blog.barracuda.com Open in urlscan Pro
4.234.25.19 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident
Submission: On January 05 via api (January 5th 2024, 5:36:36 pm UTC) from US — Scanned from DE

Summary HTTP 64 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 10 domains to perform 64 HTTP transactions. The main IP is 4.234.25.19, located in London, United Kingdom and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is blog.barracuda.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on January 3rd 2024. Valid for: a year.

This is the only time blog.barracuda.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	4.234.25.19 4.234.25.19	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2a02:26f0:350... 2a02:26f0:3500:16::215:1490	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
17	2600:9000:236... 2600:9000:236e:de00:14:fd89:5ac0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:210... 2600:9000:2104:fa00:a:b27c:d040:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700::68... 2606:4700::6812:82ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.227.219.43 13.227.219.43	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:264... 2600:9000:2646:3000:0:cc59:3900:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	143.204.215.78 143.204.215.78	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:202... 2600:9000:2022:f000:1d:8d6d:3b40:93a1	16509 (AMAZON-02) (AMAZON-02)
64	14

24 4.234.25.19 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

blog.barracuda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:3500:16::215:1490 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2600:9000:236e:de00:14:fd89:5ac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.barracuda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:fa00:a:b27c:d040:93a1 (United States)

ASN16509 (AMAZON-02, US)

ext.chtbl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:82ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.219.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-43.ams54.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2646:3000:0:cc59:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)

web.chtbl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-78.fra53.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2022:f000:1d:8d6d:3b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag-logger.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	barracuda.com blog.barracuda.com app.barracuda.com	2 MB
7	typekit.net use.typekit.net — Cisco Umbrella Rank: 1107 p.typekit.net — Cisco Umbrella Rank: 1464	149 KB
6	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 625	118 KB
2	demandbase.com tag.demandbase.com — Cisco Umbrella Rank: 12204 tag-logger.demandbase.com — Cisco Umbrella Rank: 12645	21 KB
2	chtbl.com ext.chtbl.com — Cisco Umbrella Rank: 50771 web.chtbl.com — Cisco Umbrella Rank: 49633 Failed	4 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 950	304 B
1	company-target.com api.company-target.com — Cisco Umbrella Rank: 10373	969 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 1360	98 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	77 KB
0	printfriendly.com Failed cdn.printfriendly.com Failed
64	10

	Domain	Requested by
24	blog.barracuda.com	blog.barracuda.com
17	app.barracuda.com	blog.barracuda.com app.barracuda.com
6	cdn.cookielaw.org	www.googletagmanager.com cdn.cookielaw.org
6	use.typekit.net	blog.barracuda.com use.typekit.net
1	tag-logger.demandbase.com	tag.demandbase.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	api.company-target.com	tag.demandbase.com
1	id.rlcdn.com	blog.barracuda.com
1	web.chtbl.com	ext.chtbl.com
1	tag.demandbase.com	blog.barracuda.com
1	ext.chtbl.com	blog.barracuda.com
1	www.googletagmanager.com	blog.barracuda.com
1	p.typekit.net	use.typekit.net
0	cdn.printfriendly.com Failed	blog.barracuda.com
64	14

This site contains links to these domains. Also see Links.

Domain
www.barracuda.com
twitter.com
www.linkedin.com
www.facebook.com
onetrust.com

Subject Issuer	Validity	Valid
blog.barracuda.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-03` - `2024-12-05`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2024-10-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.barracuda.com Amazon RSA 2048 M01	`2023-03-14` - `2024-04-12`	a year	crt.sh
ext.chtbl.com Amazon RSA 2048 M03	`2023-10-24` - `2024-11-19`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-08-23` - `2024-09-23`	a year	crt.sh
web.chtbl.com Amazon RSA 2048 M02	`2023-11-30` - `2024-12-28`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-09-27` - `2024-09-26`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
*.demandbase.com Amazon RSA 2048 M01	`2023-07-11` - `2024-08-08`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident
Frame ID: DB5CDB443BAED4A55C256331E29ED87A
Requests: 53 HTTP requests in this frame

Frame: https://app.barracuda.com/iframe/subscribe-blog?lang=en
Frame ID: 0EF35A6B4270529143F3CB838FC48C18
Requests: 9 HTTP requests in this frame

Frame: https://app.barracuda.com/iframe/blog-subscribe-sidebar?lang=en
Frame ID: A7DD734919997A71E45D8EF251BA844C
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Malware 101: File system evasion — memory-only and registry-resident Back ButtonFilter Button

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc\.clientlibs/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

64
Requests

97 %
HTTPS

69 %
IPv6

10
Domains

14
Subdomains

14
IPs

3
Countries

2161 kB
Transfer

4301 kB
Size

10
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://www.barracuda.com/

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Malware+101%3A+File+system+evasion+%E2%80%94+memory-only+and+registry-resident+&url=https%3A%2F%2Fblog.barracuda.com%2F2023%2F12%2F01%2Fmalware-101-file-system-evasion-memory-only-registry-resident&via=barracuda
Title: Tweet

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite?mini=true&url=https%3A%2F%2Fblog.barracuda.com%2F2023%2F12%2F01%2Fmalware-101-file-system-evasion-memory-only-registry-resident&title=Malware+101%3A+File+system+evasion+%E2%80%94+memory-only+and+registry-resident+&summary=Malware+detection+is+easiest+when+the+malware+is+written+to+disk+or+in+transit+since+the+file+system+and+network+traffic+are+both+simple+to+observe+and+scan+files+from+for+the+presence+of+malware.+
Title: Share

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/share?app_id=256771694846661&display=popup&href=https%3A%2F%2Fblog.barracuda.com%2F2023%2F12%2F01%2Fmalware-101-file-system-evasion-memory-only-registry-resident
Title: Share

Search URL Search Domain Scan URL

URL: https://www.barracuda.com/support/glossary/malware?utm_source=12012023a&utm_medium=blog&utm_campaign=blog
Title: malware

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/cystek/
Title: Connect with him on LinkedIn here

Search URL Search Domain Scan URL

URL: https://www.barracuda.com/company/engineering
Title: Barracuda Engineering

Search URL Search Domain Scan URL

URL: https://www.barracuda.com/products/email-scan?utm_source=rtrail&utm_medium=blog&utm_campaign=blog
Title: Free Email Threat Scan

Search URL Search Domain Scan URL

URL: https://www.barracuda.com/solutions/cyber-liability-insurance?utm_source=rtrail&utm_medium=blog&utm_campaign=blog
Title: Cyber Liability Insurance Guide

Search URL Search Domain Scan URL

URL: https://www.barracuda.com/company/careers?utm_source=rtrail&utm_medium=blog&utm_campaign=blog
Title: Careers at Barracuda

Search URL Search Domain Scan URL

URL: https://www.barracuda.com/company/engineering?utm_source=rtrail&utm_medium=blog&utm_campaign=blog
Title: Barracuda Engineering

Search URL Search Domain Scan URL

URL: https://www.barracuda.com/company/news?utm_source=rtrail&utm_medium=blog&utm_campaign=blog
Title: Barracuda News Room

Search URL Search Domain Scan URL

URL: https://www.barracuda.com/products/email-protection
Title: Email Protection

Search URL Search Domain Scan URL

URL: https://www.barracuda.com/products/application-protection
Title: Application Protection

Search URL Search Domain Scan URL

URL: https://www.barracuda.com/products/network-security
Title: Network Protection

Search URL Search Domain Scan URL

URL: https://www.barracuda.com/products/data-protection/backup
Title: Data Protection

Search URL Search Domain Scan URL

URL: https://www.barracuda.com/products/managed-xdr
Title: Managed XDR

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

URL: https://www.barracuda.com/company/legal/trust-center/data-privacy/privacy-policy#paranav-navbar
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

64 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request malware-101-file-system-evasion-memory-only-registry-resident Show response
blog.barracuda.com/2023/12/01/ 44 KB
9 KB 1895ms
31ms Document
text/html 4.234.25.19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

4.234.25.19 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b47cc4454aa7989b7f0141fb0ed6bdb25bd9816168de98a21154f43dc5da40c5

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .polyfill.io .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 261
Connection: keep-alive
Date: Fri, 05 Jan 2024 17:36:31 GMT
Strict-Transport-Security: max-age=31557600
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Cache: HIT
X-Content-Type-Options: nosniff
X-FRAME-OPTIONS: SAMEORIGIN
X-Served-By: cache-lhr7378-LHR
X-Timer: S1704476192.767830,VS0,VS0,VE1
cache-control: max-age=300,s-maxage=600,stale-while-revalidate=43200,stale-if-error=43200,public
content-encoding: gzip
content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com script-src 'self' 'unsafe-inline' assets.adobedtm.com *.pdst.fm *.doubleclick.net *.google-analytics.com *.bing.com *.googleadservices.com *.facebook.net *.techtarget.com *.demandbase.com *.googletagmanager.com munchkin.marketo.net *.cookielaw.org *.polyfill.io *.adroll.com *.licdn.com *.mxpnl.com *.chtbl.com *.invoca.net *.livehelpnow.net addsearch.com *.youtube.com *.searchcdn.com *.vidyard.com *.hotjar.com unpkg.com
content-type: text/html;charset=utf-8
etag: "b1c6-60e2bab325e0f-gzip"
expires: Fri, 05 Jan 2024 17:37:10 GMT
last-modified: Fri, 05 Jan 2024 04:56:18 GMT
x-frame-options: SAMEORIGIN
x-vhost: publish

GET
H2 200 fui0ano.css
use.typekit.net/ 6 KB
1 KB 51ms
11ms Stylesheet
text/css 2a02:26f0:3500:16::215:1490
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/fui0ano.css

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

a0ab064e57ae58aa5e785a51416fa04a44bae33c08314181993a3d116495d940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.barracuda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Fri, 05 Jan 2024 17:36:31 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 907

GET
H/1.1 200
OK clientlib-base.lc-6fc2c04f1dbe10109e13db68ac49095b-lc.min.css
blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/ 140 KB
10 KB 35ms
34ms Stylesheet
text/css 4.234.25.19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/clientlib-base.lc-6fc2c04f1dbe10109e13db68ac49095b-lc.min.css

