca80000010a4ef3
.eyeota.net/ Name: SERVERID
Value: 20211~DM
.ml314.com/ Name: u
Value: aHR0cHM6Ly93d3cuZGFya3JlYWRpbmcuY29tLw%3D%3D
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: c92bf32525d366224bccdb2d390f2f40
.dpm.demdex.net/ Name: dpm
Value: 21697297525428913031624545928465193055

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=3153600000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2332d90f7fe5d7eb5e5211c1387dd142.safeframe.googlesyndication.com
6600d6d98e534115970f9529a45f3195.js.ubembed.com
ads.celtra.com
analytics.google.com
api.iiris.com
assets.ubembed.com
bam.eu01.nr-data.net
c.darkreading.com
cache-ssl.celtra.com
cdn.cookielaw.org
cdn.treasuredata.com
cognito-identity.eu-west-1.amazonaws.com
connect.facebook.net
dpm.demdex.net
eu-images.contentstack.com
eu01.in.treasuredata.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
geolocation.onetrust.com
idsync.rlcdn.com
in.ml314.com
js-agent.newrelic.com
marketingplatform.google.com
match.adsrvr.org
mb.moatads.com
ml314.com
pagead2.googlesyndication.com
ping.chartbeat.net
ps.eyeota.net
px.moatads.com
script.hotjar.com
securepubads.g.doubleclick.net
static.chartbeat.com
static.cloudflareinsights.com
static.hotjar.com
static.iris.informa.com
stats.g.doubleclick.net
sync.crwdcntrl.net
tpc.googlesyndication.com
track.celtra.com
vc.hotjar.io
www.darkreading.com
www.google.com
www.googletagmanager.com
www.youtube.com
www3.doubleclick.net
z.moatads.com
pagead2.googlesyndication.com
px.moatads.com
104.18.11.34
104.18.37.149
107.23.203.136
108.138.64.36
129.158.248.135
13.249.39.4
13.249.39.75
142.251.111.101
142.251.179.156
15.197.193.217
151.101.66.137
157.240.229.1
172.253.115.99
172.253.62.154
172.253.62.157
18.160.41.53
18.160.46.102
18.194.248.254
18.207.77.150
185.221.87.23
23.221.242.22
2600:9000:24f3:6800:18:1fcd:354:4b41
2602:816:5001::39
2606:4700::6810:4f49
2606:4700::6810:ddab
2606:4700::6810:deab
2606:4700::6812:1d7f
2606:4700::6812:572a
2607:f8b0:4004:c06::8b
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c09::65
2607:f8b0:4004:c0b::5d
2607:f8b0:4004:c0b::61
2607:f8b0:4004:c19::66
2607:f8b0:4004:c1d::84
2607:f8b0:4004:c1d::9c
2607:f8b0:4004:c21::5e
2607:f8b0:4004:c21::8a
2a03:2880:f003:100:face:b00c:0:3
2a05:d018:94a:8a00:b0a6:9d44:1ea3:2198
3.162.125.49
34.117.77.79
35.244.154.8
44.193.116.81
52.4.115.144
52.55.58.100
52.86.20.97
54.167.127.96
99.84.191.77
05c58c759cab8d50d5e7f9d3b2faedcc0dd45fa3fb50899a224363a1dea93605
066ccd2ff2244eab628da774d59d3a3e4abeabdf870ecb7458bb7a9074222256
06c0edbfc1b871fb45195265f5faad3e23191305f6ff2125557a9fbc287c8992
0773e22420c5ba45dbfe78f2e7fa2139b7a8931e5868a3c87a7aca4c610a3f18
