drdisklab.com Open in urlscan Pro
173.249.12.14 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://lnkd.in/dmVEMZZg
Effective URL:
https://drdisklab.com/blog/conti-ransomware
Submission: On October 13 via manual (October 13th 2021, 11:19:04 am UTC) from TR — Scanned from DE

Summary HTTP 50 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 10 domains to perform 50 HTTP transactions. The main IP is 173.249.12.14, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is drdisklab.com.
TLS certificate: Issued by R3 on September 10th 2021. Valid for: 3 months.

This is the only time drdisklab.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	108.174.10.10 108.174.10.10	14413 (LINKEDIN) (LINKEDIN)
1 1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
33	173.249.12.14 173.249.12.14	51167 (CONTABO) (CONTABO)
1	142.250.184.232 142.250.184.232	15169 (GOOGLE) (GOOGLE)
1	142.250.184.202 142.250.184.202	15169 (GOOGLE) (GOOGLE)
1 2	95.216.228.15 95.216.228.15	24940 (HETZNER-AS) (HETZNER-AS)
9	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
2	172.217.16.142 172.217.16.142	15169 (GOOGLE) (GOOGLE)
1	66.102.1.157 66.102.1.157	15169 (GOOGLE) (GOOGLE)
1	142.250.184.228 142.250.184.228	15169 (GOOGLE) (GOOGLE)
50	9

1 108.174.10.10 (United States) 1 redirects

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-10.fwd.linkedin.com

lnkd.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 173.249.12.14 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi168110.contaboserver.net

drdisklab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.drdisklab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.216.228.15 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.15.228.216.95.clients.your-server.de

static.getbutton.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.142 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f142.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.102.1.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	drdisklab.com drdisklab.com api.drdisklab.com	736 KB
9	gstatic.com fonts.gstatic.com	61 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	getbutton.io 1 redirects static.getbutton.io	85 KB
1	google.com www.google.com	522 B
1	doubleclick.net stats.g.doubleclick.net	459 B
1	googleapis.com fonts.googleapis.com ajax.googleapis.com Failed	1 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
1	linkedin.com 1 redirects www.linkedin.com	2 KB
1	lnkd.in 1 redirects lnkd.in	332 B
50	10

	Domain	Requested by
24	drdisklab.com	drdisklab.com
9	fonts.gstatic.com	fonts.googleapis.com
9	api.drdisklab.com	drdisklab.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	static.getbutton.io	1 redirects drdisklab.com
1	www.google.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	fonts.googleapis.com	drdisklab.com
1	www.googletagmanager.com	drdisklab.com
1	www.linkedin.com	1 redirects
1	lnkd.in	1 redirects
0	ajax.googleapis.com Failed	drdisklab.com
50	12

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.twitter.com
tr.linkedin.com
www.instagram.com
getbutton.io

Subject Issuer	Validity	Valid
drdisklab.com R3	`2021-09-10` - `2021-12-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
api.drdisklab.com R3	`2021-09-28` - `2021-12-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.getbutton.io Sectigo RSA Domain Validation Secure Server CA	`2021-09-09` - `2022-09-25`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 1 frames:

Primary Page: https://drdisklab.com/blog/conti-ransomware
Frame ID: 8683AAC321A24C99575489ACFCD10F24
Requests: 50 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DrDisk Lab | Veri Kurtarma ve Analiz Hizmetleri

Page URL History Show full URLs

https://lnkd.in/dmVEMZZg HTTP 301
https://www.linkedin.com/slink?code=dmVEMZZg HTTP 301
https://drdisklab.com/blog/conti-ransomware Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

MailChimp (Marketing Automation) Expand

Overall confidence: 20%
Detected patterns

<input [^>]*id="mc-email"

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

50
Requests

98 %
HTTPS

0 %
IPv6

10
Domains

12
Subdomains

9
IPs

3
Countries

942 kB
Transfer

1643 kB
Size

6
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://www.facebook.com/drdisklab

Search URL Search Domain Scan URL

URL: http://www.twitter.com/drdisklab

Search URL Search Domain Scan URL

URL: https://tr.linkedin.com/company/drdisklab

Search URL Search Domain Scan URL

URL: http://www.instagram.com/drdisklab

Search URL Search Domain Scan URL

URL: http://getbutton.io/?utm_campaign=multy_widget&utm_medium=widget&utm_source=drdisklab.com
Title: GetButton

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://lnkd.in/dmVEMZZg HTTP 301
https://www.linkedin.com/slink?code=dmVEMZZg HTTP 301
https://drdisklab.com/blog/conti-ransomware Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://static.getbutton.io/widget-send-button/js/init.js HTTP 302
https://static.getbutton.io/widget/bundle.js

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request conti-ransomware Show response
drdisklab.com/blog/
Redirect Chain

https://lnkd.in/dmVEMZZg
https://www.linkedin.com/slink?code=dmVEMZZg
https://drdisklab.com/blog/conti-ransomware

39 KB
10 KB

458ms
410ms

Document
text/html

173.249.12.14
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://drdisklab.com/blog/conti-ransomware
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 173.249.12.14 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi168110.contaboserver.net
Software: Apache/2.4.50 (Ubuntu) /
Resource Hash: ac9f9bb6b52a5d73f147f15716b6b4dcc237264e3ac70560694027a8b956c663

Request headers

Host: drdisklab.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Wed, 13 Oct 2021 11:18:58 GMT
Server: Apache/2.4.50 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9781
Keep-Alive: timeout=60, max=500
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

cache-control: no-cache, no-store
pragma: no-cache
content-encoding: gzip
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://drdisklab.com/blog/conti-ransomware
vary: Accept-Encoding
set-cookie: bcookie="v=2&de852b81-9d11-4d38-8bbb-bd67d89ff35f"; domain=.linkedin.com; Path=/; Secure; Expires=Fri, 13-Oct-2023 22:56:30 GMT; SameSite=None bscookie="v=1&2021101311185893e9cdb0-f2a3-4c3d-8193-2f00342e1677AQFw3GPw7s40rHchmZFkTkq7krl0SnnA"; domain=.www.linkedin.com; Path=/; Secure; Expires=Fri, 13-Oct-2023 22:56:30 GMT; HttpOnly; SameSite=None lidc="b=TGST03:s=T:r=T:a=T:p=T:g=2581:u=1:x=1:i=1634123938:t=1634210338:v=2:sig=AQFhMMSD3T77GhehF19KsKixAZDZ4t-o"; Expires=Thu, 14 Oct 2021 11:18:58 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?f=l
x-frame-options: sameorigin
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-esv5
x-li-proto: http/2
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-uuid: MeyxbhCTrRbAqgpYryoAAA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: C763D7B450244DCDB191C51F9DB19230 Ref B: PRG01EDGE1106 Ref C: 2021-10-13T11:18:58Z
date: Wed, 13 Oct 2021 11:18:58 GMT