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

4.234.25.19 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

880482ff98e9d99ec808fa09fb517f3a193c5922c03d093ccf5e064f9fdc6b50

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .polyfill.io .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com *.pdst.fm *.doubleclick.net *.google-analytics.com *.bing.com *.googleadservices.com *.facebook.net *.techtarget.com *.demandbase.com *.googletagmanager.com munchkin.marketo.net *.cookielaw.org *.polyfill.io *.adroll.com *.licdn.com *.mxpnl.com *.chtbl.com *.invoca.net *.livehelpnow.net addsearch.com *.youtube.com *.searchcdn.com *.vidyard.com *.hotjar.com unpkg.com
content-encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 05 Jan 2024 17:36:31 GMT
Strict-Transport-Security: max-age=31557600
Age: 142532
x-vhost: publish
X-Cache: HIT
Connection: keep-alive
Content-Length: 9331
X-Served-By: cache-lhr7340-LHR
last-modified: Thu, 04 Jan 2024 02:00:59 GMT
X-Timer: S1704476192.808464,VS0,VS0,VE1
etag: W/"231ea-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
content-type: text/css;charset=utf-8
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
Accept-Ranges: bytes

GET
H/1.1 200
OK clientlib-legacy.lc-dd0d56361aab3d720da052a33c4a431e-lc.min.css
blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/ 11 KB
3 KB 37ms
30ms Stylesheet
text/css 4.234.25.19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/clientlib-legacy.lc-dd0d56361aab3d720da052a33c4a431e-lc.min.css

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

4.234.25.19 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aecc3b952de368f386ea1f775346bd5276c41ce17a5b3c1704589101961480e3

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .polyfill.io .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com *.pdst.fm *.doubleclick.net *.google-analytics.com *.bing.com *.googleadservices.com *.facebook.net *.techtarget.com *.demandbase.com *.googletagmanager.com munchkin.marketo.net *.cookielaw.org *.polyfill.io *.adroll.com *.licdn.com *.mxpnl.com *.chtbl.com *.invoca.net *.livehelpnow.net addsearch.com *.youtube.com *.searchcdn.com *.vidyard.com *.hotjar.com unpkg.com
content-encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 05 Jan 2024 17:36:31 GMT
Strict-Transport-Security: max-age=31557600
Age: 380642
x-vhost: publish
X-Cache: HIT
Connection: keep-alive
Content-Length: 2298
X-Served-By: cache-lhr7378-LHR
last-modified: Mon, 01 Jan 2024 07:52:29 GMT
X-Timer: S1704476192.810098,VS0,VS0,VE0
etag: W/"2d0b-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
content-type: text/css;charset=utf-8
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
Accept-Ranges: bytes

GET
H/1.1 200
OK clientlib-site.lc-b7062eaff0e5b40d5f5a8ea1534f820b-lc.min.css
blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/ 483 KB
60 KB 61ms
25ms Stylesheet
text/css 4.234.25.19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/clientlib-site.lc-b7062eaff0e5b40d5f5a8ea1534f820b-lc.min.css

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

4.234.25.19 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

19549c09d56fbb274e74f85be667fa6664961e7efdb9e9ef43f93f4011a4712e

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .polyfill.io .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com *.pdst.fm *.doubleclick.net *.google-analytics.com *.bing.com *.googleadservices.com *.facebook.net *.techtarget.com *.demandbase.com *.googletagmanager.com munchkin.marketo.net *.cookielaw.org *.polyfill.io *.adroll.com *.licdn.com *.mxpnl.com *.chtbl.com *.invoca.net *.livehelpnow.net addsearch.com *.youtube.com *.searchcdn.com *.vidyard.com *.hotjar.com unpkg.com
content-encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 05 Jan 2024 17:36:31 GMT
Strict-Transport-Security: max-age=31557600
Age: 57555
x-vhost: publish
X-Cache: HIT
Connection: keep-alive
Content-Length: 60276
X-Served-By: cache-lhr7340-LHR
last-modified: Fri, 05 Jan 2024 01:37:16 GMT
X-Timer: S1704476192.838138,VS0,VS0,VE0
etag: W/"78a91-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
content-type: text/css;charset=utf-8
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
Accept-Ranges: bytes

GET
H/1.1 200
OK clientlib-site.lc-5341c1694635edfffefa940a16daaee3-lc.min.css
blog.barracuda.com/etc.clientlibs/barracuda-blog/clientlibs/ 32 KB
7 KB 62ms
25ms Stylesheet
text/css 4.234.25.19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/etc.clientlibs/barracuda-blog/clientlibs/clientlib-site.lc-5341c1694635edfffefa940a16daaee3-lc.min.css

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

4.234.25.19 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

899a718e8ce9bec7c3dbf9495ee83ede0b55e1575b37b270f1aab20660f6b820

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .polyfill.io .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com *.pdst.fm *.doubleclick.net *.google-analytics.com *.bing.com *.googleadservices.com *.facebook.net *.techtarget.com *.demandbase.com *.googletagmanager.com munchkin.marketo.net *.cookielaw.org *.polyfill.io *.adroll.com *.licdn.com *.mxpnl.com *.chtbl.com *.invoca.net *.livehelpnow.net addsearch.com *.youtube.com *.searchcdn.com *.vidyard.com *.hotjar.com unpkg.com
content-encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 05 Jan 2024 17:36:31 GMT
Strict-Transport-Security: max-age=31557600
Age: 76735
x-vhost: publish
X-Cache: HIT
Connection: keep-alive
Content-Length: 5632
X-Served-By: cache-lhr7378-LHR
last-modified: Thu, 04 Jan 2024 20:17:36 GMT
X-Timer: S1704476192.837442,VS0,VS0,VE2
etag: W/"812b-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
content-type: text/css;charset=utf-8
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
Accept-Ranges: bytes

GET
H/1.1 200
OK logo_barracuda_primary_strapline_reversed.svg
blog.barracuda.com/content/dam/barracuda-corp/images/site/header/ 13 KB
5 KB 79ms
29ms Image
image/svg+xml 4.234.25.19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.barracuda.com/content/dam/barracuda-corp/images/site/header/logo_barracuda_primary_strapline_reversed.svg

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

4.234.25.19 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a7e02a0a20001e61e65143e4930b318068f09692f4d7079dc7f26e0020613059

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .polyfill.io .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com *.pdst.fm *.doubleclick.net *.google-analytics.com *.bing.com *.googleadservices.com *.facebook.net *.techtarget.com *.demandbase.com *.googletagmanager.com munchkin.marketo.net *.cookielaw.org *.polyfill.io *.adroll.com *.licdn.com *.mxpnl.com *.chtbl.com *.invoca.net *.livehelpnow.net addsearch.com *.youtube.com *.searchcdn.com *.vidyard.com *.hotjar.com unpkg.com
content-encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 05 Jan 2024 17:36:31 GMT
Strict-Transport-Security: max-age=31557600
Age: 617
x-vhost: publish
X-Cache: HIT
content-disposition: inline
Connection: keep-alive
Content-Length: 4065
X-Served-By: cache-lhr7389-LHR
last-modified: Thu, 18 Aug 2022 11:35:09 GMT
X-Timer: S1704476192.853578,VS0,VS0,VE1
etag: "33d2-5e6825faf1540-gzip"
x-frame-options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=7200,s-maxage=86400,stale-while-revalidate=43200,stale-if-error=43200,public
Accept-Ranges: bytes

GET
H/1.1 200
OK file-system-evasion.jpg
blog.barracuda.com/content/dam/barracuda-blog/images/2023/12/ 239 KB
240 KB 91ms
39ms Image
image/jpeg 4.234.25.19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.barracuda.com/content/dam/barracuda-blog/images/2023/12/file-system-evasion.jpg

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

4.234.25.19 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

43ccd137975bf357e94674077ffaf2d46bbe8733b28e971056e4c9ea2a49a280

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com *.vidyard.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com
Date: Fri, 05 Jan 2024 17:36:31 GMT
x-content-type-options: nosniff
Strict-Transport-Security: max-age=31557600
Age: 261
x-vhost: publish
X-Cache: HIT
content-disposition: inline
Connection: keep-alive
Content-Length: 245230
X-Served-By: cache-lhr7344-LHR
Last-Modified: Fri, 01 Dec 2023 18:56:32 GMT
X-Timer: S1704476192.866289,VS0,VS0,VE1
ETag: "0x8DBF29F3C07E8A3"
x-frame-options: SAMEORIGIN, SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200,s-maxage=86400,stale-while-revalidate=43200,stale-if-error=43200,public
Accept-Ranges: bytes

GET
H/1.1 200
OK jonathan_tanner.jpg
blog.barracuda.com/content/dam/barracuda-blog/images/2018/03/ 22 KB
23 KB 26ms
25ms Image
image/jpeg 4.234.25.19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.barracuda.com/content/dam/barracuda-blog/images/2018/03/jonathan_tanner.jpg

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

4.234.25.19 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6da7a8abdaa18cf9fa8f134e1de315971a8340de92d155bfbf3e62b5494e8621

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com *.vidyard.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com
Date: Fri, 05 Jan 2024 17:36:31 GMT
x-content-type-options: nosniff
Strict-Transport-Security: max-age=31557600
Content-MD5: Hhy33ygGm0DMYvAgz/eL2A==
Age: 35416
x-vhost: publish
X-Cache: HIT
content-disposition: inline
Connection: keep-alive
Content-Length: 22895
X-Served-By: cache-lhr7389-LHR
Last-Modified: Thu, 18 Aug 2022 14:37:12 GMT
X-Timer: S1704476192.878543,VS0,VS0,VE1
ETag: "0x8DA812723A5AAD7"
x-frame-options: SAMEORIGIN, SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200,s-maxage=86400,stale-while-revalidate=43200,stale-if-error=43200,public
Accept-Ranges: bytes

GET
H/1.1 200
OK malware-detection-remediation.jpg
blog.barracuda.com/content/dam/barracuda-blog/images/2023/12/ 156 KB
157 KB 29ms
28ms Image
image/jpeg 4.234.25.19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.barracuda.com/content/dam/barracuda-blog/images/2023/12/malware-detection-remediation.jpg

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

4.234.25.19 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

113cafa39568acba27f3f6ad96dcd5524e4287f6e8d4fdaf73404efb0f8b9b10

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com *.vidyard.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com
Date: Fri, 05 Jan 2024 17:36:31 GMT
x-content-type-options: nosniff
Strict-Transport-Security: max-age=31557600
Age: 29784
x-vhost: publish
X-Cache: HIT
content-disposition: inline
Connection: keep-alive
Content-Length: 160006
X-Served-By: cache-lhr7340-LHR
Last-Modified: Thu, 21 Dec 2023 16:09:53 GMT
X-Timer: S1704476192.892141,VS0,VS0,VE1
ETag: "0x8DC023F4433FF7D"
x-frame-options: SAMEORIGIN, SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200,s-maxage=86400,stale-while-revalidate=43200,stale-if-error=43200,public
Accept-Ranges: bytes