084fa97c30e1c546202822d0f0ed643b669b750f5703f6002c8e25315b439044
09077d0e34ff67e6f7aec9ad6dda93d2e3901dd2a0e516523dd2a1994f08f496
09a2b95a0b11ac7d292a9e793f9cff2414998d0e8ecdbee7d4941fac82c2db4f
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d34727332063f774893813c408c607378e8bc4fdb149c4240506d68a60e1016
0fabd3386134c2df88f8b68931622fe609badcf594d4765e8b200e93052ae0aa
101446dc8fe0f3046d9a0a6a6f3a76a68693612a9d883b13a73d4c60adb958a6
104e580ee9ded6ca043c6320a497e9801e8d21d9023581043030e6b2ee1c3ebe
11c333b7dfa958bc65b659d11d673c2cd498ede56ad02283eb6d6855067e999b
14a1fa4b518b9bcff7664518a2f8cd4d91205d82d58c87a9bf5553da729e3ea2
1505aa0792421f831935f4761a95f31462a3dd097c8bd00ad8e9c765c8065517
1639ab736e293da0c001360c710b776a18aad38af6d40ecfb83a4d6a8cb05bf7
180d4deaa6a8b5b4fc89387011a4c0f365d655cd734b4f0b5ca0cd81f2281f40
19013c52291f6421ef83000035ce9367a49098e581d71a08f2b8d0955654b931
1a894b23e756ff962a75774406e7df68a2eb2ef0259a30f5da25fe973d8f6365
1c76ad683e48497ff9a3388f72b041877c526705246c8f6266bcde1b1e71f652
1c911eea363a61cb8b41a19e027db5e575b827e524bc8646175ef2bfa782cd88
207cac597f53290d66aca8c2165d6f4465e98a10c819c0a24d048c4be2c6048d
20cbb68c751096ffcc7228c8264d233c80ef2a40a2a25acbcbeb53a3c7b0d524
2176b511334c7ea2e0efc89a79741b9ecd8635ffa2ab79a4d2ffb9ed0f1fc498
2244da3a5adfa1dbfa70335e963ac109abf6b9ffb4a201d54ef9f8da4fe25d6d
234982bfdb09e74e6ffed1105d3ccea28b9b662598859f24718d4e731ad4c0cd
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
262f87d47643975a4633b675fc224c7a178d99e579e5d767f4a43ca7cc0bb9de
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27883545e131618539f153114dccf20a5cc1c1e85fa4e63f51edd9966b223a33
297f7c6e2e5141be50a472401472c07dbe025b762bcad89ffaf795fddbd04fd0
29d9c4c37447dbf2f47104a4f513dbac6cb89f270a86d625e27a0af96b310ec8
2b21643da63b2c4ecc10d42f29531dd1830ea86dc7fa876cf0e0d570b76bbb3c
2ffa9f5ea62caabe0ae413f1dbef3538d57ac5d2051991db8cc9fc56e86f42a4
30ac95fbea6ac28a43d8b4a46f7a694d4f52bf97e7e910e548f29b8376393cf4
30c46df157b1d0b6d3a33ba0954f7762bf1560a8779e9170b1f997349aaa32f0
31556181b378d1e27d769a0c4bd113d5957786a8381b08a214b4d949fef5face
35bbaf39a449ccd5f8187d9ad0c345b234b9e0c011ac23ae181cd1e7d308bdc4
3969804522a0b32cd9dbe609047076c5a239cf16e0c0ebe4b8c71c812c53b9f0
3977558f158d4731f2d87374815e2e8109d4551d3149fc52dad57cf4dedeecf5
3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9
3a41b31d3fc11a54b030a945602bfb18ff6fb5e7dd4272bd93b1494419fc20d3
3dcea5960daba62d0281c8ba7957e8a363845e295f22f8de31470a137a2af750
3e7e2cf202d63f5433c0a41d0a6b8e1ec25aac18d1c4e249bfed2c18697379c5
3e826dd5b9d11f5d78de53f85aa64b409a400025b17a14628e6a57453eaaab1e
4465c8c331808a84b6e2ef158016d65962499ec31af66f3dca151bd044a3de73
