www.darkreading.com Open in urlscan Pro
2606:4700::6811:7863 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Submission: On May 12 via api (May 12th 2023, 2:10:55 am UTC) from TR — Scanned from DE

Summary HTTP 280 Redirects Links 46 Behaviour Indicators

Summary

This website contacted 61 IPs in 6 countries across 42 domains to perform 280 HTTP transactions. The main IP is 2606:4700::6811:7863, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.darkreading.com. The Cisco Umbrella rank of the primary domain is 150493.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 9th 2023. Valid for: a year.

This is the only time www.darkreading.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 36	2606:4700::68... 2606:4700::6811:7863	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700::68... 2606:4700::6813:bc61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 28	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
10	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9062	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
5	13.32.99.66 13.32.99.66	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.129.131 151.101.129.131	54113 (FASTLY) (FASTLY)
1	23.201.242.231 23.201.242.231	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.32.99.47 13.32.99.47	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.97.53 18.66.97.53	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:7200:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.122 13.32.99.122	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:7963	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.138.17.78 108.138.17.78	16509 (AMAZON-02) (AMAZON-02)
1	34.193.26.185 34.193.26.185	14618 (AMAZON-AES) (AMAZON-AES)
2	3.121.161.70 3.121.161.70	16509 (AMAZON-02) (AMAZON-02)
1	52.222.236.63 52.222.236.63	16509 (AMAZON-02) (AMAZON-02)
1 21	209.133.56.117 209.133.56.117	6461 (ZAYO-6461) (ZAYO-6461)
2 2	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
2	52.207.193.111 52.207.193.111	14618 (AMAZON-AES) (AMAZON-AES)
1 2	142.0.173.15 142.0.173.15	7160 (NETDYNAMICS) (NETDYNAMICS)
1	52.48.197.14 52.48.197.14	16509 (AMAZON-02) (AMAZON-02)
1	46.137.128.70 46.137.128.70	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	52.51.99.124 52.51.99.124	16509 (AMAZON-02) (AMAZON-02)
2 2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:183::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	209.133.56.108 209.133.56.108	6461 (ZAYO-6461) (ZAYO-6461)
8	205.234.175.175 205.234.175.175	23352 (SERVERCEN...) (SERVERCENTRAL)
1 1	3.213.246.48 3.213.246.48	14618 (AMAZON-AES) (AMAZON-AES)
2	108.138.189.100 108.138.189.100	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb9b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
20	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.223.97.64 3.223.97.64	() ()
2	185.221.87.23 185.221.87.23	() ()
2	34.111.234.236 34.111.234.236	() ()
1	18.130.52.110 18.130.52.110	() ()
1	34.198.52.55 34.198.52.55	() ()
28	18.66.112.52 18.66.112.52	() ()
2	23.35.229.56 23.35.229.56	() ()
3	3.223.221.82 3.223.221.82	() ()
280	61

36 2606:4700::6811:7863 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beta.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6813:bc61 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

eu-images.contentstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9062 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.99.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-66.fra60.r.cloudfront.net

static.iris.informa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.131 (United States)

ASN54113 (FASTLY, US)

6600d6d98e534115970f9529a45f3195.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.201.242.231 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-242-231.deploy.static.akamaitechnologies.com

img.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-47.fra60.r.cloudfront.net

s.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:7200:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-122.fra60.r.cloudfront.net

cdn.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:7963 (United States)

ASN13335 (CLOUDFLARENET, US)

c.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-78.fra56.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.193.26.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-26-185.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.161.70 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-161-70.eu-central-1.compute.amazonaws.com

eu01.in.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-63.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 209.133.56.117 (Dallas, United States) 1 redirects

ASN6461 (ZAYO-6461, US)
PTR: scaler01-tradepub.netline.com

darkreadingnewsletter.tradepub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.123 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.207.193.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-193-111.compute-1.amazonaws.com

a.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.0.173.15 (Toronto, Canada) 1 redirects

ASN7160 (NETDYNAMICS, US)

trk.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.197.14 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-197-14.eu-west-1.compute.amazonaws.com

iirexhibitionslimite.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.137.128.70 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-128-70.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.99.124 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-99-124.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:183::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.133.56.108 (Dallas, United States)

ASN6461 (ZAYO-6461, US)
PTR: scaler01-cts.netline.com

cts.tradepub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 205.234.175.175 (Cantonment, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net

img.tradepub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.213.246.48 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-246-48.compute-1.amazonaws.com

rpxnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.189.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-189-100.mxp64.r.cloudfront.net

d29usylhdk1xyu.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:bb9b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

quilt-cdn.janrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

48f133b2bcc3df17a4be26e3af1a4524.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.223.97.64 (None, )

ASN- ()

ads.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.221.87.23 (None, )

ASN- ()

bam.eu01.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.234.236 (None, )

ASN- ()

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.130.52.110 (None, )

ASN- ()

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.198.52.55 (None, )

ASN- ()

in.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 18.66.112.52 (None, )

ASN- ()

cache-ssl.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.229.56 (None, )

ASN- ()

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.223.221.82 (None, )

ASN- ()

track.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	darkreading.com 2 redirects www.darkreading.com — Cisco Umbrella Rank: 150493 beta.darkreading.com — Cisco Umbrella Rank: 408657 c.darkreading.com — Cisco Umbrella Rank: 609624 trk.darkreading.com — Cisco Umbrella Rank: 843604	885 KB
32	celtra.com ads.celtra.com cache-ssl.celtra.com track.celtra.com	860 KB
32	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205 stats.g.doubleclick.net — Cisco Umbrella Rank: 91 cm.g.doubleclick.net — Cisco Umbrella Rank: 234	232 KB
30	tradepub.com 1 redirects darkreadingnewsletter.tradepub.com cts.tradepub.com — Cisco Umbrella Rank: 367817 img.tradepub.com — Cisco Umbrella Rank: 134339	624 KB
21	moatads.com z.moatads.com — Cisco Umbrella Rank: 499 geo.moatads.com px.moatads.com	673 KB
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 48f133b2bcc3df17a4be26e3af1a4524.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 143	501 KB
12	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 449	40 KB
10	contentstack.com eu-images.contentstack.com — Cisco Umbrella Rank: 49650	84 KB
10	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 410	289 KB
7	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4217 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 83	2 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	315 KB
5	teads.tv a.teads.tv — Cisco Umbrella Rank: 1435 t.teads.tv	132 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	42 KB
5	informa.com static.iris.informa.com — Cisco Umbrella Rank: 58983	32 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 50	3 KB
3	ml314.com ml314.com in.ml314.com	12 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5171 adservice.google.de — Cisco Umbrella Rank: 7680	1 KB
3	treasuredata.com cdn.treasuredata.com — Cisco Umbrella Rank: 15504 eu01.in.treasuredata.com — Cisco Umbrella Rank: 27145	20 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 695 script.hotjar.com — Cisco Umbrella Rank: 957 in.hotjar.com — Cisco Umbrella Rank: 6309	74 KB
3	dpmsrv.com s.dpmsrv.com — Cisco Umbrella Rank: 29918 a.dpmsrv.com — Cisco Umbrella Rank: 24876	64 KB
3	gstatic.com fonts.gstatic.com	77 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	238 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	14 KB
2	nr-data.net bam.eu01.nr-data.net	868 B
2	cloudfront.net d29usylhdk1xyu.cloudfront.net	113 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 232	2 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 85	59 KB
2	ubembed.com 6600d6d98e534115970f9529a45f3195.js.ubembed.com — Cisco Umbrella Rank: 411893 assets.ubembed.com — Cisco Umbrella Rank: 11949	48 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 775	56 KB
1	janrain.com quilt-cdn.janrain.com — Cisco Umbrella Rank: 30712	9 KB
1	rpxnow.com 1 redirects rpxnow.com — Cisco Umbrella Rank: 10997	112 B
1	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 734	65 KB
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 416	98 B
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 6944	161 B
1	omtrdc.net iirexhibitionslimite.tt.omtrdc.net — Cisco Umbrella Rank: 479522	814 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1299	201 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1680	15 KB
1	en25.com img.en25.com — Cisco Umbrella Rank: 7031	3 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1019	49 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 636	304 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1018	7 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2649	15 KB
280	42

	Domain	Requested by
28	cache-ssl.celtra.com	ads.celtra.com www.darkreading.com
28	securepubads.g.doubleclick.net	1 redirects www.darkreading.com www.googletagservices.com
28	beta.darkreading.com	www.darkreading.com beta.darkreading.com
21	darkreadingnewsletter.tradepub.com	1 redirects www.darkreading.com darkreadingnewsletter.tradepub.com cdnjs.cloudflare.com
14	px.moatads.com
12	js-agent.newrelic.com	www.darkreading.com
11	tpc.googlesyndication.com	www.darkreading.com securepubads.g.doubleclick.net
10	eu-images.contentstack.com	www.darkreading.com
10	cdn.cookielaw.org	www.darkreading.com
8	img.tradepub.com	darkreadingnewsletter.tradepub.com
7	pagead2.googlesyndication.com	www.darkreading.com tpc.googlesyndication.com www.googletagservices.com
7	www.darkreading.com	1 redirects www.darkreading.com
6	z.moatads.com	securepubads.g.doubleclick.net
6	www.googletagservices.com	securepubads.g.doubleclick.net
5	www.google.com	www.darkreading.com securepubads.g.doubleclick.net
5	www.google-analytics.com	www.darkreading.com darkreadingnewsletter.tradepub.com www.google-analytics.com
5	static.iris.informa.com	www.darkreading.com
4	fonts.googleapis.com	darkreadingnewsletter.tradepub.com
3	track.celtra.com
3	a.teads.tv	securepubads.g.doubleclick.net www.darkreading.com
3	fonts.gstatic.com	www.darkreading.com fonts.googleapis.com
3	www.googletagmanager.com	www.darkreading.com darkreadingnewsletter.tradepub.com
3	cdnjs.cloudflare.com	www.darkreading.com darkreadingnewsletter.tradepub.com
2	t.teads.tv
2	ml314.com	z.moatads.com ml314.com
2	bam.eu01.nr-data.net	www.darkreading.com
2	d29usylhdk1xyu.cloudfront.net	darkreadingnewsletter.tradepub.com rpxnow.com
2	cm.g.doubleclick.net	2 redirects
2	trk.darkreading.com	1 redirects www.darkreading.com
2	a.dpmsrv.com	www.darkreading.com
2	ib.adnxs.com	2 redirects
2	eu01.in.treasuredata.com	www.darkreading.com
2	c.darkreading.com	www.darkreading.com
2	www.google.de	www.darkreading.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.darkreading.com
2	www.youtube.com	www.darkreading.com
2	code.jquery.com	www.darkreading.com securepubads.g.doubleclick.net
1	in.ml314.com	ml314.com
1	geo.moatads.com	z.moatads.com
1	ads.celtra.com	www.darkreading.com
1	48f133b2bcc3df17a4be26e3af1a4524.safeframe.googlesyndication.com	www.darkreading.com
1	adservice.google.com	www.darkreading.com
1	adservice.google.de	www.darkreading.com
1	quilt-cdn.janrain.com	d29usylhdk1xyu.cloudfront.net
1	rpxnow.com	1 redirects
1	cts.tradepub.com	darkreadingnewsletter.tradepub.com
1	cdn.optimizely.com	darkreadingnewsletter.tradepub.com
1	idsync.rlcdn.com	www.darkreading.com
1	content.hotjar.io	www.darkreading.com
1	in.hotjar.com	www.darkreading.com
1	iirexhibitionslimite.tt.omtrdc.net	www.darkreading.com
1	script.hotjar.com	www.darkreading.com
1	ping.chartbeat.net	www.darkreading.com
1	assets.ubembed.com	www.darkreading.com
1	region1.analytics.google.com	www.googletagmanager.com
1	cdn.treasuredata.com	www.darkreading.com
1	static.chartbeat.com	www.darkreading.com
1	static.hotjar.com	www.darkreading.com
1	s.dpmsrv.com	www.darkreading.com
1	img.en25.com	www.darkreading.com
1	6600d6d98e534115970f9529a45f3195.js.ubembed.com	www.darkreading.com
1	www.googleoptimize.com	www.darkreading.com
1	geolocation.onetrust.com	www.darkreading.com
1	static.cloudflareinsights.com	www.darkreading.com
1	stackpath.bootstrapcdn.com	www.darkreading.com
280	65

This site contains links to these domains. Also see Links.

Domain
ve.informaengage.com
www.blackhat.com
darkreading.tradepub.com
www.informationweek.com
messages.blackhat.com
github.com
twitter.com
www.interop.com
www.networkcomputing.com
www.itprotoday.com
www.datacenterknowledge.com
www.omdia.com
info.wrightsmedia.com
www.linkedin.com
www.facebook.com
www.youtube.com
news.google.com
tech.informa.com
www.informa.com
www.onetrust.com
adclick.g.doubleclick.net

Subject Issuer	Validity	Valid
darkreading.com Cloudflare Inc ECC CA-3	`2023-04-09` - `2024-04-08`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.contentstack.com Gandi Standard SSL CA 2	`2022-08-02` - `2023-07-22`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
static.iris.informa.com Amazon RSA 2048 M01	`2023-02-23` - `2023-09-01`	6 months	crt.sh
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-10-09` - `2023-11-10`	a year	crt.sh
*.en25.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-17` - `2023-07-18`	a year	crt.sh
*.dpmsrv.com Amazon RSA 2048 M01	`2023-03-18` - `2024-04-15`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
*.treasuredata.com Amazon RSA 2048 M01	`2023-02-21` - `2023-09-16`	7 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
assets.ubembed.com Amazon RSA 2048 M01	`2023-02-21` - `2024-02-03`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh
*.in.treasuredata.com Amazon RSA 2048 M02	`2023-02-13` - `2023-07-23`	5 months	crt.sh
*.tradepub.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-04` - `2024-05-04`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-09-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2023-03-02` - `2024-03-30`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-30` - `2023-10-30`	a year	crt.sh
*.cachefly.net GlobalSign RSA OV SSL CA 2018	`2022-11-01` - `2023-12-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
quilt-cdn.janrain.com R3	`2023-03-20` - `2023-06-18`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
teads.tv R3	`2023-05-11` - `2023-08-09`	3 months	crt.sh
celtra.com Amazon RSA 2048 M01	`2023-02-20` - `2024-02-07`	a year	crt.sh
*.eu01.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
ml314.com GTS CA 1D4	`2023-04-09` - `2023-07-08`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-05`	a year	crt.sh
*.ml314.com Amazon RSA 2048 M02	`2023-02-27` - `2023-12-14`	10 months	crt.sh

This page contains 13 frames:

Primary Page: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Frame ID: 9A18CD4C508830431C51F276D96AE793
Requests: 154 HTTP requests in this frame

Frame: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1
Frame ID: F84C025D06B98525A5CE3B93EAFCC2B1
Requests: 44 HTTP requests in this frame

Frame: https://48f133b2bcc3df17a4be26e3af1a4524.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F4109841895F1262410925BBEAFCA381
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuT4gJLSCOjBOjxd9ZNz91dNaaMncwigZVAOSxhVGn--J3kOETejk_wj0p8zAJSKwkov-6yqUsGNx33TGQQjkRxbFcdmL_nAgXbYhsGuCz-yrIrzmJA1sGDZpfhrMbYg6ST8oLdanMPgH-Zzo_z3YfqNAj4288smxbOr6AUhDHgDIzHPCQ_lORVo2BywfDKRZOgqq1RPpVucr8rGgNz5DdUI4i_uBB7q2JZaQRR5Sozrjr35832k41uwh4B8MbBgjGxWMxGSspgHG1gumZQSC65TchM84pEc5PiwmbxT6C1X361HigfGoYnpdLLnl2T7RFwTo0eK08PAWwZSTxfkewrS0y9co4W1yU&sai=AMfl-YTlNXyPMSoTugj2rUuGDBJAkwvmTONtiF3HJxMs308Ba6zMToq_l4KgWj_JDEW125rxZ7n1rIyOan5Bxr7cT_xLXudDzv9yzkxhUxZoyF7Qsj5K07uoi--LJGVBPsw&sig=Cg0ArKJSzMtdHUhfk1ecEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 9B0717ECACA4EC3E7A83F85D5D4E6DA1
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvoGRznseMDKK0cZDxv7s84J3RMlaKgj999Il23n1LDB3eIz3VmQeSJaKnC5v_-gT0oLE30SkvNGbCj8dUWZ56T52WB0nDr5JUawjaLCDbtRtaeb2hTpiyneGwuwn8kV7Ijq13YvdTmVfVzhT4qAxkqJxMq8Sq4_cO23x8GEQWpQWAg6hGJF4mG3W0aiWF2nwJUywzVmBx0Gjb_OdFdXRKYXmFxLor3pHLV7ruiCI_0P_tooXtr2sKOAfAsWPytJw40L3qH5WDRVjmk8I5DJbUILkhahshIVqYLdfJYd80iAuWAWOYBbggwVyekTFS13oYt5no-SGbaSjQ99I7YPlSB2iNdW4hnZQjHugE0MqKOu2n5R5RD4kmR&sai=AMfl-YSpRCM8rOVGrtN23BuR8LJnuN76SdrAkNf0CsVLtNbznS6pIss6qlCX5_MtEzaQDWSbYaI7bZp584CnWomsvYUybZch8KwYk68zoXmBFFqekBLDH4IZ70KHlh7cYg&sig=Cg0ArKJSzIc3NuHa6Ir-EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7C9A4AB28C0358DF1A59620974D018A0
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuizjLNyplN_1Jm-9fo6eOAbBVMukURAJtBKCkFT1dwjBsYUGfmfE0l-ng2QA6e-STAMRZNDlNy7tdnWEAGxn6O2hyBlC2hdTNoIBam3-z4INeDSppmaLGWeJbVaSxFwa-m5iDA77gtRsXqbNhOSItkqLUZybgJKJnTyF0e9GFo9P-ytuNfPV1xGjJAHdO2SF5yq3zo7-bS4MaA18G4qCL-Obgiu7D9K3I9Ov4Vy7uM6oc_OnOr3_X9Q0Ir0-SZrxNB7ZBFc_Dd194xOVreRo1BsIjcKQdCYbA5l0yToaU65Eq6On1iiYZAD6lInCXkH9Kk-qn0lbRb9f_A26p8oXQZnim3hDk&sai=AMfl-YS0irI3nIwMDy1f_P9Au67km09OdisDMnGIQmhjpVo5R99TNDRm7sR3MvWznO-xGbpfZ2Fni_Sr3Fk_OmVwpNW_8Rry4cw25qWRmBDZOuvLYZuOGIynbKXVQLzZTA&sig=Cg0ArKJSzPFGA85HGPGXEAE&uach_m=[UACH]&adurl=
Frame ID: 9B5D956262AA48C6D3441D4DB9BECBAE
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGTiWwN_kCEaxSj0nluB48GjmR_3UleIeQXU6luUEzNONaKyUjg5iZXsGmsJgqqW-OdSpp8daAbHwmVA963vS3UsY28k8lanxG1RZrvBHWPz5CLzomt2y2KtC1cxxbFMuxZECiM6EfzS1-HodTV--GRVW0CP4rgypxf4w5PjWjglhrrLRNMZ114YJa6MIYiPTNmj8luUWFYfosPovUpkodppvXgHr3byM4KxrFVxWaZ_1g8VAjlTueU-CeHnOZUneH-ns-uC-WOoOCEJ7BzzHHhPkxsDKI82jh9CLcStxzYH8PJDFBuU_9fyzcUa8_qxg0GtmSWQcFtt7r5CeKegKiJg&sai=AMfl-YTddU9dRhnbYjOfqoWuotUTLFeYtbtKFFcP7oKLssqb4QKFgasmIECeX2-qrEFMDS0Fb-bKlFa3I78qRqpgpdylbYBRhpWyn0FAoScSXGAn1cqANDsr8mbCI08KfpY&sig=Cg0ArKJSzOOn9OhldAR5EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 4D3C909B988310407AB96629F9C774EA
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstv6ISacewhRjhPeDHlkdT-slAOneGQZTB5BMlt52fSs7rEGXY6I46gWirr6f_JawElHKdb5C67_6Galhp9RnXCM7mv5tAQAVR6fv9FmtxTfD24-46hNkrHkpCCTFNL-4ozWbPySwG_bHdrB-GWL7U0YeBJ34PgmZlyJ4Dmq2Z3iEchA1HPhq9ECixCp38v2KEJEbAIZRzswuvnzLWc9Pf7WFDDGVdWNGVG9BuCynj3dMHfYc9FwgksFXxrwVx0uCacDlrza7m4hvHySIhMUAXEla-WmiVSf-MyPPFU7XwbDFlol31RhGVR95qr1BY647CHgTc71OadNOOr5jssx-925A&sai=AMfl-YSdXq2qVWXYfmJ4EfciVM1sy18vwKLOj3JT3XEiomOZfsv1Jsi-MUaez7N45urhnDV_RU3tAia9eoi9A2vQY632dZzFiB3uSxPcl1xd6_kM6lsgVGUGQzqlQ_ZnOA&sig=Cg0ArKJSzDX907a-N-whEAE&uach_m=[UACH]&adurl=
Frame ID: 2A9AA6F01AFC5EB3B95061282C783085
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUEw4_0IYb4GhD7hHf7XD0QQw1td4yUDNz08SoYUQ4myjxJgoaeBfvdK38j-K8welkH3fu1GkjUNkfbn4veqjmM7OOyW5TCGVF6QXcHaaHcpk_XlUt4-75YWdsBZSW6-omaLTBa9efWequXeqTLbbcII-DckWVp0M4sE0fXLLNxMtbb-LZOJCS-kWmNS5rHSYRDEblVPw5KVyJt7XY8aKZyIYiVm7Y1OW_DFZW770-R3BkPRj815gmM-kchF1kyGp2vtfyNW_Q6Bci1lcMmLaW76P36VPcChtfDAlNx-HuTuJauVDzOv314vHFVF5XqQleBcXY-vQYyvrwCE4wkEj8fUj7rDU&sai=AMfl-YRxX8NVSTK0ruOU27VIKBntMI81uTChI_TMO2YR8jm3flQ68gYhKbuN4-dX6MiefbjkNiwkcF7bF91lSsuCWcYM68ZZ-T4Rn-Z_27lbUMub3UTriGSe7VNW8LfJ8MI&sig=Cg0ArKJSzFvZTAO74YIwEAE&uach_m=[UACH]&adurl=
Frame ID: A7F29DC656E41FD87BDAC7E6C33216F0
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJEGHxiWPwmsLn4wF_IBQLqEQ72W138O39BxkuCHxMiep0mBBll0MeydVPHwIcrpz6KlPajWw_Y7f0HT-ziXwLJpI-qryyoLLQPyG2YBEv2J1tjtPHpZvd_3lc8BY5YX3QiKoKP9pAVHONJVH77ODoFtHgzKB6e5MIVmlezeitaLYolw_VbyRmWyw2O9MnSY8OcWR__TIZfkP5mI1_XdMBU3LK_akSiDAyEJeA4s8auSnBfs8FaEC_JTkjVJ3Y91gt8f7q5onH4UDucCxDkGF1t1BYsJ_9vH--UCQY40aY0ZzArjky63o0EK4yiLExP_Mn4YFguq-hfc8Oy9pC5jbyYRtH_CM&sai=AMfl-YT2xTbcoU9cqGlO1_tCCqGdTtI5Q-6WXn74tbzL17FnBkz_yQpnfa2u7LUotDOdfUgFtsu99FhI_Hq6yQBB_xgKUBPMee3mAoQiiWKVRoHPfb_0xot3RrCBdsFM5NE&sig=Cg0ArKJSzDIlFeIGcB2SEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 04C00C6FC7D16A2E02911A878227CC4A
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 047C70872F9EC598E71916E1C4F190D3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 514C255813490B8F44D5F957C015C06C
Requests: 2 HTTP requests in this frame

Frame: https://cache-ssl.celtra.com/api/fonts/google/Lato:400/3_webfont.woff2?subset=BCDEGILORSTUVW
Frame ID: F83795BFF7F0C423C8AF6DA238EF57AC
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Multiple Ransomware Groups Adapt Babuk Code to Target ESXi VMsCookies ButtonBack ButtonSearch IconFilter Icon

Detected technologies

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

280
Requests

97 %
HTTPS

44 %
IPv6

42
Domains

65
Subdomains

61
IPs

6
Countries

5651 kB
Transfer

14138 kB
Size

42
Cookies

46 Outgoing links

These are links going to different origins than the main page.

URL: https://ve.informaengage.com/virtual-events/dr-anatomy-of-a-data-breach-and-what-to-do-if-it-happens-to-you/?kcode=sbx&cid=smartbox_techweb_session_16.500296&_mc=smartbox_techweb_session_16.500296
Title: Anatomy of a Data Breach - A Dark Reading June 22 Event

Search URL Search Domain Scan URL

URL: https://www.blackhat.com/?cid=smartbox_techweb_session_16.500287&_mc=smartbox_techweb_session_16.500287
Title: Black Hat USA - August 5-10 - Learn More

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_autp21&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001285&_mc=smartbox_techweb_upcoming_webinars_8.500001285
Title: Puzzled by Patching: Solve Endpoint Pains

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_palo192&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001294&_mc=smartbox_techweb_upcoming_webinars_8.500001294
Title: Building the SOC of the Future: Next-Gen Security Operations

Search URL Search Domain Scan URL

URL: https://www.informationweek.com/whitepaper/Security
Title: White Papers >

Search URL Search Domain Scan URL

URL: https://www.informationweek.com/whitepaper
Title: Tech Library >

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa3135&ch=dr_header
Title: Newsletter Sign-Up

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_manf45&ch=drsitebell
Title: Event

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa4076&ch=drsitebell
Title: Event

Search URL Search Domain Scan URL

URL: https://messages.blackhat.com/2022-attendee-report-2022?kcode=drsite
Title: Report

Search URL Search Domain Scan URL

URL: https://github.com/Hildaboo/BabukRansomwareSourceCode
Title: leaked Babuk source code

Search URL Search Domain Scan URL

URL: https://twitter.com/vxunderground/status/1433758742244478982?lang=en
Title: wrote in a tweet

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa3135&ch=dr_eoa
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa3998&ch=sbx&cid=smartbox_techweb_whitepaper_14.500005370&_mc=smartbox_techweb_whitepaper_14.500005370
Title: The Big Business Of Cybercrime: A Deep Dive Guide

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_cymu30&ch=sbx&cid=smartbox_techweb_whitepaper_14.500005368&_mc=smartbox_techweb_whitepaper_14.500005368
Title: Understanding Vulnerability Prioritization Technologies - From Generic VM to VPT

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_invj50&ch=sbx&cid=smartbox_techweb_analytics_7.300005987&_mc=smartbox_techweb_analytics_7.300005987
Title: How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_defa3977&ch=sbx&cid=smartbox_techweb_analytics_7.300005981&_mc=smartbox_techweb_analytics_7.300005981
Title: The 10 Most Impactful Types of Vulnerabilities for Enterprises Today

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_ingg114&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001295&_mc=smartbox_techweb_upcoming_webinars_8.500001295
Title: Everything you Need to Know about DNS Attacks

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_synp02&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001296&_mc=smartbox_techweb_upcoming_webinars_8.500001296
Title: Why Threat Modeling Is Critical for Enterprise Cyber Defense

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_forq204&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001297&_mc=smartbox_techweb_upcoming_webinars_8.500001297
Title: Securing the Remote Worker: How to Monitor and Mitigate Offsite Cyberattacks

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_defa3940&ch=sbx&cid=smartbox_techweb_analytics_7.300005980&_mc=smartbox_techweb_analytics_7.300005980
Title: Shoring Up the Software Supply Chain Across Enterprise Applications

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_darl08&ch=sbx&cid=smartbox_techweb_analytics_7.300005973&_mc=smartbox_techweb_analytics_7.300005973
Title: The Promise and Reality of Cloud Security

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_defa3521&ch=sbx&cid=smartbox_techweb_analytics_7.300005970&_mc=smartbox_techweb_analytics_7.300005970
Title: 10 Hot Talks From Black Hat USA 2022

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_delh32&;ch=sbx&cid=smartbox_techweb_whitepaper_14.500005359&_mc=smartbox_techweb_whitepaper_14.500005359
Title: 2023 Global Future of Cyber Report

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_delh30&ch=sbx&cid=smartbox_techweb_whitepaper_14.500005357&_mc=smartbox_techweb_whitepaper_14.500005357
Title: Cybersecurity in 2023 and beyond: 12 leaders share their forecasts

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_delh29&ch=sbx&cid=smartbox_techweb_whitepaper_14.500005356&_mc=smartbox_techweb_whitepaper_14.500005356
Title: Know your customer: Enable a 360-degree view with customer identity & access management

Search URL Search Domain Scan URL

URL: https://www.interop.com/
Title: Interop

Search URL Search Domain Scan URL

URL: https://www.informationweek.com/
Title: InformationWeek

Search URL Search Domain Scan URL

URL: https://www.networkcomputing.com/
Title: Network Computing

Search URL Search Domain Scan URL

URL: https://www.itprotoday.com/
Title: ITPro Today

Search URL Search Domain Scan URL

URL: https://www.datacenterknowledge.com/
Title: Data Center Knowledge

Search URL Search Domain Scan URL

URL: https://www.blackhat.com/
Title: Black Hat

Search URL Search Domain Scan URL

URL: http://www.omdia.com/
Title: Omdia

Search URL Search Domain Scan URL

URL: https://info.wrightsmedia.com/informa-licensing-reprints-request
Title: Reprints

Search URL Search Domain Scan URL

URL: https://twitter.com/DarkReading

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/dark-reading/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/darkreadingcom

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@DarkReadingOfficialYT

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMKmknwswtq63Aw?ceid=US:en&oc=3

Search URL Search Domain Scan URL

URL: https://tech.informa.com/
Title: Home

Search URL Search Domain Scan URL

URL: https://tech.informa.com/cookie-policy
Title: Cookies

Search URL Search Domain Scan URL

URL: https://tech.informa.com/privacy-policy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://tech.informa.com/terms-and-conditions
Title: Terms

Search URL Search Domain Scan URL

URL: https://www.informa.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsvb5OLQ6blLt_K8zxOzRDWtHQ-F4Imz2AEeT8KyR9H4Wg1ZzJwyTM67t4O6hgttY-vryTopfkTSDl2SxOzSJXJt3sRjGHSFDuDWESsf2swYpyyD60HFCT3EiLxGhktyPvlAxB_g-HAxHBVNmM6tnsxJS7f1WiYIqqwt-d1OJgZ52r6oqrwc2ASZCWa9Fu0pctSeVOk0IdDlkrEf0zavLWQ51JUmUqgIQ1-0IbLkdDmdzIHIGDy_G8eH9PIX5WJkHl1osYXAjkixCoEX81kfy3am1WrKstD-sC6lbyKrju2t4pkowXttNVJZCiYxUXLqOWymeJ7b0FrDuodKtfnxnLVt4FU&sai=AMfl-YQgogfRRy0iLMVBxMnvHHChD3Tg-WaLcRmZAJJLZQONo1G7YrcV0_ssXgW4zMXBDg_hN4MKDgDMYSyysifSgjI8C2TKRSj45LXvb5JdEoH0Fe0p6MU3g5eniFFSQNA&sig=Cg0ArKJSzFw-RZPCndfDEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://snyk.io/?utm_campaign=Dev-Sec-BRD-2022&utm_medium=Content-Syndication&utm_source=dark-reading&utm_content=developer-loved-security-trusted-bookend-banner

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89

https://darkreadingnewsletter.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_darl10&ch=5 HTTP 302
https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1

Request Chain 91

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&zn%3D%26sn%3D%26q%3DxImp%26v%3D1.x%26cl%3D55%26pixelIndex%3D0%26r%3D247942%26tzOffset%3D0%26url%3Dhttps%253A%252F%252Fwww.darkreading.com%252Fcloud%252Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26zn%253D%2526sn%253D%2526q%253DxImp%2526v%253D1.x%2526cl%253D55%2526pixelIndex%253D0%2526r%253D247942%2526tzOffset%253D0%2526url%253Dhttps%25253A%25252F%25252Fwww.darkreading.com%25252Fcloud%25252Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?id=1480271768965354187&zn=&sn=&q=xImp&v=1.x&cl=55&pixelIndex=0&r=247942&tzOffset=0&url=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Request Chain 93

https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&ref2=elqNone&tzo=0&ms=535&optin=disabled&firstPartyCookieDomain=trk.darkreading.com HTTP 302
https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&ref2=elqNone&tzo=0&ms=535&optin=disabled&elq1pcGUID=07DBA415B336455FB8A8E3FEAEEF0D23

Request Chain 99

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=1480271768965354187&pixelIndex=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm=&ap_id=1480271768965354187&pixelIndex=0&google_tc= HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=1480271768965354187&pixelIndex=0&google_gid=CAESEG7eavReTPKVtT5aB2axjmI&google_cver=1

Request Chain 129

https://rpxnow.com/js/lib/signin.tradepub.com/engage.js HTTP 301
https://d29usylhdk1xyu.cloudfront.net/load/signin.tradepub.com