GET
H/1.1 200
OK malware-prevention.jpg
blog.barracuda.com/content/dam/barracuda-blog/images/2023/12/ 117 KB
118 KB 25ms
24ms Image
image/jpeg 4.234.25.19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.barracuda.com/content/dam/barracuda-blog/images/2023/12/malware-prevention.jpg

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

4.234.25.19 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

03c30af9f99552ba2eff92617fdf160546d362aeb5885eba3592d25da5a31b56

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com *.vidyard.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com
Date: Fri, 05 Jan 2024 17:36:31 GMT
x-content-type-options: nosniff
Strict-Transport-Security: max-age=31557600
Age: 257
x-vhost: publish
X-Cache: HIT
content-disposition: inline
Connection: keep-alive
Content-Length: 119683
X-Served-By: cache-lhr7378-LHR
Last-Modified: Thu, 14 Dec 2023 23:34:42 GMT
X-Timer: S1704476192.890090,VS0,VS0,VE0
ETag: "0x8DBFCFD3FA38B68"
x-frame-options: SAMEORIGIN, SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200,s-maxage=86400,stale-while-revalidate=43200,stale-if-error=43200,public
Accept-Ranges: bytes

GET
H/1.1 200
OK rootkit-bootkit-malware.jpg
blog.barracuda.com/content/dam/barracuda-blog/images/2023/12/ 407 KB
408 KB 25ms
25ms Image
image/jpeg 4.234.25.19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.barracuda.com/content/dam/barracuda-blog/images/2023/12/rootkit-bootkit-malware.jpg

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

4.234.25.19 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d9c5b7e0dad2a67c57b30b5561515f54299dcca29984917cd93fd0e03ff9fd91

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com *.vidyard.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com
Date: Fri, 05 Jan 2024 17:36:31 GMT
x-content-type-options: nosniff
Strict-Transport-Security: max-age=31557600
Age: 12732
x-vhost: publish
X-Cache: HIT
content-disposition: inline
Connection: keep-alive
Content-Length: 416578
X-Served-By: cache-lhr7389-LHR
Last-Modified: Thu, 07 Dec 2023 17:28:59 GMT
X-Timer: S1704476192.990472,VS0,VS0,VE1
ETag: "0x8DBF749FFD1A33C"
x-frame-options: SAMEORIGIN, SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200,s-maxage=86400,stale-while-revalidate=43200,stale-if-error=43200,public
Accept-Ranges: bytes

GET
H/1.1 200
OK logic-bombs.jpg
blog.barracuda.com/content/dam/barracuda-blog/images/2023/11/ 162 KB
163 KB 28ms
28ms Image
image/jpeg 4.234.25.19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.barracuda.com/content/dam/barracuda-blog/images/2023/11/logic-bombs.jpg

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

4.234.25.19 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30157fc7b6821278eee2e22d968e5f52dcd607803ea35d3cd62ad876d32afdcd

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com *.vidyard.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com
Date: Fri, 05 Jan 2024 17:36:32 GMT
x-content-type-options: nosniff
Strict-Transport-Security: max-age=31557600
Age: 12732
x-vhost: publish
X-Cache: HIT
content-disposition: inline
Connection: keep-alive
Content-Length: 166318
X-Served-By: cache-lhr7354-LHR
Last-Modified: Wed, 22 Nov 2023 17:47:35 GMT
X-Timer: S1704476192.015465,VS0,VS0,VE1
ETag: "0x8DBEB831C58CEEE"
x-frame-options: SAMEORIGIN, SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200,s-maxage=86400,stale-while-revalidate=43200,stale-if-error=43200,public
Accept-Ranges: bytes

GET
H/1.1 200
OK container.lc-0a6aff292f5cc42142779cde92054524-lc.min.js Show response
blog.barracuda.com/etc.clientlibs/core/wcm/components/commons/site/clientlibs/ 1 KB
2 KB 35ms
34ms Script
application/javascript 4.234.25.19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/etc.clientlibs/core/wcm/components/commons/site/clientlibs/container.lc-0a6aff292f5cc42142779cde92054524-lc.min.js

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

4.234.25.19 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c250924012fdc9ea9516b30650895201cd167dbd49c9d148924f30881abfa393

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .polyfill.io .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com *.pdst.fm *.doubleclick.net *.google-analytics.com *.bing.com *.googleadservices.com *.facebook.net *.techtarget.com *.demandbase.com *.googletagmanager.com munchkin.marketo.net *.cookielaw.org *.polyfill.io *.adroll.com *.licdn.com *.mxpnl.com *.chtbl.com *.invoca.net *.livehelpnow.net addsearch.com *.youtube.com *.searchcdn.com *.vidyard.com *.hotjar.com unpkg.com
content-encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 05 Jan 2024 17:36:31 GMT
Strict-Transport-Security: max-age=31557600
Age: 225591
x-vhost: publish
X-Cache: HIT
Connection: keep-alive
Content-Length: 491
X-Served-By: cache-lhr7342-LHR
last-modified: Wed, 03 Jan 2024 02:56:41 GMT
X-Timer: S1704476192.898047,VS0,VS0,VE1
etag: W/"4f7-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
Accept-Ranges: bytes

GET
H/1.1 200
OK jquery.lc-7842899024219bcbdb5e72c946870b79-lc.min.js Show response
blog.barracuda.com/etc.clientlibs/clientlibs/granite/ 99 KB
36 KB 36ms
35ms Script
application/javascript 4.234.25.19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/etc.clientlibs/clientlibs/granite/jquery.lc-7842899024219bcbdb5e72c946870b79-lc.min.js

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

4.234.25.19 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0d49752a7a7d93d7e459fc189c58d305b9aa7d2b9bd923ac663a1548945bd12e

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .polyfill.io .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com *.pdst.fm *.doubleclick.net *.google-analytics.com *.bing.com *.googleadservices.com *.facebook.net *.techtarget.com *.demandbase.com *.googletagmanager.com munchkin.marketo.net *.cookielaw.org *.polyfill.io *.adroll.com *.licdn.com *.mxpnl.com *.chtbl.com *.invoca.net *.livehelpnow.net addsearch.com *.youtube.com *.searchcdn.com *.vidyard.com *.hotjar.com unpkg.com
content-encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 05 Jan 2024 17:36:31 GMT
Strict-Transport-Security: max-age=31557600
Age: 234116
x-vhost: publish
X-Cache: HIT
Connection: keep-alive
Content-Length: 35799
X-Served-By: cache-lhr7354-LHR
last-modified: Wed, 03 Jan 2024 00:34:35 GMT
X-Timer: S1704476192.897264,VS0,VS0,VE1
etag: W/"18bc9-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
Accept-Ranges: bytes

GET
H/1.1 200
OK clientlib-base.lc-ca9a45243f50f2821aa1efd7065074d7-lc.min.js Show response
blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/ 397 KB
86 KB 30ms
30ms Script
application/javascript 4.234.25.19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/clientlib-base.lc-ca9a45243f50f2821aa1efd7065074d7-lc.min.js

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

4.234.25.19 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5d9788646c01ec15dec9fe42bc9435d6bc84ed63aed58276c2dd92780a62ddda

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .polyfill.io .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com *.pdst.fm *.doubleclick.net *.google-analytics.com *.bing.com *.googleadservices.com *.facebook.net *.techtarget.com *.demandbase.com *.googletagmanager.com munchkin.marketo.net *.cookielaw.org *.polyfill.io *.adroll.com *.licdn.com *.mxpnl.com *.chtbl.com *.invoca.net *.livehelpnow.net addsearch.com *.youtube.com *.searchcdn.com *.vidyard.com *.hotjar.com unpkg.com
content-encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 05 Jan 2024 17:36:31 GMT
Strict-Transport-Security: max-age=31557600
Age: 74556
x-vhost: publish
X-Cache: HIT
Connection: keep-alive
Content-Length: 86431
X-Served-By: cache-lhr7389-LHR
last-modified: Thu, 04 Jan 2024 20:53:56 GMT
X-Timer: S1704476192.936614,VS0,VS0,VE1
etag: W/"633e4-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
Accept-Ranges: bytes

GET
H/1.1 200
OK clientlib-legacy.lc-a50230cbb3a00f09c046fbf400ce09e7-lc.min.js Show response
blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/ 735 B
2 KB 34ms
34ms Script
application/javascript 4.234.25.19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/clientlib-legacy.lc-a50230cbb3a00f09c046fbf400ce09e7-lc.min.js

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

4.234.25.19 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

63bd6f8c19a70f0f46588e5dbc4a872b429a5e8a1f17f82453c34b1f14e833c6

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .polyfill.io .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com *.pdst.fm *.doubleclick.net *.google-analytics.com *.bing.com *.googleadservices.com *.facebook.net *.techtarget.com *.demandbase.com *.googletagmanager.com munchkin.marketo.net *.cookielaw.org *.polyfill.io *.adroll.com *.licdn.com *.mxpnl.com *.chtbl.com *.invoca.net *.livehelpnow.net addsearch.com *.youtube.com *.searchcdn.com *.vidyard.com *.hotjar.com unpkg.com
content-encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 05 Jan 2024 17:36:31 GMT
Strict-Transport-Security: max-age=31557600
Age: 1098391
x-vhost: publish
X-Cache: HIT
Connection: keep-alive
Content-Length: 485
X-Served-By: cache-lhr7340-LHR
last-modified: Sun, 24 Dec 2023 00:30:00 GMT
X-Timer: S1704476192.956309,VS0,VS0,VE1
etag: W/"2df-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
Accept-Ranges: bytes

GET
H/1.1 200
OK clientlib-site.lc-c0597e97fe905137d0dd02f3c07c96e3-lc.min.js Show response
blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/ 126 KB
45 KB 31ms
31ms Script
application/javascript 4.234.25.19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/clientlib-site.lc-c0597e97fe905137d0dd02f3c07c96e3-lc.min.js

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

4.234.25.19 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c5f4c758c56da0e200a02337c176da0ab24cdacb89e85cf655e8ffd6a916e005

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .polyfill.io .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com *.pdst.fm *.doubleclick.net *.google-analytics.com *.bing.com *.googleadservices.com *.facebook.net *.techtarget.com *.demandbase.com *.googletagmanager.com munchkin.marketo.net *.cookielaw.org *.polyfill.io *.adroll.com *.licdn.com *.mxpnl.com *.chtbl.com *.invoca.net *.livehelpnow.net addsearch.com *.youtube.com *.searchcdn.com *.vidyard.com *.hotjar.com unpkg.com
content-encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 05 Jan 2024 17:36:31 GMT
Strict-Transport-Security: max-age=31557600
Age: 64088
x-vhost: publish
X-Cache: HIT
Connection: keep-alive
Content-Length: 44807
X-Served-By: cache-lhr7354-LHR
last-modified: Thu, 04 Jan 2024 23:48:23 GMT
X-Timer: S1704476192.959817,VS0,VS0,VE1
etag: W/"1f994-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
Accept-Ranges: bytes