GET
H/1.1 200
OK bootstrap.min.css
drdisklab.com/css/ 118 KB
20 KB 17ms
17ms Stylesheet
text/css 173.249.12.14
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://drdisklab.com/css/bootstrap.min.css
Requested by: Host: drdisklab.com
URL: https://drdisklab.com/blog/conti-ransomware
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 173.249.12.14 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi168110.contaboserver.net
Software: Apache/2.4.50 (Ubuntu) /
Resource Hash: eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: drdisklab.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://drdisklab.com/blog/conti-ransomware
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://drdisklab.com/blog/conti-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:18:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Mar 2021 21:10:15 GMT
Server: Apache/2.4.50 (Ubuntu)
ETag: "1d9ac-5bc942926e1d7-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60, max=499
Content-Length: 19751

GET
H/1.1 200
OK font-awesome.min.css
drdisklab.com/css/ 28 KB
7 KB 36ms
18ms Stylesheet
text/css 173.249.12.14
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://drdisklab.com/css/font-awesome.min.css
Requested by: Host: drdisklab.com
URL: https://drdisklab.com/blog/conti-ransomware
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 173.249.12.14 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi168110.contaboserver.net
Software: Apache/2.4.50 (Ubuntu) /
Resource Hash: 008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: drdisklab.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://drdisklab.com/blog/conti-ransomware
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://drdisklab.com/blog/conti-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:18:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Mar 2021 21:10:15 GMT
Server: Apache/2.4.50 (Ubuntu)
ETag: "7187-5bc942931133a-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60, max=498
Content-Length: 6666

GET
H/1.1 200
OK icon-styles.css
drdisklab.com/css/ 8 KB
2 KB 31ms
11ms Stylesheet
text/css 173.249.12.14
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://drdisklab.com/css/icon-styles.css
Requested by: Host: drdisklab.com
URL: https://drdisklab.com/blog/conti-ransomware
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 173.249.12.14 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi168110.contaboserver.net
Software: Apache/2.4.50 (Ubuntu) /
Resource Hash: 07931da74c2769f5e4b6e405ccb1670bec4c6ed0a2fe85f59fa8e12a695a46e4

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: drdisklab.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://drdisklab.com/blog/conti-ransomware
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://drdisklab.com/blog/conti-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:18:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Jun 2021 11:52:28 GMT
Server: Apache/2.4.50 (Ubuntu)
ETag: "1e9f-5c42bacf62efb-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60, max=500
Content-Length: 1403

GET
H/1.1 200
OK animate.css
drdisklab.com/css/ 56 KB
5 KB 32ms
12ms Stylesheet
text/css 173.249.12.14
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://drdisklab.com/css/animate.css
Requested by: Host: drdisklab.com
URL: https://drdisklab.com/blog/conti-ransomware
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 173.249.12.14 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi168110.contaboserver.net
Software: Apache/2.4.50 (Ubuntu) /
Resource Hash: 59a1460df6cb458204ec993345ff4964fa7e1a77da4ab7137e50fce8434c1d6a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: drdisklab.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://drdisklab.com/blog/conti-ransomware
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://drdisklab.com/blog/conti-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:18:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Mar 2021 21:10:16 GMT
Server: Apache/2.4.50 (Ubuntu)
ETag: "df07-5bc942936cffb-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60, max=500
Content-Length: 4344

GET
H/1.1 200
OK owl.carousel.css
drdisklab.com/css/ 5 KB
1 KB 33ms
11ms Stylesheet
text/css 173.249.12.14
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://drdisklab.com/css/owl.carousel.css
Requested by: Host: drdisklab.com
URL: https://drdisklab.com/blog/conti-ransomware
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 173.249.12.14 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi168110.contaboserver.net
Software: Apache/2.4.50 (Ubuntu) /
Resource Hash: dd7b97c7ad9d7b3eb79bdc728bcbc6a7ab8e3d5db0421fb0dd16d34f3dc88277

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: drdisklab.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://drdisklab.com/blog/conti-ransomware
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://drdisklab.com/blog/conti-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:18:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Mar 2021 21:10:16 GMT
Server: Apache/2.4.50 (Ubuntu)
ETag: "1206-5bc94293bd13d-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60, max=500
Content-Length: 1103

GET
H/1.1 200
OK venobox.css
drdisklab.com/css/ 7 KB
2 KB 35ms
13ms Stylesheet
text/css 173.249.12.14
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://drdisklab.com/css/venobox.css
Requested by: Host: drdisklab.com
URL: https://drdisklab.com/blog/conti-ransomware
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 173.249.12.14 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi168110.contaboserver.net
Software: Apache/2.4.50 (Ubuntu) /
Resource Hash: 1248ca87d73e6d515bd463792ad9bf57eac387bc8e83af38370d15f7118c7be0

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: drdisklab.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://drdisklab.com/blog/conti-ransomware
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://drdisklab.com/blog/conti-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:18:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Mar 2021 21:10:16 GMT
Server: Apache/2.4.50 (Ubuntu)
ETag: "1ddc-5bc94293cea7d-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60, max=500
Content-Length: 1366

GET
H/1.1 200
OK styles.css
drdisklab.com/css/ 93 KB
14 KB 37ms
14ms Stylesheet
text/css 173.249.12.14
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://drdisklab.com/css/styles.css
Requested by: Host: drdisklab.com
URL: https://drdisklab.com/blog/conti-ransomware
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 173.249.12.14 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi168110.contaboserver.net
Software: Apache/2.4.50 (Ubuntu) /
Resource Hash: 51d25c9d266c91621bdea8db241b5a1c2a99f4cf3f8798fe422db9887425e160