Request Chain 169

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvoGRznseMDKK0cZDxv7s84J3RMlaKgj999Il23n1LDB3eIz3VmQeSJaKnC5v_-gT0oLE30SkvNGbCj8dUWZ56T52WB0nDr5JUawjaLCDbtRtaeb2hTpiyneGwuwn8kV7Ijq13YvdTmVfVzhT4qAxkqJxMq8Sq4_cO23x8GEQWpQWAg6hGJF4mG3W0aiWF2nwJUywzVmBx0Gjb_OdFdXRKYXmFxLor3pHLV7ruiCI_0P_tooXtr2sKOAfAsWPytJw40L3qH5WDRVjmk8I5DJbUILkhahshIVqYLdfJYd80iAuWAWOYBbggwVyekTFS13oYt5no-SGbaSjQ99I7YPlSB2iNdW4hnZQjHugE0MqKOu2n5R5RD4kmR&sai=AMfl-YSpRCM8rOVGrtN23BuR8LJnuN76SdrAkNf0CsVLtNbznS6pIss6qlCX5_MtEzaQDWSbYaI7bZp584CnWomsvYUybZch8KwYk68zoXmBFFqekBLDH4IZ70KHlh7cYg&sig=Cg0ArKJSzIc3NuHa6Ir-EAE&uach_m=[UACH]&urlfix=1&adurl=https://tpc.googlesyndication.com/simgad/13915301549715677873? HTTP 302
https://tpc.googlesyndication.com/simgad/13915301549715677873

Request Chain 226

https://www.darkreading.com/sites/all/themes/penton_core_theme/images/ContentPillar_Welcome_1200.png HTTP 302
https://www.darkreading.com/404

280 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms Show response
www.darkreading.com/cloud/ 484 KB
76 KB 852ms
793ms Document
text/html 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b114941f6e11f7c3d042d0cd27f71a559db569530ee54795eef6c2739a677c4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7c5f20948f3b901c-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 12 May 2023 02:10:47 GMT
server: cloudflare
vary: Accept-Encoding, Origin
x-proxy-by: https://www.darkreading.com

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/ 14 KB
4 KB 70ms
30ms Script
application/x-javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/OtAutoBlock.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8751c85d4da8af34fb4d78a2ab5bb92b7a3b5380f2d0d5ca89d11fc2b5bfb6ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /FIp/4zYapfYlY6Lvx04NA==
age: 73245
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3637
x-ms-lease-status: unlocked
last-modified: Mon, 19 Dec 2022 13:32:27 GMT
server: cloudflare
etag: 0x8DAE1C578B651FF
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 3126707b-901e-017e-65e1-5a017c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c5f209a8b332ba9-FRA
expires: Sat, 13 May 2023 02:10:48 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 73ms
35ms Script
application/javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8d41783702d7bb7a7a9c548b151903859eb90a32d29eeaa3487a7937611a27f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: rpnZu/dYNZPLIh9pLOSMrg==
age: 17759
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6757
x-ms-lease-status: unlocked
last-modified: Thu, 11 May 2023 06:31:16 GMT
server: cloudflare
etag: 0x8DB51E952FECC52
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 60d8fbe2-701e-017f-1e3b-840081000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c5f209a8b342ba9-FRA

GET
H2 200 adsensebase.js Show response
beta.darkreading.com/js/prebid-ads/ad_utils/ 24 B
173 B 407ms
399ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/js/prebid-ads/ad_utils/adsensebase.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 757c66837cfbe8c2533e8c41099d8e50b20f83fbf84ead6a6d7435dcc2ad0884

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
cf-cache-status: MISS
last-modified: Thu, 27 Apr 2023 16:58:59 GMT
server: cloudflare
etag: W/"18-187c3a76038"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7c5f209a5a28901c-FRA
content-length: 24
expires: Fri, 12 May 2023 04:10:48 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 74 KB
25 KB 256ms
211ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4cfb4354e3bc2294e98c79fc1a829ac9a947b04104c3ea7bcaebf652925dd2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25261
x-xss-protection: 0
server: cafe
etag: 7 / 19489 / m202305090101 / config-hash: 7593482187646896781
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 12 May 2023 02:10:48 GMT

GET
H2 200 4d90ad636859e6d5.css
beta.darkreading.com/_next/static/css/ 410 KB
60 KB 44ms
36ms Stylesheet
text/css 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/css/4d90ad636859e6d5.css
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d993d894f9713b3d26ccd12fb9bfdd84e48131d1eef5d20d41f1cdc7bcc9c00f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 17:01:57 GMT
server: cloudflare
age: 885822
etag: W/"66670-187c3aa1788"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c5f209a5a27901c-FRA
expires: Sat, 11 May 2024 02:10:48 GMT

GET
H2 200 webpack-3ce7f1753013b3ec.js Show response
beta.darkreading.com/_next/static/chunks/ 4 KB
2 KB 30ms
30ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/webpack-3ce7f1753013b3ec.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ecf52614cfcf19d9e54f6315e8469693c03fc619115da7ce952bd4257b76f03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 17:01:57 GMT
server: cloudflare
age: 885822
etag: W/"ef3-187c3aa1788"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c5f209c7b22901c-FRA
expires: Sat, 11 May 2024 02:10:48 GMT

GET
H2 200 framework-70134ee1270fb32c.js Show response
beta.darkreading.com/_next/static/chunks/ 128 KB
42 KB 32ms
31ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/framework-70134ee1270fb32c.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c662be26daa544e07f7170870e306427b9fcf0d9f30e6f602c7fb67005bfda3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 1245820
etag: W/"1fec8-187c3675d80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c5f209cab33901c-FRA
expires: Sat, 11 May 2024 02:10:48 GMT

GET
H2 200 main-9bc1cfd325d1370f.js Show response
beta.darkreading.com/_next/static/chunks/ 111 KB
30 KB 32ms
32ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/main-9bc1cfd325d1370f.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03b6f9934a86e8d5472f0b2449d99983b33aceba85871c5ac10ff79a70afab97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 1242572
etag: W/"1bd10-187c3675d80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c5f209cdb42901c-FRA
expires: Sat, 11 May 2024 02:10:48 GMT

GET
H2 200 _app-dbedff49d537494d.js Show response
beta.darkreading.com/_next/static/chunks/pages/ 497 KB
158 KB 47ms
44ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/pages/_app-dbedff49d537494d.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d847022b4855577f07071ade28e6ffba86c014283f02fbba7d326690b157ee9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 17:01:57 GMT
server: cloudflare
age: 1238285
etag: W/"7c38f-187c3aa1788"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c5f209cfb56901c-FRA
expires: Sat, 11 May 2024 02:10:48 GMT

GET
H2 200 af537566-88286964f7a0b5d1.js Show response
beta.darkreading.com/_next/static/chunks/ 269 KB
80 KB 40ms
37ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/af537566-88286964f7a0b5d1.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f84daf0174e2c6f686b5864ff7dafc119dae3c2ca88f213dcbfc3f70b2b39571

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 1242572
etag: W/"43344-187c3675d80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c5f209cfb58901c-FRA
expires: Sat, 11 May 2024 02:10:48 GMT

GET
H2 200 80f08544-c91db5296fc68d77.js Show response
beta.darkreading.com/_next/static/chunks/ 72 KB
19 KB 37ms
34ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/80f08544-c91db5296fc68d77.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36069dae705692548e4a2c2d3c504cea29cf7756771c054130f14e48f3492b58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 17:01:57 GMT
server: cloudflare
age: 885822
etag: W/"11e1b-187c3aa1788"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c5f209cfb59901c-FRA
expires: Sat, 11 May 2024 02:10:48 GMT

GET
H2 200 265-2f47a5945553d0a6.js Show response
beta.darkreading.com/_next/static/chunks/ 49 KB
17 KB 45ms
43ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/265-2f47a5945553d0a6.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb1589f0619e41e0fa1d0770121be244be9fa07d5a6c5938d5988f9726927307

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 1242572
etag: W/"c216-187c3675d80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c5f209cfb5a901c-FRA
expires: Sat, 11 May 2024 02:10:48 GMT

GET
H2 200 106-6e732169920a1a66.js Show response
beta.darkreading.com/_next/static/chunks/ 8 KB
3 KB 32ms
29ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/106-6e732169920a1a66.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 720b074e114854f5c2b347ee013066f2ff6e8a1da750d605c8df6936b997eb60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 1242572
etag: W/"1eec-187c3675d80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c5f209cfb5b901c-FRA
expires: Sat, 11 May 2024 02:10:48 GMT

GET
H2 200 330-44b99de39ae2ad82.js Show response
beta.darkreading.com/_next/static/chunks/ 91 KB
29 KB 40ms
40ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/330-44b99de39ae2ad82.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e00d3935f6a747eedf83365b8b957f71ec570e9ac018426c07f59e7e1a32126

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 17:01:57 GMT
server: cloudflare
age: 885822
etag: W/"16df9-187c3aa1788"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c5f209d1b65901c-FRA
expires: Sat, 11 May 2024 02:10:48 GMT

GET
H2 200 410-87a058ee18a2e683.js Show response
beta.darkreading.com/_next/static/chunks/ 179 KB
52 KB 38ms
33ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/410-87a058ee18a2e683.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e168f400859a54ae28705c297c4d347eacbbcfee972a38744b8f9d890022a898

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 1242572
etag: W/"2cbc2-187c3675d80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c5f209d2b72901c-FRA
expires: Sat, 11 May 2024 02:10:48 GMT

GET
H2 200 644-10fece11b4038bdb.js Show response
beta.darkreading.com/_next/static/chunks/ 18 KB
7 KB 34ms
28ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/644-10fece11b4038bdb.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 429f7e0fe891676debcf572bce666bf67cabfd82e6774895d4800283a05df589

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 17:01:57 GMT
server: cloudflare
age: 123810
cf-polished: origSize=18434
etag: W/"4802-187c3aa1788"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c5f209d3b75901c-FRA
expires: Sat, 11 May 2024 02:10:48 GMT

GET
H2 200 727-cb4d0a5251be82c9.js Show response
beta.darkreading.com/_next/static/chunks/ 7 KB
2 KB 31ms
29ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/727-cb4d0a5251be82c9.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 061873fb71d654fc87404592fbb9cd1665e8882c1ab3423f92ddc61f940be783

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 1242572
etag: W/"1ad3-187c3675d80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c5f209d4b7b901c-FRA
expires: Sat, 11 May 2024 02:10:48 GMT

GET
H2 200 353-c5fb30de1cdcd743.js Show response
beta.darkreading.com/_next/static/chunks/ 115 KB
28 KB 34ms
32ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/353-c5fb30de1cdcd743.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1848ed0b2a54ed644ee182f2e2c012164080f1be7c475041f8d0a2ebe456c89f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 17:01:57 GMT
server: cloudflare
age: 885822
cf-polished: origSize=117839
etag: W/"1cc4f-187c3aa1788"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c5f209d4b7c901c-FRA
expires: Sat, 11 May 2024 02:10:48 GMT

GET
H2 200 314-d27066328fe72a2d.js Show response
beta.darkreading.com/_next/static/chunks/ 131 KB
38 KB 38ms
35ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/314-d27066328fe72a2d.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35396bc1fe0457ca063caaf18161f4d252b66dda7bdf4dc83bd7291c5a763b5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 1242572
etag: W/"20a76-187c3675d80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c5f209d5b94901c-FRA
expires: Sat, 11 May 2024 02:10:48 GMT

GET
H2 200 274-e20cb371d1281709.js Show response
beta.darkreading.com/_next/static/chunks/ 135 KB
43 KB 34ms
32ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/274-e20cb371d1281709.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9e40e17ef48acdd8fbbd4ab434adcd35602a939c19816f297baaa91e675a067

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 1242572
etag: W/"21d94-187c3675d80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c5f209d5b95901c-FRA
expires: Sat, 11 May 2024 02:10:48 GMT

GET
H2 200 244-ff3831dc21292b31.js Show response
beta.darkreading.com/_next/static/chunks/ 53 KB
14 KB 34ms
32ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/244-ff3831dc21292b31.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fc9226c1dac21a7182d442ae225403735a06132fa0d3339f9b691161f226870

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 17:01:57 GMT
server: cloudflare
age: 1239170
etag: W/"d4e2-187c3aa1788"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c5f209d6ba2901c-FRA
expires: Sat, 11 May 2024 02:10:48 GMT

GET
H2 200 497-8d7ba2757a8dafee.js Show response
beta.darkreading.com/_next/static/chunks/ 17 KB
6 KB 31ms
30ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/497-8d7ba2757a8dafee.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42a69348bb53b155c5d4fa084e826b2ca4f80cdcd131455fe33c8ab8b1f32ddc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 17:01:57 GMT
server: cloudflare
age: 885822
etag: W/"443d-187c3aa1788"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c5f209d6ba4901c-FRA
expires: Sat, 11 May 2024 02:10:48 GMT

GET
H2 200 411-d3fb60788f626717.js Show response
beta.darkreading.com/_next/static/chunks/ 14 KB
3 KB 28ms
27ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/411-d3fb60788f626717.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ac768d479fd8627d59a5298f7175cf51f4ace4eea8feda66a04b1e32244d6ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 1242572
etag: W/"399e-187c3675d80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c5f209d7ba8901c-FRA
expires: Sat, 11 May 2024 02:10:48 GMT

GET
H2 200 424-e8fa1fe0f531e88a.js Show response
beta.darkreading.com/_next/static/chunks/ 80 KB
15 KB 31ms
30ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/424-e8fa1fe0f531e88a.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f2731b7ddbfae256839a740f6dda68ec6e67a4cf1e62a8ed4ffce75a589d16d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 17:01:57 GMT
server: cloudflare
age: 885822
etag: W/"141ac-187c3aa1788"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c5f209d9bc8901c-FRA
expires: Sat, 11 May 2024 02:10:48 GMT

GET
H2 200 %5BhybidPage%5D-f6822043d08df330.js Show response
beta.darkreading.com/_next/static/chunks/pages/%5Bcategory%5D/ 37 KB
11 KB 32ms
32ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/pages/%5Bcategory%5D/%5BhybidPage%5D-f6822043d08df330.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c870bc0b6e52de133e3273be305bda03afd6aba5d5064c034f2a50a3af3edc01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 17:01:57 GMT
server: cloudflare
age: 1238285
etag: W/"93f1-187c3aa1788"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c5f209d9bcb901c-FRA
expires: Sat, 11 May 2024 02:10:48 GMT

GET
H2 200 _buildManifest.js Show response
beta.darkreading.com/_next/static/C2tjWCko0KV7QDScNLDsq/ 3 KB
1 KB 30ms
27ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/C2tjWCko0KV7QDScNLDsq/_buildManifest.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81d50aff02889109dbd93d915814d4b8cabd50d108b081827416f8d5dfb8f87d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 17:01:57 GMT
server: cloudflare
age: 1238285
etag: W/"c10-187c3aa1788"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c5f209dabea901c-FRA
expires: Sat, 11 May 2024 02:10:48 GMT

GET
H2 200 _ssgManifest.js Show response
beta.darkreading.com/_next/static/C2tjWCko0KV7QDScNLDsq/ 91 B
137 B 39ms
37ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/C2tjWCko0KV7QDScNLDsq/_ssgManifest.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 17:02:19 GMT
server: cloudflare
age: 1238285
etag: W/"5b-187c3aa6d78"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c5f209dabec901c-FRA
expires: Sat, 11 May 2024 02:10:48 GMT

GET
H2 200 _middlewareManifest.js Show response
beta.darkreading.com/_next/static/C2tjWCko0KV7QDScNLDsq/ 92 B
149 B 36ms
34ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/C2tjWCko0KV7QDScNLDsq/_middlewareManifest.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 17:02:19 GMT
server: cloudflare
age: 1238285
etag: W/"5c-187c3aa6d78"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c5f209dabee901c-FRA
expires: Sat, 11 May 2024 02:10:48 GMT

GET
H2 200 Ransomware_Ton_Snoei_Alamy.jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt6576c7282a2fd7e1/6197baad01638259ffd7230a/ 59 KB
59 KB 95ms
25ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt6576c7282a2fd7e1/6197baad01638259ffd7230a/Ransomware_Ton_Snoei_Alamy.jpg?quality=80&format=webply&width=690

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c1cb5816beee91682d9f447810ce0684a75c5442fa0c106bbe7ae72af4edfd9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 1475902
x-cache: HIT, HIT
fastly-io-info: ifsz=311537 idim=998x715 ifmt=jpeg ofsz=59988 odim=690x494 ofmt=webp
filename1: custom
content-disposition: inline; filename=Ransomware_Ton_Snoei_Alamy.webp
fastly-stats: io=1
content-length: 59988
x-request-id: 92679
x-served-by: cache-ams21057-AMS, cache-fra-eddf8230094-FRA
x-runtime: 112ms
x-timer: S1683857449.544277,VS0,VE2
x-contentstack-organization: blt5948195ac13977b0
etag: "dbP5U5di/xd9BnCBsGakrFqCQfph+2NGlo+JgeCsxvs"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 9, 1

GET
H2 200 jquery-3.3.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 85ms
21ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1111d"
vary: Accept-Encoding
x-hw: 1683857448.dop057.fr8.t,1683857448.cds107.fr8.hn,1683857448.cds274.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 24038

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/ 20 KB
7 KB 77ms
28ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6253290
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6458
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-500f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SLHboPS8Y9N8WdzD1e1BjKOsn2y9l6ogVedqSXCbYK6ZGvv2xVCwVoYY%2FtTWxxW2Lv1YfBm0jO3HuDNs5m%2FID%2Bm3mGd5wcewobtXKPiWYMjnNL8zjV%2FiMO%2FmW1R41%2FUvrrr1zSN75qKZVoqMfB%2Fz2hux"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c5f209d4d923732-FRA
expires: Wed, 01 May 2024 02:10:48 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/ 49 KB
15 KB 80ms
31ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 718, 718
age: 28073605
cdn-cachedat: 2021-06-08 13:25:52
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e3aee88c21b6991cd8d4728d630f1246
timing-allow-origin: *
cdn-requestcountrycode: US
cf-ray: 7c5f209d4a84927f-FRA
cdn-requestpullsuccess: True

GET
H2 200 Whitelogo_1.png
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt3edeb23396a4b5dc/60b1ea7a9afdef577986633e/ 8 KB
8 KB 43ms
42ms Image
image/png 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt3edeb23396a4b5dc/60b1ea7a9afdef577986633e/Whitelogo_1.png

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b315181f1047d35cc29f1b83c9c31ea493c5006f21930ba0a5e790a80ca2b7f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 265034
x-cache: HIT, HIT
fastly-io-info: ifsz=7774 idim=336x84 ifmt=png ofsz=7760 odim=336x84 ofmt=png
content-disposition: inline; filename=Whitelogo_1.png
fastly-stats: io=1
content-length: 7760
x-request-id: 33915
x-served-by: cache-ams12733-AMS, cache-fra-eddf8230094-FRA
x-runtime: 112ms
x-timer: S1683857449.553440,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "FBb/Cijd5djg1i0f+YDwTH/riGkit5+W1YBTK34Yz3o"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 18, 1

GET
H2 200 v52afc6f149f6479b8c77fa569edb01181681764108816 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 112ms
64ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7c5f209dbf5003ec-FRA

GET
H2 200 4b083961-e2ac-4755-8801-f7c83a5fb187.json Show response
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/ 5 KB
2 KB 67ms
29ms XHR
application/x-javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/4b083961-e2ac-4755-8801-f7c83a5fb187.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

127c7ead87e287db401c5a3173fd190cc2c7211711e97486294ca2086754f793

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: gKK4h+x/dMka9W5jOr1Sww==
age: 20321
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1918
x-ms-lease-status: unlocked
last-modified: Mon, 19 Dec 2022 13:32:27 GMT
server: cloudflare
etag: 0x8DAE1C578B1E5D5
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 91fc5fcf-001e-003b-56e1-5a9ab8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c5f209b0be02c42-FRA
expires: Sat, 13 May 2023 02:10:48 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
304 B 81ms
40ms XHR
application/json 2606:4700:4400::ac40:9062
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7c5f209b7ed135eb-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.39.0/ 372 KB
89 KB 28ms
27ms Script
application/javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Zp/CcrZmK7hQ2S6c/t9Tpw==
age: 79255
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 90454
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:31:04 GMT
server: cloudflare
etag: 0x8DA87805EB35DE2
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 526a626c-301e-007c-66e1-5a45d3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c5f209cfc5b2ba9-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 247 KB
71 KB 91ms
43ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T52Z3Z3

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

690e6a965ec546b3abe722a9a12b1b6d1228a6d7837619b7748e9fa702bd6a27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72070
x-xss-protection: 0
last-modified: Fri, 12 May 2023 00:02:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 May 2023 02:10:48 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/ 402 KB
124 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4dc80fcaf6db01fa29ced797dbb0947bb3bb95b1a88f893f389cf17144166075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 10:59:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54666
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127184
x-xss-protection: 0
server: cafe
etag: 3263738860219486170
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 10 May 2024 10:59:42 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 65 B
76 B 69ms
29ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.darkreading.com&ppc_eid=31074403

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f25e9b27020085f271ce1be3a7070e6179ab186071c0cd81233215703fd8dc03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52
x-xss-protection: 0
expires: Fri, 12 May 2023 02:10:48 GMT

GET
DATA 200
OK truncated
/ 78 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb4787d6337aa1e504d8d2dc49629d5b46a49c30a6da6f4bb964e8875dd4bc43

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 4UaOrEtFpBISc36j2jDu5w.woff2
fonts.gstatic.com/s/exo/v20/ 20 KB
20 KB 78ms
23ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo/v20/4UaOrEtFpBISc36j2jDu5w.woff2

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb657972079f36258237fd79c9b7cf160c82943f31fe5ff1b0e10be49e27be5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 05 May 2023 03:10:01 GMT
x-content-type-options: nosniff
age: 601247
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20268
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:19:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 May 2024 03:10:01 GMT

GET
H2 200 pdf.fd517ede.png
beta.darkreading.com/_next/static/media/ 8 KB
8 KB 29ms
28ms Image
image/png 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beta.darkreading.com/_next/static/media/pdf.fd517ede.png
Requested by: Host: beta.darkreading.com
URL: https://beta.darkreading.com/_next/static/css/4d90ad636859e6d5.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e153b77b7b590360c91df38e894d46fd6061ce57cc0bbbc09f4c408a66bd0c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beta.darkreading.com/_next/static/css/4d90ad636859e6d5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 1242569
cf-polished: origSize=11781
etag: W/"2e05-187c3675d80"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c5f209d7baa901c-FRA
content-length: 8484
expires: Sat, 11 May 2024 02:10:48 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/657fbdf5-ad27-4981-b321-b96d0ec59709/ 81 KB
18 KB 33ms
33ms Fetch
application/x-javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/657fbdf5-ad27-4981-b321-b96d0ec59709/en.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1866a87b4c049fb761b0218db2aecbef33496d878706bc56f2701965efaf88a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: NMyqdpBtpYEfMyyUOi/oVQ==
age: 80644
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 18270
x-ms-lease-status: unlocked
last-modified: Mon, 19 Dec 2022 13:32:33 GMT
server: cloudflare
etag: 0x8DAE1C57C3EAB90
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 86b120cf-e01e-013e-67e1-5a2892000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c5f209dadef2c42-FRA
expires: Sat, 13 May 2023 02:10:48 GMT

GET
H2 200 78.c180425dea40d393.js Show response
beta.darkreading.com/_next/static/chunks/ 3 KB
1 KB 28ms
28ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/78.c180425dea40d393.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc57fb7726d7a86c273bebb59f12bc63a69ea93c695f971f73bb035f9bbe928b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 1242569
etag: W/"a48-187c3675d80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c5f209f4ce3901c-FRA
expires: Sat, 11 May 2024 02:10:48 GMT

GET
H2 200 iris-t.js Show response
static.iris.informa.com/widgets/v2.0/ 7 KB
3 KB 93ms
23ms Script
application/javascript 13.32.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/v2.0/iris-t.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-66.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f8650c7f614694fbf353e3690b981a651ce8aa79ee32c82f21ef303eeeb5421

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:37:14 GMT
x-amz-version-id: ID.rFhUQG21hU9hnrAlmgiwMuXmUIHpx
content-encoding: br
last-modified: Wed, 15 Feb 2023 16:44:30 GMT
server: AmazonS3
via: 1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"2e8cb32ecd32a154a16f47e5344c4733"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 38015
x-amz-cf-id: ZNMLywIcjMX9P1pAcL_-3rXwTyolmkUUx2wphLpGZ7BIGOszz-wAcg==

GET
H2 200 session Show response
www.darkreading.com/api/auth/ 2 B
205 B 175ms
174ms Fetch
application/json 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/api/auth/session
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
tracestate: 3288925@nr=0-1-3288925-322548631-c765be9ec07fc56c----1683857448875
traceparent: 00-348c0dbf036ca11535ace2dcdcf60c00-c765be9ec07fc56c-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyODg5MjUiLCJhcCI6IjMyMjU0ODYzMSIsImlkIjoiYzc2NWJlOWVjMDdmYzU2YyIsInRyIjoiMzQ4YzBkYmYwMzZjYTExNTM1YWNlMmRjZGNmNjBjMDAiLCJ0aSI6MTY4Mzg1NzQ0ODg3NX19

Response headers

date: Fri, 12 May 2023 02:10:49 GMT
x-proxy-by: https://www.darkreading.com
cf-cache-status: DYNAMIC
server: cloudflare
etag: "2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 7c5f209f8d08901c-FRA
content-length: 2

GET
H2 200 session Show response
www.darkreading.com/api/auth/ 2 B
385 B 137ms
135ms Fetch
application/json 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/api/auth/session
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
tracestate: 3288925@nr=0-1-3288925-322548631-c234373158acd86a----1683857448876
traceparent: 00-d3ca456dcad680af54b3355ca7849700-c234373158acd86a-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyODg5MjUiLCJhcCI6IjMyMjU0ODYzMSIsImlkIjoiYzIzNDM3MzE1OGFjZDg2YSIsInRyIjoiZDNjYTQ1NmRjYWQ2ODBhZjU0YjMzNTVjYTc4NDk3MDAiLCJ0aSI6MTY4Mzg1NzQ0ODg3Nn19

Response headers

date: Fri, 12 May 2023 02:10:49 GMT
x-proxy-by: https://www.darkreading.com
cf-cache-status: DYNAMIC
server: cloudflare
etag: "2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 7c5f209f8d09901c-FRA
content-length: 2

GET
H2 200 Dark_Reading_Logo.svg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt4ff4a7f9bc8e31f7/619f4fb0a0cb8076d613e3ba/ 5 KB
2 KB 27ms
25ms Image
image/svg+xml 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt4ff4a7f9bc8e31f7/619f4fb0a0cb8076d613e3ba/Dark_Reading_Logo.svg?quality=80&format=webply&width=222

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0e198a2d521948c31a85eff04b881542d8b31d8b5824f900a950ea34bf5ef811

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
strict-transport-security: max-age=31557600
content-encoding: gzip
age: 1482236
x-cache: HIT, HIT
filename1: custom
content-disposition: inline; filename=Dark_Reading_Logo.svg+xml
fastly-stats: io=1
content-length: 2021
x-request-id: 77944
x-served-by: cache-ams12720-AMS, cache-fra-eddf8230094-FRA
x-runtime: 99ms
x-timer: S1683857449.890757,VS0,VE2
x-contentstack-organization: blt5948195ac13977b0
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 8, 1

GET
H2 200 Article.svg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt27dca7fd9a7ec07d/60da98a6537dbc26a0e2a2d3/ 3 KB
2 KB 30ms
28ms Image
image/svg+xml 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt27dca7fd9a7ec07d/60da98a6537dbc26a0e2a2d3/Article.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

de06fea245b0036d21764fcf2b9a4791c0a0f1e927e3916c7d779cb44a1977bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
strict-transport-security: max-age=31557600
content-encoding: gzip
age: 259219
x-cache: HIT, HIT
content-disposition: inline; filename=Article.svg
fastly-stats: io=1
content-length: 1177
x-request-id: 67846
x-served-by: cache-ams21065-AMS, cache-fra-eddf8230094-FRA
x-runtime: 91ms
x-timer: S1683857449.891544,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 6, 1

GET
H2 200 Nate-Nelson_(1).jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt91e5f91ce3f0cdd9/63d0288ac98dbe55ece1d0a9/ 3 KB
4 KB 31ms
29ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt91e5f91ce3f0cdd9/63d0288ac98dbe55ece1d0a9/Nate-Nelson_(1).jpg?quality=80&format=webply&width=100

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0f155ecc49cf3427c761b27ef11fcc6d210fb27a9355d70fd5a30e5f1893452a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 1482239
x-cache: HIT, HIT
fastly-io-info: ifsz=234689 idim=881x923 ifmt=jpeg ofsz=3376 odim=100x105 ofmt=webp
filename1: custom
content-disposition: inline; filename=Nate-Nelson_(1).webp
fastly-stats: io=1
content-length: 3376
x-request-id: 60071
x-served-by: cache-ams21023-AMS, cache-fra-eddf8230094-FRA
x-runtime: 169ms
x-timer: S1683857449.891632,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "qPc4Ej0Icam3tgfIlB+gqtt4GyFe8VrlHnMKfkTmDM4"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 87, 1

GET
H2 200 crop_playbook_Panther_Media_GmbH_Alamy.png
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/bltfbc8835d295a8667/6427292ca17bce665a84be0f/ 1 KB
2 KB 28ms
26ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/bltfbc8835d295a8667/6427292ca17bce665a84be0f/crop_playbook_Panther_Media_GmbH_Alamy.png?quality=80&format=webply&width=100

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

332be8338c36d31c73519e17af7df81c34188319ba032325031df6ad299fac1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 1482236
x-cache: HIT, HIT
fastly-io-info: ifsz=108374 idim=640x320 ifmt=png ofsz=1320 odim=100x50 ofmt=webp
filename1: custom
content-disposition: inline; filename=crop_playbook_Panther_Media_GmbH_Alamy.webp
fastly-stats: io=1
content-length: 1320
x-request-id: 6580
x-served-by: cache-ams12735-AMS, cache-fra-eddf8230094-FRA
x-runtime: 125ms
x-timer: S1683857449.891139,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "031m2nqL3GZ7xf6UXa44q+TwU+kiCqyZg9v8qMcbICg"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 23, 1

GET
H2 200 machinelearning_Wright_Studio_shutterstock.jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/bltbebaf675082f5c32/643472d385bd3b0bdb8f309a/ 2 KB
2 KB 30ms
29ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/bltbebaf675082f5c32/643472d385bd3b0bdb8f309a/machinelearning_Wright_Studio_shutterstock.jpg?quality=80&format=webply&width=100

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

584e18559bbb004441536d357452aa863692edb0be74bb1ebc53cfad23b2ef44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 1482236
x-cache: HIT, HIT
fastly-io-info: ifsz=659976 idim=1000x563 ifmt=jpeg ofsz=1844 odim=100x56 ofmt=webp
filename1: custom
content-disposition: inline; filename=machinelearning_Wright_Studio_shutterstock.webp
fastly-stats: io=1
content-length: 1844
x-request-id: 98079
x-served-by: cache-ams12744-AMS, cache-fra-eddf8230094-FRA
x-runtime: 86ms
x-timer: S1683857449.891653,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "RTPlADJWps13ECB/13PzNVjreGWnBEwSrAcyDgIg3s8"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1159, 1

GET
H2 200 lastpass_II.studio_shutterstock.jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt7ec9a27c8b7b6708/638916c337b5726463193bbf/ 1 KB
2 KB 26ms
24ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt7ec9a27c8b7b6708/638916c337b5726463193bbf/lastpass_II.studio_shutterstock.jpg?quality=80&format=webply&width=100

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9dff15c6576770a67939c29928d8e31ff30ecc041354b5eecacc82bbe51aafa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 863994
x-cache: HIT, HIT
fastly-io-info: ifsz=502654 idim=1000x667 ifmt=jpeg ofsz=1464 odim=100x67 ofmt=webp
filename1: custom
content-disposition: inline; filename=lastpass_II.studio_shutterstock.webp
fastly-stats: io=1
content-length: 1464
x-request-id: 93173
x-served-by: cache-ams12720-AMS, cache-fra-eddf8230094-FRA
x-runtime: 80ms
x-timer: S1683857449.891056,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "87ok/rKjw0SpsLSd6414KNjeZfG21Jz7QBkotye4zts"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1408, 1

GET
H2 200 fin7_ozrimoz_shutterstock.jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt59b1ed0e12319538/643db1eb2b3e6c10dd5c97f5/ 1 KB
1 KB 28ms
27ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt59b1ed0e12319538/643db1eb2b3e6c10dd5c97f5/fin7_ozrimoz_shutterstock.jpg?quality=80&format=webply&width=100

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8b95abe7fc24dcfcb2a39ba7887760551af01a59b680371c08bf45be52f5fdb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 1482236
x-cache: HIT, HIT
fastly-io-info: ifsz=706331 idim=1000x573 ifmt=jpeg ofsz=1218 odim=100x57 ofmt=webp
filename1: custom
content-disposition: inline; filename=fin7_ozrimoz_shutterstock.webp
fastly-stats: io=1
content-length: 1218
x-request-id: 70030
x-served-by: cache-ams12749-AMS, cache-fra-eddf8230094-FRA
x-runtime: 196ms
x-timer: S1683857449.891056,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "qkNTeBch8G4CTnNekNiKfMVF1AFbcWcp+Y4pDOzl4rA"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 22, 1

GET
H2 200 image
www.darkreading.com/_next/ 654 B
919 B 133ms
132ms Image
image/webp 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/_next/image?url=https%3A%2F%2Fbeta.darkreading.com%2F_next%2Fstatic%2Fmedia%2Firibbon-logo.fed34d59.png&w=96&q=75

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab36b8356d4b7e3e3591b161427e6fb18512a2ccc8a787f8cc03294cf2f30478