GET
H/1.1 200
OK clientlib-site.lc-bd076243bba912aa9aef0ddfc05b23a9-lc.min.js Show response
blog.barracuda.com/etc.clientlibs/barracuda-blog/clientlibs/ 92 KB
33 KB 30ms
29ms Script
application/javascript 4.234.25.19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/etc.clientlibs/barracuda-blog/clientlibs/clientlib-site.lc-bd076243bba912aa9aef0ddfc05b23a9-lc.min.js

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

4.234.25.19 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1636daeadf68320a8ff084924ab12632028d06a02bcb2de4febd953b14ab074b

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .polyfill.io .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com *.pdst.fm *.doubleclick.net *.google-analytics.com *.bing.com *.googleadservices.com *.facebook.net *.techtarget.com *.demandbase.com *.googletagmanager.com munchkin.marketo.net *.cookielaw.org *.polyfill.io *.adroll.com *.licdn.com *.mxpnl.com *.chtbl.com *.invoca.net *.livehelpnow.net addsearch.com *.youtube.com *.searchcdn.com *.vidyard.com *.hotjar.com unpkg.com
content-encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 05 Jan 2024 17:36:31 GMT
Strict-Transport-Security: max-age=31557600
Age: 1143316
x-vhost: publish
X-Cache: HIT
Connection: keep-alive
Content-Length: 32917
X-Served-By: cache-lhr7340-LHR
last-modified: Sat, 23 Dec 2023 12:01:16 GMT
X-Timer: S1704476192.991509,VS0,VS0,VE1
etag: W/"1705b-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
Accept-Ranges: bytes

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 36ms
14ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=fui0ano&ht=tk&f=139.169.173.175.5474.25136.2028.2030&a=85669855&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/fui0ano.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:36:31 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 213 KB
77 KB 77ms
44ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5ZTMGHH

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2fd7e25951ed55795e3b649400e6d5946dbb3cbb308334bd516bfc7ffe9f31b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.barracuda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:36:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78242
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 Jan 2024 17:36:31 GMT

GET
H2 200 subscribe-blog Show response
app.barracuda.com/iframe/ Frame 0EF3 192 KB
32 KB 531ms
443ms Document
text/html 2600:9000:236e:de00:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/iframe/subscribe-blog?lang=en

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:de00:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

2b408763e7213bb9d2dc71614d5e4919fa84ed8bcc4d7fc5e8bd7fd97a12aea0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.barracuda.com https://author-p42007-e184970.adobeaemcloud.com https://lp.barracudamsp.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.barracuda.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: https://blog.barracuda.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
content-encoding: gzip
content-length: 31424
content-security-policy: frame-ancestors 'self' https://*.barracuda.com https://author-p42007-e184970.adobeaemcloud.com https://lp.barracudamsp.com
content-type: text/html; charset=UTF-8
date: Fri, 05 Jan 2024 17:36:32 GMT
expires: Fri, 05 Jan 2024 17:36:32 GMT
last-modified: Wed, 03 Jan 2024 17:36:32 GMT
pragma: no-cache
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-amz-cf-id: jDI069q9YFwuSpQ9g0GIPPTvvcDL09O9xU4DtTw_MN6_mXFzn1udfg==
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 blog-subscribe-sidebar Show response
app.barracuda.com/iframe/ Frame A7DD 192 KB
32 KB 539ms
451ms Document
text/html 2600:9000:236e:de00:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/iframe/blog-subscribe-sidebar?lang=en

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:de00:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

aad969ba9d08ec690b718fb839195cad8e705c02ad0e5c5f2b95598b25a9e286

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.barracuda.com https://author-p42007-e184970.adobeaemcloud.com https://lp.barracudamsp.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.barracuda.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: https://blog.barracuda.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
content-encoding: gzip
content-length: 31444
content-security-policy: frame-ancestors 'self' https://*.barracuda.com https://author-p42007-e184970.adobeaemcloud.com https://lp.barracudamsp.com
content-type: text/html; charset=UTF-8
date: Fri, 05 Jan 2024 17:36:32 GMT
expires: Fri, 05 Jan 2024 17:36:32 GMT
last-modified: Wed, 03 Jan 2024 17:36:32 GMT
pragma: no-cache
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-amz-cf-id: jHSVREy6r5x-7VJrtEB1wWVpNoX4gx37dc4A2aVUeq9EMHP9I2w2mQ==
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 378 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b825cc32ded55e1caa04b70f4b7f0f3010cfbbff4e1d89a035666b649ba2f782

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 235 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7abff666ecb3f4aa7ceb076cc27af4f404c83ad375b76b6aa1a999e844c6adb9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 381 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 330fd6d564dff1313d98d4b80e4f7244d1ea1adfd8ea65b4f0bcc34d424137ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 982 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c38f95e28cdb0a26e5e8db009f2e2b39a23c8a055b31ee9f61a9033c4ea4b057

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 499 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5abdd6df1d760db1c6749fd92ce2d8a037cb411bc4849da3277cbedab35b8f5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 457 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11d4663fa8f7dac0dc4d7097686c359a3771c4545fc050100f36e961874ec508

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK sheen.jpeg
blog.barracuda.com/content/dam/barracuda-blog/common/ 118 KB
119 KB 38ms
32ms Image
image/jpeg 4.234.25.19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.barracuda.com/content/dam/barracuda-blog/common/sheen.jpeg

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

4.234.25.19 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

964b08d9a425ae147571d62dfabfef171b5882b94607e9137f42e17f6825cf4d

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com *.vidyard.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com
Date: Fri, 05 Jan 2024 17:36:31 GMT
x-content-type-options: nosniff
Strict-Transport-Security: max-age=31557600
Content-MD5: Y4QVt5JKCqEjaAVCrRLZCA==
Age: 24432
x-vhost: publish
X-Cache: HIT
content-disposition: inline
Connection: keep-alive
Content-Length: 120677
X-Served-By: cache-lhr7342-LHR
Last-Modified: Thu, 25 Aug 2022 05:26:53 GMT
X-Timer: S1704476192.930419,VS0,VS0,VE0
ETag: "0x8DA865A6BA1B974"
x-frame-options: SAMEORIGIN, SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200,s-maxage=86400,stale-while-revalidate=43200,stale-if-error=43200,public
Accept-Ranges: bytes

GET
H2 200 l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ 29 KB
29 KB 306ms
12ms Font
application/font-woff2 2a02:26f0:3500:16::215:1490
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/fui0ano.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c4d04d2b6a041dde11c80d8332f983a58c1031c663ab4f42230899cb82adf4a7

Request headers

Referer: https://use.typekit.net/fui0ano.css
Origin: https://blog.barracuda.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:36:32 GMT
server: nginx
etag: "6aeae62b893768150f3460329dc461358e8ab2f5"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 29820

GET
H2 200 l
use.typekit.net/af/23e139/00000000000000007735e605/30/ 30 KB
30 KB 318ms
25ms Font
application/font-woff2 2a02:26f0:3500:16::215:1490
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/23e139/00000000000000007735e605/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/fui0ano.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 38e9ade7cb9f7a31a4525f2a70c4bdd2529340926202641bbbda8d655df8c0c3

Request headers

Referer: https://use.typekit.net/fui0ano.css
Origin: https://blog.barracuda.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:36:32 GMT
server: nginx
etag: "a21f48c40e7bf9dfada3e63deed3f84d0cf8b79b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 30440

GET
H2 200 l
use.typekit.net/af/1be3c2/00000000000000007735e606/30/ 29 KB
29 KB 314ms
21ms Font
application/font-woff2 2a02:26f0:3500:16::215:1490
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/1be3c2/00000000000000007735e606/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/fui0ano.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 34983ec5da74c95f7b9aba9e7abd42ca76b95cde4c06f476f6bfeb5547bd85ef

Request headers

Referer: https://use.typekit.net/fui0ano.css
Origin: https://blog.barracuda.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:36:32 GMT
server: nginx
etag: "174f4ede5c586799404565373f175cfaf1562181"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 30008

GET
H2 200 l
use.typekit.net/af/78aca8/00000000000000007735e60d/30/ 29 KB
29 KB 309ms
15ms Font
application/font-woff2 2a02:26f0:3500:16::215:1490
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/78aca8/00000000000000007735e60d/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/fui0ano.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b07871da02311868c31ab6ac5a4e78cc877f118acd854857f6f51519f3ddbbc9

Request headers

Referer: https://use.typekit.net/fui0ano.css
Origin: https://blog.barracuda.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:36:32 GMT
server: nginx
etag: "1d1aed9a298449b26ef6d57c78caa88b6b5de306"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 29764

GET
H2 200 trackable.js Show response
ext.chtbl.com/ 4 KB
4 KB 97ms
19ms Script
application/javascript 2600:9000:2104:fa00:a:b27c:d040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ext.chtbl.com/trackable.js
Requested by: Host: blog.barracuda.com
URL: https://blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/clientlib-legacy.lc-a50230cbb3a00f09c046fbf400ce09e7-lc.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:fa00:a:b27c:d040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27dc4f62298834987d3d8e5608c1af94c82ee3d18ee31858d39e0202697b5308

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.barracuda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:11:02 GMT
via: 1.1 cca9137c259ad738f790039a45561cee.cloudfront.net (CloudFront)
last-modified: Fri, 12 Feb 2021 20:28:32 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-C1
age: 1532
etag: "4a494dbb82444463b6fd8bff0e5593d6"
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
cache-control: max-age=3600
accept-ranges: bytes
content-length: 4092
x-amz-cf-id: 6u723yBXgvICDz4-EsJYr155duf5t2VjhepoK9ZEn8RI28-UImJYSg==

GET printfriendly.js
cdn.printfriendly.com/ 0
0

GET
H/1.1 200
OK 9138-198428ac768f242a58c1.js Show response
blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/clientlib-dynamic-modules/resources/ 1 KB
2 KB 30ms
29ms Script
application/javascript 4.234.25.19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/clientlib-dynamic-modules/resources/9138-198428ac768f242a58c1.js

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/clientlib-site.lc-c0597e97fe905137d0dd02f3c07c96e3-lc.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

4.234.25.19 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abca86efdf0b1aafabb4e60d904de64e144f9a84020cbe9914e6c945a4d5d87b