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: drdisklab.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://drdisklab.com/blog/conti-ransomware
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://drdisklab.com/blog/conti-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:18:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Jun 2021 11:50:45 GMT
Server: Apache/2.4.50 (Ubuntu)
ETag: "172a7-5c42ba6d2f24f-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60, max=500
Content-Length: 13598

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 95 KB
38 KB 83ms
41ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-197749982-1

Requested by

Host: drdisklab.com
URL: https://drdisklab.com/blog/conti-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

fb08b99d6394d891da2f17d42c114e58d7213302157e6bdae7d004542ab9e59b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://drdisklab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 11:18:59 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38669
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 13 Oct 2021 11:18:59 GMT

GET
H/1.1 403
Forbidden loader.gif
drdisklab.com/images/ 279 B
279 B 12ms
11ms Image
text/html 173.249.12.14
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drdisklab.com/images/loader.gif
Requested by: Host: drdisklab.com
URL: https://drdisklab.com/blog/conti-ransomware
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 173.249.12.14 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi168110.contaboserver.net
Software: Apache/2.4.50 (Ubuntu) /
Resource Hash: c491b075a2dd8448a4bec1cb0af900f62f66baea0e2104f10e07735e11e7f7d0

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: drdisklab.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://drdisklab.com/blog/conti-ransomware
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://drdisklab.com/blog/conti-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:18:59 GMT
Server: Apache/2.4.50 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=60, max=498
Content-Length: 279
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK logo1_f5c06aae69.png
api.drdisklab.com/uploads/ 3 KB
3 KB 79ms
23ms Image
image/png 173.249.12.14
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.drdisklab.com/uploads/logo1_f5c06aae69.png

Requested by

Host: drdisklab.com
URL: https://drdisklab.com/blog/conti-ransomware

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

173.249.12.14 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi168110.contaboserver.net

Software

Apache/2.4.50 (Ubuntu) / Strapi <strapi.io>

Resource Hash

fb3befbc9aa77f9990935d539cfe176e69e5cc6f666356c538cd6571db05b3a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://drdisklab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Response-Time: 8ms
Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 api.drdisklab.com (Apache/2.4.50)
Last-Modified: Sat, 13 Mar 2021 19:22:05 GMT
Server: Apache/2.4.50 (Ubuntu)
X-Frame-Options: SAMEORIGIN
X-Powered-By: Strapi <strapi.io>
Vary: Origin
Content-Type: image/png
Cache-Control: max-age=0
Date: Wed, 13 Oct 2021 11:18:59 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60, max=500
Content-Length: 2716

GET
H/1.1 200
OK indir_bf90de2729.jpg
api.drdisklab.com/uploads/ 7 KB
7 KB 80ms
23ms Image
image/jpeg 173.249.12.14
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.drdisklab.com/uploads/indir_bf90de2729.jpg

Requested by

Host: drdisklab.com
URL: https://drdisklab.com/blog/conti-ransomware

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

173.249.12.14 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi168110.contaboserver.net

Software

Apache/2.4.50 (Ubuntu) / Strapi <strapi.io>

Resource Hash

14d9dcbf80a11e27b5b9ff811a62b1f674a19d3aa8b522ac81ff3a22b1d846d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://drdisklab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Response-Time: 5ms
Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 api.drdisklab.com (Apache/2.4.50)
Last-Modified: Tue, 12 Oct 2021 16:35:23 GMT
Server: Apache/2.4.50 (Ubuntu)
X-Frame-Options: SAMEORIGIN
X-Powered-By: Strapi <strapi.io>
Vary: Origin
Content-Type: image/jpeg
Cache-Control: max-age=0
Date: Wed, 13 Oct 2021 11:18:59 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60, max=500
Content-Length: 6692

GET
H/1.1 200
OK file_folder_encrypted_by_conti_ransomware_virus_1024x576_8bb05097b3.jpg
api.drdisklab.com/uploads/ 23 KB
23 KB 100ms
20ms Image
image/jpeg 173.249.12.14
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.drdisklab.com/uploads/file_folder_encrypted_by_conti_ransomware_virus_1024x576_8bb05097b3.jpg

Requested by

Host: drdisklab.com
URL: https://drdisklab.com/blog/conti-ransomware

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

173.249.12.14 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi168110.contaboserver.net

Software

Apache/2.4.50 (Ubuntu) / Strapi <strapi.io>

Resource Hash

aeb9b102b35be11f3e800c066afa0f013fa811620c85e2cf05a983b677ea5d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://drdisklab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Response-Time: 7ms
Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 api.drdisklab.com (Apache/2.4.50)
Last-Modified: Tue, 12 Oct 2021 15:05:37 GMT
Server: Apache/2.4.50 (Ubuntu)
X-Frame-Options: SAMEORIGIN
X-Powered-By: Strapi <strapi.io>
Vary: Origin
Content-Type: image/jpeg
Cache-Control: max-age=0
Date: Wed, 13 Oct 2021 11:18:59 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60, max=499
Content-Length: 23519

GET
H/1.1 200
OK conti_ransomware_ransom_note_132afc4f9c.jpg
api.drdisklab.com/uploads/ 21 KB
21 KB 96ms
23ms Image
image/jpeg 173.249.12.14
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.drdisklab.com/uploads/conti_ransomware_ransom_note_132afc4f9c.jpg

Requested by

Host: drdisklab.com
URL: https://drdisklab.com/blog/conti-ransomware

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

173.249.12.14 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi168110.contaboserver.net

Software

Apache/2.4.50 (Ubuntu) / Strapi <strapi.io>

Resource Hash

68c7dc02c8d62f4cf29efd969b4fbc4c74d44d838a04f8ee18af22030dc0c597

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://drdisklab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Response-Time: 5ms
Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 api.drdisklab.com (Apache/2.4.50)
Last-Modified: Tue, 12 Oct 2021 14:48:11 GMT
Server: Apache/2.4.50 (Ubuntu)
X-Frame-Options: SAMEORIGIN
X-Powered-By: Strapi <strapi.io>
Vary: Origin
Content-Type: image/jpeg
Cache-Control: max-age=0
Date: Wed, 13 Oct 2021 11:18:59 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60, max=499
Content-Length: 21324