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:48 GMT
content-security-policy: script-src 'none'; sandbox;
x-proxy-by: https://www.darkreading.com
cf-cache-status: DYNAMIC
server: cloudflare
etag: qza4NW1Lfj41kbFhQn5vsYUSoszIp4f4zAMpTPLzBHg=
vary: Accept, Origin, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000, must-revalidate
content-disposition: inline; filename="iribbon-logo.webp"
cf-ray: 7c5f209f8d0a901c-FRA

GET
H2 200 otFloatingRoundedIcon.json Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ 16 KB
4 KB 44ms
34ms Fetch
application/json 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFloatingRoundedIcon.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86dbd997ead92464b9d3e6228dab6902a3f8cdbd17de1da8923cb2f0fb600bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Mbb70m5YOd2/+METBtRttw==
age: 18449
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3803
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:30:56 GMT
server: cloudflare
etag: 0x8DA87805A12E7D8
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: cc8087dd-c01e-00e1-07e1-5a3f93000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c5f209fdf592c42-FRA

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/ 64 KB
13 KB 33ms
29ms Fetch
application/json 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/otPcPanel.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd2879e3b0d373936b3a4f85f24bf5ae631ea76ec7c79b528b53bd4f3ea44de6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 May 2023 02:10:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Kw22gRKC0ogRtsT2RwAR9Q==
age: 18449
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13290
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:30:57 GMT
server: cloudflare
etag: 0x8DA87805AF0078C
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 82d0c884-001e-00f7-54e1-5afe0d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c5f209fdf5b2c42-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ 22 KB
5 KB 32ms
28ms Fetch
text/css 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCommonStyles.css

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 May 2023 02:10:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: B55i3ZY9miZIaUrwjufy0w==
age: 18449
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:31:09 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 372018e9-a01e-001f-18e1-5a03f6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7c5f209fdf5c2c42-FRA

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 127 KB
49 KB 320ms
34ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-W6LRXN3

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

03e011387e705bad7bfde3f92ebea1da4f681c90f245e58a262046632e8e41a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 49318
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 12 May 2023 02:10:49 GMT

GET
H2 200 / Show response
6600d6d98e534115970f9529a45f3195.js.ubembed.com/ 480 B
762 B 309ms
27ms Script
application/json 151.101.129.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://6600d6d98e534115970f9529a45f3195.js.ubembed.com/
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 809fcebb8b2dbfd1a5503a8014cefc5b4d2684656e6189e07d8441dccd7e7718

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:49 GMT
content-encoding: br
x-backend-region: eu_west_1
x-amz-cf-pop: FRA56-P3
age: 5381
etag: W/aaab40e12ca91eabbcb0f8f10bd5715a-v0.180.0
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
accept-ranges: none
x-amz-apigw-id: EyKtvHZljoEF6ww=

GET
H/1.1 200
OK elqCfg.min.js Show response
img.en25.com/i/ 6 KB
3 KB 518ms
26ms Script
application/x-javascript 23.201.242.231
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/i/elqCfg.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.201.242.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-201-242-231.deploy.static.akamaitechnologies.com

Software

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 12 May 2023 02:10:49 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 2183
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Thu, 06 Apr 2023 15:05:41 GMT
ETag: "12a0ef409968d91:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Expires: Fri, 12 May 2023 02:10:49 GMT

GET
H/1.1 200
OK dpm_8effee409c625e1a2d8f5033631840e6ce1dcb64.min.js Show response
s.dpmsrv.com/ 747 KB
62 KB 298ms
25ms Script
application/x-javascript 13.32.99.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dpmsrv.com/dpm_8effee409c625e1a2d8f5033631840e6ce1dcb64.min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-47.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9dddb939f2fb146a699ea1cf0efd984d4b8f429aa49d70246bff358fdbdf7fe7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Thu, 11 May 2023 06:23:19 GMT
Content-Encoding: gzip
Via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
Last-Modified: Thu, 29 Sep 2022 16:23:20 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P3
Age: 71251
ETag: "4c2c9bc43f06a59cee56d3211f043fa3"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63462
X-Amz-Cf-Id: EaBYQrBF4f7GOtxwhVyo1d5f8bGfS5DfBI990BgpX0Xrw0AHAxaQXA==

GET
H2 200 iframe_api Show response
www.youtube.com/ 1 KB
2 KB 311ms
40ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ce9c18a953a2eeb6d5efef7d4c04f4d73b055d3789152cbf42bd1b4dfd7e167b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:49 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';script-src 'report-sample' 'nonce-QGYMDwZIzGmYKzdtQjcR8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline';report-uri /cspreport
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Fri, 12 May 2023 02:10:49 GMT

GET
H2 200 hotjar-2610568.js Show response
static.hotjar.com/c/ 14 KB
6 KB 328ms
49ms Script
application/javascript 18.66.97.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2610568.js?sv=6

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-53.fra56.r.cloudfront.net

Software

Resource Hash

52876283c4bcf1441a70905558f19f857eb63b5824d1e9b2961262162edcd49b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:49 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/cf0302d1efe653a79610d1ffdabf15d9
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 2I63lpmWpmGJCa_VQRO5regzB2ua5vXYGy8Hn7ISVYQVgC0l1odwVQ==

GET
H2 200 adobe-target.js Show response
beta.darkreading.com/js/third-party/ 191 KB
42 KB 497ms
497ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/js/third-party/adobe-target.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92e2472635cbca31d4b0694c1248618677a5279d6e841b23191c3d5a76ac09f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 27 Apr 2023 16:58:59 GMT
server: cloudflare
etag: W/"2fa26-187c3a76038"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=7200
cf-ray: 7c5f20a01d47901c-FRA
expires: Fri, 12 May 2023 04:10:49 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 280ms
21ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 12 May 2023 00:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 5710
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 12 May 2023 02:35:39 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 288ms
29ms Script
application/x-javascript 2600:9000:2057:7200:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7200:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 01:10:22 GMT
content-encoding: gzip
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
last-modified: Thu, 08 Dec 2022 17:25:10 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 3627
etag: W/"63921df6-9377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: M9eJsv6Ukd-qSz5bvequoDNgQE8eHstsWkKx8VlSq06VCIJL8wE1aA==
expires: Sat, 13 May 2023 01:10:22 GMT

GET
H2 200 iris-t.js Show response
static.iris.informa.com/widgets/v3.0/ 14 KB
5 KB 23ms
23ms Script
application/javascript 13.32.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/v3.0/iris-t.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-66.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2adfabdca47e7ea3ca23597e24f6415dea9842d97159920b12d55796273b50f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:37:13 GMT
x-amz-version-id: HcerYY2f5.DoKJ.hjtbegnr29y5KQGEN
content-encoding: br
last-modified: Tue, 25 Apr 2023 09:00:39 GMT
server: AmazonS3
via: 1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"c38ba007b23d2b241c1008f782a80ab1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 38016
x-amz-cf-id: 3d8G53UchNljBLpg55c7J_z-P1QO-eiGmT4Q9rMbN1f93l5utKlalg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 256 KB
86 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0fd712ae904514ceb199b92e23fc114b066cd9e236be77204db9be34c057a292

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87743
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 12 May 2023 02:10:49 GMT

GET
H2 200 ZGFya3JlYWRpbmcuY29t.json Show response
static.iris.informa.com/widgets/config/cdl/ 24 B
490 B 237ms
155ms Fetch
binary/octet-stream 13.32.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/config/cdl/ZGFya3JlYWRpbmcuY29t.json
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-66.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ced6d94498388b24b48c4e2aa311815357ab9489c735aedd7725e0b18a02433e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: rR96SWqxdC6RFg.yCtn7XL4AuxoTa4oV
date: Fri, 12 May 2023 02:10:50 GMT
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 24
last-modified: Tue, 28 Feb 2023 08:49:48 GMT
server: AmazonS3
etag: "d14dcd26bd0521dd67cdde302d3ac4a2"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: 1o1lyiu9diLNvMu2MoSVuXgNx-01yiC8CXD0KmiBXHFns1_2XLB04A==

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Informa_Logo_1Line_Indigo_Grad_RGB.jpg
cdn.cookielaw.org/logos/c1f53e84-9f05-4169-a854-85052b63c50b/ce37e4cd-9426-40d2-9adb-174d6acdf507/b0d971e9-0178-47c1-aace-784223d87041/ 145 KB
145 KB 29ms
28ms Image
image/jpeg 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/c1f53e84-9f05-4169-a854-85052b63c50b/ce37e4cd-9426-40d2-9adb-174d6acdf507/b0d971e9-0178-47c1-aace-784223d87041/Informa_Logo_1Line_Indigo_Grad_RGB.jpg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21102c999da99aa5a6c8403c9e2367ca2e8d3e7fd2d6b5c1aef9e4fab888749c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 May 2023 02:10:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 8NigNwrkdBmjWsQuvIR/Tg==
age: 70824
content-length: 148084
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 26 Nov 2021 15:49:29 GMT
server: cloudflare
etag: 0x8D9B0F4552FB1EF
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: b3e3f85e-601e-00e7-74e1-5ac8eb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c5f20a0fe5d2ba9-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 41ms
40ms Image
image/svg+xml 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 May 2023 02:10:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 21490
x-ms-lease-status: unlocked
last-modified: Thu, 11 May 2023 06:31:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: e27207e7-d01e-0039-342e-849842000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7c5f20a0fe5e2ba9-FRA

GET
H2 200 ZGFya3JlYWRpbmcuY29t.json Show response
static.iris.informa.com/widgets/config/cdl/ 24 B
490 B 164ms
163ms Fetch
binary/octet-stream 13.32.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/config/cdl/ZGFya3JlYWRpbmcuY29t.json
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-66.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ced6d94498388b24b48c4e2aa311815357ab9489c735aedd7725e0b18a02433e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: rR96SWqxdC6RFg.yCtn7XL4AuxoTa4oV
date: Fri, 12 May 2023 02:10:50 GMT
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 24
last-modified: Tue, 28 Feb 2023 08:49:48 GMT
server: AmazonS3
etag: "d14dcd26bd0521dd67cdde302d3ac4a2"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: innYdP_FnUgDUcNi8CH1zGx6HTbeFquKdR1neeeK8USudHwWWGolww==

GET
H2 200 f23io39d.js Show response
static.iris.informa.com/ 70 KB
23 KB 31ms
31ms Script
application/javascript 13.32.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/f23io39d.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-66.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4f381ccb6f965e2011700b253aa446e84060a338cc416055eabca3b62fa35435

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: r.70SgccGRmRk8cXfo6q55SZB1TmHyVy
content-encoding: gzip
via: 1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
date: Thu, 11 May 2023 19:08:56 GMT
last-modified: Thu, 02 Sep 2021 16:02:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 25314
x-amz-server-side-encryption: AES256
etag: W/"a790df23a63287b42b6e7324cb81afd9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: dqWpm0Y0bbYVTjmyG7MR36_Zjlwq32RajfAbp7ee6UNbst9jG6jXNw==

GET
H/1.1 200
OK td.min.js Show response
cdn.treasuredata.com/sdk/3.0/ 58 KB
20 KB 161ms
28ms Script
application/javascript 13.32.99.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.treasuredata.com/sdk/3.0/td.min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-122.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 262f87d47643975a4633b675fc224c7a178d99e579e5d767f4a43ca7cc0bb9de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Wed, 10 May 2023 23:11:39 GMT
Content-Encoding: gzip
Via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
Age: 353047
X-Amz-Cf-Pop: FRA60-P3
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Last-Modified: Mon, 05 Jul 2021 08:58:13 GMT
Server: AmazonS3
Etag: W/"4b9abb36767431f05495228eb82edf01"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=315360000
X-Amz-Cf-Id: CVc7mDNecCL66SBFX7Qg3VZYjFWL3aofAlGnQMeeEnuNHIqidNS8cQ==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 81ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1X1EHQ3PFR&gtm=45je35a0&_p=853765905&_gaz=1&cid=169336795.1683857449&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683857449&sct=1&seg=0&dl=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&dt=Multiple%20Ransomware%20Groups%20Adapt%20Babuk%20Code%20to%20Target%20ESXi%20VMs&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_type=article&ep.content_contributor=nate%20nelson&ep.content_publish_date=May%2011%2C%202023&ep.content_main_topic=cloud&ep.content_id=blt56f8b4f82afc4800&ep.ad_unit_path_code=3834%2Fdarkreading.home%2Farticle%2Fcloud&ep.content_sponsor=&ep.content_label=News&ep.content_additional_topics=application-security%2Cattacks-breaches&ep.gtm_container_detail=SCM%7C1.5%7C123&ep.content_topic_real_text=Cloud&ep.content_read_time=3&ep.content_topic-real_text=Cloud
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 02:10:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 96ms
28ms Ping
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1X1EHQ3PFR&cid=169336795.1683857449&gtm=45je35a0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 02:10:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 318ms
30ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1X1EHQ3PFR&cid=169336795.1683857449&gtm=45je35a0&aip=1&z=1922446228

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 02:10:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 ed0 Show response
c.darkreading.com/com.iiris/ 2 B
295 B 153ms
151ms XHR
text/plain 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.darkreading.com/com.iiris/ed0
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Fri, 12 May 2023 02:10:49 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
cf-ray: 7c5f20a3bef8901c-FRA
content-length: 2

OPTIONS
H2 200 ed0
c.darkreading.com/com.iiris/ Frame 0
0 208ms
148ms Preflight 2606:4700::6811:7963
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.darkreading.com/com.iiris/ed0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7963 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.darkreading.com
access-control-max-age: 600
cf-cache-status: DYNAMIC
cf-ray: 7c5f20a2c8048ffe-FRA
content-length: 0
date: Fri, 12 May 2023 02:10:49 GMT
server: cloudflare

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.180.0/ 174 KB
48 KB 85ms
24ms Script
application/javascript 108.138.17.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.180.0/bundle.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-78.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 810089696e5655d5d4c98fde5a9a82da1af87500456fde63ee30845a787f891e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 18:00:56 GMT
content-encoding: gzip
via: 1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:53:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 5040594
etag: W/"1a08556fd14aad311b6d4906f59fef42"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: loZIHJq45ABTC3RswBGg1QR3Q2GafEdR5lJ8e8jeLBHSzTOY5QLN8g==

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/cfa9e7cb/www-widgetapi.vflset/ 185 KB
57 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/cfa9e7cb/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14f5566d4c764cd781dad9a4f1a9530797597bac11661a2b8def07c4e59f1985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 00:53:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4627
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58043
x-xss-protection: 0
last-modified: Wed, 10 May 2023 01:29:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 11 May 2024 00:53:42 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 358ms
113ms Image
image/gif 34.193.26.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=darkreading.com&p=%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&u=DDXVwBhDmalC47DsV&d=darkreading.com&g=53678&g0=cloud&g1=nate%20nelson&g4=article&n=1&f=00001&c=0&x=0&m=0&y=3617&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&b=2317&t=TMXutCWlAkVBP_AndBmkHqABWNnnA&V=139&i=Multiple%20Ransomware%20Groups%20Adapt%20Babuk%20Code%20to%20Target%20ESXi%20VMs&tz=0&sn=1&sv=N1JUlBbbqzCMvswzPfCv7CnpXvg&sd=1&im=067b2fff&_
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.26.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-26-185.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 12 May 2023 02:10:49 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

POST
H2 200 js_pageviews_itcyber_darkreading Show response
eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/ 16 B
478 B 91ms
21ms Fetch
application/json 3.121.161.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/js_pageviews_itcyber_darkreading?modified=1683857449408

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.121.161.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-121-161-70.eu-central-1.compute.amazonaws.com

Software

Resource Hash

56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-TD-Write-Key: 100/bb9cbe21de3db7a5428506d7528e45b2c801a48c
Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
X-TD-Fetch-Api: true
Content-Type: application/json

Response headers

date: Fri, 12 May 2023 02:10:49 GMT
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST
p3p: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
access-control-allow-origin: https://www.darkreading.com
content-type: application/json
access-control-allow-credentials: true
access-control-allow-headers: Authorization, X-Requested-With, X-TD-Write-Key, X-TD-Fetch-Api, Content-Type
content-length: 16

GET
H2 200 modules.6fed24b60091da3b9aa3.js Show response
script.hotjar.com/ 264 KB
68 KB 73ms
22ms Script
application/javascript 52.222.236.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.6fed24b60091da3b9aa3.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-63.fra56.r.cloudfront.net

Software

Resource Hash

7abd2d7bbafa11f84e45b3fff7bd865618bd3617e6aaa9eed562fa233b12d165

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:06:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 94328d2509009edc0657f5c786a93e42.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 54282
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 69318
last-modified: Thu, 11 May 2023 11:06:06 GMT
etag: "b79d54f0943fddf3924fb2bed52eceb4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: z6uzE4hX2jaNTOi8H8iC1ntR-vUnaOGcsXF589T04K-TAv--cAjyRQ==

OPTIONS
H2 204 js_pageviews_itcyber_darkreading
eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/ Frame 0
0 73ms
21ms Preflight 3.121.161.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/js_pageviews_itcyber_darkreading?modified=1683857449408

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.121.161.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-121-161-70.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-td-fetch-api,x-td-write-key
Access-Control-Request-Method: POST
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, X-Requested-With, X-TD-Write-Key, X-TD-Fetch-Api, Content-Type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.darkreading.com
access-control-max-age: 7200
date: Fri, 12 May 2023 02:10:49 GMT
strict-transport-security: max-age=31536000

GET
H/1.1

200
OK

prgm.cgi Show response
darkreadingnewsletter.tradepub.com/free/w_darl10/ Frame F84C
Redirect Chain

https://darkreadingnewsletter.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_darl10&ch=5
https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1

50 KB
51 KB

220ms
219ms

Document
text/html

209.133.56.117
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL

https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.133.56.117 Dallas, United States, ASN6461 (ZAYO-6461, US),

Reverse DNS

scaler01-tradepub.netline.com

Software

Apache /

Resource Hash

cd8f46bc0bd090630e8b9e82698555938a648ad6a804eed6dae068e032e044c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
Date: Fri, 12 May 2023 02:10:50 GMT
Keep-Alive: timeout=15, max=78
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: Keep-Alive
Content-Length: 253
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 12 May 2023 02:10:50 GMT
Keep-Alive: timeout=15, max=26
Location: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1
Server: Apache

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 30ms
29ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=853765905&t=pageview&_s=1&dl=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&dp=%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&ul=en-us&de=UTF-8&dt=Multiple%20Ransomware%20Groups%20Adapt%20Babuk%20Code%20to%20Target%20ESXi%20VMs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&exp=0yXzgh3iSjOeRpygmZwteQ.1&_u=aCDACEABRAAAACACI~&jid=595949302&gjid=124826186&cid=169336795.1683857449&tid=UA-135180592-2&_gid=20022482.1683857449&_r=1&_slc=1&gtm=45He35a0n81T52Z3Z3&cg1=article&cg2=News&cg3=Cloud&cd1=article&cd2=nate%20nelson&cd3=&cd4=News&cd5=May%2011%2C%202023&cd6=cloud&cd9=application-security%2Cattacks-breaches&cd10=0&cd16=blt56f8b4f82afc4800&cd17=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&cd18=3834%2Fdarkreading.home%2Farticle%2Fcloud&cd20=vanguard%20-%20123&z=180143093

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 May 2023 02:10:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&zn%3D%26sn%3D%26q%3DxImp%26v%3D1.x%26cl%3D55%26pixelIndex%3D0%26r%3D247942%26tzOffset%3D0%26url%3Dhttps%253A%252F%252Fwww.d...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26zn%253D%2526sn%253D%2526q%253DxImp%2526v%253D1.x%2526cl%253D55%2526pixelIndex%253D0%2526r%253...
https://a.dpmsrv.com/dpmpxl/index.php?id=1480271768965354187&zn=&sn=&q=xImp&v=1.x&cl=55&pixelIndex=0&r=247942&tzOffset=0&url=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-a...

246 B
995 B

510ms
113ms

Script
text/javascript

52.207.193.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?id=1480271768965354187&zn=&sn=&q=xImp&v=1.x&cl=55&pixelIndex=0&r=247942&tzOffset=0&url=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: HTTP/1.1
Server: 52.207.193.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-193-111.compute-1.amazonaws.com
Software: /
Resource Hash: 5c4137a61fcb9d785b3f65c3ed16a1e76868ab552655d045d21558d734aa0127

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: content-type, accept
Content-Length: 218
Expires: 0

Redirect headers

Date: Fri, 12 May 2023 02:10:49 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 51c662e4-bfbd-4103-b3fb-f08e4f5f4adf
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://a.dpmsrv.com/dpmpxl/index.php?id=1480271768965354187&zn=&sn=&q=xImp&v=1.x&cl=55&pixelIndex=0&r=247942&tzOffset=0&url=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 53ms
49ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-135180592-2&cid=169336795.1683857449&jid=595949302&gjid=124826186&_gid=20022482.1683857449&_u=aCDACEAARAAAACACI~&z=1484115448

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 12 May 2023 02:10:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

svrGP
trk.darkreading.com/visitor/v200/
Redirect Chain

https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&ref2=elqNone&tzo=0&ms...
https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&ref2=elqNone&tzo=0&ms...

49 B
504 B

244ms
244ms

Image
image/gif

142.0.173.15
NETDYNAMICS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&ref2=elqNone&tzo=0&ms=535&optin=disabled&elq1pcGUID=07DBA415B336455FB8A8E3FEAEEF0D23

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

HTTP/1.1

Server

142.0.173.15 Toronto, Canada, ASN7160 (NETDYNAMICS, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 May 2023 02:10:50 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Date: Fri, 12 May 2023 02:10:50 GMT
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&ref2=elqNone&tzo=0&ms=535&optin=disabled&elq1pcGUID=07DBA415B336455FB8A8E3FEAEEF0D23
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 405
X-Xss-Protection: 1; mode=block
Expires: -1

POST
H2 200 delivery Show response
iirexhibitionslimite.tt.omtrdc.net/rest/v1/ 296 B
814 B 170ms
51ms XHR
application/json 52.48.197.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://iirexhibitionslimite.tt.omtrdc.net/rest/v1/delivery?client=iirexhibitionslimite&sessionId=56cc2dd44c19400eb7c70bd27bcc39ad&version=2.8.1

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.48.197.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-197-14.eu-west-1.compute.amazonaws.com

Software

Resource Hash

351c41a53ff9f13bb10fc75f3e9f83da234830d1d972c2a81e842fa9cd7feb80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 May 2023 02:10:49 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
x-content-type-options: nosniff
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
x-request-id: 7eb14b314dfc4f269536e2c4c01e0584

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2610568/ 147 B
322 B 164ms
54ms XHR
application/json 46.137.128.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2610568/visit-data?sv=6
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 46.137.128.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-137-128-70.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: fa24e3a6bc02b0873aa869bd39108708d2f1172f9e170271a5b621f9002d24af

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 12 May 2023 02:10:49 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 80ms
31ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-135180592-2&cid=169336795.1683857449&jid=595949302&_u=aCDACEAARAAAACACI~&z=1354821663

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 02:10:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 32ms
32ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-135180592-2&cid=169336795.1683857449&jid=595949302&_u=aCDACEAARAAAACACI~&z=1354821663

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 02:10:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
content.hotjar.io/ 56 B
161 B 231ms
89ms XHR
application/json 52.51.99.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?gzip=1
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.51.99.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-99-124.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 03535db7cb09d037684aeb1ac51fc58ebd93e46618ad1c0afe9e02bf28c88ba1

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 12 May 2023 02:10:50 GMT
content-length: 56
vary: Origin
content-type: application/json

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=1480271768965354187&pixelIndex=0
https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm=&ap_id=1480271768965354187&pixelIndex=0&google_tc=
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=1480271768965354187&pixelIndex=0&google_gid=CAESEG7eavReTPKVtT5aB2axjmI&google_cver=1

0
597 B

114ms
113ms

Script
text/javascript

52.207.193.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=1480271768965354187&pixelIndex=0&google_gid=CAESEG7eavReTPKVtT5aB2axjmI&google_cver=1
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: HTTP/1.1
Server: 52.207.193.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-193-111.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: content-type, accept
Content-Length: 0
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 12 May 2023 02:10:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=1480271768965354187&pixelIndex=0&google_gid=CAESEG7eavReTPKVtT5aB2axjmI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 348
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 423396.gif
idsync.rlcdn.com/ 0
98 B 83ms
28ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/423396.gif?partner_uid=1480271768965354187
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:50 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 2343770328.js Show response
cdn.optimizely.com/js/ Frame F84C 212 KB
65 KB 184ms
58ms Script
text/javascript 2a02:26f0:6c00:183::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/2343770328.js

Requested by

Host: darkreadingnewsletter.tradepub.com
URL: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:183::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

31ed0830855b7d51d21bd0b606a1715a2c6dc3b4dcaaefdd89b6bf23b6cf380a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: Asyozw_TUAtCqZPj4.dBIbnYckNwFI3g
content-encoding: gzip
date: Fri, 12 May 2023 02:10:50 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: 67Z2NR91RX3H57BN
x-amz-meta-revision: 769
server-timing: cdn-cache; desc=HIT, edge; dur=4, cdn;desc="AkamaiION";dur=0,rtt;desc="50";dur=0,cdnip;desc="2a02:26f0:6c00:183::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="467738_34651020_104588875_449_1718_50_0";dur=1
content-length: 65559
x-amz-id-2: xrBJqMkvpUsk3GSLQKHqnAdBEABrZMcBHBYaTzOTMm+5vN+5i4DA6bS/otTfn3t5i47/hbMxc4Q=
last-modified: Mon, 05 Dec 2016 19:17:26 GMT
server: AmazonS3
etag: "acd27da7e9404a532ed06222327175a9"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
OK coreg2013.js Show response
darkreadingnewsletter.tradepub.com/data/ Frame F84C 71 KB
72 KB 179ms
177ms Script
application/javascript 209.133.56.117
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL

https://darkreadingnewsletter.tradepub.com/data/coreg2013.js?ver=20220617

Requested by

Host: darkreadingnewsletter.tradepub.com
URL: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.133.56.117 Dallas, United States, ASN6461 (ZAYO-6461, US),

Reverse DNS

scaler01-tradepub.netline.com

Software

Apache /

Resource Hash

816d45e0481406928fe0105f9a468e3b4733ad2e056f082a02e3237b1529e6fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 02:10:50 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Fri, 23 Oct 2020 20:59:12 GMT
Server: Apache
ETag: "11d8a-5b25cda49f575"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=91
Content-Length: 73098
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK standard2017.js Show response
darkreadingnewsletter.tradepub.com/data/ Frame F84C 19 KB
20 KB 706ms
177ms Script
application/javascript 209.133.56.117
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL

https://darkreadingnewsletter.tradepub.com/data/standard2017.js?ver=20220617

Requested by

Host: darkreadingnewsletter.tradepub.com
URL: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.133.56.117 Dallas, United States, ASN6461 (ZAYO-6461, US),

Reverse DNS

scaler01-tradepub.netline.com

Software

Apache /

Resource Hash

5d4ae1d37e4ea4fe6ae4cd165e092d4918505d40f5420402f485db1c16a3b511

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 02:10:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Fri, 23 Oct 2020 20:59:14 GMT
Server: Apache
ETag: "4d44-5b25cda6184c4"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=68
Content-Length: 19780
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.clearInput.js Show response
darkreadingnewsletter.tradepub.com/data/ Frame F84C 424 B
918 B 707ms
177ms Script
application/javascript 209.133.56.117
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL

https://darkreadingnewsletter.tradepub.com/data/jquery.clearInput.js?ver=20220617

Requested by

Host: darkreadingnewsletter.tradepub.com
URL: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.133.56.117 Dallas, United States, ASN6461 (ZAYO-6461, US),

Reverse DNS

scaler01-tradepub.netline.com

Software

Apache /

Resource Hash

b6f0d3d2f2ee5da42209873861e201c84ff6a4b9b99daa4332cba55f3b2836be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 02:10:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Fri, 23 Oct 2020 20:59:12 GMT
Server: Apache
ETag: "1a8-5b25cda4e6dfd"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=34
Content-Length: 424
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jqModal.js Show response
darkreadingnewsletter.tradepub.com/data/ Frame F84C 3 KB
4 KB 734ms
184ms Script
application/javascript 209.133.56.117
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL

https://darkreadingnewsletter.tradepub.com/data/jqModal.js?ver=20220617

Requested by

Host: darkreadingnewsletter.tradepub.com
URL: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.133.56.117 Dallas, United States, ASN6461 (ZAYO-6461, US),

Reverse DNS

scaler01-tradepub.netline.com

Software

Apache /

Resource Hash

c911d8e451e38365f7ac311826f755f020fa837f9b17437be20c3262533da0a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 02:10:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Fri, 23 Oct 2020 20:59:12 GMT
Server: Apache
ETag: "d1a-5b25cda4ded13"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=33
Content-Length: 3354
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.cookie.js Show response
cts.tradepub.com/cts/Data/ Frame F84C 4 KB
4 KB 758ms
177ms Script
application/x-javascript 209.133.56.108
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL: https://cts.tradepub.com/cts/Data/jquery.cookie.js?ver=20220617
Requested by: Host: darkreadingnewsletter.tradepub.com
URL: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.133.56.108 Dallas, United States, ASN6461 (ZAYO-6461, US),
Reverse DNS: scaler01-cts.netline.com
Software: Apache /
Resource Hash: cfd91d8ff48aea2adea7719b47c73eb7fa29790f077153e496ff8877ac6dd88c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 02:10:51 GMT
Last-Modified: Fri, 11 Feb 2011 22:52:21 GMT
Server: Apache
ETag: "d1324df7-1097-4d55bda5"
Content-Type: application/x-javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 4247

GET
H/1.1 200
OK main2017.js Show response
darkreadingnewsletter.tradepub.com/data/ Frame F84C 52 KB
53 KB 870ms
175ms Script
application/javascript 209.133.56.117
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL

https://darkreadingnewsletter.tradepub.com/data/main2017.js?ver=20220617

Requested by

Host: darkreadingnewsletter.tradepub.com
URL: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.133.56.117 Dallas, United States, ASN6461 (ZAYO-6461, US),

Reverse DNS

scaler01-tradepub.netline.com

Software

Apache /

Resource Hash

ec78d49b2b09d5cf3886553a1666031c8ed461985d159c4b7f57afd1c09f5a73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 02:10:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Fri, 17 Jun 2022 16:00:46 GMT
Server: Apache
ETag: "d050-5e1a6db7ae08f"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=93
Content-Length: 53328
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK tpjanrain2013.js Show response
darkreadingnewsletter.tradepub.com/data/ Frame F84C 4 KB
5 KB 874ms
174ms Script
application/javascript 209.133.56.117
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL

https://darkreadingnewsletter.tradepub.com/data/tpjanrain2013.js?ver=20220617

Requested by

Host: darkreadingnewsletter.tradepub.com
URL: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.133.56.117 Dallas, United States, ASN6461 (ZAYO-6461, US),

Reverse DNS

scaler01-tradepub.netline.com

Software

Apache /

Resource Hash

b57ca43f4102227e42cf5f2156bc345512c6be97688ac3e4cb4b0ed156b80107

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 02:10:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Fri, 23 Oct 2020 20:59:14 GMT
Server: Apache
ETag: "10b5-5b25cda63d685"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=66
Content-Length: 4277
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK tp2017login.js Show response
darkreadingnewsletter.tradepub.com/data/ Frame F84C 8 KB
9 KB 879ms
176ms Script
application/javascript 209.133.56.117
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL

https://darkreadingnewsletter.tradepub.com/data/tp2017login.js?ver=20220617

Requested by

Host: darkreadingnewsletter.tradepub.com
URL: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.133.56.117 Dallas, United States, ASN6461 (ZAYO-6461, US),

Reverse DNS

scaler01-tradepub.netline.com

Software

Apache /

Resource Hash

514df5e4bca398eb8a8f4e5c28f55a7ce34f2da983d888a2e58d5773c2f176af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 02:10:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Fri, 23 Oct 2020 20:59:14 GMT
Server: Apache
ETag: "2019-5b25cda629a13"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=92
Content-Length: 8217
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.autocomplete.js Show response
darkreadingnewsletter.tradepub.com/data/ Frame F84C 14 KB
15 KB 884ms
177ms Script
application/javascript 209.133.56.117
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL

https://darkreadingnewsletter.tradepub.com/data/jquery.autocomplete.js?ver=20220617

Requested by

Host: darkreadingnewsletter.tradepub.com
URL: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.133.56.117 Dallas, United States, ASN6461 (ZAYO-6461, US),

Reverse DNS

scaler01-tradepub.netline.com

Software

Apache /

Resource Hash

c4c81d00cc3d37afe3a7cf65aa6f4662fe95bbe4c4435b52e119e8d79add5672

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 02:10:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Fri, 23 Oct 2020 20:59:12 GMT
Server: Apache
ETag: "3869-5b25cda4e52a3"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=65
Content-Length: 14441
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK emailAbandonQualForm.js Show response
darkreadingnewsletter.tradepub.com/data/ Frame F84C 1 KB
2 KB 922ms
188ms Script
application/javascript 209.133.56.117
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL

https://darkreadingnewsletter.tradepub.com/data/emailAbandonQualForm.js?ver=20220617

Requested by

Host: darkreadingnewsletter.tradepub.com
URL: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.133.56.117 Dallas, United States, ASN6461 (ZAYO-6461, US),