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .polyfill.io .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com *.pdst.fm *.doubleclick.net *.google-analytics.com *.bing.com *.googleadservices.com *.facebook.net *.techtarget.com *.demandbase.com *.googletagmanager.com munchkin.marketo.net *.cookielaw.org *.polyfill.io *.adroll.com *.licdn.com *.mxpnl.com *.chtbl.com *.invoca.net *.livehelpnow.net addsearch.com *.youtube.com *.searchcdn.com *.vidyard.com *.hotjar.com unpkg.com
content-encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 05 Jan 2024 17:36:32 GMT
Strict-Transport-Security: max-age=31557600
Age: 150113
x-vhost: publish
X-Cache: HIT
Connection: keep-alive
Content-Length: 612
X-Served-By: cache-lhr7340-LHR
last-modified: Wed, 03 Jan 2024 23:10:11 GMT
X-Timer: S1704476192.031481,VS0,VS0,VE4
etag: "47a-60e12b77ebac0-gzip"
x-frame-options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
Accept-Ranges: bytes

GET
H/1.1 200
OK 7878-a5b49f2554d91c8611bc.js Show response
blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/clientlib-dynamic-modules/resources/ 1018 B
2 KB 23ms
23ms Script
application/javascript 4.234.25.19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/clientlib-dynamic-modules/resources/7878-a5b49f2554d91c8611bc.js

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/clientlib-site.lc-c0597e97fe905137d0dd02f3c07c96e3-lc.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

4.234.25.19 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ee536a0a449e09427b5693405097b4dc758bceed3e4cc35bd53a7ef83218b279

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .polyfill.io .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com *.pdst.fm *.doubleclick.net *.google-analytics.com *.bing.com *.googleadservices.com *.facebook.net *.techtarget.com *.demandbase.com *.googletagmanager.com munchkin.marketo.net *.cookielaw.org *.polyfill.io *.adroll.com *.licdn.com *.mxpnl.com *.chtbl.com *.invoca.net *.livehelpnow.net addsearch.com *.youtube.com *.searchcdn.com *.vidyard.com *.hotjar.com unpkg.com
content-encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 05 Jan 2024 17:36:32 GMT
Strict-Transport-Security: max-age=31557600
Age: 2179137
x-vhost: publish
X-Cache: HIT
Connection: keep-alive
Content-Length: 523
X-Served-By: cache-lhr7378-LHR
last-modified: Sat, 09 Dec 2023 01:35:29 GMT
X-Timer: S1704476192.028968,VS0,VS0,VE0
etag: "3fa-60c09b7411a40-gzip"
x-frame-options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
Accept-Ranges: bytes

GET
H/1.1 200
OK 2702-a8ed155b73bb214a01bc.js Show response
blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/clientlib-dynamic-modules/resources/ 700 B
2 KB 25ms
25ms Script
application/javascript 4.234.25.19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/clientlib-dynamic-modules/resources/2702-a8ed155b73bb214a01bc.js

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/clientlib-site.lc-c0597e97fe905137d0dd02f3c07c96e3-lc.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

4.234.25.19 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

dfbb960bd83d748588476e7e26fc34b8ab093c3cb762b60268a8ce66350f283f

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .polyfill.io .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com *.pdst.fm *.doubleclick.net *.google-analytics.com *.bing.com *.googleadservices.com *.facebook.net *.techtarget.com *.demandbase.com *.googletagmanager.com munchkin.marketo.net *.cookielaw.org *.polyfill.io *.adroll.com *.licdn.com *.mxpnl.com *.chtbl.com *.invoca.net *.livehelpnow.net addsearch.com *.youtube.com *.searchcdn.com *.vidyard.com *.hotjar.com unpkg.com
content-encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 05 Jan 2024 17:36:32 GMT
Strict-Transport-Security: max-age=31557600
Age: 133910
x-vhost: publish
X-Cache: HIT
Connection: keep-alive
Content-Length: 449
X-Served-By: cache-lhr7342-LHR
last-modified: Thu, 04 Jan 2024 03:15:15 GMT
X-Timer: S1704476192.034952,VS0,VS0,VE1
etag: "2bc-60e1623ebf6c0-gzip"
x-frame-options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
Accept-Ranges: bytes

GET
H/1.1 200
OK 4144-51ebc42342c0a14800f9.js Show response
blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/clientlib-dynamic-modules/resources/ 748 B
2 KB 27ms
27ms Script
application/javascript 4.234.25.19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/clientlib-dynamic-modules/resources/4144-51ebc42342c0a14800f9.js

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/etc.clientlibs/barracuda-core/clientlibs/clientlib-site.lc-c0597e97fe905137d0dd02f3c07c96e3-lc.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

4.234.25.19 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

29abb1fb7cf50134f1124d0250ebf84ca38c8be090b37b0432d4f137c1c2fd31

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .polyfill.io .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com *.pdst.fm *.doubleclick.net *.google-analytics.com *.bing.com *.googleadservices.com *.facebook.net *.techtarget.com *.demandbase.com *.googletagmanager.com munchkin.marketo.net *.cookielaw.org *.polyfill.io *.adroll.com *.licdn.com *.mxpnl.com *.chtbl.com *.invoca.net *.livehelpnow.net addsearch.com *.youtube.com *.searchcdn.com *.vidyard.com *.hotjar.com unpkg.com
content-encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 05 Jan 2024 17:36:32 GMT
Strict-Transport-Security: max-age=31557600
Age: 227262
x-vhost: publish
X-Cache: HIT
Connection: keep-alive
Content-Length: 409
X-Served-By: cache-lhr7344-LHR
last-modified: Wed, 03 Jan 2024 01:00:46 GMT
X-Timer: S1704476192.039249,VS0,VS0,VE1
etag: "2ec-60e0025216b80-gzip"
x-frame-options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
Accept-Ranges: bytes

GET
H/1.1 200
OK 909-2e5a8f80790110bfde3f.js Show response
blog.barracuda.com/etc.clientlibs/barracuda-blog/clientlibs/clientlib-dynamic-modules/resources/ 4 KB
3 KB 23ms
23ms Script
application/javascript 4.234.25.19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.barracuda.com/etc.clientlibs/barracuda-blog/clientlibs/clientlib-dynamic-modules/resources/909-2e5a8f80790110bfde3f.js

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/etc.clientlibs/barracuda-blog/clientlibs/clientlib-site.lc-bd076243bba912aa9aef0ddfc05b23a9-lc.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

4.234.25.19 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c40da8018356b16f1cb78babdfe38139c129d453b965fd6d0d9d8c637c063ca6

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .polyfill.io .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: frame-src 'self' app.qa.barracuda.com app.barracuda.com *.facebook.com *.youtube.com *.vidyard.com unpkg.com, script-src 'self' 'unsafe-inline' assets.adobedtm.com *.pdst.fm *.doubleclick.net *.google-analytics.com *.bing.com *.googleadservices.com *.facebook.net *.techtarget.com *.demandbase.com *.googletagmanager.com munchkin.marketo.net *.cookielaw.org *.polyfill.io *.adroll.com *.licdn.com *.mxpnl.com *.chtbl.com *.invoca.net *.livehelpnow.net addsearch.com *.youtube.com *.searchcdn.com *.vidyard.com *.hotjar.com unpkg.com
content-encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 05 Jan 2024 17:36:32 GMT
Strict-Transport-Security: max-age=31557600
Age: 16460
x-vhost: publish
X-Cache: HIT
Connection: keep-alive
Content-Length: 1413
X-Served-By: cache-lhr7378-LHR
last-modified: Fri, 05 Jan 2024 00:44:10 GMT
X-Timer: S1704476192.051281,VS0,VS0,VE0
etag: "ef9-60e2825726a80-gzip"
x-frame-options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
Accept-Ranges: bytes

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 47ms
24ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZTMGHH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98bc0753b3f7392176a4af252bfae9bcd1f2804b73dee374119899d8f52ae3d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.barracuda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Jan 2024 17:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: FWT01iLvZ++xUAz3aesSug==
age: 54229
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6841
x-ms-lease-status: unlocked
last-modified: Wed, 03 Jan 2024 22:17:18 GMT
server: cloudflare
etag: 0x8DC0CA9BF9BFF37
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1f518f4a-801e-0043-4dbb-3edfdf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 840d7be84e725d8b-FRA

GET
H2 200 kNx4tRUU.min.js Show response
tag.demandbase.com/ 74 KB
21 KB 97ms
21ms Script
application/javascript 13.227.219.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.demandbase.com/kNx4tRUU.min.js

Requested by

Host: blog.barracuda.com
URL: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-43.ams54.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0b79e8c3dcb7aeea8f62e4e2e695e60dbf779fe5a3595565cc856a70d1e576aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.barracuda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: lulR44W5BAtEz.Ly47i0y6XYwweCtzhY
content-encoding: gzip
via: 1.1 fe106b75368b4a44b0461d7e712cd360.cloudfront.net (CloudFront)
date: Fri, 05 Jan 2024 16:57:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: AMS54-C1
age: 2625
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 11 Dec 2023 18:25:20 GMT
server: AmazonS3
etag: W/"16d1ea1411872e88d0769ca274b127e8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: XkHfFqI59tJU39EwXTD617q1ME08os6BXbCuGnr0XZFTDS7i__Hobg==

GET
H2 200 aee8f648-186a-4267-b808-6efdd7d84e9c.json Show response
cdn.cookielaw.org/consent/aee8f648-186a-4267-b808-6efdd7d84e9c/ 4 KB
2 KB 60ms
32ms XHR
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/aee8f648-186a-4267-b808-6efdd7d84e9c/aee8f648-186a-4267-b808-6efdd7d84e9c.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6c9e7bc71a69020f203ec5a114f610838ce65bdfb18aa9540666cef71974151

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.barracuda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Jan 2024 17:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 55231
content-md5: X03Nb0lg9tgYRJwyQNj+5w==
content-length: 1582
x-ms-lease-status: unlocked
last-modified: Tue, 26 Jul 2022 18:21:34 GMT
server: cloudflare
etag: 0x8DA6F33ABAD4255
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 12ea3bce-401e-0073-2977-136110000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 840d7be8ac899153-FRA
expires: Sat, 06 Jan 2024 17:36:32 GMT

GET
DATA 200
OK truncated
/ 403 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2425711604ea242bbe21daa15ae93b57916cd24f2b7df7637dd7a9786fdf189a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