GET
H/1.1 200
OK data_leak_site_2edb4d24c7.jpg
api.drdisklab.com/uploads/ 88 KB
88 KB 122ms
27ms Image
image/jpeg 173.249.12.14
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.drdisklab.com/uploads/data_leak_site_2edb4d24c7.jpg

Requested by

Host: drdisklab.com
URL: https://drdisklab.com/blog/conti-ransomware

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

173.249.12.14 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi168110.contaboserver.net

Software

Apache/2.4.50 (Ubuntu) / Strapi <strapi.io>

Resource Hash

4c7f8e4610a7e799c66c24a5fa8187eb0b5be058fdbfb64565c1eeeed245991c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://drdisklab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Response-Time: 6ms
Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 api.drdisklab.com (Apache/2.4.50)
Last-Modified: Tue, 12 Oct 2021 16:09:42 GMT
Server: Apache/2.4.50 (Ubuntu)
X-Frame-Options: SAMEORIGIN
X-Powered-By: Strapi <strapi.io>
Vary: Origin
Content-Type: image/jpeg
Cache-Control: max-age=0
Date: Wed, 13 Oct 2021 11:18:59 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60, max=498
Content-Length: 89940

GET
H/1.1 200
OK Screenshot_2021_02_10_at_10_51_10_1_26889fb76b.png
api.drdisklab.com/uploads/ 353 KB
353 KB 125ms
27ms Image
image/png 173.249.12.14
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.drdisklab.com/uploads/Screenshot_2021_02_10_at_10_51_10_1_26889fb76b.png

Requested by

Host: drdisklab.com
URL: https://drdisklab.com/blog/conti-ransomware

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

173.249.12.14 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi168110.contaboserver.net

Software

Apache/2.4.50 (Ubuntu) / Strapi <strapi.io>

Resource Hash

1e27b6709bea0ccdd1803e416fe060d261e5a22009d69dd13de8a2536f534ece

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://drdisklab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Response-Time: 3ms
Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 api.drdisklab.com (Apache/2.4.50)
Last-Modified: Tue, 12 Oct 2021 16:16:15 GMT
Server: Apache/2.4.50 (Ubuntu)
X-Frame-Options: SAMEORIGIN
X-Powered-By: Strapi <strapi.io>
Vary: Origin
Content-Type: image/png
Cache-Control: max-age=0
Date: Wed, 13 Oct 2021 11:18:59 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60, max=498
Content-Length: 361063

GET
H/1.1 200
OK Ekrk_Re_KXUA_As35u_578bb74390.png
api.drdisklab.com/uploads/ 20 KB
20 KB 85ms
17ms Image
image/png 173.249.12.14
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.drdisklab.com/uploads/Ekrk_Re_KXUA_As35u_578bb74390.png

Requested by

Host: drdisklab.com
URL: https://drdisklab.com/blog/conti-ransomware

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

173.249.12.14 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi168110.contaboserver.net

Software

Apache/2.4.50 (Ubuntu) / Strapi <strapi.io>

Resource Hash

383f48ff9ed57363fef6a99ac29a2fba48efb2bf4c6d852ef694585f00c1c629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://drdisklab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Response-Time: 5ms
Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 api.drdisklab.com (Apache/2.4.50)
Last-Modified: Tue, 12 Oct 2021 16:32:37 GMT
Server: Apache/2.4.50 (Ubuntu)
X-Frame-Options: SAMEORIGIN
X-Powered-By: Strapi <strapi.io>
Vary: Origin
Content-Type: image/png
Cache-Control: max-age=0
Date: Wed, 13 Oct 2021 11:18:59 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60, max=497
Content-Length: 20362

GET
H/1.1 200
OK contisaldirimetodu_83d1b2fed9.png
api.drdisklab.com/uploads/ 18 KB
18 KB 109ms
24ms Image
image/png 173.249.12.14
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.drdisklab.com/uploads/contisaldirimetodu_83d1b2fed9.png

Requested by

Host: drdisklab.com
URL: https://drdisklab.com/blog/conti-ransomware

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

173.249.12.14 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi168110.contaboserver.net

Software

Apache/2.4.50 (Ubuntu) / Strapi <strapi.io>

Resource Hash

074d11a6412e23316ebfba4a5352e390745de1f028c82d49d5493648ed8945ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://drdisklab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Response-Time: 8ms
Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 api.drdisklab.com (Apache/2.4.50)
Last-Modified: Tue, 12 Oct 2021 15:34:20 GMT
Server: Apache/2.4.50 (Ubuntu)
X-Frame-Options: SAMEORIGIN
X-Powered-By: Strapi <strapi.io>
Vary: Origin
Content-Type: image/png
Cache-Control: max-age=0
Date: Wed, 13 Oct 2021 11:18:59 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60, max=496
Content-Length: 17928

GET
H/1.1 200
OK footerlogo_95f47a287c.png
api.drdisklab.com/uploads/ 3 KB
3 KB 82ms
20ms Image
image/png 173.249.12.14
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.drdisklab.com/uploads/footerlogo_95f47a287c.png

Requested by

Host: drdisklab.com
URL: https://drdisklab.com/blog/conti-ransomware

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

173.249.12.14 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi168110.contaboserver.net

Software

Apache/2.4.50 (Ubuntu) / Strapi <strapi.io>

Resource Hash

9c3ca65d07db0e4225ec3bdcf8e2c46b22128f489cac1390f0231df99ed1bbd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://drdisklab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Response-Time: 10ms
Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 api.drdisklab.com (Apache/2.4.50)
Last-Modified: Sat, 13 Mar 2021 19:22:35 GMT
Server: Apache/2.4.50 (Ubuntu)
X-Frame-Options: SAMEORIGIN
X-Powered-By: Strapi <strapi.io>
Vary: Origin
Content-Type: image/png
Cache-Control: max-age=0
Date: Wed, 13 Oct 2021 11:18:59 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60, max=497
Content-Length: 2915