Reverse DNS

scaler01-tradepub.netline.com

Software

Apache /

Resource Hash

1f32e6d4857ac60e42c6a96a0cd8e6bd2a304ed0a6f75effb90e0940445b59d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 02:10:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Fri, 23 Oct 2020 20:59:12 GMT
Server: Apache
ETag: "48c-5b25cda4cc430"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=63
Content-Length: 1164
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jqModal2013.css
darkreadingnewsletter.tradepub.com/data/ Frame F84C 9 KB
9 KB 515ms
174ms Stylesheet
text/css 209.133.56.117
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL

https://darkreadingnewsletter.tradepub.com/data/jqModal2013.css?ver=20220617

Requested by

Host: darkreadingnewsletter.tradepub.com
URL: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.133.56.117 Dallas, United States, ASN6461 (ZAYO-6461, US),

Reverse DNS

scaler01-tradepub.netline.com

Software

Apache /

Resource Hash

9aa7f0ef886bcaeedef6e1ede35b6c7edcd50920dc472a9faf7c045584c269eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 02:10:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Fri, 23 Oct 2020 20:59:12 GMT
Server: Apache
ETag: "2225-5b25cda4df8c7"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=5
Content-Length: 8741
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK lightbox.css
darkreadingnewsletter.tradepub.com/data/ Frame F84C 3 KB
3 KB 693ms
178ms Stylesheet
text/css 209.133.56.117
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL

https://darkreadingnewsletter.tradepub.com/data/lightbox.css?ver=20220617

Requested by

Host: darkreadingnewsletter.tradepub.com
URL: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.133.56.117 Dallas, United States, ASN6461 (ZAYO-6461, US),

Reverse DNS

scaler01-tradepub.netline.com

Software

Apache /

Resource Hash

9868a81047c2eac9ccc5982f779c80c7bb1e04c9b9605562136e3b54437ebdfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 02:10:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Fri, 13 Nov 2020 01:05:09 GMT
Server: Apache
ETag: "bd8-5b3f29eac7acc"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=70
Content-Length: 3032
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK main2017.css
darkreadingnewsletter.tradepub.com/data/ Frame F84C 29 KB
29 KB 698ms
174ms Stylesheet
text/css 209.133.56.117
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL

https://darkreadingnewsletter.tradepub.com/data/main2017.css?ver=20220617

Requested by

Host: darkreadingnewsletter.tradepub.com
URL: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.133.56.117 Dallas, United States, ASN6461 (ZAYO-6461, US),

Reverse DNS

scaler01-tradepub.netline.com

Software

Apache /

Resource Hash

96e66dd306b4112cc055b5477ca0356fd9b5cb38369d6a76869883fab73a7fe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 02:10:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Thu, 20 Apr 2023 17:09:10 GMT
Server: Apache
ETag: "72b7-5f9c79960fdfb"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=35
Content-Length: 29367
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.autocomplete.css
darkreadingnewsletter.tradepub.com/data/ Frame F84C 729 B
1 KB 701ms
176ms Stylesheet
text/css 209.133.56.117
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL

https://darkreadingnewsletter.tradepub.com/data/jquery.autocomplete.css?ver=20220617

Requested by

Host: darkreadingnewsletter.tradepub.com
URL: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.133.56.117 Dallas, United States, ASN6461 (ZAYO-6461, US),

Reverse DNS

scaler01-tradepub.netline.com

Software

Apache /

Resource Hash

8d5329015c706aeeb9be2d5cb4c46af1637b0ff0181d6ef6ad691da8801db327

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 02:10:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Fri, 23 Oct 2020 20:59:12 GMT
Server: Apache
ETag: "2d9-5b25cda4e46e8"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=69
Content-Length: 729
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK tp_ga.js Show response
darkreadingnewsletter.tradepub.com/data/ Frame F84C 905 B
1 KB 1043ms
173ms Script
application/javascript 209.133.56.117
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL

https://darkreadingnewsletter.tradepub.com/data/tp_ga.js?ver=20220617

Requested by

Host: darkreadingnewsletter.tradepub.com
URL: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.133.56.117 Dallas, United States, ASN6461 (ZAYO-6461, US),

Reverse DNS

scaler01-tradepub.netline.com

Software

Apache /

Resource Hash

5ec40761dd2383a7ab7f951a8f7335ad017c183267b7e6d1a048e0030322df5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 02:10:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Fri, 23 Oct 2020 20:59:14 GMT
Server: Apache
ETag: "389-5b25cda62c510"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=2
Content-Length: 905
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK tp_ga_dim.js Show response
darkreadingnewsletter.tradepub.com/data/ Frame F84C 5 KB
5 KB 1048ms
175ms Script
application/javascript 209.133.56.117
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL

https://darkreadingnewsletter.tradepub.com/data/tp_ga_dim.js?ver=20220617

Requested by

Host: darkreadingnewsletter.tradepub.com
URL: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.133.56.117 Dallas, United States, ASN6461 (ZAYO-6461, US),

Reverse DNS

scaler01-tradepub.netline.com

Software

Apache /

Resource Hash

ade525b1c626e1e98cca9037a2d1b173287d5a46a5e176d755fad1525a94f63d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 02:10:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Fri, 23 Oct 2020 20:59:14 GMT
Server: Apache
ETag: "13b5-5b25cda631727"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=59
Content-Length: 5045
X-XSS-Protection: 1; mode=block

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame F84C 236 KB
81 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1XKY0K1N6C

Requested by

Host: darkreadingnewsletter.tradepub.com
URL: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6f49c3f5d519246a03855a692b881698b66d41cd0fc40aac62c3e68da333d974

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83111
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 12 May 2023 02:10:51 GMT

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ Frame F84C 4 KB
1 KB 28ms
26ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css

Requested by

Host: darkreadingnewsletter.tradepub.com
URL: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 272849
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 948
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-f62"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W0K5JyskL9J8ADbZdUYgXBouBBLqvJcGidQWZ8rLvK06WrYi%2FmRfMMvsm4XVXWQRnrVwkKy0mzE9Ky8JwBnDOReth3VB1MEEV%2BOx7aRzsRtVHrXqbOVFClAc9CgOTKOF%2B%2Bqc1uqCCAS%2FbSfjQygBlu7m"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c5f20abbf2c3732-FRA
expires: Wed, 01 May 2024 02:10:50 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ Frame F84C 19 KB
6 KB 28ms
27ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js

Requested by

Host: darkreadingnewsletter.tradepub.com
URL: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 85547
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5676
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-4d5a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pYB3olP8nJQFHZgztDskyjbHpxLE4ZWdekyEmLnxNzx4SDJ8bjyOoS6EAJhWiyUxmL%2FABFqT5PWdvzXKXbHRnCnqodEEU4DPaQPCf57kM%2FO1dkVW1sLtBlArTTmmBlUQ10bjq%2FDFQhvdgzYaw%2FR4Eew8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c5f20abbf2f3732-FRA
expires: Wed, 01 May 2024 02:10:50 GMT

GET
H/1.1 200
OK consentBar.js Show response
darkreadingnewsletter.tradepub.com/data/ Frame F84C 1009 B
1 KB 1054ms
176ms Script
application/javascript 209.133.56.117
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL

https://darkreadingnewsletter.tradepub.com/data/consentBar.js?ver=20220617

Requested by

Host: darkreadingnewsletter.tradepub.com
URL: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.133.56.117 Dallas, United States, ASN6461 (ZAYO-6461, US),

Reverse DNS

scaler01-tradepub.netline.com

Software

Apache /

Resource Hash

d71f6f54e4590d5f26c992e36241c820487fefcae1d1129837e59d3d5e8e1839

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 02:10:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Fri, 23 Oct 2020 20:59:12 GMT
Server: Apache
ETag: "3f1-5b25cda47b73f"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=53
Content-Length: 1009
X-XSS-Protection: 1; mode=block

GET
H2 200 w_darl10c4.gif
img.tradepub.com/free/w_darl10/images/ Frame F84C 38 KB
38 KB 71ms
20ms Image
image/gif 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tradepub.com/free/w_darl10/images/w_darl10c4.gif
Requested by: Host: darkreadingnewsletter.tradepub.com
URL: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Cantonment, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 14a5b6530555940baf945ebc0f34b667f941a2d63c77867d43ce0e3ba89d87aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:51 GMT
x-cf-tsc: 1683039520
x-cf3: H
cf4ttl: 31536000.000
x-cf1: 13644:fK.fra2:cf:cacheN.fra2-01:H
x-cf-reqid: 67ff263dc156e0af90bcb1e529d9bf5d
content-length: 38672
x-cf2: H
last-modified: Wed, 26 Apr 2023 11:35:07 GMT
server: CFS 0215
x-cff: B
content-type: image/gif
access-control-allow-origin: *
x-cfhash: "d82cb8869b72c8d4ad89f88f2a03b5ef"
cf4age: 161
accept-ranges: bytes

GET
H2 200 w_darl10c8.jpg
img.tradepub.com/free/w_darl10/images/ Frame F84C 274 KB
274 KB 73ms
23ms Image
image/jpeg 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tradepub.com/free/w_darl10/images/w_darl10c8.jpg
Requested by: Host: darkreadingnewsletter.tradepub.com
URL: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Cantonment, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 105b5ca3048e9fd818b36aa4ed5a2e81a69c1457665282cdd08f2a340e695585

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:51 GMT
x-cf-tsc: 1683039520
x-cf3: H
cf4ttl: 31536000.000
x-cf1: 13644:fK.fra2:cf:cacheN.fra2-01:H
x-cf-reqid: 9de353b7b97db6c5da7212ebc00411be
content-length: 280159
x-cf2: H
last-modified: Wed, 26 Apr 2023 11:35:08 GMT
server: CFS 0215
x-cff: B
content-type: image/jpeg
access-control-allow-origin: *
x-cfhash: "cbbf642ebcd5a7a3214b7fbeb03c7a89"
cf4age: 161
accept-ranges: bytes

GET
H2 200 w_darl10.gif
img.tradepub.com/free/w_darl10/images/ Frame F84C 5 KB
5 KB 73ms
22ms Image
image/gif 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tradepub.com/free/w_darl10/images/w_darl10.gif
Requested by: Host: darkreadingnewsletter.tradepub.com
URL: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Cantonment, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 1ea3da39a9cfce54326861aeff7eea991eccc483672eb3d7a62a8a5a66398e9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:51 GMT
x-cf-tsc: 1683039520
x-cf3: H
cf4ttl: 31536000.000
x-cf1: 13644:fK.fra2:cf:cacheN.fra2-01:H
x-cf-reqid: 5a2eee9c7a62ad263eb72c055e516a48
content-length: 4735
x-cf2: H
last-modified: Wed, 26 Apr 2023 11:35:08 GMT
server: CFS 0215
x-cff: B
content-type: image/gif
access-control-allow-origin: *
x-cfhash: "e8e1099422cb19d64c7110ec5dbcbf5e"
cf4age: 161
accept-ranges: bytes

GET
H2 200 download_linkedin_grey_register.png
img.tradepub.com/images/ Frame F84C 4 KB
4 KB 128ms
77ms Image
image/png 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tradepub.com/images/download_linkedin_grey_register.png
Requested by: Host: darkreadingnewsletter.tradepub.com
URL: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Cantonment, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: d92b640be887f97636d58b9ebe755bf49ccdbd074fb9ea4be9de6431d7c69b19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:51 GMT
x-cf-tsc: 1667912544
x-cf3: M
cf4ttl: 31536000.000
x-cf1: 13644:fK.fra2:cf:cacheN.fra2-01:H
x-cf-reqid: 2d27b8ecd26cad3d028e23e6d5e85906
content-length: 3611
x-cf2: H
last-modified: Thu, 14 May 2020 18:03:26 GMT
server: CFS 0215
x-cff: B
content-type: image/png
access-control-allow-origin: *
x-cfhash: "3d2f7cf4b51c7a9dd636ba6f974454a0"
cf4age: 0
accept-ranges: bytes

GET
H2 200 alert_triangle.png
img.tradepub.com/images/ Frame F84C 1 KB
2 KB 127ms
77ms Image
image/png 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tradepub.com/images/alert_triangle.png
Requested by: Host: darkreadingnewsletter.tradepub.com
URL: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Cantonment, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 07ef42cb5aaa4c14b089b3b8dbce587474ca15b49134468ffd950e941fc272c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:51 GMT
x-cf-tsc: 1682607415
x-cf3: H
cf4ttl: 31536000.000
x-cf1: 13644:fK.fra2:cf:cacheN.fra2-01:H
x-cf-reqid: 6e91a6f2ab9111f63c4b8b750e43bc21
content-length: 1262
x-cf2: H
last-modified: Thu, 14 May 2020 18:03:26 GMT
server: CFS 0215
x-cff: B
content-type: image/png
access-control-allow-origin: *
x-cfhash: "840cce462f6adf5d42f27531c6720249"
cf4age: 42045
accept-ranges: bytes

GET
H2 200 blank1x1.gif
img.tradepub.com/images/ Frame F84C 43 B
356 B 126ms
76ms Image
image/gif 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tradepub.com/images/blank1x1.gif
Requested by: Host: darkreadingnewsletter.tradepub.com
URL: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Cantonment, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:51 GMT
x-cf-tsc: 1682607415
x-cf3: H
cf4ttl: 31536000.000
x-cf1: 13644:fK.fra2:cf:cacheN.fra2-01:H
x-cf-reqid: 90bb390f570f5d0463da8e9a9d33d82a
content-length: 43
x-cf2: H
last-modified: Thu, 14 May 2020 18:03:26 GMT
server: CFS 0215
x-cff: B
content-type: image/gif
access-control-allow-origin: *
x-cfhash: "325472601571f31e1bf00674c368d335"
cf4age: 42045
accept-ranges: bytes

GET
H2 200 privacyshield_logo.png
img.tradepub.com/images/ Frame F84C 6 KB
6 KB 119ms
76ms Image
image/png 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tradepub.com/images/privacyshield_logo.png
Requested by: Host: darkreadingnewsletter.tradepub.com
URL: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Cantonment, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: b00bdb01d7602db5e05ba259c3eff627965c82fd7b62a2d19dbaf68274cf19af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:51 GMT
x-cf-tsc: 1682607415
x-cf3: H
cf4ttl: 31536000.000
x-cf1: 13644:fK.fra2:cf:cacheN.fra2-01:H
x-cf-reqid: fd06b31e6ac83c3c39ca599ede24ead4
content-length: 6104
x-cf2: H
last-modified: Wed, 03 Mar 2021 19:44:51 GMT
server: CFS 0215
x-cff: B
content-type: image/png
access-control-allow-origin: *
x-cfhash: "2e2c6e30dc49a020b0715e6fe494d038"
cf4age: 42046
accept-ranges: bytes

GET
H/1.1

200
OK

signin.tradepub.com Show response
d29usylhdk1xyu.cloudfront.net/load/ Frame F84C
Redirect Chain

https://rpxnow.com/js/lib/signin.tradepub.com/engage.js
https://d29usylhdk1xyu.cloudfront.net/load/signin.tradepub.com

11 KB
3 KB

113ms
43ms

Script
text/javascript

108.138.189.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d29usylhdk1xyu.cloudfront.net/load/signin.tradepub.com

Requested by

Host: darkreadingnewsletter.tradepub.com
URL: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1

Protocol

HTTP/1.1

Server

108.138.189.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-189-100.mxp64.r.cloudfront.net

Software

nginx /

Resource Hash

473185122f12e52c03a22285955612eebe2539353552a1d18f286e89a93d33a2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

X-Engage-Request-Id: e8da5490de0143121b2e02936e09dcd3
Date: Fri, 12 May 2023 02:03:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'
Via: 1.1 fbbaf051f1b6e237fbee09c998e075cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MXP64-P1
Age: 416
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2495
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript;charset=UTF-8
X-Amz-Cf-Id: dbPlEzsUoDZDRUOIz0F7PWmpQH3oxW8sFJ6mL0U1yDUvKNv8EFzDzg==

Redirect headers

location: https://d29usylhdk1xyu.cloudfront.net/load/signin.tradepub.com
date: Fri, 12 May 2023 02:10:52 GMT
server: nginx
content-length: 178
content-type: text/html

GET
H2 200 css
fonts.googleapis.com/ Frame F84C 2 KB
628 B 76ms
29ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Host: darkreadingnewsletter.tradepub.com
URL: https://darkreadingnewsletter.tradepub.com/data/main2017.css?ver=20220617

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6c513586a4cc1a4f0cd7e2c92bdbd8b1e70dda2e57737f115bb4539ae45b1510

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 May 2023 02:10:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 May 2023 00:37:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 May 2023 02:10:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F84C 11 KB
1 KB 75ms
28ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700,700italic,400italic

Requested by

Host: darkreadingnewsletter.tradepub.com
URL: https://darkreadingnewsletter.tradepub.com/data/main2017.css?ver=20220617

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e5961598085066e30fcda4edeba2b5aa3e94bc5852db5dbc1ef1296bc0bc2c56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 May 2023 02:10:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 May 2023 01:23:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 May 2023 02:10:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F84C 2 KB
643 B 77ms
30ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: darkreadingnewsletter.tradepub.com
URL: https://darkreadingnewsletter.tradepub.com/data/main2017.css?ver=20220617

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 May 2023 02:10:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 May 2023 00:29:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 May 2023 02:10:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F84C 1 KB
485 B 76ms
29ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oxygen:400,700

Requested by

Host: darkreadingnewsletter.tradepub.com
URL: https://darkreadingnewsletter.tradepub.com/data/main2017.css?ver=20220617

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e4882455843074fb8273c6b49bbbf75e7a6e1e8e87796e8271c93851c01245b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 May 2023 02:10:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 May 2023 02:08:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 May 2023 02:10:51 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame F84C 51 KB
20 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: darkreadingnewsletter.tradepub.com
URL: https://darkreadingnewsletter.tradepub.com/data/tp_ga.js?ver=20220617

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 12 May 2023 00:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 5712
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 12 May 2023 02:35:39 GMT

GET
H2 200 privacyshield_logo_reverse.png
img.tradepub.com/images/ Frame F84C 6 KB
6 KB 62ms
19ms Image
image/png 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tradepub.com/images/privacyshield_logo_reverse.png
Requested by: Host: darkreadingnewsletter.tradepub.com
URL: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Cantonment, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 07846c4f3d55084d6c153def8a95340508d0f3fe4dc7aa4bc23115785e81b738

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:51 GMT
x-cf-tsc: 1666705720
x-cf3: M
cf4ttl: 31536000.000
x-cf1: 13644:fK.fra2:cf:cacheN.fra2-01:H
x-cf-reqid: 7bcb5f5ab0c32d6b737c30ff3f93cb33
content-length: 5705
x-cf2: H
last-modified: Wed, 21 Sep 2022 20:08:47 GMT
server: CFS 0215
x-cff: B
content-type: image/png
access-control-allow-origin: *
x-cfhash: "09cdc365afce1793dd9aac8701222703"
cf4age: 0
accept-ranges: bytes

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ Frame F84C 47 KB
47 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,700italic,400italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://darkreadingnewsletter.tradepub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:45:28 GMT
x-content-type-options: nosniff
age: 505523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 05:45:28 GMT

POST
H/1.1 200
OK getjob2017_intl.mpl Show response
darkreadingnewsletter.tradepub.com/c/ Frame F84C 1 KB
2 KB 177ms
177ms XHR
text/html 209.133.56.117
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL

https://darkreadingnewsletter.tradepub.com/c/getjob2017_intl.mpl

Requested by

Host: darkreadingnewsletter.tradepub.com
URL: https://darkreadingnewsletter.tradepub.com/data/coreg2013.js?ver=20220617

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.133.56.117 Dallas, United States, ASN6461 (ZAYO-6461, US),

Reverse DNS

scaler01-tradepub.netline.com

Software

Apache /

Resource Hash

0c41233e610920569b3e7cb57bac3ba8448507513de7841b74438228224cb104

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*
Referer: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Fri, 12 May 2023 02:10:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=15, max=32
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK getind2017_intl.mpl Show response
darkreadingnewsletter.tradepub.com/c/ Frame F84C 1 KB
2 KB 179ms
178ms XHR
text/html 209.133.56.117
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL

https://darkreadingnewsletter.tradepub.com/c/getind2017_intl.mpl

Requested by

Host: darkreadingnewsletter.tradepub.com
URL: https://darkreadingnewsletter.tradepub.com/data/coreg2013.js?ver=20220617

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.133.56.117 Dallas, United States, ASN6461 (ZAYO-6461, US),

Reverse DNS

scaler01-tradepub.netline.com

Software

Apache /

Resource Hash

2ccdcf417b59e3764ebe8bfc030a14d7ddad38532c9ac1b7abbd91ae2e256c57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*
Referer: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Fri, 12 May 2023 02:10:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=15, max=31
X-XSS-Protection: 1; mode=block

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/ Frame F84C 10 KB
10 KB 26ms
25ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://darkreadingnewsletter.tradepub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 22:29:33 GMT
x-content-type-options: nosniff
age: 445278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9840
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 22:29:33 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ Frame F84C 2 KB
884 B 19ms
18ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 01:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2341
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 12 May 2023 02:31:50 GMT

GET
H/1.1 200
OK login Show response
d29usylhdk1xyu.cloudfront.net/manifest/ Frame F84C 453 KB
109 KB 35ms
35ms Script
text/javascript 108.138.189.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29usylhdk1xyu.cloudfront.net/manifest/login?version=final
Requested by: Host: rpxnow.com
URL: https://rpxnow.com/js/lib/signin.tradepub.com/engage.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.189.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-189-100.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d4afff7ae9777bd3878847e90b2a3183b7afdf66fdd431236557f7b72cd3832

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Thu, 11 May 2023 23:40:35 GMT
Content-Encoding: gzip
Via: 1.1 fbbaf051f1b6e237fbee09c998e075cc.cloudfront.net (CloudFront)
Last-Modified: Thu, 19 May 2022 17:11:56 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MXP64-P1
Age: 9049
ETag: "b12ccfea1ec61935954acce8396fcea1"
X-Cache: Hit from cloudfront
Content-Type: text/javascript;charset=UTF-8
Connection: keep-alive
Content-Length: 111565
X-Amz-Cf-Id: 084MMRQZ6tAsGNWEb9Lj9Gmfb81KLeIObp0Y4lPdbi_xiTYvi_XmJQ==

GET
H2 200 providers.css
quilt-cdn.janrain.com/HEAD/ Frame F84C 126 KB
9 KB 211ms
45ms Stylesheet
text/css 2a02:26f0:6c00::210:bb9b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://quilt-cdn.janrain.com/HEAD/providers.css
Requested by: Host: d29usylhdk1xyu.cloudfront.net
URL: https://d29usylhdk1xyu.cloudfront.net/manifest/login?version=final
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb9b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 896f2bcedb02f1d564ea553d9b739698bba1d89e5dff9cdb30771d6b06dd57a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkreadingnewsletter.tradepub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:52 GMT
content-encoding: gzip
last-modified: Thu, 24 Mar 2022 16:25:38 GMT
server: AmazonS3
x-amz-request-id: Q0ZECJ60FBE5EDYC
etag: "83aeb6fdea41f32341ab74de7bdd7343"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=19532043
accept-ranges: bytes
content-length: 8790
x-amz-id-2: 2MSd8BmwAX8D6YNAlOBZTr//91quSUnzxjnlfU8gbFF48OjWuKW2oSSPIChwEnIxhCU7ZisqdpE=
expires: Sun, 24 Dec 2023 03:44:55 GMT

GET
H/1.1 200
OK ip2country.mpl Show response
darkreadingnewsletter.tradepub.com/c/ Frame F84C 20 B
431 B 177ms
176ms XHR
application/json 209.133.56.117
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL

https://darkreadingnewsletter.tradepub.com/c/ip2country.mpl

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.133.56.117 Dallas, United States, ASN6461 (ZAYO-6461, US),

Reverse DNS

scaler01-tradepub.netline.com

Software

Apache /

Resource Hash

f37d1ad4ff54c0819a950c6bf692c4294e593e2df41f3ad3f2cd11d281ebead0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://darkreadingnewsletter.tradepub.com/free/w_darl10/prgm.cgi?a=1
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Fri, 12 May 2023 02:10:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Server: Apache
Transfer-Encoding: chunked
Content-Type: application/json
Connection: Keep-Alive
Keep-Alive: timeout=15, max=27
X-XSS-Protection: 1; mode=block

GET
H2 200 async-api.ad3273bd-1.232.0.min.js Show response
js-agent.newrelic.com/ 3 KB
2 KB 64ms
20ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/async-api.ad3273bd-1.232.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e9e3652349e81228cb2c0309b3e6a9f23da99f571017f01a984da348ddb4a257

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: OjwEEoZjF9pbnlt.Cg9dV5pJF0e7Bjo3
content-encoding: gzip
via: 1.1 varnish
date: Fri, 12 May 2023 02:10:52 GMT
strict-transport-security: max-age=300
x-amz-request-id: 2HV6J6QHFFESHJRR
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1353
x-amz-id-2: BXEPYmEflhh8Vht8sn9Q1DUjjjCdyno/0vK0P4vna65JsDaTt7F35BfMmDx7zQLw8OCOg9e2TFA=
x-served-by: cache-fra-etou8220068-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1683857453.736793,VS0,VE0
etag: "d7011e3a3501d54c9be8929572a18598"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1670

GET
H2 200 session-manager.2a8d47d1-1.232.0.min.js Show response
js-agent.newrelic.com/ 15 KB
6 KB 62ms
20ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/session-manager.2a8d47d1-1.232.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

de1b63b04b142bb4eef4fd7311fc5b56fe61563db26d21bc69b2f7c42fcdd994

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: D9U.McFOdEj4dYMN5VJBUueQRx486Iwz
content-encoding: gzip
via: 1.1 varnish
date: Fri, 12 May 2023 02:10:52 GMT
strict-transport-security: max-age=300
x-amz-request-id: 33YC9JCZQM6STQJG
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 5781
x-amz-id-2: MFfb7MGqGrqmfqqSXBRxyB8p3seuC8FOIGAdlP3GdJhGKDscVqHW57p863nKhRGgnkRzZizmvC4=
x-served-by: cache-fra-etou8220068-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1683857453.736785,VS0,VE0
etag: "e42e9b9282d7865427c32ad60eea44b4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1232

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 104ms
34ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.darkreading.com

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 81ms
31ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.darkreading.com

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 34 KB
13 KB 71ms
69ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2491793789674920&correlator=4027670031179302&eid=31072878%2C31073385%2C31073560%2C31074370%2C31074405%2C31074475%2C31074536%2C31074401%2C21065725&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Ccloud&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=1&adks=2211534987&sfv=1-0-40&prev_scp=pos%3Dwelcome_v%26ptype%3Darticle%26pageid%3Dblt56f8b4f82afc4800%26aid%3D667980%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1683857452865&lmt=1683857452&dlt=1683857447909&idt=676&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&frm=20&vis=1&psz=1600x4110&msz=0x0&fws=132&ohw=1600&ga_vid=169336795.1683857449&ga_sid=1683857453&ga_hid=853765905&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db1546c00f74eeebf9c33f5b47e6e0af0fc9d5443af67777a1143b819b9c0641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13175
x-xss-protection: 0
google-lineitem-id: 6160013257
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138430985859
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 545 B
302 B 99ms
97ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2491793789674920&correlator=4027670031179302&eid=31072878%2C31073385%2C31073560%2C31074370%2C31074405%2C31074475%2C31074536%2C31074401%2C21065725&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Ccloud&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=2&adks=2899438601&sfv=1-0-40&prev_scp=pos%3Dbigsky_v%26ptype%3Darticle%26pageid%3Dblt56f8b4f82afc4800%26aid%3D667980%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1683857452885&lmt=1683857452&dlt=1683857447909&idt=676&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&frm=20&vis=1&psz=1600x4110&msz=0x0&fws=132&ohw=1600&ga_vid=169336795.1683857449&ga_sid=1683857453&ga_hid=853765905&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac8e1e860c978467305068a7d8a7f318bb9cc9ce2cb8955288fe5662daddc749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 273
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 10 KB
4 KB 64ms
62ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2491793789674920&correlator=4027670031179302&eid=31072878%2C31073385%2C31073560%2C31074370%2C31074405%2C31074475%2C31074536%2C31074401%2C21065725&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Ccloud&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=3&adks=2541793161&sfv=1-0-40&ists=1&prev_scp=pos%3Dwallpaper_v%26ptype%3Darticle%26pageid%3Dblt56f8b4f82afc4800%26aid%3D667980%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1683857452893&lmt=1683857452&dlt=1683857447909&idt=676&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&frm=20&vis=1&psz=1600x4110&msz=0x0&fws=132&ohw=1600&ga_vid=169336795.1683857449&ga_sid=1683857453&ga_hid=853765905&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd99d40e9764fd4629326b272d29ef8c77c780a4d8bc23243f2a0895fbdc353b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4288
x-xss-protection: 0
google-lineitem-id: 6243472472
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138394160290
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 545 B
306 B 58ms
55ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2491793789674920&correlator=4027670031179302&eid=31072878%2C31073385%2C31073560%2C31074370%2C31074405%2C31074475%2C31074536%2C31074401%2C21065725&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Ccloud&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=4&adks=1451092141&sfv=1-0-40&ists=1&prev_scp=pos%3Doop_v%26ptype%3Darticle%26pageid%3Dblt56f8b4f82afc4800%26aid%3D667980%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1683857452901&lmt=1683857452&dlt=1683857447909&idt=676&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&frm=20&vis=1&psz=1600x4110&msz=0x0&fws=132&ohw=1600&ga_vid=169336795.1683857449&ga_sid=1683857453&ga_hid=853765905&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af445b057cad58b863ee411efa7734299dd8ed00da738f2d50fd0e68589e01e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 277
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 545 B
304 B 70ms
68ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2491793789674920&correlator=4027670031179302&eid=31072878%2C31073385%2C31073560%2C31074370%2C31074405%2C31074475%2C31074536%2C31074401%2C21065725&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Ccloud&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=5&adks=621034558&sfv=1-0-40&prev_scp=pos%3Dfloor_v%26gdpr_banner%3Don%26ptype%3Darticle%26pageid%3Dblt56f8b4f82afc4800%26aid%3D667980%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1683857452911&lmt=1683857452&dlt=1683857447909&idt=676&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&frm=20&vis=1&psz=1600x4110&msz=0x0&fws=132&ohw=1600&ga_vid=169336795.1683857449&ga_sid=1683857453&ga_hid=853765905&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1935ab4dfe917e40077db3ba71377a7c8b122e1b889e5e7dfcdb6f7b750c6a28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 275
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 545 B
302 B 87ms
85ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2491793789674920&correlator=4027670031179302&eid=31072878%2C31073385%2C31073560%2C31074370%2C31074405%2C31074475%2C31074536%2C31074401%2C21065725&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Ccloud&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=7x7&ifi=6&adks=1161351837&sfv=1-0-40&prev_scp=pos%3Dadhesion_v%26gdpr_banner%3Don%26ptype%3Darticle%26pageid%3Dblt56f8b4f82afc4800%26aid%3D667980%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1683857452916&lmt=1683857452&dlt=1683857447909&idt=676&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&frm=20&vis=1&psz=1600x4110&msz=7x0&fws=132&ohw=1600&ga_vid=169336795.1683857449&ga_sid=1683857453&ga_hid=853765905&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ceec9fdca81a892eca1f959d595bec3a8f27d3e1801f07ca3c719be18bc73ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 273
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 32 KB
14 KB 87ms
85ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2491793789674920&correlator=4027670031179302&eid=31072878%2C31073385%2C31073560%2C31074370%2C31074405%2C31074475%2C31074536%2C31074401%2C21065725&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Ccloud&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=970x90%7C970x250%7C728x90&ifi=7&adks=3716935158&sfv=1-0-40&prev_scp=pos%3D728_1v%26ptype%3Darticle%26pageid%3Dblt56f8b4f82afc4800%26aid%3D667980%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1683857452921&lmt=1683857452&dlt=1683857447909&idt=676&adxs=315&adys=86&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&frm=20&vis=1&psz=984x0&msz=970x0&fws=4&ohw=1600&ga_vid=169336795.1683857449&ga_sid=1683857453&ga_hid=853765905&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54afb0272d83fb2f4eb89126cefaf1316861dfa5a4c4e2488ae2d0668ea9f31d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13876
x-xss-protection: 0
google-lineitem-id: 6140096305
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138409377623
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 81ms
79ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2491793789674920&correlator=4027670031179302&eid=31072878%2C31073385%2C31073560%2C31074370%2C31074405%2C31074475%2C31074536%2C31074401%2C21065725&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Ccloud&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=8&adks=2670265377&sfv=1-0-40&prev_scp=pos%3Dvideo_v%26ptype%3Darticle%26pageid%3Dblt56f8b4f82afc4800%26aid%3D667980%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1683857452928&lmt=1683857452&dlt=1683857447909&idt=676&adxs=308&adys=967&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&frm=20&vis=1&psz=646x1432&msz=646x0&fws=4&ohw=1600&ga_vid=169336795.1683857449&ga_sid=1683857453&ga_hid=853765905&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdf1aba622d6838dde22c59064599e18c7dccf0e3d3f9fc8f63f2f74e3314b58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10334
x-xss-protection: 0
google-lineitem-id: 5674929725
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138347225724
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
14 KB 76ms
74ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2491793789674920&correlator=4027670031179302&eid=31072878%2C31073385%2C31073560%2C31074370%2C31074405%2C31074475%2C31074536%2C31074401%2C21065725&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Ccloud&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600&ifi=9&adks=3969398072&sfv=1-0-40&prev_scp=pos%3D300_1v_article%26ptype%3Darticle%26pageid%3Dblt56f8b4f82afc4800%26aid%3D667980%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1683857452933&lmt=1683857452&dlt=1683857447909&idt=676&adxs=654&adys=1047&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&frm=20&vis=1&psz=300x0&msz=300x0&fws=4&ohw=1600&ga_vid=169336795.1683857449&ga_sid=1683857453&ga_hid=853765905&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

308872c64cc2515e73c670c24a922a92a970a2e2745975d2c8b4184e7967346d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13973
x-xss-protection: 0
google-lineitem-id: 6254775512
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138427198710
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 99ms
97ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2491793789674920&correlator=4027670031179302&eid=31072878%2C31073385%2C31073560%2C31074370%2C31074405%2C31074475%2C31074536%2C31074401%2C21065725&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Ccloud&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x600%7C300x250%7C5x5&ifi=10&adks=1065251584&sfv=1-0-40&prev_scp=pos%3D300_1v%26ptype%3Darticle%26pageid%3Dblt56f8b4f82afc4800%26aid%3D667980%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1683857452936&lmt=1683857452&dlt=1683857447909&idt=676&adxs=988&adys=126&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&frm=20&vis=1&psz=308x0&msz=300x0&fws=4&ohw=1600&ga_vid=169336795.1683857449&ga_sid=1683857453&ga_hid=853765905&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8a645fdd3c341f50060eedabd8998374e051bcda90be3bcb87d31e4f87657e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11589
x-xss-protection: 0
google-lineitem-id: 6243472472
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138393688107
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
14 KB 94ms
93ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2491793789674920&correlator=4027670031179302&eid=31072878%2C31073385%2C31073560%2C31074370%2C31074405%2C31074475%2C31074536%2C31074401%2C21065725&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Ccloud&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600&ifi=11&adks=132156232&sfv=1-0-40&prev_scp=pos%3D300_2v%26ptype%3Darticle%26pageid%3Dblt56f8b4f82afc4800%26aid%3D667980%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1683857452940&lmt=1683857452&dlt=1683857447909&idt=676&adxs=988&adys=126&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&frm=20&vis=1&psz=308x0&msz=300x0&fws=4&ohw=1600&ga_vid=169336795.1683857449&ga_sid=1683857453&ga_hid=853765905&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09956b5525c8c48e5d261bf1fe1692d1033f270f95872afcadd8dc0127ae3a3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13984
x-xss-protection: 0
google-lineitem-id: 6243472472
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138394157647
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 83ms
32ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305090101&st=env

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

814193c99170f46bc6f27d63bc3fda4317d2568edf26ed6229d36ff90e9933b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11196
x-xss-protection: 0

GET
H2 200 container.html Show response
48f133b2bcc3df17a4be26e3af1a4524.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F410 6 KB
3 KB 121ms
30ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://48f133b2bcc3df17a4be26e3af1a4524.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 02:10:53 GMT
expires: Sat, 11 May 2024 02:10:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 rum Show response
www.darkreading.com/cdn-cgi/ 0
168 B 42ms
41ms XHR
text/plain 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/cdn-cgi/rum?