POST track
web.chtbl.com/ 0
0

OPTIONS
H2 503 track
web.chtbl.com/ Frame 0
0 160ms
103ms Preflight
text/html 2600:9000:2646:3000:0:cc59:3900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.chtbl.com/track
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:3000:0:cc59:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: awselb/2.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://blog.barracuda.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-length: 564
content-type: text/html
date: Fri, 05 Jan 2024 17:36:32 GMT
server: awselb/2.0
via: 1.1 b99111dfd026a3c99d0e66063beb0544.cloudfront.net (CloudFront)
x-amz-cf-id: JnpbTuykDuolTNUAbuIkEZy3U1sQg7512jOJP5Yz-FEIaJhvwggbfg==
x-amz-cf-pop: FRA60-P5
x-cache: Error from cloudfront

GET
H2 451 464526.gif
id.rlcdn.com/ 0
98 B 71ms
26ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Requested by: Host: blog.barracuda.com
URL: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.barracuda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:36:32 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 ip.json Show response
api.company-target.com/api/v2/ 465 B
969 B 96ms
57ms XHR
application/json 143.204.215.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fblog.barracuda.com%2F2023%2F12%2F01%2Fmalware-101-file-system-evasion-memory-only-registry-resident&page_title=Malware%20101%3A%20File%20system%20evasion%20%E2%80%94%20memory-only%20and%20registry-resident
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/kNx4tRUU.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-78.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: c1b70c0adaabb35a5e45fc4321895c091f7b24d20915bb5b647bc9e28ae029ad

Request headers

Referer: https://blog.barracuda.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 05 Jan 2024 17:36:32 GMT
identification-source: CENTRAL
content-encoding: gzip
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
request-id: 76fec237-4546-4e54-872e-1a68c1b99c10
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://blog.barracuda.com
access-control-expose-headers: x-amz-cf-id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CZRhvIjib6GUjdxMX04wJrVQ00jIAwFZ62LxtpQ5DSBr_zVU0dJEZA==
expires: Thu, 04 Jan 2024 17:36:32 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
304 B 55ms
27ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://blog.barracuda.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:36:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 840d7be90bc24d3a-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.5.0/ 325 KB
68 KB 24ms
24ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d139c3756ba4ea4e4672c12645de4977faa9ba7e0d550931d2086338fd72dfe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.barracuda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Jan 2024 17:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: AvbD4VHYe4H/QnyU6j8v5w==
age: 37885
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 69711
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:22 GMT
server: cloudflare
etag: 0x8D84A3B58DE8819
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 559cf6fc-501e-00a4-275f-143025000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 840d7be93f7a5d8b-FRA

GET
H2 200 bg9s Show response
tag-logger.demandbase.com/ 0
419 B 214ms
128ms XHR
text/html 2600:9000:2022:f000:1d:8d6d:3b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag-logger.demandbase.com/bg9s?x-amz-cf-id=CZRhvIjib6GUjdxMX04wJrVQ00jIAwFZ62LxtpQ5DSBr_zVU0dJEZA==&api-version=v2
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/kNx4tRUU.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2022:f000:1d:8d6d:3b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.barracuda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: 8SdDCdpJvGjkSiMFPv08XcVSgwOMVVmH
date: Fri, 05 Jan 2024 02:29:43 GMT
via: 1.1 bf5c45d38bcbc855bc2d697c4a8787b2.cloudfront.net (CloudFront)
x-amz-cf-pop: MRS52-C1
age: 71041
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
content-length: 0
last-modified: Tue, 07 Mar 2023 20:47:02 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: JFnvM3oVIAGO1nlwAHrQUKrYH_DGyqNc02Jrenl5c_JX8YM4AKhVMg==

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/aee8f648-186a-4267-b808-6efdd7d84e9c/a114c985-c2d1-49be-bbb7-248350861ed8/ 136 KB
23 KB 25ms
25ms Fetch
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/aee8f648-186a-4267-b808-6efdd7d84e9c/a114c985-c2d1-49be-bbb7-248350861ed8/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

625b05d59aadc6b5356b8b238108a1fcdf330275186ba33132cadb1237b1cd8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.barracuda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Jan 2024 17:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 40886
content-md5: gqN02mF+RQH+Omef7ox9FQ==
content-length: 23386
x-ms-lease-status: unlocked
last-modified: Tue, 26 Jul 2022 18:21:37 GMT
server: cloudflare
etag: 0x8DA6F33ADA1A209
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4377f168-601e-0064-34dc-12c81b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 840d7be97d6c9153-FRA
expires: Sat, 06 Jan 2024 17:36:32 GMT

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/6.5.0/assets/ 9 KB
3 KB 17ms
16ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/assets/otCenterRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4002d856e575601b351be144c9d7e4e6977286644fede72a7de1638844722aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.barracuda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Jan 2024 17:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 3ZrBbr/xQHzp7Lx6ANEcZw==
age: 40886
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2778
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:17 GMT
server: cloudflare
etag: 0x8D84A3B55C93760
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: a3e3f67e-301e-001b-7147-230780000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 840d7be9cdb79153-FRA

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/6.5.0/assets/ 57 KB
14 KB 21ms
21ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/assets/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ea7f0a7844cada198d1e8a28343cc081d3631c716c9dd53d889e4b7feae04ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.barracuda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Jan 2024 17:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: C3H4UUH4EphFQbkR0Bpbhg==
age: 55231
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 14112
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:18 GMT
server: cloudflare
etag: 0x8D84A3B56497C4B
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 276f099f-b01e-0058-6d33-0de1dc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 840d7be9cdbd9153-FRA

GET
H2 200 l
use.typekit.net/af/2555e1/00000000000000007735e603/30/ 30 KB
30 KB 11ms
10ms Font
application/font-woff2 2a02:26f0:3500:16::215:1490
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/fui0ano.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a33128c94dd3c425bc3f4a9ba389a1f3d7a75233e8cb788ea80f8f43a3d68423

Request headers

Referer: https://use.typekit.net/fui0ano.css
Origin: https://blog.barracuda.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:36:32 GMT
server: nginx
etag: "09d1a94c81035c62708e0a513ee76d7886d15a25"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 30704

GET
H2 200 proxima-nova400.woff2
app.barracuda.com/css/cuda/fonts/optimize/ Frame 0EF3 32 KB
32 KB 411ms
410ms Font
font/woff2 2600:9000:236e:de00:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/css/cuda/fonts/optimize/proxima-nova400.woff2

Requested by

Host: app.barracuda.com
URL: https://app.barracuda.com/iframe/subscribe-blog?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:de00:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

ceb4ce0bba67a12e21af094eb24293d7ea8bffaffc237a1cd90394c7588eaec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.barracuda.com/iframe/subscribe-blog?lang=en
Origin: https://app.barracuda.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
content-length: 32696
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Jan 2024 18:40:57 GMT
server: Apache
etag: "7fb0-60e23127ba040-gzip"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Xnyq1kbFfeavuMAJLO9rFwoGoE-QOF3HjbHVc-H-wBhWD84RSFggGg==
expires: Sat, 04 Jan 2025 17:36:32 GMT

GET
H2 200 proxima-nova600.woff2
app.barracuda.com/css/cuda/fonts/optimize/ Frame 0EF3 32 KB
33 KB 311ms
311ms Font
font/woff2 2600:9000:236e:de00:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/css/cuda/fonts/optimize/proxima-nova600.woff2

Requested by

Host: app.barracuda.com
URL: https://app.barracuda.com/iframe/subscribe-blog?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:de00:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

ae55c313220f063fdb3dc157a89a22e6a20a400cdd5b639a5aabfa4ae91e476a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.barracuda.com/iframe/subscribe-blog?lang=en
Origin: https://app.barracuda.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
content-length: 33119
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Jan 2024 18:40:57 GMT
server: Apache
etag: "8164-60e23127ba040-gzip"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 3T8CQF3olMAjpZzamGLD1uDLiVjMoZCOcZGQf6n9yJYHoptwwHBiWA==
expires: Sat, 04 Jan 2025 17:36:32 GMT

GET
H2 200 proxima-nova300.woff2
app.barracuda.com/css/cuda/fonts/optimize/ Frame 0EF3 32 KB
32 KB 113ms
113ms Font
font/woff2 2600:9000:236e:de00:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/css/cuda/fonts/optimize/proxima-nova300.woff2

Requested by

Host: app.barracuda.com
URL: https://app.barracuda.com/iframe/subscribe-blog?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:de00:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

b87ef2efd898acfddc8308449b24a558eca1e77f8e66802f03fab8c5d063d92a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.barracuda.com/iframe/subscribe-blog?lang=en
Origin: https://app.barracuda.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
content-length: 32388
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Jan 2024 18:40:57 GMT
server: Apache
etag: "7e7c-60e23127ba040-gzip"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: _KP7y750D1xpiMNRJpNT4fynEKvrqFhbS57LpUPmce8uXSKlJCnzRQ==
expires: Sat, 04 Jan 2025 17:36:32 GMT

GET
H2 200 cuda.validator.js Show response
app.barracuda.com/js/cuda/ Frame A7DD 25 KB
7 KB 117ms
114ms Script
application/javascript 2600:9000:236e:de00:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/js/cuda/cuda.validator.js?v=1704393657

Requested by

Host: app.barracuda.com
URL: https://app.barracuda.com/iframe/blog-subscribe-sidebar?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:de00:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

6ffa07d2a244da24e7330335e14c1c7be5cff1477cfa8bf2baa33cefce5e5e04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.barracuda.com/iframe/blog-subscribe-sidebar?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
content-length: 6380
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Jan 2024 18:40:57 GMT
server: Apache
etag: "62d5-60e23127ba040-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ZlxKD6QH7wFuK70DdyGfblXr3fV5R6uf1jLCX-Xak5Kw4qEqjhA9uQ==
expires: Sat, 04 Jan 2025 17:36:32 GMT

GET
H2 200 cuda.ajax.js Show response
app.barracuda.com/js/cuda/ Frame A7DD 2 KB
1 KB 317ms
314ms Script
application/javascript 2600:9000:236e:de00:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/js/cuda/cuda.ajax.js?v=1704393657

Requested by

Host: app.barracuda.com
URL: https://app.barracuda.com/iframe/blog-subscribe-sidebar?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:de00:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

ab24c94a6c443c60e36e879960bf136e69dc08402883c0292d3a44a8da98474a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.barracuda.com/iframe/blog-subscribe-sidebar?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
content-length: 910
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Jan 2024 18:40:57 GMT
server: Apache
etag: "962-60e23127ba040-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: zFfOERXM_fIGjYtVc3iYyIQw8VZ1UTZBi-hxFSCGD96Em97NbhZl1g==
expires: Sat, 04 Jan 2025 17:36:32 GMT

GET
H2 200 cuda.ajax_promise.js Show response
app.barracuda.com/js/cuda/ Frame A7DD 8 KB
3 KB 419ms
416ms Script
application/javascript 2600:9000:236e:de00:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/js/cuda/cuda.ajax_promise.js?v=1704393657