GET
H/1.1 200
OK jquery.min.js Show response
drdisklab.com/js/ 95 KB
33 KB 16ms
16ms Script
application/javascript 173.249.12.14
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://drdisklab.com/js/jquery.min.js
Requested by: Host: drdisklab.com
URL: https://drdisklab.com/blog/conti-ransomware
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 173.249.12.14 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi168110.contaboserver.net
Software: Apache/2.4.50 (Ubuntu) /
Resource Hash: 974466ff89325a9423f526e5d0f40d874aa0611e811ce7f8ce9e739e679373f6

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: drdisklab.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://drdisklab.com/blog/conti-ransomware
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://drdisklab.com/blog/conti-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:18:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Mar 2021 21:10:32 GMT
Server: Apache/2.4.50 (Ubuntu)
ETag: "17b9e-5bc942a283517-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60, max=497
Content-Length: 33769

GET
H/1.1 200
OK bootstrap.min.js Show response
drdisklab.com/js/ 36 KB
10 KB 12ms
12ms Script
application/javascript 173.249.12.14
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://drdisklab.com/js/bootstrap.min.js
Requested by: Host: drdisklab.com
URL: https://drdisklab.com/blog/conti-ransomware
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 173.249.12.14 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi168110.contaboserver.net
Software: Apache/2.4.50 (Ubuntu) /
Resource Hash: 2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: drdisklab.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://drdisklab.com/blog/conti-ransomware
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://drdisklab.com/blog/conti-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:18:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Mar 2021 21:10:31 GMT
Server: Apache/2.4.50 (Ubuntu)
ETag: "9004-5bc942a1eee14-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60, max=499
Content-Length: 9765

GET
H/1.1 200
OK wow.min.js Show response
drdisklab.com/js/ 5 KB
2 KB 12ms
11ms Script
application/javascript 173.249.12.14
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://drdisklab.com/js/wow.min.js
Requested by: Host: drdisklab.com
URL: https://drdisklab.com/blog/conti-ransomware
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 173.249.12.14 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi168110.contaboserver.net
Software: Apache/2.4.50 (Ubuntu) /
Resource Hash: bf5756b42791ad1d693196b5b2e57e93a387d45dee7ba02322a001c451b8df05

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: drdisklab.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://drdisklab.com/blog/conti-ransomware
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://drdisklab.com/blog/conti-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:18:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Mar 2021 21:10:31 GMT
Server: Apache/2.4.50 (Ubuntu)
ETag: "12a8-5bc942a210155-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60, max=498
Content-Length: 1701

GET
H/1.1 200
OK jquery.backTop.min.js Show response
drdisklab.com/js/ 1 KB
843 B 11ms
10ms Script
application/javascript 173.249.12.14
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://drdisklab.com/js/jquery.backTop.min.js
Requested by: Host: drdisklab.com
URL: https://drdisklab.com/blog/conti-ransomware
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 173.249.12.14 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi168110.contaboserver.net
Software: Apache/2.4.50 (Ubuntu) /
Resource Hash: cd5601a502f987e7469ceb6b4ffe8b67b26859a17c4f502f44666b266fbe48fb

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: drdisklab.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://drdisklab.com/blog/conti-ransomware
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://drdisklab.com/blog/conti-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:18:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Mar 2021 21:10:33 GMT
Server: Apache/2.4.50 (Ubuntu)
ETag: "5e5-5bc942a3767ba-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60, max=497
Content-Length: 492

GET
H/1.1 200
OK waypoints.min.js Show response
drdisklab.com/js/ 8 KB
3 KB 10ms
10ms Script
application/javascript 173.249.12.14
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://drdisklab.com/js/waypoints.min.js
Requested by: Host: drdisklab.com
URL: https://drdisklab.com/blog/conti-ransomware
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 173.249.12.14 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi168110.contaboserver.net
Software: Apache/2.4.50 (Ubuntu) /
Resource Hash: a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: drdisklab.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://drdisklab.com/blog/conti-ransomware
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://drdisklab.com/blog/conti-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:18:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Mar 2021 21:10:32 GMT
Server: Apache/2.4.50 (Ubuntu)
ETag: "1f6c-5bc942a28e0f7-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60, max=496
Content-Length: 2617

GET
H/1.1 200
OK waypoints-sticky.min.js Show response
drdisklab.com/js/ 1 KB
953 B 14ms
13ms Script
application/javascript 173.249.12.14
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://drdisklab.com/js/waypoints-sticky.min.js
Requested by: Host: drdisklab.com
URL: https://drdisklab.com/blog/conti-ransomware
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 173.249.12.14 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi168110.contaboserver.net
Software: Apache/2.4.50 (Ubuntu) /
Resource Hash: 431a3df036fd5b33e5a102c949c13fa29afabb10bcc9cd4dd1c346f637f9f17e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: drdisklab.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://drdisklab.com/blog/conti-ransomware
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://drdisklab.com/blog/conti-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:18:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Mar 2021 21:10:31 GMT
Server: Apache/2.4.50 (Ubuntu)
ETag: "430-5bc942a23dfb6-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60, max=496
Content-Length: 602

GET
H/1.1 200
OK owl.carousel.min.js Show response
drdisklab.com/js/ 39 KB
11 KB 17ms
15ms Script
application/javascript 173.249.12.14
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://drdisklab.com/js/owl.carousel.min.js
Requested by: Host: drdisklab.com
URL: https://drdisklab.com/blog/conti-ransomware
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 173.249.12.14 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi168110.contaboserver.net
Software: Apache/2.4.50 (Ubuntu) /
Resource Hash: 83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: drdisklab.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://drdisklab.com/blog/conti-ransomware
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://drdisklab.com/blog/conti-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:18:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Mar 2021 21:10:33 GMT
Server: Apache/2.4.50 (Ubuntu)
ETag: "9dd1-5bc942a3767ba-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60, max=499
Content-Length: 10522