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: VwQPWV9RDRACUVdUDwYAVVc=
tracestate: 3288925@nr=0-1-3288925-322548631-c38c3fafc979d125----1683857452991
traceparent: 00-29e1d88bc1046d4fd57e3d40dbbb2000-c38c3fafc979d125-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyODg5MjUiLCJhcCI6IjMyMjU0ODYzMSIsImlkIjoiYzM4YzNmYWZjOTc5ZDEyNSIsInRyIjoiMjllMWQ4OGJjMTA0NmQ0ZmQ1N2UzZDQwZGJiYjIwMDAiLCJ0aSI6MTY4Mzg1NzQ1Mjk5MX19
content-type: application/json
Referer: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.darkreading.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7c5f20b94a38901c-FRA

GET
H2 200 lazy-loader.c8cd494b-1.232.0.min.js Show response
js-agent.newrelic.com/ 921 B
639 B 23ms
19ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/lazy-loader.c8cd494b-1.232.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

24b5fa9227e2539d460d47bb58bc2cfd5ab7b460b10ed08f5f237a1c4227fa30

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: JxOZDsaCO.84OJr88feb47MQNIiB.lPY
content-encoding: gzip
via: 1.1 varnish
date: Fri, 12 May 2023 02:10:53 GMT
strict-transport-security: max-age=300
x-amz-request-id: HFKEC7V8RSG7GQ3Z
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 410
x-amz-id-2: sMPeOof8K4e91kQ20uXJDDwefRnsVFND0s9EnxyiOeAw9CM1xr2qBuk5sozOrYVezXVrvqQ6llg=
x-served-by: cache-fra-etou8220068-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1683857453.019528,VS0,VE0
etag: "43b458adcc5ab7566291590de5438262"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 856

GET
H2 200 2035876379754758494
tpc.googlesyndication.com/simgad/ 124 KB
124 KB 300ms
21ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2035876379754758494?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9c0731473dc75741f795fe979c202dfa0f81dafd198114d222eaff8bf0fc4f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 08:15:17 GMT
x-content-type-options: nosniff
age: 237336
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126580
x-xss-protection: 0
last-modified: Tue, 31 May 2022 21:43:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 08 May 2024 08:15:17 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9B07 0
26 B 58ms
57ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuT4gJLSCOjBOjxd9ZNz91dNaaMncwigZVAOSxhVGn--J3kOETejk_wj0p8zAJSKwkov-6yqUsGNx33TGQQjkRxbFcdmL_nAgXbYhsGuCz-yrIrzmJA1sGDZpfhrMbYg6ST8oLdanMPgH-Zzo_z3YfqNAj4288smxbOr6AUhDHgDIzHPCQ_lORVo2BywfDKRZOgqq1RPpVucr8rGgNz5DdUI4i_uBB7q2JZaQRR5Sozrjr35832k41uwh4B8MbBgjGxWMxGSspgHG1gumZQSC65TchM84pEc5PiwmbxT6C1X361HigfGoYnpdLLnl2T7RFwTo0eK08PAWwZSTxfkewrS0y9co4W1yU&sai=AMfl-YTlNXyPMSoTugj2rUuGDBJAkwvmTONtiF3HJxMs308Ba6zMToq_l4KgWj_JDEW125rxZ7n1rIyOan5Bxr7cT_xLXudDzv9yzkxhUxZoyF7Qsj5K07uoi--LJGVBPsw&sig=Cg0ArKJSzMtdHUhfk1ecEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7C9A 0
0 60ms
59ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvoGRznseMDKK0cZDxv7s84J3RMlaKgj999Il23n1LDB3eIz3VmQeSJaKnC5v_-gT0oLE30SkvNGbCj8dUWZ56T52WB0nDr5JUawjaLCDbtRtaeb2hTpiyneGwuwn8kV7Ijq13YvdTmVfVzhT4qAxkqJxMq8Sq4_cO23x8GEQWpQWAg6hGJF4mG3W0aiWF2nwJUywzVmBx0Gjb_OdFdXRKYXmFxLor3pHLV7ruiCI_0P_tooXtr2sKOAfAsWPytJw40L3qH5WDRVjmk8I5DJbUILkhahshIVqYLdfJYd80iAuWAWOYBbggwVyekTFS13oYt5no-SGbaSjQ99I7YPlSB2iNdW4hnZQjHugE0MqKOu2n5R5RD4kmR&sai=AMfl-YSpRCM8rOVGrtN23BuR8LJnuN76SdrAkNf0CsVLtNbznS6pIss6qlCX5_MtEzaQDWSbYaI7bZp584CnWomsvYUybZch8KwYk68zoXmBFFqekBLDH4IZ70KHlh7cYg&sig=Cg0ArKJSzIc3NuHa6Ir-EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 jquery-1.11.0.min.js Show response
code.jquery.com/ Frame 7C9A 94 KB
33 KB 25ms
23ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.0.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:01 GMT
server: nginx
etag: W/"62f659d5-1787d"
vary: Accept-Encoding
x-hw: 1683857453.dop057.fr8.t,1683857453.cds107.fr8.hn,1683857453.cds001.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33357

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7C9A 169 KB
53 KB 245ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 May 2023 02:10:53 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/pentonmedia53440730609/ Frame 7C9A 326 KB
112 KB 228ms
23ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/pentonmedia53440730609/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8c01620cc643e8a19f0955ec8ac6aad41ada99655090013fa3f2ce98bb2a2a5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2023 09:53:45 GMT
server: AmazonS3
x-amz-request-id: 8T8WAHNWPXR3KCDR
etag: "7653b2f5aea863bfd8a9654b10077896"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=48773
accept-ranges: bytes
content-length: 113597
x-amz-id-2: +hNLfa3SAo4uH/Z76jiUqIRJVPgF7Ly9KGOiMDYorApIdiT5byivdkxaJZbLSI0F1ucX11k7p7E=

GET
H2

200

13915301549715677873
tpc.googlesyndication.com/simgad/ Frame 7C9A
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvoGRznseMDKK0cZDxv7s84J3RMlaKgj999Il23n1LDB3eIz3VmQeSJaKnC5v_-gT0oLE30SkvNGbCj8dUWZ56T52WB0nDr5JUawjaLCDbtRtaeb2hTpiyneGwuwn8kV7Ijq13YvdTmV...
https://tpc.googlesyndication.com/simgad/13915301549715677873?

189 KB
189 KB

39ms
26ms

Image
image/png

2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13915301549715677873?

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de83f4b6ad24a16cc04c12e28360d792de5782cc6751201225f4bcf55ec14184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 04:15:02 GMT
x-content-type-options: nosniff
age: 78951
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 193801
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 15:24:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 10 May 2024 04:15:02 GMT

Redirect headers

date: Fri, 12 May 2023 02:10:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
location: https://tpc.googlesyndication.com/simgad/13915301549715677873?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 Dark_Reading_Logo.svg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt4ff4a7f9bc8e31f7/619f4fb0a0cb8076d613e3ba/ Frame 7C9A 5 KB
2 KB 22ms
22ms Image
image/svg+xml 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt4ff4a7f9bc8e31f7/619f4fb0a0cb8076d613e3ba/Dark_Reading_Logo.svg?quality=80&format=jpg&width=222

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0e198a2d521948c31a85eff04b881542d8b31d8b5824f900a950ea34bf5ef811

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
strict-transport-security: max-age=31557600
content-encoding: gzip
age: 1482240
x-cache: HIT, HIT
filename1: custom
content-disposition: inline; filename=Dark_Reading_Logo.svg+xml
fastly-stats: io=1
content-length: 2021
x-request-id: 77944
x-served-by: cache-ams12720-AMS, cache-fra-eddf8230094-FRA
x-runtime: 99ms
x-timer: S1683857453.159086,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 11, 1

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
18ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=853765905&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&dp=%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&ul=en-us&de=UTF-8&dt=Multiple%20Ransomware%20Groups%20Adapt%20Babuk%20Code%20to%20Target%20ESXi%20VMs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=welcome%20ad%20served&ea=6160013257&el=138430985859&_u=aCDACEABRAAAACACIAC~&jid=&gjid=&cid=169336795.1683857449&tid=UA-135180592-2&_gid=20022482.1683857449&gtm=45He35a0n81T52Z3Z3&cg1=article&cg2=News&cg3=Cloud&cd1=article&cd2=nate%20nelson&cd3=&cd4=News&cd5=May%2011%2C%202023&cd6=cloud&cd9=application-security%2Cattacks-breaches&cd10=0&cd16=blt56f8b4f82afc4800&cd17=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&cd18=3834%2Fdarkreading.home%2Farticle%2Fcloud&cd20=vanguard%20-%20123&z=1203858790

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 03:16:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82479
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9B5D 0
0 60ms
59ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuizjLNyplN_1Jm-9fo6eOAbBVMukURAJtBKCkFT1dwjBsYUGfmfE0l-ng2QA6e-STAMRZNDlNy7tdnWEAGxn6O2hyBlC2hdTNoIBam3-z4INeDSppmaLGWeJbVaSxFwa-m5iDA77gtRsXqbNhOSItkqLUZybgJKJnTyF0e9GFo9P-ytuNfPV1xGjJAHdO2SF5yq3zo7-bS4MaA18G4qCL-Obgiu7D9K3I9Ov4Vy7uM6oc_OnOr3_X9Q0Ir0-SZrxNB7ZBFc_Dd194xOVreRo1BsIjcKQdCYbA5l0yToaU65Eq6On1iiYZAD6lInCXkH9Kk-qn0lbRb9f_A26p8oXQZnim3hDk&sai=AMfl-YS0irI3nIwMDy1f_P9Au67km09OdisDMnGIQmhjpVo5R99TNDRm7sR3MvWznO-xGbpfZ2Fni_Sr3Fk_OmVwpNW_8Rry4cw25qWRmBDZOuvLYZuOGIynbKXVQLzZTA&sig=Cg0ArKJSzPFGA85HGPGXEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 9B5D 3 KB
2 KB 184ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 18:04:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29212
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 May 2023 18:04:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B5D 169 KB
52 KB 243ms
77ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 May 2023 02:10:53 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/pentonmedia53440730609/ Frame 9B5D 326 KB
111 KB 255ms
89ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/pentonmedia53440730609/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8c01620cc643e8a19f0955ec8ac6aad41ada99655090013fa3f2ce98bb2a2a5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2023 09:53:45 GMT
server: AmazonS3
x-amz-request-id: 8T8WAHNWPXR3KCDR
etag: "7653b2f5aea863bfd8a9654b10077896"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=48880
accept-ranges: bytes
content-length: 113597
x-amz-id-2: +hNLfa3SAo4uH/Z76jiUqIRJVPgF7Ly9KGOiMDYorApIdiT5byivdkxaJZbLSI0F1ucX11k7p7E=

GET
H2 200 16204869891264180262
tpc.googlesyndication.com/simgad/ Frame 9B5D 61 KB
61 KB 246ms
82ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16204869891264180262

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f9e4b998c3839e7e544b929557a4408b28d94975d484ef79763e50ccc2647b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 10:15:52 GMT
x-content-type-options: nosniff
age: 57301
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62646
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 18:52:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 10 May 2024 10:15:52 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9B5D 0
0 30ms
28ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSy4ZPdrIVpiyB6TMZCJ9asOrt7Um9EWbuJlOC341czuWPrUsYgGiCDccrLGkdQpkofJ9zM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4D3C 0
0 61ms
60ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGTiWwN_kCEaxSj0nluB48GjmR_3UleIeQXU6luUEzNONaKyUjg5iZXsGmsJgqqW-OdSpp8daAbHwmVA963vS3UsY28k8lanxG1RZrvBHWPz5CLzomt2y2KtC1cxxbFMuxZECiM6EfzS1-HodTV--GRVW0CP4rgypxf4w5PjWjglhrrLRNMZ114YJa6MIYiPTNmj8luUWFYfosPovUpkodppvXgHr3byM4KxrFVxWaZ_1g8VAjlTueU-CeHnOZUneH-ns-uC-WOoOCEJ7BzzHHhPkxsDKI82jh9CLcStxzYH8PJDFBuU_9fyzcUa8_qxg0GtmSWQcFtt7r5CeKegKiJg&sai=AMfl-YTddU9dRhnbYjOfqoWuotUTLFeYtbtKFFcP7oKLssqb4QKFgasmIECeX2-qrEFMDS0Fb-bKlFa3I78qRqpgpdylbYBRhpWyn0FAoScSXGAn1cqANDsr8mbCI08KfpY&sig=Cg0ArKJSzOOn9OhldAR5EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 tag Show response
a.teads.tv/page/130102/ Frame 4D3C 752 B
812 B 186ms
48ms Script
application/javascript 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/130102/tag
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 120be5c1f0c3158ea3f36d14321d28e8bad8f3c6fcf6eadd240020c1836eff98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 470
expires: Fri, 12 May 2023 03:10:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4D3C 169 KB
52 KB 209ms
72ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 May 2023 02:10:53 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/pentonmedia53440730609/ Frame 4D3C 326 KB
111 KB 213ms
76ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/pentonmedia53440730609/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8c01620cc643e8a19f0955ec8ac6aad41ada99655090013fa3f2ce98bb2a2a5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2023 09:53:45 GMT
server: AmazonS3
x-amz-request-id: 8T8WAHNWPXR3KCDR
etag: "7653b2f5aea863bfd8a9654b10077896"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=48787
accept-ranges: bytes
content-length: 113597
x-amz-id-2: +hNLfa3SAo4uH/Z76jiUqIRJVPgF7Ly9KGOiMDYorApIdiT5byivdkxaJZbLSI0F1ucX11k7p7E=

GET
DATA 200
OK truncated
/ Frame 9B5D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f5b29290d3c58d5bf61ac0e4abbc1f7adaf9e2bd9ed456879068725622f0d13d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2A9A 0
0 61ms
61ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstv6ISacewhRjhPeDHlkdT-slAOneGQZTB5BMlt52fSs7rEGXY6I46gWirr6f_JawElHKdb5C67_6Galhp9RnXCM7mv5tAQAVR6fv9FmtxTfD24-46hNkrHkpCCTFNL-4ozWbPySwG_bHdrB-GWL7U0YeBJ34PgmZlyJ4Dmq2Z3iEchA1HPhq9ECixCp38v2KEJEbAIZRzswuvnzLWc9Pf7WFDDGVdWNGVG9BuCynj3dMHfYc9FwgksFXxrwVx0uCacDlrza7m4hvHySIhMUAXEla-WmiVSf-MyPPFU7XwbDFlol31RhGVR95qr1BY647CHgTc71OadNOOr5jssx-925A&sai=AMfl-YSdXq2qVWXYfmJ4EfciVM1sy18vwKLOj3JT3XEiomOZfsv1Jsi-MUaez7N45urhnDV_RU3tAia9eoi9A2vQY632dZzFiB3uSxPcl1xd6_kM6lsgVGUGQzqlQ_ZnOA&sig=Cg0ArKJSzDX907a-N-whEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 2A9A 3 KB
1 KB 66ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 18:04:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29212
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 May 2023 18:04:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2A9A 169 KB
52 KB 129ms
82ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 May 2023 02:10:53 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/pentonmedia53440730609/ Frame 2A9A 326 KB
111 KB 128ms
81ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/pentonmedia53440730609/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8c01620cc643e8a19f0955ec8ac6aad41ada99655090013fa3f2ce98bb2a2a5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2023 09:53:45 GMT
server: AmazonS3
x-amz-request-id: 8T8WAHNWPXR3KCDR
etag: "7653b2f5aea863bfd8a9654b10077896"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=48856
accept-ranges: bytes
content-length: 113597
x-amz-id-2: +hNLfa3SAo4uH/Z76jiUqIRJVPgF7Ly9KGOiMDYorApIdiT5byivdkxaJZbLSI0F1ucX11k7p7E=

GET
H2 200 3419088563673378312
tpc.googlesyndication.com/simgad/ Frame 2A9A 32 KB
33 KB 121ms
77ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3419088563673378312

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d41ec139c7a9a1d5c36fbb2da10e14d5a3f966fce56c9523aad1c60184d7abf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 21:03:04 GMT
x-content-type-options: nosniff
age: 18469
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33223
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 20:12:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 10 May 2024 21:03:04 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2A9A 0
0 28ms
27ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTmzsGz7tqGWZ74WpSX246HWxALErEcsQ2v_Dq1xpP7HcC3vX5WpXHm9zi9U6YNnl4WLatU
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 134ms
96ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 12 May 2023 02:10:53 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A7F2 0
0 65ms
58ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUEw4_0IYb4GhD7hHf7XD0QQw1td4yUDNz08SoYUQ4myjxJgoaeBfvdK38j-K8welkH3fu1GkjUNkfbn4veqjmM7OOyW5TCGVF6QXcHaaHcpk_XlUt4-75YWdsBZSW6-omaLTBa9efWequXeqTLbbcII-DckWVp0M4sE0fXLLNxMtbb-LZOJCS-kWmNS5rHSYRDEblVPw5KVyJt7XY8aKZyIYiVm7Y1OW_DFZW770-R3BkPRj815gmM-kchF1kyGp2vtfyNW_Q6Bci1lcMmLaW76P36VPcChtfDAlNx-HuTuJauVDzOv314vHFVF5XqQleBcXY-vQYyvrwCE4wkEj8fUj7rDU&sai=AMfl-YRxX8NVSTK0ruOU27VIKBntMI81uTChI_TMO2YR8jm3flQ68gYhKbuN4-dX6MiefbjkNiwkcF7bF91lSsuCWcYM68ZZ-T4Rn-Z_27lbUMub3UTriGSe7VNW8LfJ8MI&sig=Cg0ArKJSzFvZTAO74YIwEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame A7F2 3 KB
1 KB 95ms
85ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 18:04:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29212
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 May 2023 18:04:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A7F2 169 KB
52 KB 93ms
84ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 May 2023 02:10:53 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/pentonmedia53440730609/ Frame A7F2 326 KB
111 KB 55ms
46ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/pentonmedia53440730609/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8c01620cc643e8a19f0955ec8ac6aad41ada99655090013fa3f2ce98bb2a2a5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2023 09:53:45 GMT
server: AmazonS3
x-amz-request-id: 8T8WAHNWPXR3KCDR
etag: "7653b2f5aea863bfd8a9654b10077896"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=48913
accept-ranges: bytes
content-length: 113597
x-amz-id-2: +hNLfa3SAo4uH/Z76jiUqIRJVPgF7Ly9KGOiMDYorApIdiT5byivdkxaJZbLSI0F1ucX11k7p7E=

GET
H2 200 11423251859648318049
tpc.googlesyndication.com/simgad/ Frame A7F2 49 KB
49 KB 97ms
88ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11423251859648318049

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c8c26c368c851fe9a4d8e902a8641150c93e5319efe7228ed52c5f7948a3cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:45:53 GMT
x-content-type-options: nosniff
age: 505500
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49806
x-xss-protection: 0
last-modified: Tue, 31 May 2022 21:42:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 05 May 2024 05:45:53 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A7F2 0
0 36ms
29ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ5twgS6v0dxwi7pmA1hz2B9m1DHFjvzh0P7aq1i08dZnkp46kayV6PkGYiVX4qvf_bc0pT
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 2A9A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b71ad377bffe473f0aac3e5deef504488841772e961672d2525d5054a444044

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A7F2 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29d84546c28d77a8118a502e3d41187c999f12e8dc91f00fc9e75ac587759608

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 04C0 0
0 129ms
127ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJEGHxiWPwmsLn4wF_IBQLqEQ72W138O39BxkuCHxMiep0mBBll0MeydVPHwIcrpz6KlPajWw_Y7f0HT-ziXwLJpI-qryyoLLQPyG2YBEv2J1tjtPHpZvd_3lc8BY5YX3QiKoKP9pAVHONJVH77ODoFtHgzKB6e5MIVmlezeitaLYolw_VbyRmWyw2O9MnSY8OcWR__TIZfkP5mI1_XdMBU3LK_akSiDAyEJeA4s8auSnBfs8FaEC_JTkjVJ3Y91gt8f7q5onH4UDucCxDkGF1t1BYsJ_9vH--UCQY40aY0ZzArjky63o0EK4yiLExP_Mn4YFguq-hfc8Oy9pC5jbyYRtH_CM&sai=AMfl-YT2xTbcoU9cqGlO1_tCCqGdTtI5Q-6WXn74tbzL17FnBkz_yQpnfa2u7LUotDOdfUgFtsu99FhI_Hq6yQBB_xgKUBPMee3mAoQiiWKVRoHPfb_0xot3RrCBdsFM5NE&sig=Cg0ArKJSzDIlFeIGcB2SEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 04C0 169 KB
52 KB 387ms
382ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 May 2023 02:10:53 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/pentonmedia53440730609/ Frame 04C0 326 KB
111 KB 435ms
432ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/pentonmedia53440730609/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8c01620cc643e8a19f0955ec8ac6aad41ada99655090013fa3f2ce98bb2a2a5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2023 09:53:45 GMT
server: AmazonS3
x-amz-request-id: 8T8WAHNWPXR3KCDR
etag: "7653b2f5aea863bfd8a9654b10077896"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=48856
accept-ranges: bytes
content-length: 113597
x-amz-id-2: +hNLfa3SAo4uH/Z76jiUqIRJVPgF7Ly9KGOiMDYorApIdiT5byivdkxaJZbLSI0F1ucX11k7p7E=

GET
H/1.1 200
OK web.js Show response
ads.celtra.com/34d66269/ Frame 04C0 14 KB
5 KB 632ms
125ms Script
application/javascript 3.223.97.64

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.celtra.com/34d66269/web.js?&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuM02xy-HwNfD-ewZdQch6kgZnr2cU2mW0Ajb8nmnBewRy69GfnP2TVKh4T_JH9WpXyEjyKAWBc4DHeie-ueSZ-VA1v-wa2dee2v-X3MbIz22UQyKeFxjqc3I2MchRd5fzdCkfLcFFb6gVhhLJVW9leV_ohe57ed3471MDsvHw4BPqwIq17bxUFkjT4dNuhKgL1J-2jxv7M3lUT9wKizTUh3AclYmSBuBuHOkyiYyziZ1oQzMVAAv_di8bSTOaPOisqNVhmQiL3HoxJNEtnhuHh37dzTNeaaLUu-s4s2Hzed110OPHTkTPEduY2J5YnaRmlkWjFNErASRFtKFckpCF-3a0%26sai%3DAMfl-YSW4_GVNiudWS5JMMdYVkjLjYOx5qWbStqiBKdZtv_ydyxImAcKIHjVuF-tnKixm_w68sBgHxnVQS0FZpo0zNpI1CMIGcZLr_wxipCThQurpGkweRjT4ew5gXRgi6o%26sig%3DCg0ArKJSzCzJTSiY302PEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&expandDirection=undefined&clickEvent=advertiser&iosAdvId=&androidAdvId=&externalAdServer=DFPPremium&tagVersion=html-standard-7&eas.JWVjaWQh=138393688107&externalCreativeId=138393688107&externalPlacementId=22338692714&externalSiteId=22316126855&externalSiteName=darkreading.com&externalLineItemId=6243472472&externalCampaignId=3165454000&externalAdvertiserId=5130256019&coppa=0&scriptId=celtra-script-1&clientTimestamp=1683857453.461&clientTimeZoneOffsetInMinutes=0&hostPageLoadId=3916798774356658
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.97.64 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d61faecfb874d538d721c7da1b3150ec0aa9449f84bdb87ca73375317490e7d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 May 2023 02:10:53 GMT
content-encoding: gzip
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 4777
Expires: 0

GET
H2 200 875.2c240adb-1.232.0.min.js Show response
js-agent.newrelic.com/ 9 KB
4 KB 27ms
25ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/875.2c240adb-1.232.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d16927d37f8e26f8565d8f37936c1cac3ae49299c69cfe76f84baf43677c3ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: hJYscwmqXwVNvHS80_0vRqxt_Uk.MPpY
content-encoding: gzip
via: 1.1 varnish
date: Fri, 12 May 2023 02:10:53 GMT
strict-transport-security: max-age=300
x-amz-request-id: 33Y6DMYX2M755T46
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3692
x-amz-id-2: 12ESXK8BgHWgzbN3nQPaydy+L59jXSGMNsIQOuRJSUSgpXbpopBHG7CYiWTsgYBLZaJ3F98QqLg=
x-served-by: cache-fra-etou8220068-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1683857453.484159,VS0,VE0
etag: "12b760183a18786621f95a5599ea91d1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 838

GET
H2 200 page_view_event-aggregate.5a238c1f-1.232.0.min.js Show response
js-agent.newrelic.com/ 11 KB
4 KB 28ms
26ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_event-aggregate.5a238c1f-1.232.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b759dcb812df0caaa1b5a8d4b4d86a8f6f41f4b4f4c53589f54cf4d15bc82124

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: m6hQu7Qmu3oSTIZPOga15if6q1_usD02
content-encoding: gzip
via: 1.1 varnish
date: Fri, 12 May 2023 02:10:53 GMT
strict-transport-security: max-age=300
x-amz-request-id: 33Y1F68V5R4G1R1S
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4123
x-amz-id-2: LE8Mmxf56EgzLRhRoenpxF0OXZIwo/pswFnDB4N8n+EeKaME6HXt1Xk7L6rvqhOxcNjSk/xOwSY=
x-served-by: cache-fra-etou8220068-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1683857453.484262,VS0,VE0
etag: "397497131773c37606e11fcb4222917f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 829

GET
H2 200 page_view_timing-aggregate.ddd91465-1.232.0.min.js Show response
js-agent.newrelic.com/ 12 KB
5 KB 28ms
26ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_timing-aggregate.ddd91465-1.232.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

55ae2bb63b3739d001918259bb945000b092bfa1a7347ba9330239ce0c96de4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: ZN8S09QpTi3DRaBHssxUl.rChDa0uNQQ
content-encoding: gzip
via: 1.1 varnish
date: Fri, 12 May 2023 02:10:53 GMT
strict-transport-security: max-age=300
x-amz-request-id: 33Y867HS6MYT7985
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4571
x-amz-id-2: CILtP2UgtVGD48J+UTjWq+irCqTwzRZs1VccfZLy4xzSBKIMwL+jwnc8ZZpkzmwxwhHr4pdQKRs=
x-served-by: cache-fra-etou8220068-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1683857453.484255,VS0,VE0
etag: "38f4d68378bfe3989db669dc9385b7c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 859

GET
H2 200 metrics-aggregate.c2ad263a-1.232.0.min.js Show response
js-agent.newrelic.com/ 4 KB
2 KB 45ms
44ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/metrics-aggregate.c2ad263a-1.232.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

04c3e27b4e50b05e753624b18d153a73a64bd66f8544d04d73278b9cca80b643

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: Kwxbmu4apiKNi1wg_2QBa578nUzXK.xS
content-encoding: gzip
via: 1.1 varnish
date: Fri, 12 May 2023 02:10:53 GMT
strict-transport-security: max-age=300
x-amz-request-id: 33YF3D3MNZZ7XXTH
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1663
x-amz-id-2: 0t28v8WC4ksNHlPsbHnq2BFvbag9JdhBEGj1l2cZmwZMryjnQUGTG7J4qr+P0dP0z2Q8RhqNGa0=
x-served-by: cache-fra-etou8220068-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1683857453.484703,VS0,VE0
etag: "581d99ebc34c05e0a160a0c4a848cae7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 812

GET
H2 200 jserrors-aggregate.017d6ea4-1.232.0.min.js Show response
js-agent.newrelic.com/ 7 KB
3 KB 43ms
41ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/jserrors-aggregate.017d6ea4-1.232.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0307f3b9d8215b1581f25bdf8ba24881d8f7030f53ed17b33e3ca6a5e6c8582f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: UxM2U4jEHw4DYwuY_JCWcBxAYgS2_JE2
content-encoding: gzip
via: 1.1 varnish
date: Fri, 12 May 2023 02:10:53 GMT
strict-transport-security: max-age=300
x-amz-request-id: 33Y3P9H1YVPCYW5A
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2704
x-amz-id-2: fOJjkf623X4+LNu7HUnbPEqkESbCVUXfegtTcDGCJTSYPYnZIMHyyD/3Rdyml/9Mp1DAV3/tTMA=
x-served-by: cache-fra-etou8220068-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1683857453.484691,VS0,VE0
etag: "3eccc20152284ae6154ef68728b49a85"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 565

GET
H2 200 ajax-aggregate.666f66ea-1.232.0.min.js Show response
js-agent.newrelic.com/ 5 KB
2 KB 45ms
45ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/ajax-aggregate.666f66ea-1.232.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5f4d7f3eafb4d9820dd9f359b637ee8df4136b8bdba6705b9dd0a15faf2bc025

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: P1.nxkPqX_AEcic3nbSwWvQGlnr.3FTJ
content-encoding: gzip
via: 1.1 varnish
date: Fri, 12 May 2023 02:10:53 GMT
strict-transport-security: max-age=300
x-amz-request-id: 33YAMGSAT4509J8D
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2159
x-amz-id-2: +/vlhDJIBkrB07I08TN2xKY9QCT+tReD92GfPWcSfMLZ777mczQvriIxrhC3OuLLFI+tLbuC4X0=
x-served-by: cache-fra-etou8220068-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1683857453.484976,VS0,VE0
etag: "6f55903bceeb36daf6c5579103364266"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 561

GET
H2 200 session_trace-aggregate.c0ef217a-1.232.0.min.js Show response
js-agent.newrelic.com/ 8 KB
4 KB 45ms
45ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/session_trace-aggregate.c0ef217a-1.232.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

be222ebe8d76ed95e6241fd6e80b43e87cee11ee97871ba3e0e6dcf439ad66b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: g_UxNBJ25wtvYc3oM8Pj1uCRZQPEEsvZ
content-encoding: gzip
via: 1.1 varnish
date: Fri, 12 May 2023 02:10:53 GMT
strict-transport-security: max-age=300
x-amz-request-id: 33YBT10PFQDKE050
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3302
x-amz-id-2: F/iivEdVcfTjYq8AJFOWGRk4GEFQq3Y9nQ2WJaA8DbfFJtDlso2/z2dRKKVQr/qXereUel72lF0=
x-served-by: cache-fra-etou8220068-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1683857453.485361,VS0,VE0
etag: "8658ef92a475808fc6ed23b10731217d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 565

GET
H2 200 page_action-aggregate.64dc4751-1.232.0.min.js Show response
js-agent.newrelic.com/ 2 KB
1 KB 46ms
46ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_action-aggregate.64dc4751-1.232.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ca72e8893a0cf88efb844d01e3629ad7751979f01026f6149de72285279b7968