48cfba98f7980f38b326785218cd95ab4ced2af09203030e48c5ef4d63d32bd9
4b475b63a797144d91a4b2e34499ab7321bdf6d298d5f1177ec1fa3f5d3b4e0e
4c9ffc0b1851547ba66b0ed2250b3ebf6588c42290202b5934c6231ee9a84b4c
4d93cdd0bee642d75a6d6a3333f9a8a27d3ba42814bb1e8727d16e8c3193e742
4da8a6638ad70698ad3d01aa0ef124aebe35c297685c0796b174822f597b1d09
4e3544834b91e44441b532b1543211033bbf7dfdb06b1c540c6539ce2f04c806
52d1499d47eabb2cf6c32a97836616e8a88cdeb15a9b4f50f40161f7399b4c09
52f134d923e0e980ce8c1fe28d45ff4411a8aba1baee5197a4ddd6111c09eb5e
56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9
573ddec66f7dfac9aa2e71fcaddc9b1519ab84360ba544ee9c3aa47d6d400c5d
5796613df509bde37287fb6add65bbc76f433df30a29ace601763fa8335050ca
57d1477701e49ed374c87b472142454b4625a243c95e4b65483555d8dd4c1f2a
58016ccef8b151b18ba8a751a7666689dcb78facc25a8710434d2e8629a83142
592356a6c52e99185da7862c1bc4929308efd3618e8f1c8e1dd665abf205ee62
5bef8c9e1cd6bba25a5e7115d3b7a61a6ce406eaae651a82963069b98f7d39f9
5c2a923cf0e8f52116427cf22bfe97330ed735daaafff6322da0993fb4ad3c45
5c5241d16e330997faadd10a7bb3457aa44e48fd5e25ad469b2713f74550de4d
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fb7c176325267082e94a7131fed5e157516e6805cee3ac6f6a93340a947d640
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62a683fb450f7fa9845bc05412211a15a4b09b406db0c7fcb6fe2fe18acff1ad
62cc01daef72c3ea76a258445368d2f4ab8d05a91f91c53fd12f7c42e3325942
62eee22f7f92913689361d7cad70e166c1f0fe52937c1269996cffaa712e60f7
62f56e1e3fcf8eacd1e726ab224db39a06bd0669ab46c96fa867a3a0deb45fcf
64eff7b36426259382aef0654917c7ebed2cc866a87c5d975c9b45acd7ed7075
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
696fd9837942f80f496230205de42227112060e6bef1c28d38b4a212ec6d1bdd
6a7794489e038e117a4d6bafaf74444a1be64759c4866affef12db1f49ae5a0f
6ef59df86d3826ee2048c7707b14be9a819ffe3ce87ca7e989511ac24e447812
6fb04e3bc995f10042bc7db9b9784fb00045d2298639fc71c497c0ff6b404436
73626e5d7b99f06394009e62277c9f90b03d5b3d605cf1b35c94ce4b9ed7f937
73d5e1cfda769355e9acdf4240b02be47599fc541f1eb24c2984e7a9683a4a13
75efcb8deb87be5120d6b1bacf0726c5a8d11c378f803da785a9ba696962c381
768c6797a6ffb5f2ea191ffded4131ae7c83f3a3d22d3afa5daf1254c0c70bbe
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
77f6b55cfd1440472c8a84c8f8814291f8ae57e64f9af315a37215cf0877ce87
79611d23ecaa67700bdea21cd1c64be8f870003ce33517e2a3b8be885823982d
7a662556a94ff0aa7b3f4fd17b98c02e43b57209875284c14046aacf311ddc52
7b75529201e97f7566ae404c0bd803c64ce29092a13c8e1893369ef3c32c6337
7c2ccbc617a103858ce0e47e88f148317d5e66eb43f33839fd4d59936d675c2a
7cfce308a664516bd8e3466e840724c5a082849aad7bffd228a72f3cbb70a8ab
7fe6411146e7aabcda85d71ec42eabe4fe5fb199f0e9ad759bfa78a42a853535