GET
H/1.1 200
OK jquery.stellar.min.js Show response
drdisklab.com/js/ 12 KB
4 KB 14ms
12ms Script
application/javascript 173.249.12.14
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://drdisklab.com/js/jquery.stellar.min.js
Requested by: Host: drdisklab.com
URL: https://drdisklab.com/blog/conti-ransomware
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 173.249.12.14 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi168110.contaboserver.net
Software: Apache/2.4.50 (Ubuntu) /
Resource Hash: 1dd583c8ff8eaeeb2f5622845527acbf0e4a875e335b4b706b305590d5a7b456

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: drdisklab.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://drdisklab.com/blog/conti-ransomware
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://drdisklab.com/blog/conti-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:18:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Mar 2021 21:10:33 GMT
Server: Apache/2.4.50 (Ubuntu)
ETag: "3135-5bc942a41991d-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60, max=499
Content-Length: 3398

GET
H/1.1 200
OK jquery.counterup.min.js Show response
drdisklab.com/js/ 1 KB
928 B 13ms
11ms Script
application/javascript 173.249.12.14
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://drdisklab.com/js/jquery.counterup.min.js
Requested by: Host: drdisklab.com
URL: https://drdisklab.com/blog/conti-ransomware
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 173.249.12.14 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi168110.contaboserver.net
Software: Apache/2.4.50 (Ubuntu) /
Resource Hash: 26d40f8ffdf1b9bf286a954c6888a33cda0cd031e802d821fe0c0562e379ae29

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: drdisklab.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://drdisklab.com/blog/conti-ransomware
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://drdisklab.com/blog/conti-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:18:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Mar 2021 21:10:32 GMT
Server: Apache/2.4.50 (Ubuntu)
ETag: "42b-5bc942a321859-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60, max=499
Content-Length: 577

GET
H/1.1 200
OK venobox.min.js Show response
drdisklab.com/js/ 6 KB
2 KB 14ms
12ms Script
application/javascript 173.249.12.14
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://drdisklab.com/js/venobox.min.js
Requested by: Host: drdisklab.com
URL: https://drdisklab.com/blog/conti-ransomware
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 173.249.12.14 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi168110.contaboserver.net
Software: Apache/2.4.50 (Ubuntu) /
Resource Hash: 775a108cf523afc6872c23869cca79e5c18027b1c8043c7d27db40308f9ad5fd

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: drdisklab.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://drdisklab.com/blog/conti-ransomware
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://drdisklab.com/blog/conti-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:18:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Mar 2021 21:10:32 GMT
Server: Apache/2.4.50 (Ubuntu)
ETag: "1657-5bc942a2d6538-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60, max=499
Content-Length: 2006

GET
H/1.1 200
OK custom-scripts.js Show response
drdisklab.com/js/ 9 KB
2 KB 11ms
10ms Script
application/javascript 173.249.12.14
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://drdisklab.com/js/custom-scripts.js
Requested by: Host: drdisklab.com
URL: https://drdisklab.com/blog/conti-ransomware
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 173.249.12.14 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi168110.contaboserver.net
Software: Apache/2.4.50 (Ubuntu) /
Resource Hash: 63f06a06afb77e3b17256b96246e5645a01d289bea84d700571bb67f98c2bfce

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: drdisklab.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://drdisklab.com/blog/conti-ransomware
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://drdisklab.com/blog/conti-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:18:59 GMT
Content-Encoding: gzip
Last-Modified: Sun, 11 Jul 2021 17:58:25 GMT
Server: Apache/2.4.50 (Ubuntu)
ETag: "22b7-5c6dcc05b564f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60, max=498
Content-Length: 2175

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 37ms
16ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700

Requested by

Host: drdisklab.com
URL: https://drdisklab.com/css/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

4806fbf823b46dcffd67e4cf0580f77b9e436dc2657d2ccaed92d79ca6159082

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://drdisklab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:39:35 GMT
server: ESF
date: Wed, 13 Oct 2021 11:18:59 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Wed, 13 Oct 2021 11:18:59 GMT

GET jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 0
0

GET
H/1.1

200
OK

bundle.js Show response
static.getbutton.io/widget/
Redirect Chain

https://static.getbutton.io/widget-send-button/js/init.js
https://static.getbutton.io/widget/bundle.js

266 KB
85 KB

60ms
60ms

Script
application/javascript

95.216.228.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getbutton.io/widget/bundle.js
Requested by: Host: drdisklab.com
URL: https://drdisklab.com/blog/conti-ransomware
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.216.228.15 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.15.228.216.95.clients.your-server.de
Software: nginx/1.16.0 /
Resource Hash: cfb62d0ee56f68d7f6c106f7b52b659906631372992c1c6c39a38d2c698b7f9f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://drdisklab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:18:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Oct 2021 09:21:58 GMT
Server: nginx/1.16.0
ETag: W/"615ebc36-4281f"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=10800
Connection: keep-alive
Expires: Wed, 13 Oct 2021 14:18:59 GMT

Redirect headers

Location: https://static.getbutton.io/widget/bundle.js
Date: Wed, 13 Oct 2021 11:18:59 GMT
Server: nginx/1.16.0
Connection: keep-alive
Content-Length: 145
Content-Type: text/html

GET
H/1.1 403
Forbidden veri-kurtarma.jpg
drdisklab.com/images/ 279 B
279 B 10ms
10ms Image
text/html 173.249.12.14
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drdisklab.com/images/veri-kurtarma.jpg
Requested by: Host: drdisklab.com
URL: https://drdisklab.com/blog/conti-ransomware
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 173.249.12.14 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi168110.contaboserver.net
Software: Apache/2.4.50 (Ubuntu) /
Resource Hash: c491b075a2dd8448a4bec1cb0af900f62f66baea0e2104f10e07735e11e7f7d0

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: drdisklab.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://drdisklab.com/blog/conti-ransomware
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://drdisklab.com/blog/conti-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:18:59 GMT
Server: Apache/2.4.50 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=60, max=497
Content-Length: 279
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 403
Forbidden footer-bg.jpg
drdisklab.com/images/ 279 B
279 B 13ms
13ms Image
text/html 173.249.12.14
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drdisklab.com/images/footer-bg.jpg
Requested by: Host: drdisklab.com
URL: https://drdisklab.com/css/styles.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 173.249.12.14 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi168110.contaboserver.net
Software: Apache/2.4.50 (Ubuntu) /
Resource Hash: c491b075a2dd8448a4bec1cb0af900f62f66baea0e2104f10e07735e11e7f7d0