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: K0wCLFJIIdjTzGgJZSujBvyTIxwFP3oQ
content-encoding: gzip
via: 1.1 varnish
date: Fri, 12 May 2023 02:10:53 GMT
strict-transport-security: max-age=300
x-amz-request-id: 33Y9SYP2S871NYYN
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 985
x-amz-id-2: wXfzGJOuvfsWptsVhCX8TS9ZOOpumIcusC5MtXYWezjm85aH+z+a4UhZtORNDBtZ1lQIvruadOE=
x-served-by: cache-fra-etou8220068-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1683857453.485808,VS0,VE0
etag: "19f8af5dbc48da5cec8a15e4e37572a2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 569

GET
H2 200 spa-aggregate.342172b1-1.232.0.min.js Show response
js-agent.newrelic.com/ 18 KB
7 KB 46ms
46ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/spa-aggregate.342172b1-1.232.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7674813d4294e6367c27576ac6ee63106685165081325a67fc0b3582ed53182f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: GBrIcCPmmG.WN_66aFejQ6H_fNPpwe_q
content-encoding: gzip
via: 1.1 varnish
date: Fri, 12 May 2023 02:10:53 GMT
strict-transport-security: max-age=300
x-amz-request-id: 33YAJ6WYP1J8ME4A
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 6574
x-amz-id-2: VgAy+MrhxuFl5jVpUDdrAu+k2F0/keKUs9t2baLmPjDCGwinsdlSaDKFL2sbJxn1je0+kg2OvCU=
x-served-by: cache-fra-etou8220068-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1683857453.486527,VS0,VE0
etag: "cd8a824b2ab07e7b696cf7565028153b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 501

GET
H2 200 teads-format.min.js Show response
a.teads.tv/media/format/v3/ 596 KB
130 KB 23ms
22ms Script
text/javascript 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 281219652bf93fdb448ba51ac3f349bd5335c2be44898e77df5715b48bf9965c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
content-encoding: br
last-modified: Thu, 11 May 2023 15:42:37 GMT
x-amz-request-id: EQQ6V5CJZY2NP1Q0
etag: "c03b09e7c2784bc5e57b64f2d2e34b93"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, must-revalidate, max-age=1800, no-transform
x-bucket: 2
accept-ranges: bytes
content-length: 132943
x-amz-id-2: gMJPQVPzwe0XOk3uO60HK4lUrAG/oTme6tiuanj1MCHU4K0V9aybzG+0eIWFfLYTD9BCloUtJP4=
expires: Fri, 12 May 2023 02:40:53 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7C9A 0
0 61ms
61ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgsDRSfMsUHzy8o8NdW04UDMdfxL4Qha6sb98t8YhnRtEA2WaaevFUwF7I2iCF8JgvuUJXO2mpeuoVrhPJTu4bONPJf4sE3e-AZBE4ub6cEQ0rYeipgE8V1TnGvOP_ORMEcxVgtdloFZ0KNImnzLo8J_a4PoxB9-KiNo6-TtBe5Wcq-Z24EmvqblkBl_VrcWcKLbZTQYyRSBY9AArN-UgP8-eFsfz52HFrN3i_lBMSq3LuBugGuI0tGkDqaIZkY3iTmKRN8ILbY7i_aRPwJt0zqrSejb7gXZbxrF4y3e4ZN5MBGKKPtlOi6wslYBQP1aL_JWhOI5EBdobWTXgA-IthJjtsdp4cst4YhOd4&sai=AMfl-YTeoJIhB03MLXTJHM5qYXnI-lroq_aCt9sLZkdBXXbxetCeNkP9RbcmNLbX3uioGGHaOjpXjRoc4svRWlng-4HgqvmaX8AcH34_rdi1iVvS6Srl2uJF9895TxVROg&sig=Cg0ArKJSzM5gFRkuKOt0EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 May 2023 02:10:53 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 047C 13 KB
5 KB 22ms
19ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 28140
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 May 2023 18:21:53 GMT
expires: Fri, 10 May 2024 18:21:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 514C 783 B
534 B 35ms
32ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f5350725a360d19a3e330d51984da022d8cd7b07dd9ada9d6fbb3faf3cab9c25

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RcxRgeZtM1sPaQFduZSS3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-RcxRgeZtM1sPaQFduZSS3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 02:10:53 GMT
expires: Fri, 12 May 2023 02:10:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 7C9A 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ab442ab6823f465e57fd5cd0aa9752d565e7b6c5aec2928b06f552487b6ce0d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4D3C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88c9ec2c73ac561ad7aa685032b4dd6df19e11272bb610b5834cb1950607b268

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK NRBR-2d7d9fb560885c3bf1c Show response
bam.eu01.nr-data.net/1/ 49 B
452 B 181ms
37ms Script
text/javascript 185.221.87.23

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/1/NRBR-2d7d9fb560885c3bf1c?a=256687733&v=1.232.0&to=MhBSZQoZXkEAUkFdDgtafl4KFVFeCEtQUDQXHB8b&rst=6664&ck=0&s=6a47167343299a1b&ref=https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&ap=361.047593&be=853&fe=5063&dc=997&tt=141e861f5187965f&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1683857447054,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:10,%22c%22:10,%22s%22:29,%22ce%22:59,%22rq%22:60,%22rp%22:853,%22rpe%22:1050,%22di%22:1509,%22ds%22:1850,%22de%22:1850,%22dc%22:5624,%22l%22:5629,%22le%22:5916%7D,%22navigation%22:%7B%7D%7D&fp=1456&fcp=2061&jsonp=NREUM.setToken
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.221.87.23 -, , ASN (),
Reverse DNS
Software: istio-envoy /
Resource Hash: a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 49
x-served-by: cache-fra-eddf8230053-FRA

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9B5D 0
0 54ms
54ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstUcU-LC1dxvh5e6DWRpkkUgCbI7h5Iren6AvGu62x_NerVdSASmeb0FlClMQZPWbShQe_VlFrFIFQhRnOMXZk5ahbRQnB6ozVAQOZgs9L94hhBugwB9rWciMVXUuFvlhssJruIIF8eOLMJYG6Y_FTsu4G1oniCDXnB6SXWMVLp7WZnYXTlHhoQ6un90OiYwUufdtEi8u5rWXN1Q367IHGwDnPjoodSoIjeZWht07vjsPPzWhXsZP9HznWKvGL4kVV6vO2asfdIums4joWnfzNBCLObbjzkDlktI0Rk1KU_ETvRIJ6ht2mH_AwYX4UMQWvZwPb2zfd89rskeM0NSTINPuv9tvFxaA&sai=AMfl-YQwptih-yYmfrznMgGPQtS15LnVbauXPe7aj3s5U-SqCPKwRcZE4ZTwZZxcCtMpcC3wEQGWCZgfGudjNlz6HpjLIF1eYOVzxcjOUKQAG2uf-zDDMgZky9mM5lPwMQ&sig=Cg0ArKJSzBfLZWPbLe86EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 May 2023 02:10:53 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A7F2 0
0 59ms
58ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstcAS7_LslSQgPVmpZcyX58PUrI6h_D1eFSBgjuNcbxg0ZO7R2bPJtk2jMvl6nH90JrMS-Pb09QvF3ogtxiNwb8Clso7v9G-YMBhK4DXxNOgUTQ29w8XonX2wwo-bR6uWGeSBRTgo_WLUQhJq7W51AwZ03GUmAMIeebHp-2Jlp679sXsDQoJ4K1iJphhidx2qo413knLx6VKqOrghkQ7WoSsm8OK1xd6czFcdTyJ71RWkUIBkZvxRllJu7LN6WDD13-hXRgC1jRQEIR6s4ZmhGlH6xKvOrCTZzA-xhZxJKBUA0ExH4TO3rxLqrU6VVsWciOdvZ3wvv9YM8sS7EMpYD-XhIv1VdXgw&sai=AMfl-YSiDtLe3AKpfC5o9UC0oigEclJhgfr928IyneW_pJd2F604ksr68J5LHxM7Ay-2DdbICPM8uZ3Yzl_e6l-GmMMSq_JKCorXFRF_Wo4yBNozfGOokfw9T2_4qEJBd9s&sig=Cg0ArKJSzA_8yV0hv6bnEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 May 2023 02:10:53 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2A9A 0
0 62ms
60ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstf-3TFeHvgM0FeOYxc0bZ5VCUYoYL_GVtkkQ-wA8YT3cULdm8Cx37ql6g4iQMDlw2D1G7QQXmV1KsfeRjanUorbIlT9gTdtrCI34iumhrLE0YS1CFVLyETSNbKhjXir6h7tCQBsJpB0DEpUVQY5s3u8zoheq78y-vS5PfTVBNsEwVjCijCXHOzXfwODYBdYq4cPZK72eRaNKrW7tcflW9M2KUaZHDM85PF8upJ4ylEWHqeyIn6nej6Tygwz7BNM4Y2D1DBwLDFk5NbilCM8EfGzzqTerVBOgLn2B1xtoWoEsM2tnqcTTExBsMUULzUeHHMSVIJLAxyDLvnbLoUxBHSI_vd&sai=AMfl-YTttMvm5w4YqQN9FqJCNkjwlHNiTQnqzo1CCD5h8upgsBtwXOn9JS-Om5ymRAKu3Jg-gD6YbQ7-IQYCxbvhCOqb7WChBYMj1sFokK6ImOT1vU7Ooky_Ojz0TLquOg&sig=Cg0ArKJSzA6xbUP65AQmEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 May 2023 02:10:53 GMT

GET
DATA 200
OK truncated
/ Frame 04C0 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c09508bbc476361a88ba4b4597fcbc2abd76c4a4cf9055fd2fe49df704db28d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 tag.aspx Show response
ml314.com/ Frame A7F2 31 KB
11 KB 83ms
20ms Script
application/javascript 34.111.234.236

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?1242023
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/pentonmedia53440730609/moatad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 -, , ASN (),
Reverse DNS
Software: UploadServer /
Resource Hash: 23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:09:05 GMT
content-encoding: br
age: 109
x-guploader-uploadid: ADPycdth9qppqyB-5_28Kbpky4416oVBw_8DqRXUMEscGK62qY12zQRiiJ-pFgVfcMIf08ZOqGDEfJZ9HxLyQRS2lqaleOTj9h92
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10518
last-modified: Mon, 10 Apr 2023 17:13:24 GMT
server: UploadServer
etag: W/"b0965f051977c0dd95ffe2c736cac352"
vary: Accept-Encoding
x-goog-generation: 1681146804366265
x-goog-hash: crc32c=wVdAwA==, md5=sJZfBRl3wN2V/+LHNsrDUg==
content-type: application/javascript
cache-id: FRA-1209ea83
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 32213
accept-ranges: none

GET
H2 200 n.js Show response
geo.moatads.com/ 100 B
274 B 180ms
38ms Script
text/html 18.130.52.110

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-t501M1%2F1Kw7M0g%3D%3D&sc=1&os=1-Qw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=PENTONMEDIA1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1683857453904&de=813151489109&m=0&ar=81c6b5a9873-clean&iw=1699ba1&q=2&cb=0&ym=0&cu=1683857453904&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5130256019%3A3165454000%3A6243472472%3A138394157647&zMoatPS=300_2v&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&id=1&ii=4&bo=22316126855&bp=22338692714&bd=300_2v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22338692714&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22338692714&gw=pentonmedia53440730609&fd=1&it=500&ti=0&ih=2&pe=1%3A1456%3A2062%3A5916%3A1509&iq=na&tt=na&fs=203238&na=1288383466&cs=0&callback=MoatDataJsonpRequest_78144849
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/pentonmedia53440730609/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.130.52.110 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/6.0 /
Resource Hash: d44efc199aeb61585552966cd0c0d26fe9f445ab360b9a03ee3d5311ef2f22c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:54 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "cfccd973aefc66b3bd7228584b3a69ee9e334bf1"
content-length: 100
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 57ms
21ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=PENTONMEDIA1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1683857453904&de=813151489109&m=0&ar=81c6b5a9873-clean&iw=1699ba1&q=3&cb=0&ym=0&cu=1683857453904&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5130256019%3A3165454000%3A6243472472%3A138394157647&zMoatPS=300_2v&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&id=1&ii=4&bo=22316126855&bp=22338692714&bd=300_2v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22338692714&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22338692714&gw=pentonmedia53440730609&fd=1&it=500&ti=0&ih=2&pe=1%3A1456%3A2062%3A5916%3A1509&iq=na&tt=na&fs=203238&na=681795719&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 12 May 2023 02:10:54 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 12 May 2023 02:10:54 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4D3C 0
0 57ms
57ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuMF7X7zW-ezsPa3maI8kT1vdzzoXmT4r2Gr98ZMPp1_3bu-znyHV9EU7eVDUtf0i3JXgkklw6Bre7UmcMbLu6S6sD8JCfTl2Wsvw9y452du4ahaPdPDfe-kGzggu-m-zfNo36aZdnW109i6pfhJCtHbd81F0lCpZRam_7HjrJuVPBjRyKGslNL_JTHkjC-jaAt8-OY-VlFytd6tRzhQY7rqxErKtb_ZfAlsIaThaM4y0f20OLqJ3APiveevijaX0fR16pIJqQRQ4UpbhBLH3VOsiHykF1rZCez-kACrvT76Wxk3KdFX1wVHtm9WpPfd46oNCqyK2OIdFn6aJGEXcN4vJo6&sai=AMfl-YQV7jIP9VTVz9i8xTCfPuwQeTrfBcGqGMFa-31a9VujIPYlZewVYKn7faB5QSkeBPimqWEEqhQNr6fqio0DA7u0WsO-9kDWwkkVg0Qu2FiBIxZv1Ahv27VHieG_tNc&sig=Cg0ArKJSzFrrR1pSHxpHEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 May 2023 02:10:54 GMT

GET
H2

404

404
www.darkreading.com/ Frame 7C9A
Redirect Chain

https://www.darkreading.com/sites/all/themes/penton_core_theme/images/ContentPillar_Welcome_1200.png
https://www.darkreading.com/404

95 KB
95 KB

140ms
140ms

Image
text/html

2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.darkreading.com/404
Protocol: H2
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 781a1d8d0da756f9f63e4c322bf0fed977a1aba7a93b4023dbe0fe42f1f8b479

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:54 GMT
x-proxy-by: https://www.darkreading.com
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding, Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-ray: 7c5f20c3bfe2901c-FRA

Redirect headers

date: Fri, 12 May 2023 02:10:54 GMT
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: MISS
server: cloudflare
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/html
location: /404
cache-control: public, max-age=7200
cf-ray: 7c5f20c0ae5c901c-FRA
expires: Fri, 12 May 2023 04:10:54 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 22ms
22ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F11423251859648318049&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-t501M1%2F1Kw7M0g%3D%3D&sc=1&os=1-Qw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&id=1&ii=4&f=0&j=&t=1683857453904&de=813151489109&cu=1683857453904&m=120&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4402&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1456%3A2062%3A5916%3A1509&as=0&ag=41&an=0&gf=41&gg=0&ix=41&ic=41&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=41&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=0&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=82&cd=0&ah=82&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5130256019%3A3165454000%3A6243472472%3A138394157647&bo=22316126855&bp=22338692714&bd=300_2v&zMoatPS=300_2v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22338692714&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22338692714&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&zMoatDev=Desktop&zMoatDfpSlotId=14_dr0ullmaih800000dr0ullmaih800000dr0&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=14_dr0ullmaih800000dr0ullmaih800000dr0&iq=na&tt=na&tc=0&fs=203238&na=589347253&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 12 May 2023 02:10:54 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 12 May 2023 02:10:54 GMT

GET
H2 200 utsync.ashx Show response
ml314.com/ Frame A7F2 62 B
309 B 116ms
115ms Script
application/javascript 34.111.234.236

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=62439&ct=js&pi=&fp=&clid=&if=1&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&pv=1683857454284_vqzdwoyi2&bl=en-us&cb=6468231&return=&ht=&d=&dc=&si=1683857454284_vqzdwoyi2&cid=&s=1600x1200&rp=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&v=2.5.3.49
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?1242023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 02:10:53 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/javascript; charset=utf-8
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62
expires: 0

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ Frame A7F2 20 B
482 B 626ms
193ms Script
application/javascript 34.198.52.55

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=1242023&v=2.5.3.49
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?1242023
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.198.52.55 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 02:10:54 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
Content-Length: 138
Expires: Sat, 13 May 2023 02:10:54 GMT

GET
H2 200 web.js Show response
cache-ssl.celtra.com/api/creatives/fb530c3f/compiled/ Frame 04C0 556 KB
558 KB 122ms
24ms Script
application/javascript 18.66.112.52

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/creatives/fb530c3f/compiled/web.js?v=34-6b2c8e684e&secure=1&cachedVariantChoices=W10-&isPurposePreview=0&eventMetadataExperiment=newMeta&inmobi=0
Requested by: Host: ads.celtra.com
URL: https://ads.celtra.com/34d66269/web.js?&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuM02xy-HwNfD-ewZdQch6kgZnr2cU2mW0Ajb8nmnBewRy69GfnP2TVKh4T_JH9WpXyEjyKAWBc4DHeie-ueSZ-VA1v-wa2dee2v-X3MbIz22UQyKeFxjqc3I2MchRd5fzdCkfLcFFb6gVhhLJVW9leV_ohe57ed3471MDsvHw4BPqwIq17bxUFkjT4dNuhKgL1J-2jxv7M3lUT9wKizTUh3AclYmSBuBuHOkyiYyziZ1oQzMVAAv_di8bSTOaPOisqNVhmQiL3HoxJNEtnhuHh37dzTNeaaLUu-s4s2Hzed110OPHTkTPEduY2J5YnaRmlkWjFNErASRFtKFckpCF-3a0%26sai%3DAMfl-YSW4_GVNiudWS5JMMdYVkjLjYOx5qWbStqiBKdZtv_ydyxImAcKIHjVuF-tnKixm_w68sBgHxnVQS0FZpo0zNpI1CMIGcZLr_wxipCThQurpGkweRjT4ew5gXRgi6o%26sig%3DCg0ArKJSzCzJTSiY302PEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&expandDirection=undefined&clickEvent=advertiser&iosAdvId=&androidAdvId=&externalAdServer=DFPPremium&tagVersion=html-standard-7&eas.JWVjaWQh=138393688107&externalCreativeId=138393688107&externalPlacementId=22338692714&externalSiteId=22316126855&externalSiteName=darkreading.com&externalLineItemId=6243472472&externalCampaignId=3165454000&externalAdvertiserId=5130256019&coppa=0&scriptId=celtra-script-1&clientTimestamp=1683857453.461&clientTimeZoneOffsetInMinutes=0&hostPageLoadId=3916798774356658
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.52 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 11b31650308c8e3a3c58d574aebc1dcf8505568751de9a369d179708cecec21b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 07:46:41 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 66252
x-cache: Hit from cloudfront
content-length: 569824
server: Apache
etag: W/"d3611f071d99425d2893610ec2005fcdeabef15997374330d24126f9b3f232fb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 658961 3015260
accept-ranges: bytes
x-amz-cf-id: D_3PAqaYlB6oFfxOFk4K67g5EIVNGuFN9SD4bLBmO53HWDtMC27yXQ==

GET
DATA 200
OK truncated
/ Frame 04C0 167 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 6c14f15e-e22e-458e-bddb-c5412d0916f5
https://www.darkreading.com/ Frame 04C0 167 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.darkreading.com/6c14f15e-e22e-458e-bddb-c5412d0916f5
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length: 167
Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 514C 0
0 102ms
56ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305090101&jk=2491793789674920&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 track
t.teads.tv/ 23 B
113 B 285ms
49ms Image
image/gif 23.35.229.56

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=09137311-f90f-4c82-a00c-bdce2db02ff3&pageId=130102&pid=142873&debug_metadata=b5ySoBSoOp&fv=1185&ts=1683857454358&f=1&referer=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.56 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:54 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 292ms
57ms Image
image/gif 23.35.229.56

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=09137311-f90f-4c82-a00c-bdce2db02ff3&pageId=130102&pid=142873&slot=polymorph&fv=1185&ts=1683857454367&f=1&referer=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.56 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Fri, 12 May 2023 02:10:54 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

POST
H/1.1 200
OK NRBR-2d7d9fb560885c3bf1c Show response
bam.eu01.nr-data.net/resources/1/ 36 B
416 B 36ms
36ms XHR
text/plain 185.221.87.23

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/resources/1/NRBR-2d7d9fb560885c3bf1c?a=256687733&v=1.232.0&to=MhBSZQoZXkEAUkFdDgtafl4KFVFeCEtQUDQXHB8b&rst=7326&ck=0&s=6a47167343299a1b&ref=https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&st=1683857447054
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.221.87.23 -, , ASN (),
Reverse DNS
Software: istio-envoy /
Resource Hash: 60a2b7a812a33623129b2e6b14305e1372eb302a28b39aeb75c9fb3f6ce87322

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 12 May 2023 02:10:54 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 36
x-served-by: cache-fra-eddf8230053-FRA

POST
H2 200 ad Show response
a.teads.tv/page/130102/ 541 B
716 B 53ms
52ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/130102/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&auctid=09137311-f90f-4c82-a00c-bdce2db02ff3&formatVersion=1185&env=js-web&netBw=10&ttfb=793
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cloud/multiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1cf917af656923a3c1e0ac90bd5f18a7b33856a5d9fbdbd8489e179db618e987

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 12 May 2023 02:10:54 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.darkreading.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 364
expires: Fri, 12 May 2023 02:10:54 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 21ms
21ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=PENTONMEDIA1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1683857454042&de=118702302753&m=0&ar=81c6b5a9873-clean&iw=1699ba1&q=7&cb=0&ym=0&cu=1683857454042&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5004235589%3A3104974989%3A6160013257%3A138430985859&zMoatPS=welcome_v&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&id=1&ii=4&bo=22316126855&bp=22338692714&bd=welcome_v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22338692714&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22338692714&gw=pentonmedia53440730609&fd=1&it=500&ti=0&ih=2&pe=1%3A1456%3A2062%3A5916%3A1509&iq=na&tt=na&fs=203238&na=724029612&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 12 May 2023 02:10:54 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 12 May 2023 02:10:54 GMT

GET
H3 200 08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js Show response
pagead2.googlesyndication.com/bg/ Frame 047C 37 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 18:21:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14732
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 May 2024 18:21:54 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 21ms
21ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=PENTONMEDIA1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1683857454059&de=742504603078&m=0&ar=81c6b5a9873-clean&iw=1699ba1&q=11&cb=0&ym=0&cu=1683857454059&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4448790601%3A2827245798%3A5674929725%3A138347225724&zMoatPS=video_v&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&id=1&ii=4&bo=22316126855&bp=22338692714&bd=video_v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22338692714&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22338692714&gw=pentonmedia53440730609&fd=1&it=500&ti=0&ih=2&pe=1%3A1456%3A2062%3A5916%3A1509&iq=na&tt=na&fs=203238&na=701415832&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 12 May 2023 02:10:54 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 12 May 2023 02:10:54 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 04C0 0
0 56ms
56ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstTWamJsw0KnPrGe-jKJzfL2Zqqcq8ldtTffK-1kCNvT5IVs3YXvJPgHTqa_cFi18DcWYBPMoGtjNDV4pLAr3Ts_ycCoyCYuRHsTYzYqq6PelbQcJcpsZ7OiVPrzTewPZ3C-IOrg_yU0r_8sUHlpmFzqEEP5lKOjk49xBC7KZxafCkU5Ejrz1ylm7FWCGUqIVtUaKiO6RciSCGHDIcs7CNxhEtTU7OuzWl3hffy8oUbqSh4nHimQO0RJ0pSG_9rYDSpxrVrn_GABgxEiWWoACspdNCvra5tcYt-hssTAW3cIVB1obJ1pLav54O0eBMXJqHQfX6Ms75Cf92fp8Va2cxJyckulIlQbw&sai=AMfl-YRlxRRylHCY_eBrcnM5iCXiiPUiapzgpDPMWRpS9GklnY43o0W-K0MmZh_1z_YXo2xcnllS4PqNMf9f8bBuFMQ4y9ZHPVuw-keVD9Mc-zEc1IpwcyqTi2uZjBMOVgU&sig=Cg0ArKJSzGc1Vg_3EK3BEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 May 2023 02:10:54 GMT

GET
H/1.1 200
OK eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjgzODU3NDU0eDcyYzNjMDdhNTI5MzA0eDI4MjY1NTkxIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIxNTkzNTgxNzA0NDA5OTkyIiwiaW5kZXgiO...
track.celtra.com/json/ 35 B
242 B 462ms
112ms Image
image/gif 3.223.221.82

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjgzODU3NDU0eDcyYzNjMDdhNTI5MzA0eDI4MjY1NTkxIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIxNTkzNTgxNzA0NDA5OTkyIiwiaW5kZXgiOjAsImNsaWVudFRpbWVzdGFtcCI6MTY4Mzg1NzQ1NC41ODcsIm5hbWUiOiJjb250YWluZXJCZWNhbWVWaWV3YWJsZSJ9XX0=?crc32c=4105371352
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.221.82 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Fri, 12 May 2023 02:10:55 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 21ms
21ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=PENTONMEDIA1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1683857454075&de=644698416065&m=0&ar=81c6b5a9873-clean&iw=1699ba1&q=15&cb=0&ym=0&cu=1683857454075&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5226629485%3A3174470628%3A6254775512%3A138427198710&zMoatPS=300_1v_article&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&id=1&ii=4&bo=22316126855&bp=22338692714&bd=300_1v_article&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22338692714&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22338692714&gw=pentonmedia53440730609&fd=1&it=500&ti=0&ih=2&pe=1%3A1456%3A2062%3A5916%3A1509&iq=na&tt=na&fs=203238&na=705800612&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 12 May 2023 02:10:54 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 12 May 2023 02:10:54 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7C9A 42 B
174 B 54ms
53ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssDAiUt1um5wPiO4jlpIa0fnYqmMpg4UJkDEMU0DObu1HjvZu4MTnPziyW1xhXKyGol6fjc8tOh-D88AQiGXnSEWTysBPguywdeTgQh3BQ7JtDNB5bP&sig=Cg0ArKJSzEReHWFC8Ri7EAE&id=lidar2&mcvt=1032&p=0,0,1200,1600&mtos=1032,1032,1032,1032,1032&tos=1032,0,0,0,0&v=20230510&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2211534987&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683857453134&rpt=495&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 02:10:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 21ms
21ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F16204869891264180262&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-t501M1%2F1Kw7M0g%3D%3D&sc=1&os=1-Qw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&id=1&ii=4&f=0&j=&t=1683857454075&de=644698416065&cu=1683857454075&m=16&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4402&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1456%3A2062%3A5916%3A1509&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=0&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4&cd=0&ah=4&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5226629485%3A3174470628%3A6254775512%3A138427198710&bo=22316126855&bp=22338692714&bd=300_1v_article&zMoatPS=300_1v_article&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22338692714&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22338692714&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&zMoatDev=Desktop&zMoatDfpSlotId=9_sua2gpas7c000000sua2gpas7c000000sua&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tz=9_sua2gpas7c000000sua2gpas7c000000sua&iq=na&tt=na&tc=0&fs=203238&na=1545038776&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 12 May 2023 02:10:54 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 12 May 2023 02:10:54 GMT

GET
H2 200 3_webfont.woff2
cache-ssl.celtra.com/api/fonts/google/Lato:400/ Frame F837 4 KB
4 KB 65ms
21ms Font
application/font-woff2 18.66.112.52

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/fonts/google/Lato:400/3_webfont.woff2?subset=BCDEGILORSTUVW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.52 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 4e3544834b91e44441b532b1543211033bbf7dfdb06b1c540c6539ce2f04c806

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 07:46:00 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3695094
x-cache: Hit from cloudfront
content-length: 4052
server: Apache
etag: "4e3544834b91e44441b532b1543211033bbf7dfdb06b1c540c6539ce2f04c806"
content-type: application/font-woff2
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 1415853
accept-ranges: bytes
x-amz-cf-id: Zc3NlHO9SonezKFrcKMOexC8B9xkzgeAXBreZWVKsTd6-9UIAoYHsA==

GET
H2 200 1454a71d-cdbb-429c-8092-122f4493e0c7.woff
cache-ssl.celtra.com/api/fonts/monotype_tradegothic800n/3_a21706b45861b8577718feb7af969a082ae4576a33ea62b203d77b518b45935a/ Frame F837 12 KB
12 KB 60ms
25ms Font
application/font-woff 18.66.112.52

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/fonts/monotype_tradegothic800n/3_a21706b45861b8577718feb7af969a082ae4576a33ea62b203d77b518b45935a/1454a71d-cdbb-429c-8092-122f4493e0c7.woff?subset=%20-012ABCDFMNORSTVWabcdefghiklmnoprstuvy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.52 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 726f277cb3e1a35363f31b911cdc52f7bde3eb2f5da95fd9ff851cd468ba06aa

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 22:04:26 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 10469188
x-cache: Hit from cloudfront
content-length: 12248
server: Apache
etag: "726f277cb3e1a35363f31b911cdc52f7bde3eb2f5da95fd9ff851cd468ba06aa"
content-type: application/font-woff
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 297404 1487163
accept-ranges: bytes
x-amz-cf-id: y65xx-aPJdRM_5tb3tWZ2gB5uLO8XyT3VRFbaqZ7KtB6magaWHck8g==

GET
H2 200 3_webfont.woff2
cache-ssl.celtra.com/api/fonts/google/Roboto:400/ Frame F837 8 KB
9 KB 57ms
23ms Font
application/font-woff2 18.66.112.52

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/fonts/google/Roboto:400/3_webfont.woff2?subset=%20%2C.012ACDENOSTVabcdefghiklmnoprstuvwxyz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.52 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: d5443a1f5c43de170ddc2fcca6f6a858ea61d2f42a8d58cca2e7bb11d8e81c11

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 22:25:02 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 10467952
x-cache: Hit from cloudfront
content-length: 8556
server: Apache
etag: "d5443a1f5c43de170ddc2fcca6f6a858ea61d2f42a8d58cca2e7bb11d8e81c11"
content-type: application/font-woff2
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 167120 3116450
accept-ranges: bytes
x-amz-cf-id: yyxfFR2yq_pmHoau1oLBVuK58X6Woeu9HhW3xrCmUMhI1N7rsUM9fQ==

GET
H2 200 Developer-Focused-Security-from-Code-to-Cloud.jpg
cache-ssl.celtra.com/api/blobs/f9acc6207ab5baa8ee2e9deaf1102a773db8b5fc4fb1a17adb9fd6071056c7bd/ Frame F837 2 KB
2 KB 21ms
21ms Image
image/jpeg 18.66.112.52

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/f9acc6207ab5baa8ee2e9deaf1102a773db8b5fc4fb1a17adb9fd6071056c7bd/Developer-Focused-Security-from-Code-to-Cloud.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.52 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 2699500959a885497228b6d8026a9f2aff0068d5c5112f04a2a91af3ee48bd5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 03:09:59 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 10623655
x-cache: Hit from cloudfront
content-length: 1944
server: Apache
etag: "2699500959a885497228b6d8026a9f2aff0068d5c5112f04a2a91af3ee48bd5a"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 1686023
accept-ranges: bytes
x-amz-cf-id: lBW0z7ff-eqofvP8JsPM1Z1IeZpIBzFI3k2TXseS12EzsKJwtq_DJw==

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 21ms
21ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=PENTONMEDIA1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1683857454101&de=108005874055&m=0&ar=81c6b5a9873-clean&iw=1699ba1&q=19&cb=0&ym=0&cu=1683857454101&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5006753165%3A2994564374%3A6140096305%3A138409377623&zMoatPS=728_1v&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&id=1&ii=4&bo=22316126855&bp=22338692714&bd=728_1v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22338692714&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22338692714&gw=pentonmedia53440730609&fd=1&it=500&ti=0&ih=2&pe=1%3A1456%3A2062%3A5916%3A1509&iq=na&tt=na&fs=203238&na=656948640&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 12 May 2023 02:10:54 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 12 May 2023 02:10:54 GMT

GET
H2 200 Top%2010%20image.png
cache-ssl.celtra.com/api/blobs/1dd057e770c0c351d0eec35c10d82c9f1541f52ecd31ff0ad317271a0c13f854/ Frame F837 51 KB
51 KB 21ms
21ms Image
image/png 18.66.112.52

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/1dd057e770c0c351d0eec35c10d82c9f1541f52ecd31ff0ad317271a0c13f854/Top%2010%20image.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.52 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 0006b06eff195cbb62d8763db16b73428d32764de35c7c2e8e6177ad408e8b28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 22:25:01 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 10467952
x-cache: Hit from cloudfront
content-length: 51962
server: Apache
etag: "0006b06eff195cbb62d8763db16b73428d32764de35c7c2e8e6177ad408e8b28"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 959124 299760
accept-ranges: bytes
x-amz-cf-id: xR9wiIjatzR1bgEAhXV2_B2eJTFS5atEoFjd7f_pfe6Vm8FCRyiKjQ==

GET
H2 200 DR_Snyk_The-Five-Fundamentals.jpg
cache-ssl.celtra.com/api/blobs/f468aad1e11096a7c00fb7cd7826bd0595fe993562b9324fd5a2b3106e6e81e3/ Frame F837 23 KB
23 KB 21ms
20ms Image
image/jpeg 18.66.112.52