814eb03221d2a16c4b0f30039f502fa3d83e46b88cfda579995e9c6a7c49d7cf
82ab13511cbb33162dadafe8f89d141efbe1abff9a90ab747ea98145bd3137f5
8326135c9adb070c92a610d40a85d7a65b9507bf60659945b4a83de74b0d5131
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84b2a8c2c5bde5b690dc44c9d525edc8113d18cd7bf516ad8fa93c782c02a443
882c0ef9f4096af29e037f9ba9dcbc71a46605828ae12a77002c0fa5e00c309a
89a31cc28305328e6286135596b0a619f65ee86249dc69645a3ad5969d268a73
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8d5c7061646a392d68f14895bdbf7d9d286c821b0fa62b8edc9c05b38fe7b222
8e0f52f1c3519b5a755cffc538a2d90d1098c4dd57d75368868e5a74ef226fc9
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
9729547ca3b4334c654b82c3a287c80a90a22ff0bc6368038a8671d29fb259b0
9741f21cfd39b2c9dcef1d2386b3fba1441b1ad6d7b47812106390f668060bea
97f429f49f999c69b49615a47784cb87f8fc30bafc5fbb37ab12bccb549fec8e
9974c5c4ec25816fd5a6f6db0ca1fe87686696e3d6914bb90bf39e16ad5fbf12
9c1a45366625aa9d9b466b12ab861ed0fa480db97248e08835d4eb1cad42a883
9d4073889e01180136926776e6e0f2bf0ac84e593dbc131e9380d988e2534139
9e4d00cfee02d472b0c80124f87c00a8cb8ea5610201ebbf922d894d2fea4db1
a2aa218236f7f4a84cf7078e8b3015b981a39802358c465c520329dfe3a93c6f
a2feea9c604fe3a6ec7c86bfc3e34ebaa062840bfbd2eda7af6a2ce68156c3b2
a7f7e7120f65ced72019a47c32b3f8b3c7f14966885f84eb047103e27da93b5a
a7fd1c521aea4b97009560954eb911b3793b2088f1ca65e70065de6470ee40b9
a8b5050c00e65112ae30afa040177c7af59fafecf502c995f29073cc00d06666
a974fe46929964e7412266b8e9875d6bde9a2ea653f4575545816411ebbf1d3c
adbd4dd590300081e85e79620feb4ef2099545eb351826a0c485b5a8925f5a42
add64aa865ea78b09ab156cac6ab99057d3d4d0417b85859ccf6b946f43fabbb
ae59b218ab2a4bdc90c9da5d696d7c14eb10c26ddfe9882dc74f4e4e0deb7255
b0bc92d528506b0008667aa2da2f9ca0e7ed67bafdd12b8c12f2ec0fa8e24850
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1db2c0444aac40cc0d8cfc5cef921f9d8ef04c5e3b49dd0df39cf25a7132473
b2879b45d8eefe0fd8f2c07db53ce7f9caae774eedbacde042834c541acf87bd
b29f999f3b5c2fc8ad62b79bf870cb309773dc6abbbcd0d836ea45a43d94d1c0
b5b100bcfba574c656c862d0cd3d1f77495c22d074c334933ac98e0d41516d0d
b62b882057a5ea64cb173f7adb7e8745b26478c8bc1f6e10577272ddff1bb024
b7dd61f31dd9d4d1b9e2b24e139ddcaef62287a13664cdb50544ea421f1a1899
b96f5254c00003049e3bb23ff531b2a96ad34591932bf71869f8ccfc7f3c2808
bc68d014dbe298b5dc8db74a0dff93ac3f457318242ee5bf2aa1d5283bffac97
c18da00df50fd49ef0af95e36f0cbc23e6352a26fc9486857c8433579141fd41
c39fa609f4a9b43e493115c723b102147f9025008bd24841e7732c5f253edd51
c3c2e2538dd857e04bb340d6230c8eeedca607d219bceba19897333cbd74b4f3
c5e1629c5fdb7d18753448f9095701331d3ece89f2e44513c517efaefd24610b
c8a03522223cf64474a1f91e02c8069ea5560a23266b37b476d7602a621f0c38