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: drdisklab.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://drdisklab.com/css/styles.css
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://drdisklab.com/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:18:59 GMT
Server: Apache/2.4.50 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=60, max=497
Content-Length: 279
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK linea-basic-10.woff
drdisklab.com/fonts/ 12 KB
12 KB 15ms
13ms Font
font/woff 173.249.12.14
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://drdisklab.com/fonts/linea-basic-10.woff
Requested by: Host: drdisklab.com
URL: https://drdisklab.com/css/icon-styles.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 173.249.12.14 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi168110.contaboserver.net
Software: Apache/2.4.50 (Ubuntu) /
Resource Hash: 3f660cf145f6ee7ae270ea3f8e737b2353c7978c1b0de1b5d97684ddd0673db9

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://drdisklab.com
Accept-Encoding: gzip, deflate, br
Host: drdisklab.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://drdisklab.com/css/icon-styles.css
Connection: keep-alive
Referer: https://drdisklab.com/css/icon-styles.css
Origin: https://drdisklab.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:18:59 GMT
Last-Modified: Tue, 02 Mar 2021 21:10:20 GMT
Server: Apache/2.4.50 (Ubuntu)
ETag: "2fe4-5bc942975ec4b"
Content-Type: font/woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60, max=495
Content-Length: 12260

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 49ms
22ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

3834f0a520d623453cdb6b03b88331bc0394367eb18809f1037ea18c699ebded

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://drdisklab.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 08:02:56 GMT
x-content-type-options: nosniff
age: 443763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7848
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:23 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 08 Oct 2022 08:02:56 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 48ms
22ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://drdisklab.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 22:04:31 GMT
x-content-type-options: nosniff
age: 566068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7988
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 06 Oct 2022 22:04:31 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 47ms
20ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://drdisklab.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 17:53:46 GMT
x-content-type-options: nosniff
age: 62713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7776
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 12 Oct 2022 17:53:46 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
drdisklab.com/fonts/ 55 KB
56 KB 20ms
12ms Font
font/woff2 173.249.12.14
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://drdisklab.com/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: drdisklab.com
URL: https://drdisklab.com/css/font-awesome.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 173.249.12.14 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi168110.contaboserver.net
Software: Apache/2.4.50 (Ubuntu) /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://drdisklab.com
Accept-Encoding: gzip, deflate, br
Host: drdisklab.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://drdisklab.com/css/font-awesome.min.css
Connection: keep-alive
Referer: https://drdisklab.com/css/font-awesome.min.css
Origin: https://drdisklab.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:18:59 GMT
Last-Modified: Tue, 02 Mar 2021 21:10:20 GMT
Server: Apache/2.4.50 (Ubuntu)
ETag: "ddcc-5bc942974272a"
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60, max=495
Content-Length: 56780

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 40ms
14ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://drdisklab.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 04:13:09 GMT
x-content-type-options: nosniff
age: 111950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Oct 2022 04:13:09 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2
fonts.gstatic.com/s/poppins/v15/ 5 KB
5 KB 26ms
13ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

c5014bc291cc9b56d9f11547d9814ab1acc30793e09c0974ca0779badded5562

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://drdisklab.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 04:03:30 GMT
x-content-type-options: nosniff
age: 112529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5396
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:47 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Oct 2022 04:03:30 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1JlFc-K.woff2
fonts.gstatic.com/s/poppins/v15/ 5 KB
5 KB 30ms
19ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLDz8Z1JlFc-K.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

c1304cbfa7bedd386c7e80c75708876a46d6cf870828cecc9d02ed631f303ca4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://drdisklab.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:50:27 GMT
x-content-type-options: nosniff
age: 174512
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5488
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 11 Oct 2022 10:50:27 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1JlFc-K.woff2
fonts.gstatic.com/s/poppins/v15/ 5 KB
5 KB 34ms
24ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1JlFc-K.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

81f808ca766112a73497cdf7cd4224e27063c394f07b12b7d7a5e0599c19f37e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://drdisklab.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 18:10:14 GMT
x-content-type-options: nosniff
age: 580125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5480
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 06 Oct 2022 18:10:14 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJnecmNE.woff2
fonts.gstatic.com/s/poppins/v15/ 5 KB
6 KB 12ms
12ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJnecmNE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

738cb7aba1703ee4705776436452858e9832ef81847f0f646ed83949c7763c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://drdisklab.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 13:23:32 GMT
x-content-type-options: nosniff
age: 597327
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5504
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 06 Oct 2022 13:23:32 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 21ms
20ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://drdisklab.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 12:19:14 GMT
x-content-type-options: nosniff
age: 428385
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7832
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:48 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 08 Oct 2022 12:19:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 60ms
17ms Script
text/javascript 172.217.16.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-197749982-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f142.1e100.net

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://drdisklab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 28 Sep 2021 21:34:48 GMT
server: Golfe2
age: 4673
date: Wed, 13 Oct 2021 10:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19887
expires: Wed, 13 Oct 2021 12:01:06 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
205 B 24ms
23ms XHR
text/plain 172.217.16.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=1191436736&t=pageview&_s=1&dl=https%3A%2F%2Fdrdisklab.com%2Fblog%2Fconti-ransomware&ul=en-us&de=UTF-8&dt=DrDisk%20Lab%20%7C%20Veri%20Kurtarma%20ve%20Analiz%20Hizmetleri&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=868655896&gjid=1763348539&cid=1373015738.1634123940&tid=UA-197749982-1&_gid=1991856786.1634123940&_r=1&gtm=2ouab0&z=887444313

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f142.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://drdisklab.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 11:18:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://drdisklab.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
459 B 43ms
14ms XHR
text/plain 66.102.1.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-197749982-1&cid=1373015738.1634123940&jid=868655896&gjid=1763348539&_gid=1991856786.1634123940&_u=YEBAAUAAAAAAAC~&z=1214811685

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://drdisklab.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 13 Oct 2021 11:18:59 GMT
content-type: text/plain
access-control-allow-origin: https://drdisklab.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 72ms
37ms Image
image/gif 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-197749982-1&cid=1373015738.1634123940&jid=868655896&_u=YEBAAUAAAAAAAC~&z=1600834299