Requested by

Host: app.barracuda.com
URL: https://app.barracuda.com/iframe/blog-subscribe-sidebar?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:de00:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

a8ac87a96a84d65c3fa7fe825042545627dc24730ccfbc16582b97efdc785c50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.barracuda.com/iframe/blog-subscribe-sidebar?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
content-length: 2237
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Jan 2024 18:40:57 GMT
server: Apache
etag: "1fd4-60e23127ba040-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: EcaHCu5DDt87gpUmsNqYLez6rlmCkKrP7J4jpZvEjm90_26Q-U1KTw==
expires: Sat, 04 Jan 2025 17:36:32 GMT

GET
H2 200 cuda.submit_btn_animator.js Show response
app.barracuda.com/js/cuda/ Frame A7DD 2 KB
1 KB 418ms
415ms Script
application/javascript 2600:9000:236e:de00:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/js/cuda/cuda.submit_btn_animator.js?v=1704393657

Requested by

Host: app.barracuda.com
URL: https://app.barracuda.com/iframe/blog-subscribe-sidebar?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:de00:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

6f4a9a6d7d17b485daf9995ce913842473dff469dd74fa8fe2b730471f000eaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.barracuda.com/iframe/blog-subscribe-sidebar?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
content-length: 969
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Jan 2024 18:40:57 GMT
server: Apache
etag: "860-60e23127ba040-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 51uUKqVJb05EyRCeHBgJ64OGbn_lonh42wkn4igRdVzvKX9EZduFBA==
expires: Sat, 04 Jan 2025 17:36:32 GMT

GET
H2 200 cuda.clearbit.js Show response
app.barracuda.com/js/cuda/ Frame A7DD 6 KB
1 KB 413ms
411ms Script
application/javascript 2600:9000:236e:de00:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/js/cuda/cuda.clearbit.js?v=1704393657

Requested by

Host: app.barracuda.com
URL: https://app.barracuda.com/iframe/blog-subscribe-sidebar?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:de00:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

659ea9f7ac5d3c9037da23d13f85498a55c6d386c637dd2999bbcbc904084cd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.barracuda.com/iframe/blog-subscribe-sidebar?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
content-length: 973
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Jan 2024 18:40:57 GMT
server: Apache
etag: "1872-60e23127ba040-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: yz1YKSKsg2pbrDkV8Iap3u_TfWzqKzc4yNGbZMryxgvlJijfchMC6A==
expires: Sat, 04 Jan 2025 17:36:32 GMT

GET
H2 200 cuda.validator.js Show response
app.barracuda.com/js/cuda/ Frame 0EF3 25 KB
7 KB 416ms
413ms Script
application/javascript 2600:9000:236e:de00:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/js/cuda/cuda.validator.js?v=1704393657

Requested by

Host: app.barracuda.com
URL: https://app.barracuda.com/iframe/subscribe-blog?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:de00:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

6ffa07d2a244da24e7330335e14c1c7be5cff1477cfa8bf2baa33cefce5e5e04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.barracuda.com/iframe/subscribe-blog?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
content-length: 6380
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Jan 2024 18:40:57 GMT
server: Apache
etag: "62d5-60e23127ba040-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 5n54wioRrhrK9Fh5715pOLrSPfz96uXvLf4mHKzgYyN5vF0RFQLMng==
expires: Sat, 04 Jan 2025 17:36:32 GMT

GET
H2 200 cuda.ajax.js Show response
app.barracuda.com/js/cuda/ Frame 0EF3 2 KB
1 KB 419ms
417ms Script
application/javascript 2600:9000:236e:de00:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/js/cuda/cuda.ajax.js?v=1704393657

Requested by

Host: app.barracuda.com
URL: https://app.barracuda.com/iframe/subscribe-blog?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:de00:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

ab24c94a6c443c60e36e879960bf136e69dc08402883c0292d3a44a8da98474a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.barracuda.com/iframe/subscribe-blog?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
content-length: 910
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Jan 2024 18:40:57 GMT
server: Apache
etag: "962-60e23127ba040-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: oPXA_DHxO18GquF9yuFZLen8_7t8UZCGBq8vd-lbvmTiR8Z8Ed3e3A==
expires: Sat, 04 Jan 2025 17:36:32 GMT

GET
H2 200 cuda.ajax_promise.js Show response
app.barracuda.com/js/cuda/ Frame 0EF3 8 KB
3 KB 410ms
409ms Script
application/javascript 2600:9000:236e:de00:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/js/cuda/cuda.ajax_promise.js?v=1704393657

Requested by

Host: app.barracuda.com
URL: https://app.barracuda.com/iframe/subscribe-blog?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:de00:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

a8ac87a96a84d65c3fa7fe825042545627dc24730ccfbc16582b97efdc785c50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.barracuda.com/iframe/subscribe-blog?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
content-length: 2237
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Jan 2024 18:40:57 GMT
server: Apache
etag: "1fd4-60e23127ba040-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: VK6NP52GNeRpFoMCI-dg2GjLzNYFr5OFWvwnmedC9maTTeZFPDHcKg==
expires: Sat, 04 Jan 2025 17:36:32 GMT

GET
H2 200 cuda.submit_btn_animator.js Show response
app.barracuda.com/js/cuda/ Frame 0EF3 2 KB
1 KB 417ms
415ms Script
application/javascript 2600:9000:236e:de00:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/js/cuda/cuda.submit_btn_animator.js?v=1704393657

Requested by

Host: app.barracuda.com
URL: https://app.barracuda.com/iframe/subscribe-blog?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:de00:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

6f4a9a6d7d17b485daf9995ce913842473dff469dd74fa8fe2b730471f000eaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.barracuda.com/iframe/subscribe-blog?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
content-length: 969
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Jan 2024 18:40:57 GMT
server: Apache
etag: "860-60e23127ba040-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: VIQ2QYJtSSrX52nGxoJuaSdK7EdDfzTTC9c6g8AkCbVC5EqC9qvsAA==
expires: Sat, 04 Jan 2025 17:36:32 GMT

GET
H2 200 cuda.clearbit.js Show response
app.barracuda.com/js/cuda/ Frame 0EF3 6 KB
1 KB 413ms
411ms Script
application/javascript 2600:9000:236e:de00:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/js/cuda/cuda.clearbit.js?v=1704393657

Requested by

Host: app.barracuda.com
URL: https://app.barracuda.com/iframe/subscribe-blog?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:de00:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

659ea9f7ac5d3c9037da23d13f85498a55c6d386c637dd2999bbcbc904084cd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.barracuda.com/iframe/subscribe-blog?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
content-length: 973
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Jan 2024 18:40:57 GMT
server: Apache
etag: "1872-60e23127ba040-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Xnu601dyvXOV1W0VUOIY_5ahcnGYGophDlP4EQrZdYHubFMvUhYYTg==
expires: Sat, 04 Jan 2025 17:36:32 GMT

GET
H2 200 proxima-nova400.woff2
app.barracuda.com/css/cuda/fonts/optimize/ Frame A7DD 32 KB
32 KB 408ms
408ms Font
font/woff2 2600:9000:236e:de00:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/css/cuda/fonts/optimize/proxima-nova400.woff2

Requested by

Host: app.barracuda.com
URL: https://app.barracuda.com/iframe/blog-subscribe-sidebar?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:de00:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

ceb4ce0bba67a12e21af094eb24293d7ea8bffaffc237a1cd90394c7588eaec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.barracuda.com/iframe/blog-subscribe-sidebar?lang=en
Origin: https://app.barracuda.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
content-length: 32696
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Jan 2024 18:40:57 GMT
server: Apache
etag: "7fb0-60e23127ba040-gzip"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 9s9wENCLIuMwgD_mxs7viDvqoZbmG4d8S6WnqKYKKznHikiyqVLQoQ==
expires: Sat, 04 Jan 2025 17:36:32 GMT

GET
H2 200 proxima-nova600.woff2
app.barracuda.com/css/cuda/fonts/optimize/ Frame A7DD 32 KB
33 KB 516ms
516ms Font
font/woff2 2600:9000:236e:de00:14:fd89:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.barracuda.com/css/cuda/fonts/optimize/proxima-nova600.woff2

Requested by

Host: app.barracuda.com
URL: https://app.barracuda.com/iframe/blog-subscribe-sidebar?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:de00:14:fd89:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

ae55c313220f063fdb3dc157a89a22e6a20a400cdd5b639a5aabfa4ae91e476a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.barracuda.com/iframe/blog-subscribe-sidebar?lang=en
Origin: https://app.barracuda.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
content-length: 33119
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Jan 2024 18:40:57 GMT
server: Apache
etag: "8164-60e23127ba040-gzip"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: R8TyzHViBn99h-hpTpeqPiyAGKuCywM_SNx3uJ4duWcYBEddHAqwXQ==
expires: Sat, 04 Jan 2025 17:36:32 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.printfriendly.com
URL: https://cdn.printfriendly.com/printfriendly.js