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/f468aad1e11096a7c00fb7cd7826bd0595fe993562b9324fd5a2b3106e6e81e3/DR_Snyk_The-Five-Fundamentals.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.52 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 79dd4d9c6d5e855b62d6734ddf29050e110d366fab94fb765cba9deb8d5b8070

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 15:05:54 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 16887900
x-cache: Hit from cloudfront
content-length: 23232
server: Apache
etag: "79dd4d9c6d5e855b62d6734ddf29050e110d366fab94fb765cba9deb8d5b8070"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 122588175
accept-ranges: bytes
x-amz-cf-id: DKBPUJR4Pr7uKzN17--0ga2x7rgmOryySrznD0fxSEdyUg_SD9s7rA==

GET
H2 200 DR_Snyk_7-Ways-to-Avoid-the-Nightmare-of-a-Miconfiguration.jpg
cache-ssl.celtra.com/api/blobs/984c41a5dbb0ac95dfdd5657807605b604c77008247a42a976aa71f18e585839/ Frame F837 21 KB
22 KB 20ms
20ms Image
image/jpeg 18.66.112.52

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/984c41a5dbb0ac95dfdd5657807605b604c77008247a42a976aa71f18e585839/DR_Snyk_7-Ways-to-Avoid-the-Nightmare-of-a-Miconfiguration.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.52 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: c2e21f2b653dc835b57db9fa991ff39c6ece75f9b71b4b29c28d12aabb836705

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 15:05:54 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 16887900
x-cache: Hit from cloudfront
content-length: 21649
server: Apache
etag: "c2e21f2b653dc835b57db9fa991ff39c6ece75f9b71b4b29c28d12aabb836705"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 142543622
accept-ranges: bytes
x-amz-cf-id: b2dVfHAHpQNf4XpoGwF4eimMpGIXY_PTBReH_k7G0KNeQ_fmL-Cx9w==

GET
H2 200 DR_Snyk_The-Cloud-Security-Report-2022.jpg
cache-ssl.celtra.com/api/blobs/5fa4d5973b5a88cd2153836bdc67205c487fb8218b926e5c28d76e2d4fd3f5a5/ Frame F837 22 KB
22 KB 21ms
20ms Image
image/jpeg 18.66.112.52

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/5fa4d5973b5a88cd2153836bdc67205c487fb8218b926e5c28d76e2d4fd3f5a5/DR_Snyk_The-Cloud-Security-Report-2022.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.52 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 730367f6f5dd34acf66733baa2a367269d27eab99d68b46d78f199d20376ce79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:30:55 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 16889999
x-cache: Hit from cloudfront
content-length: 22497
server: Apache
etag: "730367f6f5dd34acf66733baa2a367269d27eab99d68b46d78f199d20376ce79"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 76910747 51283980
accept-ranges: bytes
x-amz-cf-id: sY10kiX7eRwNA8whWZ3Bk7RLtUrWEBALCVTU2czHU0S09ywEL9873A==

GET
H2 200 li_hover.png
cache-ssl.celtra.com/api/blobs/e3228348fc17573d7db7d135ba5cf60985157f70dae6643939d3a6686b2aa699/ Frame F837 591 B
1 KB 21ms
21ms Image
image/png 18.66.112.52

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/e3228348fc17573d7db7d135ba5cf60985157f70dae6643939d3a6686b2aa699/li_hover.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.52 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: c19345a03fed44d267abbe2f427bdcd261aa86a447320f15f3eef8e121690794

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:41:22 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 16892971
x-cache: Hit from cloudfront
content-length: 591
server: Apache
etag: "c19345a03fed44d267abbe2f427bdcd261aa86a447320f15f3eef8e121690794"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 4685902
accept-ranges: bytes
x-amz-cf-id: u24tnBNArNAC76AU5Pmh3SaRdNwAs8Vr80sDspXxitJVLz_iqCrrDA==

GET
H2 200 li.png
cache-ssl.celtra.com/api/blobs/2e1d1ae5940fbdaa5f95c1c17393175faf02b27a8c6b37dca2419c70113760ab/ Frame F837 585 B
1 KB 22ms
21ms Image
image/png 18.66.112.52

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/2e1d1ae5940fbdaa5f95c1c17393175faf02b27a8c6b37dca2419c70113760ab/li.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.52 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: d10a2d03c9fb4943f449b97d333b8d22990200afa70d13d5c1c23ad4d783200c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 07:46:01 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3695093
x-cache: Hit from cloudfront
content-length: 585
server: Apache
etag: "d10a2d03c9fb4943f449b97d333b8d22990200afa70d13d5c1c23ad4d783200c"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2695399
accept-ranges: bytes
x-amz-cf-id: tHH4l3REd-dN0Od1h7cvkUO7HrQ1Fiv0-oB-p4K2AkfnqOooI53q6Q==

GET
H2 200 fb_hover.png
cache-ssl.celtra.com/api/blobs/652ab50d0e331e4269bb4d847fcc5a5a4e3def07bb1ebca4d2d6fda889e52604/ Frame F837 348 B
866 B 21ms
20ms Image
image/png 18.66.112.52

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/652ab50d0e331e4269bb4d847fcc5a5a4e3def07bb1ebca4d2d6fda889e52604/fb_hover.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.52 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 9250f0b586e89674ec647d8dfb6fe7aedcb588be13ebb6aeb1286efa9d3cfb39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:11:04 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 16891189
x-cache: Hit from cloudfront
content-length: 348
server: Apache
etag: "9250f0b586e89674ec647d8dfb6fe7aedcb588be13ebb6aeb1286efa9d3cfb39"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 54493221 55607330
accept-ranges: bytes
x-amz-cf-id: cpZDmW7QbJWsBFJCdHj1dIa48QIlh6vM_cofqPZ5XQoSpxT8MzwnlA==

GET
H2 200 fb.png
cache-ssl.celtra.com/api/blobs/44f24c3edfffb11dd41284fe3c7bddb08dc29236aa3509e3a243c10f9804b28d/ Frame F837 348 B
859 B 21ms
20ms Image
image/png 18.66.112.52

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/44f24c3edfffb11dd41284fe3c7bddb08dc29236aa3509e3a243c10f9804b28d/fb.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.52 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: e9d0cab69a4c71df7a16b6ee6f99ea474423689c8eadd7aa62ce9cef3a48c395

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:21:07 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4571387
x-cache: Hit from cloudfront
content-length: 348
server: Apache
etag: "e9d0cab69a4c71df7a16b6ee6f99ea474423689c8eadd7aa62ce9cef3a48c395"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 16308006
accept-ranges: bytes
x-amz-cf-id: d90hWO4GAfvNs7UnoCdr3s40XNaCMqfjLSC_OZKRRkopGUm_87Bj5g==

GET
H2 200 tw.png
cache-ssl.celtra.com/api/blobs/9ad81786e386c3155cbc468769eddcc96e3e991156ad745860288c59c63a417c/ Frame F837 781 B
1 KB 22ms
21ms Image
image/png 18.66.112.52

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/9ad81786e386c3155cbc468769eddcc96e3e991156ad745860288c59c63a417c/tw.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.52 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 308e134d9a0df8031a894aa2bb6e70515cb9db2403e3e568e7554ae69f474c96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:41:34 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 16892960
x-cache: Hit from cloudfront
content-length: 781
server: Apache
etag: "308e134d9a0df8031a894aa2bb6e70515cb9db2403e3e568e7554ae69f474c96"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 35553383
accept-ranges: bytes
x-amz-cf-id: b2bog6wEvhMDZ-7buu9VMuDnXjcsNsTV2aVMe0JBnteovYkhGaUFfw==

GET
H2 200 tw_hover.png
cache-ssl.celtra.com/api/blobs/f0cccd681d168932db801410643c93f0df03370d5c638ab3e4a16e92b80b3aa0/ Frame F837 777 B
1 KB 28ms
27ms Image
image/png 18.66.112.52

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/f0cccd681d168932db801410643c93f0df03370d5c638ab3e4a16e92b80b3aa0/tw_hover.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.52 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 1ace1b17e77ec3828eda87eb3fea3671ce2a0f706426fbd158873546c4f9366e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:13:44 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 16891029
x-cache: Hit from cloudfront
content-length: 777
server: Apache
etag: "1ace1b17e77ec3828eda87eb3fea3671ce2a0f706426fbd158873546c4f9366e"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 101941290
accept-ranges: bytes
x-amz-cf-id: 8rSF8M0JQxHIjMT4JAKchhGDsSufHsSBB8lhW7BuAYRF_WH8LxCxGg==

GET
H2 200 yt_hover.png
cache-ssl.celtra.com/api/blobs/05c871534a66ba01deefbc75b6ed2f9281993581e903223785a6f6a7ff82bebb/ Frame F837 918 B
1 KB 29ms
28ms Image
image/png 18.66.112.52

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/05c871534a66ba01deefbc75b6ed2f9281993581e903223785a6f6a7ff82bebb/yt_hover.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.52 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 6e504d72d0b8fe63b71774d746594a7d13607ee5313241cc546a1bcd47909677

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 10:20:25 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4722629
x-cache: Hit from cloudfront
content-length: 918
server: Apache
etag: "6e504d72d0b8fe63b71774d746594a7d13607ee5313241cc546a1bcd47909677"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2283211 9710251
accept-ranges: bytes
x-amz-cf-id: CfqppXXhKTUTaPIYz98POTeQXEFFBfeSRWgJYJNxqwqgYHx61pqvKA==

GET
H2 200 yt.png
cache-ssl.celtra.com/api/blobs/13d77e3befd746d58356da2f0b0d1d20af11ba13ea0ca8cd7b73871ef1d40edd/ Frame F837 914 B
1 KB 29ms
29ms Image
image/png 18.66.112.52

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/13d77e3befd746d58356da2f0b0d1d20af11ba13ea0ca8cd7b73871ef1d40edd/yt.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.52 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 8c792dc2527753d5f758a812c5de2225dba619ecd83b05713ce68b0db858fa28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:13:41 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 16891033
x-cache: Hit from cloudfront
content-length: 914
server: Apache
etag: "8c792dc2527753d5f758a812c5de2225dba619ecd83b05713ce68b0db858fa28"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 90112054
accept-ranges: bytes
x-amz-cf-id: qMzHTz3wOYy8IK13M1AeHXsZJAM8CtMte4jt2JRP6Ju0v-bMB_OtKw==

GET
H2 200 logo-black.png
cache-ssl.celtra.com/api/blobs/bf75212a1716ccc1c16c0dd8f45c8be464ba236d5ab58605ad11bfc411123dcf/ Frame F837 7 KB
8 KB 28ms
27ms Image
image/png 18.66.112.52

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/bf75212a1716ccc1c16c0dd8f45c8be464ba236d5ab58605ad11bfc411123dcf/logo-black.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.52 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 5d2fcc5bb55e012bbc38a84b298a1a20eeb03785995a3ae0fee5c8446f3a4b5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 15:05:55 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 16887899
x-cache: Hit from cloudfront
content-length: 7401
server: Apache
etag: "5d2fcc5bb55e012bbc38a84b298a1a20eeb03785995a3ae0fee5c8446f3a4b5d"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 39715550
accept-ranges: bytes
x-amz-cf-id: gscHscuVgaW1upBZkRNbxG4KFOnRqBtHCcrm7h8NW8hQ1ztUsc7JGA==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjgzODU3NDU0eDcyYzNjMDdhNTI5MzA0eDI4MjY1NTkxIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIxNTkzNTgxNzA0NDA5OTkyIiwiaW5kZXgiOjEsImNsaWVudFRpbWVzdGFtcCI6MTY4Mzg1NzQ1NC42MDIsInNjb3BlIjoiZ2xvYmFsIiwidXNlckFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExMy4wLjU2NzIuOTIgU2FmYXJpLzUzNy4zNiIsIm9yaWVudGF0aW9uIjowLCJ0b3Btb3N0UmVhY2hhYmxlV2luZG93Ijp7IndpZHRoIjoxNjAwLCJoZWlnaHQiOjEyMDB9LCJob3N0V2luZG93Ijp7IndpZHRoIjo1LCJoZWlnaHQiOjV9LCJuZXN0aW5nIjp7ImlmcmFtZSI6dHJ1ZSwiZnJpZW5kbHlJZnJhbWUiOnRydWUsImlhYkZyaWVuZGx5SWZyYW1lIjp0cnVlLCJob3N0aWxlSWZyYW1lIjpmYWxzZSwiaWZyYW1lRGVwdGgiOjF9LCJwYWdlVmlzaWJpbGl0eUFwaSI6dHJ1ZSwicmVxdWVzdEFuaW1hdGlvbkZyYW1lIjp0cnVlLCJ0b3BXaW5kb3dOYXRpdmVSQUZTdXBwb3J0ZWQiOmZhbHNlLCJhbGxvd05vbk5hdGl2ZVJBRkZvclZpZXdhYmxlVGltZVVzZWQiOmZhbHNlLCJjbGllbnRUaW1lWm9uZU9mZnNldEluTWludXRlcyI6MCwic3VwcG9ydHNDb250YWluZXJWaWV3YWJpbGl0eSI6dHJ1ZSwic3VwcG9ydHNDb250YWluZXJJbml0aWFsVmlld2FiaWxpdHkiOnRydWUsInRhZ1BhcmVudFdpZHRoIjowLCJ0YWdQYXJlbnRIZWlnaHQiOjAsImFtcERldGVjdGVkIjpmYWxzZSwiYW1wTmVzdGluZ0xldmVsIjoiIiwic2FmZUZyYW1lRGV0ZWN0ZWQiOmZhbHNlLCJmZXRjaFN1cHBvcnRlZCI6dHJ1ZSwiYXNhcEVuYWJsZWQiOm51bGwsIm5hdGl2ZVByb21pc2VzU3VwcG9ydGVkIjp0cnVlLCJiZWFjb25TdXBwb3J0ZWQiOnRydWUsIkludGVyc2VjdGlvbk9ic2VydmVyU3VwcG9ydGVkIjp0cnVlLCJpc011dGF0aW9uT2JzZXJ2ZXJTdXBwb3J0ZWQiOnRydWUsIndlYlZpZXciOm51bGwsImlzV2luZG93T3Blbk5hdGl2ZSI6dHJ1ZSwicHJvdG9Mb2FkaW5nIjp7ImRhdGFMb2FkU3RhdHVzIjoic3VwcG9ydGVkIiwiYmxvYkxvYWRTdGF0dXMiOiJzdXBwb3J0ZWQifSwidG9wV2luZG93TG9jYXRpb24iOiJodHRwczovL3d3dy5kYXJrcmVhZGluZy5jb20iLCJ0b3BXaW5kb3dMb2NhdGlvbkxlbmd0aCI6MjcsIm5hbWUiOiJlbnZpcm9ubWVudEluZm8ifSx7InNlc3Npb25JZCI6InMxNjgzODU3NDU0eDcyYzNjMDdhNTI5MzA0eDI4MjY1NTkxIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIxNTkzNTgxNzA0NDA5OTkyIiwiaW5kZXgiOjIsImNsaWVudFRpbWVzdGFtcCI6MTY4Mzg1NzQ1NC44MzMsIm5hbWUiOiJhZ2dyZWdhdG9yIiwibWV0cmljIjoibW9ub3R5cGVVc2FnZVJlcG9ydGVkIiwidmFsdWUiOjEsImN1c3RvbURpbWVuc2lvbnMiOnsibW9ub3R5cGVQcm9qZWN0SWQiOiJjNDZlZDA5MC0zNjcxLTQxNjMtYTg1Yi1iMDZiNDAzOGFlMzgiLCJjcmVhdGl2ZUlkIjoiZmI1MzBjM2YifX1dfQ==?crc32c=2496107140
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.221.82 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Fri, 12 May 2023 02:10:55 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 23ms
23ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F3419088563673378312&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-t501M1%2F1Kw7M0g%3D%3D&sc=1&os=1-Qw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&id=1&ii=4&f=0&j=&t=1683857454101&de=108005874055&cu=1683857454101&m=12&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4402&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1456%3A2062%3A5916%3A1509&as=0&ag=2&an=0&gf=2&gg=0&ix=2&ic=2&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=2&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=0&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4&cd=0&ah=4&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5006753165%3A2994564374%3A6140096305%3A138409377623&bo=22316126855&bp=22338692714&bd=728_1v&zMoatPS=728_1v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22338692714&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22338692714&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&zMoatDev=Desktop&zMoatDfpSlotId=7_0tllwotr04h900000tllwotr04h900000tl&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=7_0tllwotr04h900000tllwotr04h900000tl&iq=na&tt=na&tc=0&fs=203238&na=717394353&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 12 May 2023 02:10:54 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 12 May 2023 02:10:54 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 22ms
21ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=PENTONMEDIA1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1683857454156&de=530674949786&m=0&ar=81c6b5a9873-clean&iw=1699ba1&q=23&cb=0&ym=0&cu=1683857454156&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5130256019%3A3165454000%3A6243472472%3A138393688107&zMoatPS=300_1v&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&id=1&ii=4&bo=22316126855&bp=22338692714&bd=300_1v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22338692714&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22338692714&gw=pentonmedia53440730609&fd=1&it=500&ti=0&ih=2&pe=1%3A1456%3A2062%3A5916%3A1509&iq=na&tt=na&fs=203238&na=997265702&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 12 May 2023 02:10:54 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 12 May 2023 02:10:54 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 047C 0
10 B 19ms
18ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?KSy0Og
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:10:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A7F2 42 B
64 B 56ms
55ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvlEZWY9E9S27VmQ-Zi7auuMP5wgsAaex71htvASbx9YTUeDWsezZJvynPxgIWprNt39HPnjSPuF_NC220cTcWpGYfNU6jfzvK6uInpueMX6iY8l3aW&sig=Cg0ArKJSzNaQ6Bir9TMOEAE&id=lidar2&mcvt=1012&p=337,988,587,1288&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20230510&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=132156232&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683857453332&rpt=503&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 02:10:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2A9A 42 B
64 B 56ms
55ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuk7WG-tCn7O7EzLPJy1Pzt8Sz4M0tkPmWjR3m8EPLx7Tdk4TO6GWcKIM_rbQ2ldL3dbKTxiOJrc9x-VUlXxXRMLGvwmut4o1_gRXTCefLbEWg3JREb&sig=Cg0ArKJSzKQ9KCzImwGyEAE&id=lidar2&mcvt=1015&p=126,436,216,1164&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&v=20230510&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3716935158&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683857453276&rpt=583&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 02:10:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 li.png
cache-ssl.celtra.com/api/blobs/2e1d1ae5940fbdaa5f95c1c17393175faf02b27a8c6b37dca2419c70113760ab/ Frame F837 585 B
1 KB 29ms
27ms Image
image/png 18.66.112.52

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/2e1d1ae5940fbdaa5f95c1c17393175faf02b27a8c6b37dca2419c70113760ab/li.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.52 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: d10a2d03c9fb4943f449b97d333b8d22990200afa70d13d5c1c23ad4d783200c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 07:46:01 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3695093
x-cache: Hit from cloudfront
content-length: 585
server: Apache
etag: "d10a2d03c9fb4943f449b97d333b8d22990200afa70d13d5c1c23ad4d783200c"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2695399
accept-ranges: bytes
x-amz-cf-id: qWhS9OogxOGFoscjQ9Aa7gvv96iIyaCbjZuOpXkJM8_7FGsWFSLy6A==

GET
H2 200 fb.png
cache-ssl.celtra.com/api/blobs/44f24c3edfffb11dd41284fe3c7bddb08dc29236aa3509e3a243c10f9804b28d/ Frame F837 348 B
859 B 29ms
26ms Image
image/png 18.66.112.52

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/44f24c3edfffb11dd41284fe3c7bddb08dc29236aa3509e3a243c10f9804b28d/fb.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.52 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: e9d0cab69a4c71df7a16b6ee6f99ea474423689c8eadd7aa62ce9cef3a48c395

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:21:07 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4571387
x-cache: Hit from cloudfront
content-length: 348
server: Apache
etag: "e9d0cab69a4c71df7a16b6ee6f99ea474423689c8eadd7aa62ce9cef3a48c395"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 16308006
accept-ranges: bytes
x-amz-cf-id: r8EpAKJIinSrGyQRKsQfjOwitt2LoJDGWxV9DhBtT6L1WnasjPUIYg==

GET
H2 200 tw.png
cache-ssl.celtra.com/api/blobs/9ad81786e386c3155cbc468769eddcc96e3e991156ad745860288c59c63a417c/ Frame F837 781 B
1 KB 29ms
26ms Image
image/png 18.66.112.52

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/9ad81786e386c3155cbc468769eddcc96e3e991156ad745860288c59c63a417c/tw.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.52 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 308e134d9a0df8031a894aa2bb6e70515cb9db2403e3e568e7554ae69f474c96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:41:34 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 16892960
x-cache: Hit from cloudfront
content-length: 781
server: Apache
etag: "308e134d9a0df8031a894aa2bb6e70515cb9db2403e3e568e7554ae69f474c96"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 35553383
accept-ranges: bytes
x-amz-cf-id: K8avxkT99Ugd0J3Qdk5NktJrmuadgyBzZUAnlWT7S9xv0VHfGPWpYw==

GET
H2 200 yt.png
cache-ssl.celtra.com/api/blobs/13d77e3befd746d58356da2f0b0d1d20af11ba13ea0ca8cd7b73871ef1d40edd/ Frame F837 914 B
1 KB 29ms
27ms Image
image/png 18.66.112.52

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/13d77e3befd746d58356da2f0b0d1d20af11ba13ea0ca8cd7b73871ef1d40edd/yt.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.52 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 8c792dc2527753d5f758a812c5de2225dba619ecd83b05713ce68b0db858fa28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:13:41 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 16891033
x-cache: Hit from cloudfront
content-length: 914
server: Apache
etag: "8c792dc2527753d5f758a812c5de2225dba619ecd83b05713ce68b0db858fa28"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 90112054
accept-ranges: bytes
x-amz-cf-id: 8L5bV5qteaSN5UPZJDaouYJD28uVN4h0XDQ3YiS45NfVppG8x_GeGA==

GET
H2 200 logo-black.png
cache-ssl.celtra.com/api/blobs/bf75212a1716ccc1c16c0dd8f45c8be464ba236d5ab58605ad11bfc411123dcf/ Frame F837 7 KB
8 KB 30ms
28ms Image
image/png 18.66.112.52

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/bf75212a1716ccc1c16c0dd8f45c8be464ba236d5ab58605ad11bfc411123dcf/logo-black.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.52 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 5d2fcc5bb55e012bbc38a84b298a1a20eeb03785995a3ae0fee5c8446f3a4b5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 15:05:55 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 16887899
x-cache: Hit from cloudfront
content-length: 7401
server: Apache
etag: "5d2fcc5bb55e012bbc38a84b298a1a20eeb03785995a3ae0fee5c8446f3a4b5d"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 39715550
accept-ranges: bytes
x-amz-cf-id: s_vVs7MBS3L87bLOFETNjCaWyjSd8nwNqAkB3vXfvYlyJAXvXUj5yA==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/f9acc6207ab5baa8ee2e9deaf1102a773db8b5fc4fb1a17adb9fd6071056c7bd/Developer-Focused-Security-from-Code-to-Cloud.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.52 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 2699500959a885497228b6d8026a9f2aff0068d5c5112f04a2a91af3ee48bd5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 03:09:59 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 10623655
x-cache: Hit from cloudfront
content-length: 1944
server: Apache
etag: "2699500959a885497228b6d8026a9f2aff0068d5c5112f04a2a91af3ee48bd5a"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 1686023
accept-ranges: bytes
x-amz-cf-id: dCvI3wr5CFL6AkYDKY3N7eH7op7wrgAX_tjZLOTYGAcSxrAqIhwWDw==

GET
H2 200 Top%2010%20image.png
cache-ssl.celtra.com/api/blobs/1dd057e770c0c351d0eec35c10d82c9f1541f52ecd31ff0ad317271a0c13f854/ Frame F837 51 KB
51 KB 30ms
29ms Image
image/png 18.66.112.52

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/1dd057e770c0c351d0eec35c10d82c9f1541f52ecd31ff0ad317271a0c13f854/Top%2010%20image.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.52 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 0006b06eff195cbb62d8763db16b73428d32764de35c7c2e8e6177ad408e8b28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:44:37 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4515977
x-cache: Hit from cloudfront
content-length: 51962
server: Apache
etag: "0006b06eff195cbb62d8763db16b73428d32764de35c7c2e8e6177ad408e8b28"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 3444799
accept-ranges: bytes
x-amz-cf-id: pLFEvIsq5OQ1FLqrrWF3rHtMAijG99i_9iZ-VgHenkn0UCaIllAvNw==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/f468aad1e11096a7c00fb7cd7826bd0595fe993562b9324fd5a2b3106e6e81e3/DR_Snyk_The-Five-Fundamentals.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.52 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 79dd4d9c6d5e855b62d6734ddf29050e110d366fab94fb765cba9deb8d5b8070

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 15:05:54 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 16887900
x-cache: Hit from cloudfront
content-length: 23232
server: Apache
etag: "79dd4d9c6d5e855b62d6734ddf29050e110d366fab94fb765cba9deb8d5b8070"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 122588175
accept-ranges: bytes
x-amz-cf-id: dHwJGdPLQKFkIQ4OVrwwsNKw3gN2Kw9RMM-wKm2clfAZIE3fRNfPjg==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/984c41a5dbb0ac95dfdd5657807605b604c77008247a42a976aa71f18e585839/DR_Snyk_7-Ways-to-Avoid-the-Nightmare-of-a-Miconfiguration.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.52 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: c2e21f2b653dc835b57db9fa991ff39c6ece75f9b71b4b29c28d12aabb836705

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 15:05:54 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 16887900
x-cache: Hit from cloudfront
content-length: 21649
server: Apache
etag: "c2e21f2b653dc835b57db9fa991ff39c6ece75f9b71b4b29c28d12aabb836705"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 142543622
accept-ranges: bytes
x-amz-cf-id: PC7_kUqfv3qZbTQLPL0oAkgPesA32q8bdpEP3OV3jxepNRTbgcaq7w==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/5fa4d5973b5a88cd2153836bdc67205c487fb8218b926e5c28d76e2d4fd3f5a5/DR_Snyk_The-Cloud-Security-Report-2022.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.52 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 730367f6f5dd34acf66733baa2a367269d27eab99d68b46d78f199d20376ce79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:30:55 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 16889999
x-cache: Hit from cloudfront
content-length: 22497
server: Apache
etag: "730367f6f5dd34acf66733baa2a367269d27eab99d68b46d78f199d20376ce79"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 76910747 51283980
accept-ranges: bytes
x-amz-cf-id: tQu7D16gBW1bP2EzwrcXDm1TThJ3qNwrn9D4xLsCPShw5NfBz7OW_Q==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjgzODU3NDU0eDcyYzNjMDdhNTI5MzA0eDI4MjY1NTkxIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIxNTkzNTgxNzA0NDA5OTkyIiwiaW5kZXgiOjMsImNsaWVudFRpbWVzdGFtcCI6MTY4Mzg1NzQ1NC45MjYsIm5hbWUiOiJjcmVhdGl2ZUxvYWRlZCIsInZpZXdhYmlsaXR5MDBNZWFzdXJhYmxlIjp0cnVlLCJ2aWV3YWJpbGl0eTUwMU1lYXN1cmFibGUiOnRydWUsInZpZXdhYmxlVGltZU1lYXN1cmFibGUiOmZhbHNlLCJjZG5WYXJpYW50Ijoibm9uZSJ9LHsic2Vzc2lvbklkIjoiczE2ODM4NTc0NTR4NzJjM2MwN2E1MjkzMDR4MjgyNjU1OTEiLCJhY2NvdW50SWQiOiI0NGI3NGIzNSIsInN0cmVhbSI6ImFkRXZlbnRzIiwiaW5zdGFudGlhdGlvbiI6IjE1OTM1ODE3MDQ0MDk5OTIiLCJpbmRleCI6NCwiY2xpZW50VGltZXN0YW1wIjoxNjgzODU3NDU0Ljk0OSwibmFtZSI6InZpZXdwb3J0UGxhY2VtZW50R2VvbWV0cnkiLCJwYWdlRGltZW5zaW9ucyI6eyJoZWlnaHQiOjQ0MDIsIndpZHRoIjoxNjAwfSwidmlld3BvcnRQb3NpdGlvblJlY3QiOnsid2lkdGgiOjE2MDAsImhlaWdodCI6MTIwMCwibGVmdCI6MCwidG9wIjowfSwiZmlyc3RQbGFjZW1lbnRQb3NpdGlvblJlY3QiOnsibGVmdCI6OTg4LCJ0b3AiOjI5Niwid2lkdGgiOjMwMCwiaGVpZ2h0Ijo2NDB9fSx7InNlc3Npb25JZCI6InMxNjgzODU3NDU0eDcyYzNjMDdhNTI5MzA0eDI4MjY1NTkxIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIxNTkzNTgxNzA0NDA5OTkyIiwiaW5kZXgiOjUsImNsaWVudFRpbWVzdGFtcCI6MTY4Mzg1NzQ1NC45NTEsIm5hbWUiOiJ2aWV3YWJsZTAwIiwiY3JpdGVyaW9uIjp7Im5hbWUiOiJDb3JlIiwicmF0aW8iOjAsInRpbWUiOjB9fSx7InNlc3Npb25JZCI6InMxNjgzODU3NDU0eDcyYzNjMDdhNTI5MzA0eDI4MjY1NTkxIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIxNTkzNTgxNzA0NDA5OTkyIiwiaW5kZXgiOjYsImNsaWVudFRpbWVzdGFtcCI6MTY4Mzg1NzQ1NC45NjMsInVuaXROYW1lIjoiYmFubmVyIiwidW5pdFZhcmlhbnRMb2NhbElkIjpudWxsLCJzY3JlZW5Mb2NhbElkIjoxMzY4LCJzY3JlZW5UaXRsZSI6IlJlc291cmNlcyIsInNjcmVlbklzTWFzdGVyIjpmYWxzZSwib2JqZWN0TG9jYWxJZCI6bnVsbCwib2JqZWN0TmFtZSI6bnVsbCwib2JqZWN0Q2xhenoiOm51bGwsImluaXRpYXRpb25UaW1lc3RhbXAiOjE2ODM4NTc0NTQuOTYzLCJuYW1lIjoic2NyZWVuU2hvd24ifSx7InNlc3Npb25JZCI6InMxNjgzODU3NDU0eDcyYzNjMDdhNTI5MzA0eDI4MjY1NTkxIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIxNTkzNTgxNzA0NDA5OTkyIiwiaW5kZXgiOjcsImNsaWVudFRpbWVzdGFtcCI6MTY4Mzg1NzQ1NC45NjQsIm5hbWUiOiJjcmVhdGl2ZVJlbmRlcmVkIn1dfQ==?crc32c=143066757
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.221.82 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Fri, 12 May 2023 02:10:55 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET user_timeline
cache-ssl.celtra.com/api/twitter/statuses/ Frame F837 0
0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 22ms
21ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Feu-images.contentstack.com%2Fv3%2Fassets%2Fblt66983808af36a8ef%2Fblt4ff4a7f9bc8e31f7%2F619f4fb0a0cb8076d613e3ba%2FDark_Reading_Logo.svg%3Fquality%3D80%26format%3Djpg%26width%3D222&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-t501M1%2F1Kw7M0g%3D%3D&sc=1&os=1-Qw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=62&w=248&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&id=1&ii=4&f=0&j=&t=1683857454042&de=118702302753&cu=1683857454042&m=538&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4402&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1456%3A2062%3A5916%3A1509&as=0&ag=30&an=0&gf=30&gg=0&ix=30&ic=30&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=30&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=59&cd=0&ah=59&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5004235589%3A3104974989%3A6160013257%3A138430985859&bo=22316126855&bp=22338692714&bd=welcome_v&zMoatPS=welcome_v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22338692714&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22338692714&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&zMoatDev=Desktop&zMoatDfpSlotId=div-gpt-ad-welcome&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=div-gpt-ad-welcome&iq=na&tt=na&tc=0&fs=203238&na=1920616281&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 12 May 2023 02:10:55 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 12 May 2023 02:10:55 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 21ms
21ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-t501M1%2F1Kw7M0g%3D%3D&sc=1&os=1-Qw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&id=1&ii=4&f=0&j=&t=1683857453904&de=813151489109&cu=1683857453904&m=1088&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4402&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=98&vx=98%3A98%3A-&pe=1%3A1456%3A2062%3A5916%3A1509&as=1&ag=1017&an=41&gf=889&gg=41&ix=889&ic=889&ez=1&ck=1017&kw=802&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1017&bx=41&ci=1017&jz=802&dj=1&aa=0&ad=883&cn=0&gk=755&gl=0&ik=755&cq=1&im=0&in=0&pd=0&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=802&cd=82&ah=802&am=82&xd=00&rf=0&re=1&ft=883&fv=0&fw=883&wb=1&cl=0&at=0&d=5130256019%3A3165454000%3A6243472472%3A138394157647&bo=22316126855&bp=22338692714&bd=300_2v&zMoatPS=300_2v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22338692714&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22338692714&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&zMoatDev=Desktop&zMoatDfpSlotId=14_dr0ullmaih800000dr0ullmaih800000dr0&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=14_dr0ullmaih800000dr0ullmaih800000dr0&iq=na&tt=na&tc=0&fs=203238&na=1982876470&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 12 May 2023 02:10:55 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 12 May 2023 02:10:55 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 21ms
21ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-t501M1%2F1Kw7M0g%3D%3D&sc=1&os=1-Qw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&id=1&ii=4&f=0&j=&t=1683857454101&de=108005874055&cu=1683857454101&m=1024&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4402&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1456%3A2062%3A5916%3A1509&as=1&ag=1017&an=2&gi=1&gf=1017&gg=2&ix=1017&ic=1017&ez=1&ck=1017&kw=817&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1017&bx=2&ci=1017&jz=817&dj=1&aa=0&ad=830&cn=0&gk=830&gl=0&ik=830&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=817&cd=4&ah=817&am=4&xd=00&rf=0&re=1&ft=830&fv=0&fw=830&wb=1&cl=0&at=0&d=5006753165%3A2994564374%3A6140096305%3A138409377623&bo=22316126855&bp=22338692714&bd=728_1v&zMoatPS=728_1v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22338692714&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22338692714&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&zMoatDev=Desktop&zMoatDfpSlotId=7_0tllwotr04h900000tllwotr04h900000tl&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=7_0tllwotr04h900000tllwotr04h900000tl&iq=na&tt=na&tc=0&fs=203238&na=488539497&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 12 May 2023 02:10:55 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 12 May 2023 02:10:55 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 4D3C 42 B
0 58ms
58ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssstmkEGlzUMC_TbhWrroplkGxp1tQkXZTZIPoe7RYTvGbMukz7xnD2TM33WzNiqVy1xcvK-en12LoP-fFPwCIA2iRfTm4T6rnZlj0GdGQOl_eYZ3GT&sig=Cg0ArKJSzLBLITge6lerEAE&id=lidar2&mcvt=1001&p=1137,308,1138,309&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230510&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2670265377&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683857453204&rpt=865&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 02:10:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 21ms
21ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-t501M1%2F1Kw7M0g%3D%3D&sc=1&os=1-Qw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&id=1&ii=4&f=0&j=&t=1683857454101&de=108005874055&cu=1683857454101&m=1025&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4402&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1456%3A2062%3A5916%3A1509&as=1&ag=1017&an=1017&gi=1&gf=1017&gg=1017&ix=1017&ic=1017&ez=1&ck=1017&kw=817&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1017&bx=1017&ci=1017&jz=817&dj=1&aa=0&ad=830&cn=830&gk=830&gl=830&ik=830&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=817&cd=817&ah=817&am=817&xd=00&rf=0&re=1&ft=830&fv=830&fw=830&wb=1&cl=0&at=0&d=5006753165%3A2994564374%3A6140096305%3A138409377623&bo=22316126855&bp=22338692714&bd=728_1v&zMoatPS=728_1v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22338692714&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22338692714&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&zMoatDev=Desktop&zMoatDfpSlotId=7_0tllwotr04h900000tllwotr04h900000tl&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=7_0tllwotr04h900000tllwotr04h900000tl&iq=na&tt=na&tc=0&fs=203238&na=1686131762&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 12 May 2023 02:10:55 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 12 May 2023 02:10:55 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 21ms
21ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-t501M1%2F1Kw7M0g%3D%3D&sc=1&os=1-Qw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&id=1&ii=4&f=0&j=&t=1683857454101&de=108005874055&cu=1683857454101&m=1026&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4402&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1456%3A2062%3A5916%3A1509&as=1&ag=1017&an=1017&gi=1&gf=1017&gg=1017&ix=1017&ic=1017&ez=1&ck=1017&kw=817&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1017&bx=1017&ci=1017&jz=817&dj=1&aa=0&ad=830&cn=830&gk=830&gl=830&ik=830&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=817&cd=817&ah=817&am=817&xd=00&rf=0&re=1&ft=830&fv=830&fw=830&wb=1&cl=0&at=0&d=5006753165%3A2994564374%3A6140096305%3A138409377623&bo=22316126855&bp=22338692714&bd=728_1v&zMoatPS=728_1v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22338692714&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22338692714&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&zMoatDev=Desktop&zMoatDfpSlotId=7_0tllwotr04h900000tllwotr04h900000tl&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=7_0tllwotr04h900000tllwotr04h900000tl&iq=na&tt=na&tc=0&fs=203238&na=1465010772&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 12 May 2023 02:10:55 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 12 May 2023 02:10:55 GMT