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://drdisklab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 11:18:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.linkedin.com/	1970-01-20 15:27:17	Name: bcookie Value: "v=2&de852b81-9d11-4d38-8bbb-bd67d89ff35f"
.www.linkedin.com/	1970-01-20 15:27:17	Name: bscookie Value: "v=1&2021101311185893e9cdb0-f2a3-4c3d-8193-2f00342e1677AQFw3GPw7s40rHchmZFkTkq7krl0SnnA"
.linkedin.com/	1970-01-19 21:56:50	Name: lidc Value: "b=TGST03:s=T:r=T:a=T:p=T:g=2581:u=1:x=1:i=1634123938:t=1634210338:v=2:sig=AQFhMMSD3T77GhehF19KsKixAZDZ4t-o"
.drdisklab.com/	1970-01-20 15:26:35	Name: _ga Value: GA1.2.1373015738.1634123940
.drdisklab.com/	1970-01-19 21:56:50	Name: _gid Value: GA1.2.1991856786.1634123940
.drdisklab.com/	1970-01-19 21:55:23	Name: _gat_gtag_UA_197749982_1 Value: 1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://drdisklab.com/blog/conti-ransomware Message: Mixed Content: The page at 'https://drdisklab.com/blog/conti-ransomware' was loaded over HTTPS, but requested an insecure script 'http://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://drdisklab.com/images/loader.gif Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://drdisklab.com/images/veri-kurtarma.jpg Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://drdisklab.com/images/footer-bg.jpg Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.drdisklab.com
drdisklab.com
fonts.googleapis.com
fonts.gstatic.com
lnkd.in
static.getbutton.io
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.linkedin.com
ajax.googleapis.com
108.174.10.10
13.107.42.14
142.250.184.202
142.250.184.228
142.250.184.232
142.250.185.131
172.217.16.142
173.249.12.14
66.102.1.157
95.216.228.15
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
074d11a6412e23316ebfba4a5352e390745de1f028c82d49d5493648ed8945ac
07931da74c2769f5e4b6e405ccb1670bec4c6ed0a2fe85f59fa8e12a695a46e4
1248ca87d73e6d515bd463792ad9bf57eac387bc8e83af38370d15f7118c7be0
14d9dcbf80a11e27b5b9ff811a62b1f674a19d3aa8b522ac81ff3a22b1d846d6
1dd583c8ff8eaeeb2f5622845527acbf0e4a875e335b4b706b305590d5a7b456
1e27b6709bea0ccdd1803e416fe060d261e5a22009d69dd13de8a2536f534ece
26d40f8ffdf1b9bf286a954c6888a33cda0cd031e802d821fe0c0562e379ae29
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
3834f0a520d623453cdb6b03b88331bc0394367eb18809f1037ea18c699ebded
383f48ff9ed57363fef6a99ac29a2fba48efb2bf4c6d852ef694585f00c1c629
3f660cf145f6ee7ae270ea3f8e737b2353c7978c1b0de1b5d97684ddd0673db9
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
431a3df036fd5b33e5a102c949c13fa29afabb10bcc9cd4dd1c346f637f9f17e
4806fbf823b46dcffd67e4cf0580f77b9e436dc2657d2ccaed92d79ca6159082
4c7f8e4610a7e799c66c24a5fa8187eb0b5be058fdbfb64565c1eeeed245991c
51d25c9d266c91621bdea8db241b5a1c2a99f4cf3f8798fe422db9887425e160
59a1460df6cb458204ec993345ff4964fa7e1a77da4ab7137e50fce8434c1d6a
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
63f06a06afb77e3b17256b96246e5645a01d289bea84d700571bb67f98c2bfce
68c7dc02c8d62f4cf29efd969b4fbc4c74d44d838a04f8ee18af22030dc0c597
738cb7aba1703ee4705776436452858e9832ef81847f0f646ed83949c7763c53
775a108cf523afc6872c23869cca79e5c18027b1c8043c7d27db40308f9ad5fd
81f808ca766112a73497cdf7cd4224e27063c394f07b12b7d7a5e0599c19f37e
83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91
974466ff89325a9423f526e5d0f40d874aa0611e811ce7f8ce9e739e679373f6
9c3ca65d07db0e4225ec3bdcf8e2c46b22128f489cac1390f0231df99ed1bbd2
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ac9f9bb6b52a5d73f147f15716b6b4dcc237264e3ac70560694027a8b956c663
aeb9b102b35be11f3e800c066afa0f013fa811620c85e2cf05a983b677ea5d96
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
bf5756b42791ad1d693196b5b2e57e93a387d45dee7ba02322a001c451b8df05
c1304cbfa7bedd386c7e80c75708876a46d6cf870828cecc9d02ed631f303ca4
c491b075a2dd8448a4bec1cb0af900f62f66baea0e2104f10e07735e11e7f7d0
c5014bc291cc9b56d9f11547d9814ab1acc30793e09c0974ca0779badded5562
cd5601a502f987e7469ceb6b4ffe8b67b26859a17c4f502f44666b266fbe48fb
cfb62d0ee56f68d7f6c106f7b52b659906631372992c1c6c39a38d2c698b7f9f
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
dd7b97c7ad9d7b3eb79bdc728bcbc6a7ab8e3d5db0421fb0dd16d34f3dc88277
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb08b99d6394d891da2f17d42c114e58d7213302157e6bdae7d004542ab9e59b
fb3befbc9aa77f9990935d539cfe176e69e5cc6f666356c538cd6571db05b3a1
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

drdisklab.com Open in urlscan Pro 173.249.12.14 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

98 %HTTPS

0 %IPv6

10 Domains

12 Subdomains

9 IPs

3 Countries

942 kBTransfer

1643 kBSize

6 Cookies

5 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

drdisklab.com Open in urlscan Pro
173.249.12.14 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

98 %
HTTPS

0 %
IPv6

10
Domains

12
Subdomains

9
IPs

3
Countries

942 kB
Transfer

1643 kB
Size

6
Cookies

50 HTTP transactions
0 data transactions