Domain: web.chtbl.com
URL: https://web.chtbl.com/track

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.barracuda.com/	1970-01-20 17:29:22	Name: cuda_lang_code Value: en
blog.barracuda.com/	1970-01-21 02:14:58	Name: _wchtbl_uid Value: c6176616-045b-4191-ba98-6ad22a3d747c
blog.barracuda.com/	1969-12-31 23:59:59	Name: _wchtbl_sid Value: e4defe3f-2830-4855-b566-40abfff11b5d
.barracuda.com/	1970-01-21 02:13:32	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Fri+Jan+05+2024+18%3A36%3A32+GMT%2B0100+(Central+European+Standard+Time)&version=6.5.0&hosts=&landingPath=https%3A%2F%2Fblog.barracuda.com%2F2023%2F12%2F01%2Fmalware-101-file-system-evasion-memory-only-registry-resident&groups=C0001%3A1%2CC0005%3A0%2CC0002%3A0%2CC0004%3A0%2CC0003%3A0
app.barracuda.com/	1969-12-31 23:59:59	Name: barracuda_lang_code Value: en
app.barracuda.com/	1969-12-31 23:59:59	Name: barracuda_barracuda_referer Value: https%3A%2F%2Fblog.barracuda.com%2F
app.barracuda.com/	1969-12-31 23:59:59	Name: barracuda_tracking_query_string Value: lang%3Den
app.barracuda.com/	1970-01-20 17:28:03	Name: barracuda_ci_csrf_token Value: 2342c4ee2e8f5d888ac735709aea8441
app.barracuda.com/	1969-12-31 23:59:59	Name: barracuda_ci_session Value: VmEDOl0xVTtWIgd3Uj1ZP1pjBz5VJwIvX2BeJgZ%2BCDUBaQc4V1laMlZkCitfPFF2BTBTY1I1UD1Yc1ZiA2peNg0xAG4LNgExAzwMZQw8DjtWYwM2XTZVMlZrB2VSMllrWmMHPVUwAjlfYF4wBjkIOgFnB2NXMlpuVjYKK188UXYFMFNhUjdQPVhzVjwDI15fDTYAbwtkAScDYQwuDC4OLVY7A3NdP1UwVm0HPlIlWT9aYwc0VSsCbV81XmQGIwhpATQHeFc0WmlWNAorXzxRdgUwU2FSN1A9WHNWIAMgXmUNJQBUC2EBMgNhDDMMKQ4tVjsDc10%2FVTRWaQc%2BUiVZQ1o8B35VbAIwX2leNAYiCGkBKAdmVyZac1ZXCmBfaVFhBWVTJ1J0UCdYH1YBA3NeMQ1nACULMAFuAyQMCgw0DmFWNgM0XT5VIVYhBzJSM1knWnMHRVV1AixfaV4wBloIOQFkB3RXPVooVjoKOF80UT8FKFM8UmZQdFglVgoDMl5jDSMAYgt2ATwDcAwkDH8ONFZpAzpdNFU2VmkHMFIzWTlaZQc1VTwCbl8%2BXig%3D
app.barracuda.com/	1969-12-31 23:59:59	Name: barracuda_new_locale Value: country_code%0Ade%0Astate_code%0A%FF0%FF%0Aregion_code%0Aemea%0Alang_code%0Aen%0A

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident Message: Refused to load the script 'https://cdn.printfriendly.com/printfriendly.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .polyfill.io .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com *.hotjar.com unpkg.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://tag.demandbase.com/ Message: Refused to frame 'https://s.company-target.com/' because it violates the following Content Security Policy directive: "frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com *.vidyard.com unpkg.com".
network	error	URL: https://id.rlcdn.com/464526.gif Message: Failed to load resource: the server responded with a status of 451 ()
javascript	error	URL: https://blog.barracuda.com/2023/12/01/malware-101-file-system-evasion-memory-only-registry-resident Message: Access to XMLHttpRequest at 'https://web.chtbl.com/track' from origin 'https://blog.barracuda.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://web.chtbl.com/track Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-src 'self' app.qa.barracuda.com app.barracuda.com .facebook.com .youtube.com .vidyard.com unpkg.com script-src 'self' 'unsafe-inline' assets.adobedtm.com .pdst.fm .doubleclick.net .google-analytics.com .bing.com .googleadservices.com .facebook.net .techtarget.com .demandbase.com .googletagmanager.com munchkin.marketo.net .cookielaw.org .polyfill.io .adroll.com .licdn.com .mxpnl.com .chtbl.com .invoca.net .livehelpnow.net addsearch.com .youtube.com .searchcdn.com .vidyard.com .hotjar.com unpkg.com
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.company-target.com
app.barracuda.com
blog.barracuda.com
cdn.cookielaw.org
cdn.printfriendly.com
ext.chtbl.com
geolocation.onetrust.com
id.rlcdn.com
p.typekit.net
tag-logger.demandbase.com
tag.demandbase.com
use.typekit.net
web.chtbl.com
www.googletagmanager.com
cdn.printfriendly.com
web.chtbl.com
13.227.219.43
143.204.215.78
2600:9000:2022:f000:1d:8d6d:3b40:93a1
2600:9000:2104:fa00:a:b27c:d040:93a1
2600:9000:236e:de00:14:fd89:5ac0:93a1
2600:9000:2646:3000:0:cc59:3900:93a1
2606:4700:4400::6812:2089
2606:4700::6812:82ec
2a00:1450:4001:80f::2008
2a02:26f0:3500:16::215:1490
2a02:26f0:3500:16::215:1495
35.244.174.68
4.234.25.19
03c30af9f99552ba2eff92617fdf160546d362aeb5885eba3592d25da5a31b56
0b79e8c3dcb7aeea8f62e4e2e695e60dbf779fe5a3595565cc856a70d1e576aa
0d49752a7a7d93d7e459fc189c58d305b9aa7d2b9bd923ac663a1548945bd12e
113cafa39568acba27f3f6ad96dcd5524e4287f6e8d4fdaf73404efb0f8b9b10
11d4663fa8f7dac0dc4d7097686c359a3771c4545fc050100f36e961874ec508
1636daeadf68320a8ff084924ab12632028d06a02bcb2de4febd953b14ab074b
19549c09d56fbb274e74f85be667fa6664961e7efdb9e9ef43f93f4011a4712e
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
2425711604ea242bbe21daa15ae93b57916cd24f2b7df7637dd7a9786fdf189a
27dc4f62298834987d3d8e5608c1af94c82ee3d18ee31858d39e0202697b5308
29abb1fb7cf50134f1124d0250ebf84ca38c8be090b37b0432d4f137c1c2fd31
2b408763e7213bb9d2dc71614d5e4919fa84ed8bcc4d7fc5e8bd7fd97a12aea0
2fd7e25951ed55795e3b649400e6d5946dbb3cbb308334bd516bfc7ffe9f31b3
30157fc7b6821278eee2e22d968e5f52dcd607803ea35d3cd62ad876d32afdcd
330fd6d564dff1313d98d4b80e4f7244d1ea1adfd8ea65b4f0bcc34d424137ae
34983ec5da74c95f7b9aba9e7abd42ca76b95cde4c06f476f6bfeb5547bd85ef
38e9ade7cb9f7a31a4525f2a70c4bdd2529340926202641bbbda8d655df8c0c3
43ccd137975bf357e94674077ffaf2d46bbe8733b28e971056e4c9ea2a49a280
5d9788646c01ec15dec9fe42bc9435d6bc84ed63aed58276c2dd92780a62ddda
625b05d59aadc6b5356b8b238108a1fcdf330275186ba33132cadb1237b1cd8d
63bd6f8c19a70f0f46588e5dbc4a872b429a5e8a1f17f82453c34b1f14e833c6
659ea9f7ac5d3c9037da23d13f85498a55c6d386c637dd2999bbcbc904084cd3
6da7a8abdaa18cf9fa8f134e1de315971a8340de92d155bfbf3e62b5494e8621
6f4a9a6d7d17b485daf9995ce913842473dff469dd74fa8fe2b730471f000eaf
6ffa07d2a244da24e7330335e14c1c7be5cff1477cfa8bf2baa33cefce5e5e04
7abff666ecb3f4aa7ceb076cc27af4f404c83ad375b76b6aa1a999e844c6adb9
880482ff98e9d99ec808fa09fb517f3a193c5922c03d093ccf5e064f9fdc6b50
899a718e8ce9bec7c3dbf9495ee83ede0b55e1575b37b270f1aab20660f6b820
964b08d9a425ae147571d62dfabfef171b5882b94607e9137f42e17f6825cf4d
98bc0753b3f7392176a4af252bfae9bcd1f2804b73dee374119899d8f52ae3d2
9ea7f0a7844cada198d1e8a28343cc081d3631c716c9dd53d889e4b7feae04ac
a0ab064e57ae58aa5e785a51416fa04a44bae33c08314181993a3d116495d940
a33128c94dd3c425bc3f4a9ba389a1f3d7a75233e8cb788ea80f8f43a3d68423
a4002d856e575601b351be144c9d7e4e6977286644fede72a7de1638844722aa
a5abdd6df1d760db1c6749fd92ce2d8a037cb411bc4849da3277cbedab35b8f5
a7e02a0a20001e61e65143e4930b318068f09692f4d7079dc7f26e0020613059
a8ac87a96a84d65c3fa7fe825042545627dc24730ccfbc16582b97efdc785c50
aad969ba9d08ec690b718fb839195cad8e705c02ad0e5c5f2b95598b25a9e286
ab24c94a6c443c60e36e879960bf136e69dc08402883c0292d3a44a8da98474a
abca86efdf0b1aafabb4e60d904de64e144f9a84020cbe9914e6c945a4d5d87b
ae55c313220f063fdb3dc157a89a22e6a20a400cdd5b639a5aabfa4ae91e476a
aecc3b952de368f386ea1f775346bd5276c41ce17a5b3c1704589101961480e3
b07871da02311868c31ab6ac5a4e78cc877f118acd854857f6f51519f3ddbbc9
b47cc4454aa7989b7f0141fb0ed6bdb25bd9816168de98a21154f43dc5da40c5
b825cc32ded55e1caa04b70f4b7f0f3010cfbbff4e1d89a035666b649ba2f782
b87ef2efd898acfddc8308449b24a558eca1e77f8e66802f03fab8c5d063d92a
c1b70c0adaabb35a5e45fc4321895c091f7b24d20915bb5b647bc9e28ae029ad
c250924012fdc9ea9516b30650895201cd167dbd49c9d148924f30881abfa393
c38f95e28cdb0a26e5e8db009f2e2b39a23c8a055b31ee9f61a9033c4ea4b057
c40da8018356b16f1cb78babdfe38139c129d453b965fd6d0d9d8c637c063ca6
c4d04d2b6a041dde11c80d8332f983a58c1031c663ab4f42230899cb82adf4a7
c5f4c758c56da0e200a02337c176da0ab24cdacb89e85cf655e8ffd6a916e005
c6c9e7bc71a69020f203ec5a114f610838ce65bdfb18aa9540666cef71974151
ceb4ce0bba67a12e21af094eb24293d7ea8bffaffc237a1cd90394c7588eaec9
d139c3756ba4ea4e4672c12645de4977faa9ba7e0d550931d2086338fd72dfe9
d9c5b7e0dad2a67c57b30b5561515f54299dcca29984917cd93fd0e03ff9fd91
dfbb960bd83d748588476e7e26fc34b8ab093c3cb762b60268a8ce66350f283f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee536a0a449e09427b5693405097b4dc758bceed3e4cc35bd53a7ef83218b279

blog.barracuda.com Open in urlscan Pro 4.234.25.19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

64 Requests

97 %HTTPS

69 %IPv6

10 Domains

14 Subdomains

14 IPs

3 Countries

2161 kBTransfer

4301 kBSize

10 Cookies

19 Outgoing links

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

blog.barracuda.com Open in urlscan Pro
4.234.25.19 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

97 %
HTTPS

69 %
IPv6

10
Domains

14
Subdomains

14
IPs

3
Countries

2161 kB
Transfer

4301 kB
Size

10
Cookies

64 HTTP transactions
7 data transactions