GET pixel.gif
px.moatads.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cache-ssl.celtra.com
URL: https://cache-ssl.celtra.com/api/twitter/statuses/user_timeline?screen_name=snyksec&jsonp=jsonp_celtra_twitter_proxy_8247

Domain: px.moatads.com
URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-NiArBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-t501M1%2F1Kw7M0g%3D%3D&sc=1&os=1-Qw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&id=1&ii=4&f=0&j=&t=1683857453904&de=813151489109&cu=1683857453904&m=1290&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4402&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=98&vx=98%3A98%3A-&pe=1%3A1456%3A2062%3A5916%3A1509&as=1&ag=1219&an=1017&gf=889&gg=889&ix=889&ic=889&ez=1&ck=1017&kw=802&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1219&bx=1017&ci=1017&jz=802&dj=1&aa=1&ad=1085&cn=883&gk=755&gl=755&ik=755&co=1085&cp=1058&cq=1&im=0&in=0&pd=0&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1058&cd=802&ah=1058&am=802&xd=00&rf=0&re=1&ft=1085&fv=883&fw=883&wb=1&cl=0&at=0&d=5130256019%3A3165454000%3A6243472472%3A138394157647&bo=22316126855&bp=22338692714&bd=300_2v&zMoatPS=300_2v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22338692714&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22338692714&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&zMoatDev=Desktop&zMoatDfpSlotId=14_dr0ullmaih800000dr0ullmaih800000dr0&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=14_dr0ullmaih800000dr0ullmaih800000dr0&iq=na&tt=na&tc=0&fs=203238&na=108522552&cs=0

Verdicts & Comments Add Verdict or Comment

146 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.darkreading.com/	1970-01-20 13:53:53	Name: _gcl_au Value: 1.1.482069123.1683857449
.darkreading.com/	1969-12-31 23:59:59	Name: __Secure-next-auth.callback-url Value: https%3A%2F%2Fwww.darkreading.com
www.darkreading.com/	1969-12-31 23:59:59	Name: __Host-next-auth.csrf-token Value: ecdad10231878b5d527fb52a0a09abfff93bc672691e3a6144dc5d24e984f60f%7Cf2c5c99046271394e13b153f95fd6f6b70fee5d723b530e766b9a0e45481694c
.darkreading.com/	1970-01-20 16:03:29	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Fri+May+12+2023+02%3A10%3A49+GMT%2B0000+(GMT)&version=6.39.0&isIABGlobal=false&hosts=&consentId=7e8b0a9a-eff2-4314-b537-f57dd51ad56d&interactionCount=0&landingPath=https%3A%2F%2Fwww.darkreading.com%2Fcloud%2Fmultiple-ransomware-groups-adapt-babuk-code-to-target-esxi-vms&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.darkreading.com/	1970-01-20 21:20:17	Name: _ga_1X1EHQ3PFR Value: GS1.1.1683857449.1.0.1683857449.60.0.0
.darkreading.com/	1970-01-20 11:44:19	Name: _sp_ses.94c4 Value: *
.darkreading.com/	1970-01-20 21:20:17	Name: _sp_id.94c4 Value: 0bbf380e-8fc5-4908-b441-320eb2c7a0a1.1683857449.1.1683857449.1683857449.721a6b46-80d7-4e17-8c5d-24a7edfbc104
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: GqjL6p-JNQ8
.youtube.com/	1970-01-20 16:03:29	Name: VISITOR_INFO1_LIVE Value: K6EN_GTOKoM
www.darkreading.com/	1970-01-20 11:45:43	Name: _iris_cdl Value: Ki50cmFkZXB1Yi5jb20=
.darkreading.com/	1970-01-20 21:13:05	Name: _cb Value: DDXVwBhDmalC47DsV
.darkreading.com/	1970-01-20 21:13:05	Name: _chartbeat2 Value: .1683857449358.1683857449358.1.N1JUlBbbqzCMvswzPfCv7CnpXvg.1
.darkreading.com/	1970-01-20 11:44:19	Name: _cb_svref Value: null
.darkreading.com/	1970-01-20 21:20:17	Name: __td_signed Value: true
.darkreading.com/	1970-01-20 21:20:17	Name: _td Value: e43660f9-ec64-499f-b9cd-81d1b693a5c7
.darkreading.com/	1970-01-20 13:43:40	Name: _gaexp Value: GAX1.2.0yXzgh3iSjOeRpygmZwteQ.19572.1
.darkreading.com/	1970-01-20 21:20:17	Name: _ga Value: GA1.2.169336795.1683857449
.darkreading.com/	1970-01-20 11:45:43	Name: _gid Value: GA1.2.20022482.1683857449
.darkreading.com/	1970-01-20 11:44:17	Name: _gat_UA-135180592-2 Value: 1
www.darkreading.com/	1969-12-31 23:59:59	Name: dpm_url_count Value: 1
.darkreading.com/	1969-12-31 23:59:59	Name: at_check Value: true
.in.treasuredata.com/	1970-01-20 21:20:17	Name: _td_global Value: 43346c22-6705-43d4-8bcf-c8d53c67e9c2
.adnxs.com/	1970-01-20 13:53:53	Name: uuid2 Value: 1480271768965354187
.darkreading.com/	1970-01-20 20:29:53	Name: _hjSessionUser_2610568 Value: eyJpZCI6IjZkZmFjMGNlLTQxN2ItNTA0Yy1hYmRkLTIzYTFlZGQ2NmFhZCIsImNyZWF0ZWQiOjE2ODM4NTc0NDk2MjUsImV4aXN0aW5nIjpmYWxzZX0=
.darkreading.com/	1970-01-20 11:44:19	Name: _hjFirstSeen Value: 1
.darkreading.com/	1970-01-20 11:44:17	Name: _hjIncludedInSessionSample_2610568 Value: 1
.darkreading.com/	1970-01-20 11:44:19	Name: _hjSession_2610568 Value: eyJpZCI6IjYyNDExMzVlLTU4NmYtNDllYi1hOTg3LWVjNTU1MGI2MTc4NCIsImNyZWF0ZWQiOjE2ODM4NTc0NDk2MzYsImluU2FtcGxlIjp0cnVlfQ==
.darkreading.com/	1970-01-20 11:44:19	Name: _hjAbsoluteSessionInProgress Value: 0
.darkreading.com/	1970-01-20 20:29:53	Name: sp Value: ce05c525-46d0-4728-a6d0-d133dbd757ac
.darkreading.com/	1970-01-20 21:20:17	Name: mbox Value: session#56cc2dd44c19400eb7c70bd27bcc39ad#1683859310\|PC#56cc2dd44c19400eb7c70bd27bcc39ad.37_0#1747102250
.darkreading.com/	1970-01-20 11:44:19	Name: mboxEdgeCluster Value: 37
.dpmsrv.com/	1970-01-20 21:20:17	Name: dpm_pxl Value: cd85926f27c6d6b3947021da46191d74442d37a7
.dpmsrv.com/	1970-01-20 21:20:17	Name: dpm_pxl_aid Value: 1480271768965354187
www.darkreading.com/	1969-12-31 23:59:59	Name: hasLiveRampMatch Value: true
.doubleclick.net/	1970-01-20 21:05:53	Name: IDE Value: AHWqTUkG91avZkGUUoBa94Q0PcnMxIcysfDHV9eIs98XOu3i_Ljel-lj9Z2qE3w4Xdo
.tradepub.com/	1969-12-31 23:59:59	Name: _t Value: pp%3A
darkreadingnewsletter.tradepub.com/	1969-12-31 23:59:59	Name: channel Value: 5
.tradepub.com/	1970-01-20 20:29:53	Name: tpid Value: 0840191751831683857450
.darkreading.com/	1970-01-20 21:15:58	Name: ELOQUA Value: GUID=07DBA415B336455FB8A8E3FEAEEF0D23
.darkreading.com/	1970-01-20 21:05:53	Name: __gads Value: ID=a090bffd1a5f8539:T=1683857452:S=ALNI_MasaLnr37vh88nkaQ5ArxN_Ekotvg
.darkreading.com/	1970-01-20 21:05:53	Name: __gpi Value: UID=00000bf99975e802:T=1683857452:RT=1683857452:S=ALNI_MaxElqCc-u297w-TA7TvyB1TvdrrA
www.darkreading.com/	1969-12-31 23:59:59	Name: dpm_time_site Value: 4.044

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/423396.gif?partner_uid=1480271768965354187 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://www.darkreading.com/404 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

48f133b2bcc3df17a4be26e3af1a4524.safeframe.googlesyndication.com
6600d6d98e534115970f9529a45f3195.js.ubembed.com
a.dpmsrv.com
a.teads.tv
ads.celtra.com
adservice.google.com
adservice.google.de
assets.ubembed.com
bam.eu01.nr-data.net
beta.darkreading.com
c.darkreading.com
cache-ssl.celtra.com
cdn.cookielaw.org
cdn.optimizely.com
cdn.treasuredata.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
content.hotjar.io
cts.tradepub.com
d29usylhdk1xyu.cloudfront.net
darkreadingnewsletter.tradepub.com
eu-images.contentstack.com
eu01.in.treasuredata.com
fonts.googleapis.com
fonts.gstatic.com
geo.moatads.com
geolocation.onetrust.com
ib.adnxs.com
idsync.rlcdn.com
iirexhibitionslimite.tt.omtrdc.net
img.en25.com
img.tradepub.com
in.hotjar.com
in.ml314.com
js-agent.newrelic.com
ml314.com
pagead2.googlesyndication.com
ping.chartbeat.net
px.moatads.com
quilt-cdn.janrain.com
region1.analytics.google.com
rpxnow.com
s.dpmsrv.com
script.hotjar.com
securepubads.g.doubleclick.net
stackpath.bootstrapcdn.com
static.chartbeat.com
static.cloudflareinsights.com
static.hotjar.com
static.iris.informa.com
stats.g.doubleclick.net
t.teads.tv
tpc.googlesyndication.com
track.celtra.com
trk.darkreading.com
www.darkreading.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
z.moatads.com
cache-ssl.celtra.com
px.moatads.com
108.138.17.78
108.138.189.100
13.32.99.122
13.32.99.47
13.32.99.66
142.0.173.15
151.101.129.131
151.101.194.137
151.101.2.137
172.217.18.2
18.130.52.110
18.66.112.52
18.66.97.53
185.221.87.23
2.18.232.7
2001:4860:4802:34::36
2001:4de0:ac18::1:a:2b
205.234.175.175
209.133.56.108
209.133.56.117
23.201.242.231
23.35.229.56
23.35.237.151
2600:9000:2057:7200:18:1fcd:351:7bc1
2606:4700:4400::ac40:9062
2606:4700::6810:3865
2606:4700::6811:190e
2606:4700::6811:7863
2606:4700::6811:7963
2606:4700::6812:acf
2606:4700::6813:bc61
2a00:1450:4001:802::2002
2a00:1450:4001:802::200a
2a00:1450:4001:809::2001
2a00:1450:4001:809::2008
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::200e
2a00:1450:4001:827::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2001
2a00:1450:400c:c0c::9d
2a02:26f0:6c00:183::13b8
2a02:26f0:6c00::210:bb9b
3.121.161.70
3.213.246.48
3.223.221.82
3.223.97.64
34.111.234.236
34.193.26.185
34.198.52.55
35.244.174.68
37.252.172.123
46.137.128.70
52.207.193.111
52.222.236.63
52.48.197.14
52.51.99.124
0006b06eff195cbb62d8763db16b73428d32764de35c7c2e8e6177ad408e8b28
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
0307f3b9d8215b1581f25bdf8ba24881d8f7030f53ed17b33e3ca6a5e6c8582f
03535db7cb09d037684aeb1ac51fc58ebd93e46618ad1c0afe9e02bf28c88ba1
03b6f9934a86e8d5472f0b2449d99983b33aceba85871c5ac10ff79a70afab97
03e011387e705bad7bfde3f92ebea1da4f681c90f245e58a262046632e8e41a6
04c3e27b4e50b05e753624b18d153a73a64bd66f8544d04d73278b9cca80b643
061873fb71d654fc87404592fbb9cd1665e8882c1ab3423f92ddc61f940be783
07846c4f3d55084d6c153def8a95340508d0f3fe4dc7aa4bc23115785e81b738
07ef42cb5aaa4c14b089b3b8dbce587474ca15b49134468ffd950e941fc272c8
09956b5525c8c48e5d261bf1fe1692d1033f270f95872afcadd8dc0127ae3a3c
0b71ad377bffe473f0aac3e5deef504488841772e961672d2525d5054a444044
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
0c41233e610920569b3e7cb57bac3ba8448507513de7841b74438228224cb104
0e153b77b7b590360c91df38e894d46fd6061ce57cc0bbbc09f4c408a66bd0c7
0e198a2d521948c31a85eff04b881542d8b31d8b5824f900a950ea34bf5ef811
0ecf52614cfcf19d9e54f6315e8469693c03fc619115da7ce952bd4257b76f03
0f155ecc49cf3427c761b27ef11fcc6d210fb27a9355d70fd5a30e5f1893452a
0fd712ae904514ceb199b92e23fc114b066cd9e236be77204db9be34c057a292
105b5ca3048e9fd818b36aa4ed5a2e81a69c1457665282cdd08f2a340e695585
11b31650308c8e3a3c58d574aebc1dcf8505568751de9a369d179708cecec21b
120be5c1f0c3158ea3f36d14321d28e8bad8f3c6fcf6eadd240020c1836eff98
127c7ead87e287db401c5a3173fd190cc2c7211711e97486294ca2086754f793
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
14a5b6530555940baf945ebc0f34b667f941a2d63c77867d43ce0e3ba89d87aa
14f5566d4c764cd781dad9a4f1a9530797597bac11661a2b8def07c4e59f1985
1848ed0b2a54ed644ee182f2e2c012164080f1be7c475041f8d0a2ebe456c89f
1866a87b4c049fb761b0218db2aecbef33496d878706bc56f2701965efaf88a7
1935ab4dfe917e40077db3ba71377a7c8b122e1b889e5e7dfcdb6f7b750c6a28
1ace1b17e77ec3828eda87eb3fea3671ce2a0f706426fbd158873546c4f9366e
1cf917af656923a3c1e0ac90bd5f18a7b33856a5d9fbdbd8489e179db618e987
1ea3da39a9cfce54326861aeff7eea991eccc483672eb3d7a62a8a5a66398e9e
1f32e6d4857ac60e42c6a96a0cd8e6bd2a304ed0a6f75effb90e0940445b59d9
21102c999da99aa5a6c8403c9e2367ca2e8d3e7fd2d6b5c1aef9e4fab888749c
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4
24b5fa9227e2539d460d47bb58bc2cfd5ab7b460b10ed08f5f237a1c4227fa30
262f87d47643975a4633b675fc224c7a178d99e579e5d767f4a43ca7cc0bb9de
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2699500959a885497228b6d8026a9f2aff0068d5c5112f04a2a91af3ee48bd5a
281219652bf93fdb448ba51ac3f349bd5335c2be44898e77df5715b48bf9965c
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
29d84546c28d77a8118a502e3d41187c999f12e8dc91f00fc9e75ac587759608
2adfabdca47e7ea3ca23597e24f6415dea9842d97159920b12d55796273b50f0
2ccdcf417b59e3764ebe8bfc030a14d7ddad38532c9ac1b7abbd91ae2e256c57
2f8650c7f614694fbf353e3690b981a651ce8aa79ee32c82f21ef303eeeb5421
2f9e4b998c3839e7e544b929557a4408b28d94975d484ef79763e50ccc2647b6
2fc9226c1dac21a7182d442ae225403735a06132fa0d3339f9b691161f226870
308872c64cc2515e73c670c24a922a92a970a2e2745975d2c8b4184e7967346d
308e134d9a0df8031a894aa2bb6e70515cb9db2403e3e568e7554ae69f474c96
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31ed0830855b7d51d21bd0b606a1715a2c6dc3b4dcaaefdd89b6bf23b6cf380a
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
332be8338c36d31c73519e17af7df81c34188319ba032325031df6ad299fac1e
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
351c41a53ff9f13bb10fc75f3e9f83da234830d1d972c2a81e842fa9cd7feb80
35396bc1fe0457ca063caaf18161f4d252b66dda7bdf4dc83bd7291c5a763b5a
36069dae705692548e4a2c2d3c504cea29cf7756771c054130f14e48f3492b58
3ceec9fdca81a892eca1f959d595bec3a8f27d3e1801f07ca3c719be18bc73ab
3d4afff7ae9777bd3878847e90b2a3183b7afdf66fdd431236557f7b72cd3832
3d847022b4855577f07071ade28e6ffba86c014283f02fbba7d326690b157ee9
429f7e0fe891676debcf572bce666bf67cabfd82e6774895d4800283a05df589
42a69348bb53b155c5d4fa084e826b2ca4f80cdcd131455fe33c8ab8b1f32ddc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
473185122f12e52c03a22285955612eebe2539353552a1d18f286e89a93d33a2
4ab442ab6823f465e57fd5cd0aa9752d565e7b6c5aec2928b06f552487b6ce0d
4c662be26daa544e07f7170870e306427b9fcf0d9f30e6f602c7fb67005bfda3
4dc80fcaf6db01fa29ced797dbb0947bb3bb95b1a88f893f389cf17144166075
4e3544834b91e44441b532b1543211033bbf7dfdb06b1c540c6539ce2f04c806
4f381ccb6f965e2011700b253aa446e84060a338cc416055eabca3b62fa35435
514df5e4bca398eb8a8f4e5c28f55a7ce34f2da983d888a2e58d5773c2f176af
52876283c4bcf1441a70905558f19f857eb63b5824d1e9b2961262162edcd49b
54afb0272d83fb2f4eb89126cefaf1316861dfa5a4c4e2488ae2d0668ea9f31d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ae2bb63b3739d001918259bb945000b092bfa1a7347ba9330239ce0c96de4d
56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9
584e18559bbb004441536d357452aa863692edb0be74bb1ebc53cfad23b2ef44
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5b114941f6e11f7c3d042d0cd27f71a559db569530ee54795eef6c2739a677c4
5c4137a61fcb9d785b3f65c3ed16a1e76868ab552655d045d21558d734aa0127
5d2fcc5bb55e012bbc38a84b298a1a20eeb03785995a3ae0fee5c8446f3a4b5d
5d4ae1d37e4ea4fe6ae4cd165e092d4918505d40f5420402f485db1c16a3b511
5ec40761dd2383a7ab7f951a8f7335ad017c183267b7e6d1a048e0030322df5d
5f4d7f3eafb4d9820dd9f359b637ee8df4136b8bdba6705b9dd0a15faf2bc025
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
60a2b7a812a33623129b2e6b14305e1372eb302a28b39aeb75c9fb3f6ce87322
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
690e6a965ec546b3abe722a9a12b1b6d1228a6d7837619b7748e9fa702bd6a27
6ac768d479fd8627d59a5298f7175cf51f4ace4eea8feda66a04b1e32244d6ed
6c513586a4cc1a4f0cd7e2c92bdbd8b1e70dda2e57737f115bb4539ae45b1510
6e00d3935f6a747eedf83365b8b957f71ec570e9ac018426c07f59e7e1a32126
6e504d72d0b8fe63b71774d746594a7d13607ee5313241cc546a1bcd47909677
6f2731b7ddbfae256839a740f6dda68ec6e67a4cf1e62a8ed4ffce75a589d16d
6f49c3f5d519246a03855a692b881698b66d41cd0fc40aac62c3e68da333d974
720b074e114854f5c2b347ee013066f2ff6e8a1da750d605c8df6936b997eb60
726f277cb3e1a35363f31b911cdc52f7bde3eb2f5da95fd9ff851cd468ba06aa
730367f6f5dd34acf66733baa2a367269d27eab99d68b46d78f199d20376ce79
757c66837cfbe8c2533e8c41099d8e50b20f83fbf84ead6a6d7435dcc2ad0884
7674813d4294e6367c27576ac6ee63106685165081325a67fc0b3582ed53182f
781a1d8d0da756f9f63e4c322bf0fed977a1aba7a93b4023dbe0fe42f1f8b479
79dd4d9c6d5e855b62d6734ddf29050e110d366fab94fb765cba9deb8d5b8070
7abd2d7bbafa11f84e45b3fff7bd865618bd3617e6aaa9eed562fa233b12d165
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7c8c26c368c851fe9a4d8e902a8641150c93e5319efe7228ed52c5f7948a3cbf
809fcebb8b2dbfd1a5503a8014cefc5b4d2684656e6189e07d8441dccd7e7718
810089696e5655d5d4c98fde5a9a82da1af87500456fde63ee30845a787f891e
814193c99170f46bc6f27d63bc3fda4317d2568edf26ed6229d36ff90e9933b1
816d45e0481406928fe0105f9a468e3b4733ad2e056f082a02e3237b1529e6fb
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
81d50aff02889109dbd93d915814d4b8cabd50d108b081827416f8d5dfb8f87d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86dbd997ead92464b9d3e6228dab6902a3f8cdbd17de1da8923cb2f0fb600bda
8751c85d4da8af34fb4d78a2ab5bb92b7a3b5380f2d0d5ca89d11fc2b5bfb6ca
88c9ec2c73ac561ad7aa685032b4dd6df19e11272bb610b5834cb1950607b268
896f2bcedb02f1d564ea553d9b739698bba1d89e5dff9cdb30771d6b06dd57a0
8b95abe7fc24dcfcb2a39ba7887760551af01a59b680371c08bf45be52f5fdb6
8c01620cc643e8a19f0955ec8ac6aad41ada99655090013fa3f2ce98bb2a2a5e
8c09508bbc476361a88ba4b4597fcbc2abd76c4a4cf9055fd2fe49df704db28d
8c792dc2527753d5f758a812c5de2225dba619ecd83b05713ce68b0db858fa28
8d5329015c706aeeb9be2d5cb4c46af1637b0ff0181d6ef6ad691da8801db327
9250f0b586e89674ec647d8dfb6fe7aedcb588be13ebb6aeb1286efa9d3cfb39
92e2472635cbca31d4b0694c1248618677a5279d6e841b23191c3d5a76ac09f4
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
96e66dd306b4112cc055b5477ca0356fd9b5cb38369d6a76869883fab73a7fe1
9868a81047c2eac9ccc5982f779c80c7bb1e04c9b9605562136e3b54437ebdfa
9aa7f0ef886bcaeedef6e1ede35b6c7edcd50920dc472a9faf7c045584c269eb
9dddb939f2fb146a699ea1cf0efd984d4b8f429aa49d70246bff358fdbdf7fe7
9dff15c6576770a67939c29928d8e31ff30ecc041354b5eecacc82bbe51aafa2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4cfb4354e3bc2294e98c79fc1a829ac9a947b04104c3ea7bcaebf652925dd2d
a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0
ab36b8356d4b7e3e3591b161427e6fb18512a2ccc8a787f8cc03294cf2f30478
ac8e1e860c978467305068a7d8a7f318bb9cc9ce2cb8955288fe5662daddc749
ade525b1c626e1e98cca9037a2d1b173287d5a46a5e176d755fad1525a94f63d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af445b057cad58b863ee411efa7734299dd8ed00da738f2d50fd0e68589e01e4
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b00bdb01d7602db5e05ba259c3eff627965c82fd7b62a2d19dbaf68274cf19af
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b315181f1047d35cc29f1b83c9c31ea493c5006f21930ba0a5e790a80ca2b7f2
b57ca43f4102227e42cf5f2156bc345512c6be97688ac3e4cb4b0ed156b80107
b6f0d3d2f2ee5da42209873861e201c84ff6a4b9b99daa4332cba55f3b2836be
b759dcb812df0caaa1b5a8d4b4d86a8f6f41f4b4f4c53589f54cf4d15bc82124
be222ebe8d76ed95e6241fd6e80b43e87cee11ee97871ba3e0e6dcf439ad66b9
c19345a03fed44d267abbe2f427bdcd261aa86a447320f15f3eef8e121690794
c1cb5816beee91682d9f447810ce0684a75c5442fa0c106bbe7ae72af4edfd9f
c2e21f2b653dc835b57db9fa991ff39c6ece75f9b71b4b29c28d12aabb836705
c4c81d00cc3d37afe3a7cf65aa6f4662fe95bbe4c4435b52e119e8d79add5672
c870bc0b6e52de133e3273be305bda03afd6aba5d5064c034f2a50a3af3edc01
c911d8e451e38365f7ac311826f755f020fa837f9b17437be20c3262533da0a2
c9c0731473dc75741f795fe979c202dfa0f81dafd198114d222eaff8bf0fc4f3
c9e40e17ef48acdd8fbbd4ab434adcd35602a939c19816f297baaa91e675a067
ca72e8893a0cf88efb844d01e3629ad7751979f01026f6149de72285279b7968
cb4787d6337aa1e504d8d2dc49629d5b46a49c30a6da6f4bb964e8875dd4bc43
cd8f46bc0bd090630e8b9e82698555938a648ad6a804eed6dae068e032e044c1
cd99d40e9764fd4629326b272d29ef8c77c780a4d8bc23243f2a0895fbdc353b
cdf1aba622d6838dde22c59064599e18c7dccf0e3d3f9fc8f63f2f74e3314b58
ce9c18a953a2eeb6d5efef7d4c04f4d73b055d3789152cbf42bd1b4dfd7e167b
ced6d94498388b24b48c4e2aa311815357ab9489c735aedd7725e0b18a02433e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfd91d8ff48aea2adea7719b47c73eb7fa29790f077153e496ff8877ac6dd88c
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d10a2d03c9fb4943f449b97d333b8d22990200afa70d13d5c1c23ad4d783200c
d16927d37f8e26f8565d8f37936c1cac3ae49299c69cfe76f84baf43677c3ec4
d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2
d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023
d41ec139c7a9a1d5c36fbb2da10e14d5a3f966fce56c9523aad1c60184d7abf2
d44efc199aeb61585552966cd0c0d26fe9f445ab360b9a03ee3d5311ef2f22c0
d5443a1f5c43de170ddc2fcca6f6a858ea61d2f42a8d58cca2e7bb11d8e81c11
d61faecfb874d538d721c7da1b3150ec0aa9449f84bdb87ca73375317490e7d8
d71f6f54e4590d5f26c992e36241c820487fefcae1d1129837e59d3d5e8e1839
d8d41783702d7bb7a7a9c548b151903859eb90a32d29eeaa3487a7937611a27f
d92b640be887f97636d58b9ebe755bf49ccdbd074fb9ea4be9de6431d7c69b19
d993d894f9713b3d26ccd12fb9bfdd84e48131d1eef5d20d41f1cdc7bcc9c00f
db1546c00f74eeebf9c33f5b47e6e0af0fc9d5443af67777a1143b819b9c0641
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be
de06fea245b0036d21764fcf2b9a4791c0a0f1e927e3916c7d779cb44a1977bd
de1b63b04b142bb4eef4fd7311fc5b56fe61563db26d21bc69b2f7c42fcdd994
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
de83f4b6ad24a16cc04c12e28360d792de5782cc6751201225f4bcf55ec14184
e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f
e168f400859a54ae28705c297c4d347eacbbcfee972a38744b8f9d890022a898
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4882455843074fb8273c6b49bbbf75e7a6e1e8e87796e8271c93851c01245b2
e5961598085066e30fcda4edeba2b5aa3e94bc5852db5dbc1ef1296bc0bc2c56
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e9d0cab69a4c71df7a16b6ee6f99ea474423689c8eadd7aa62ce9cef3a48c395
e9e3652349e81228cb2c0309b3e6a9f23da99f571017f01a984da348ddb4a257
ec78d49b2b09d5cf3886553a1666031c8ed461985d159c4b7f57afd1c09f5a73
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f25e9b27020085f271ce1be3a7070e6179ab186071c0cd81233215703fd8dc03
f37d1ad4ff54c0819a950c6bf692c4294e593e2df41f3ad3f2cd11d281ebead0
f5350725a360d19a3e330d51984da022d8cd7b07dd9ada9d6fbb3faf3cab9c25
f5b29290d3c58d5bf61ac0e4abbc1f7adaf9e2bd9ed456879068725622f0d13d
f84daf0174e2c6f686b5864ff7dafc119dae3c2ca88f213dcbfc3f70b2b39571
f8a645fdd3c341f50060eedabd8998374e051bcda90be3bcb87d31e4f87657e2
fa24e3a6bc02b0873aa869bd39108708d2f1172f9e170271a5b621f9002d24af
fb1589f0619e41e0fa1d0770121be244be9fa07d5a6c5938d5988f9726927307
fb657972079f36258237fd79c9b7cf160c82943f31fe5ff1b0e10be49e27be5b
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
fc57fb7726d7a86c273bebb59f12bc63a69ea93c695f971f73bb035f9bbe928b
fd2879e3b0d373936b3a4f85f24bf5ae631ea76ec7c79b528b53bd4f3ea44de6
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

www.darkreading.com Open in urlscan Pro 2606:4700::6811:7863 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

280 Requests

97 %HTTPS

44 %IPv6

42 Domains

65 Subdomains

61 IPs

6 Countries

5651 kBTransfer

14138 kBSize

42 Cookies

46 Outgoing links

Redirected requests

280 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.darkreading.com Open in urlscan Pro
2606:4700::6811:7863 Public Scan

Screenshot
Live screenshot

Full Image

280
Requests

97 %
HTTPS

44 %
IPv6

42
Domains

65
Subdomains

61
IPs

6
Countries

5651 kB
Transfer

14138 kB
Size

42
Cookies

280 HTTP transactions
10 data transactions