c99753a9a0b95a19d14edb17048794e536ab0ac8782f0953e208b6a567dcb4d7
ca60bee2d73b3042d1065a52b798c4c1d48148420bd393574d6d7f51aa4448e6
cb2778bbe6a181131e60639b0dbbea7a49696c20204cccb14fd13aca26b53190
cbd7ba9c2af7dabc67644196dacd718139ba839fb3d1c232169c48929dac551a
ccb03c4a9d3a11e8d613744ad1e61c0639173a1cbeec054d03983aad0f0c322c
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
ce270fe1277206f84b156d33a4c6c82bb03e72de5f14613231a284727549a253
ced6d94498388b24b48c4e2aa311815357ab9489c735aedd7725e0b18a02433e
cf062aebb3576e3a0dcdee88ddd230977e476ec8111094f73986132179cd999a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfdbdbc93450edb7ba059602f12bb8bb86d4bf8cc2752e51f2391f81f467b766
d0e12af8c4e560fe89643639e0c3ed4dc76125c62adeb2879b761d73dbaecf50
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2
d2c2b1c6a0e4bf823ce5296f1518eb18866e74ef09af717922108ec47c13d746
d4a889f3bc07deec3fa428c486e999ad08fabc87afd430821e770a579b1696ef
d8d720f3982758409a145c582eb25ac8aeb09b14a0073fe0d3cf0524d1c1c60d
d8f35a67f2129d433d9a690160ea7f637686033f5055199a7788f1bb500fe0e6
de864fc639cebc9640788140b6b53eac2e02109be06f06ab7f4852be138d6aaf
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43d18975ec3fb8d36379a2947a5f7f057b4b8bbab063188d781831500627b68
e4ab905d340d126da8be000f5f8adf2f53937c740847bd73120e7cc99697a2e6
e4af04cf7a5f045d2a21abb3f93d90f175680f07b9ccecb1d5559864b9716cca
e56bb0d75fa46f23163c334f4ec6675e9a9ad2784ea5ead53d7ceb05eb4b366b
eab917741c3d4e12a18565a289081249c60345a6928685b785db8877999fa181
eae0cd3b8a59b8e0a2a8494c2b6cad5abef8647b9e52064c11802a2f8eb959de
ed870769c4fd967977ef0930a14927ac6035d0a9fcd9db0bcef385da69bea2eb
ee1a4cac46f898dfd7bd1593385ed5ef2bc9a23155a13da83381559ee35787eb
eec75e095590cdb68f03a5bae61904050fd1a4763c1c3be62e3b92c406a3c42f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01566ab1f520bd2162926ecf7e8ae5e3c30ade0bb78304fc1abb1eff4c5aa19
f04ba1a87741dc74ced9a18627c404b7ea4d3f0645998696b579fff1d60deadf
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f1b6acb0496775ac9c619f93255050a6dd6b9d75032a623e7b1a02862722ade1
f6783594ab60ef77144e1c3f9b0dbf07ed47a46f47319efc8e27407ed82a2d78
f7f8f24fd5f176ff83fd2a6b6caacb0b97cc2fda81b90cb8e85f5f06a49a3c93
f9f9215c1c79e4ebc34bd4cf1006455b1b1a22c28c18a5b688b8c2718ddf4a13
faf537023005bd476da413caf4f5c84613788df6df91384f5942ebaa1dc2f41c
fb0b9fb5525f1abb50e2c469b11eb9a77ee295f86254bcc49c7ddaab8b6ea32b
fb121c45f498cba0f88de6e2235d95cf3307bb9ed5376f6a793b8253a520592f
fb14372c5124cf43b1cfbc986f07213bf37a625aeb35fdf184b307283ac45f67
fcda17ce03d2d328860362704e1285dbefb50d849b58d93041425255a7c80e52
ff5c6ccd23219200d1ba0f66c328e5c014b436bc783b6ce18873dd9d6ac216c6