www.sygnia.co Open in urlscan Pro
141.193.213.11  Public Scan

23 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4003889&time=1716516912819&url=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fesxi-ransomware-attacks%2F&tm=gtmv2 HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4003889&time=1716516912819&url=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fesxi-ransomware-attacks%2F&tm=gtmv2&cookiesTest=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4003889&time=1716516912819&url=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fesxi-ransomware-attacks%2F&tm=gtmv2&cookiesTest=true&e_ipv6=AQIZUBQ6MxpvbgAAAY-oYYA1fAkjBbq4AIEv9bCKIireIvlkwdER1osQgok0vodUdtEF8kXC2J0qeyeoIJhDbqyc-ST1ng

Request Chain 86

• https://c.clarity.ms/c.gif HTTP 302
• https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D3DDAC66D6FD4BFC8BCB699BBB98047C&RedC=c.clarity.ms&MXFR=1F2BB9F0D2D469340725AD79D6D4673F HTTP 302
• https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D3DDAC66D6FD4BFC8BCB699BBB98047C&MUID=017625763DB16C1117F231FF3C1B6D71

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
14 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response www.sygnia.co/blog/esxi-ransomware-attacks/	204 KB 32 KB	654ms 605ms	Document text/html	141.193.213.11 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Full URL https://www.sygnia.co/blog/esxi-ransomware-attacks/ Protocol H3 Security QUIC, , AES_128_GCM Server 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / WP Engine Resource Hash 7603abc8c59e0dbf89fe0d2f46fb24776ab13b20cea6db40d8c01fdef246d439 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cache-control max-age=600, must-revalidate cf-cache-status DYNAMIC cf-ray 8889c6c9ec289bf2-FRA content-encoding br content-type text/html; charset=UTF-8 date Fri, 24 May 2024 02:15:12 GMT link <https://www.sygnia.co/wp-json/>; rel="https://api.w.org/" <https://www.sygnia.co/wp-json/wp/v2/posts/3223>; rel="alternate"; type="application/json" <https://www.sygnia.co/?p=3223>; rel=shortlink server cloudflare vary Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie x-cache HIT: 10 x-cache-group normal x-cacheable SHORT x-powered-by WP Engine
GET H2	200	style.min.css sygnia.b-cdn.net/wp-includes/css/dist/block-library/	111 KB 16 KB	109ms 61ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://sygnia.b-cdn.net/wp-includes/css/dist/block-library/style.min.css?ver=0a0d0997e3f8080a81b66a80d65e3dc1 Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/esxi-ransomware-attacks/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT content-encoding br cf-cache-status MISS cdn-edgestorageid 1079 cdn-cachedat 05/21/2024 10:09:02 cdn-pullzone 2091526 alt-svc h3=":443" last-modified Tue, 21 May 2024 09:50:12 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"664c6e54-1bae5" vary Accept-Encoding content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid c737fb98-f208-4fd9-aceb-be987d849faa access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31536000 cdn-requestid 9d68c895c00b6bf0232baf1fed999c86 cf-ray 8873c4c0bafa9299-FRA cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	style.css sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/	7 KB 3 KB	70ms 23ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/style.css?ver=1716454873 Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/esxi-ransomware-attacks/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 4068ecd121480d5fb546c1974025488ad7657c731f383807e51d7e22a0ae4a03 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT content-encoding br cf-cache-status HIT cdn-edgestorageid 1081 age 1911 cdn-cachedat 05/21/2024 10:34:38 cdn-pullzone 2091526 alt-svc h3=":443" last-modified Tue, 21 May 2024 09:54:47 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"664c6f67-1b26" vary Accept-Encoding content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid c737fb98-f208-4fd9-aceb-be987d849faa access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31536000 cdn-requestid 9c22773cbe62f6887eaa52085932a43f cf-ray 8873ea45a97b9a17-FRA cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	start.css sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/	32 KB 7 KB	69ms 21ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/start.css?ver=1716454873 Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/esxi-ransomware-attacks/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash e0f8484362935eb3c7724c5a551611b89f0d22a6c209f4f020fa3e66d1766a81 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT content-encoding br cf-cache-status HIT cdn-edgestorageid 1080 age 1911 cdn-cachedat 05/21/2024 10:34:38 cdn-pullzone 2091526 alt-svc h3=":443" last-modified Tue, 21 May 2024 09:54:47 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"664c6f67-7f2c" vary Accept-Encoding content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid c737fb98-f208-4fd9-aceb-be987d849faa access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31536000 cdn-requestid 32cd869ee33ffd866363f2d0ebf6282f cf-ray 8873ea45880518b3-FRA cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	vendor.css sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/	79 KB 14 KB	87ms 40ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/vendor.css?ver=1716454873 Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/esxi-ransomware-attacks/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash beb3d3261844647f8ad40783030656786f17ac89edcdf556f2e232bc6ac5656e Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT content-encoding br cf-cache-status HIT cdn-edgestorageid 1080 age 1911 cdn-cachedat 05/21/2024 10:34:38 cdn-pullzone 2091526 alt-svc h3=":443" last-modified Tue, 21 May 2024 09:54:48 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"664c6f68-13a7a" vary Accept-Encoding content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid c737fb98-f208-4fd9-aceb-be987d849faa access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31536000 cdn-requestid b9feac93e30a746456472000b6b58dc7 cf-ray 8873ea458a0e2be2-FRA cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	main.css sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/	387 KB 52 KB	87ms 41ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/main.css?ver=1716454873 Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/esxi-ransomware-attacks/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 5ef1ec86440bd5517d008284eec6c36b8283deda9793276bbf464438f7904cb9 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT content-encoding br cf-cache-status HIT cdn-edgestorageid 1081 age 1911 cdn-cachedat 05/21/2024 10:34:38 cdn-pullzone 2091526 alt-svc h3=":443" last-modified Tue, 21 May 2024 09:54:48 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"664c6f68-60b63" vary Accept-Encoding content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid c737fb98-f208-4fd9-aceb-be987d849faa access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31536000 cdn-requestid d83e1d9438926aad603685fa29baf5a3 cf-ray 8873ea458f089f24-FRA cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	jquery.min.js Show response sygnia.b-cdn.net/wp-includes/js/jquery/	86 KB 31 KB	21ms 21ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://sygnia.b-cdn.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/esxi-ransomware-attacks/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT content-encoding br cf-cache-status HIT cdn-edgestorageid 1079 age 1911 cdn-cachedat 05/21/2024 10:34:38 cdn-pullzone 2091526 alt-svc h3=":443" last-modified Tue, 21 May 2024 09:50:12 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"664c6e54-15601" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid c737fb98-f208-4fd9-aceb-be987d849faa cache-control public, max-age=31536000 cdn-requestid 294966241c43b1827b27e1981e560cff cf-ray 8873ea4579d71951-FRA cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	jquery-migrate.min.js Show response sygnia.b-cdn.net/wp-includes/js/jquery/	13 KB 5 KB	20ms 19ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://sygnia.b-cdn.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/esxi-ransomware-attacks/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT content-encoding br cf-cache-status HIT cdn-edgestorageid 1079 age 1910 cdn-cachedat 05/21/2024 10:34:38 cdn-pullzone 2091526 alt-svc h3=":443" last-modified Tue, 21 May 2024 09:50:11 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"664c6e53-3509" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid c737fb98-f208-4fd9-aceb-be987d849faa cache-control public, max-age=31536000 cdn-requestid d63ad64c6ab706a5aae7c652e302d0a1 cf-ray 8873ea4589c99731-FRA cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H3	200	v2.js Show response js.hsforms.net/forms/embed/	482 KB 154 KB	68ms 43ms	Script application/javascript	2606:4700::6812:8d77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hsforms.net/forms/embed/v2.js Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/esxi-ransomware-attacks/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:8d77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f171db8dc0eb7cec86c84ceac278dbf2fbe33770334635a2703186d14f4828b2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-encoding br age 226 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5064/bundles/project-v2.js&cfRay=8889c14b88357a43-FRA x-amz-replication-status COMPLETED x-evy-trace-listener listener_https etag W/"b0047a8901d8ed9f81db3dcb5982114e" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all cache-control s-maxage=600, max-age=300 x-hs-target-asset forms-embed/static-1.5064/bundles/project-v2.js date Fri, 24 May 2024 02:15:12 GMT x-amz-version-id 4lHA5dnNobe4YqKec9CE2kPtPUzRSBNR via 1.1 16d910967d343c8da7828222a653755e.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop IAD12-P3 x-hubspot-correlation-id b293e66c-3c26-45d6-ac21-2e22994094f7 x-cache Hit from cloudfront cache-tag staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod x-envoy-upstream-service-time 1 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-request-id b293e66c-3c26-45d6-ac21-2e22994094f7 last-modified Wed, 03 Apr 2024 11:15:05 UTC server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=goraTOA9tonJw9pokqdUowAcuGli3R5zeNAQbsOufBRuFo6BjJzekKUFYBT%2BD0%2B0d3NLBsaanLRHXxqZeX%2FHdzxsY071GEyFeHYhTNcvqGj7toVTnZbtQ2l5rmz7jKTzbc3dPGrRRTu8UJjn"}],"group":"cf-nel","max_age":604800} x-hs-cache-status HIT x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-68b7f7fbff-rcvgx cf-ray 8889c6cdef391da2-FRA x-amz-cf-id sA8NwAaPA1F7db2Mzo3sfGuNjeb4yf0m2L9kzvP7-4xrMjgwWUywqA==
GET H2	200	8776530.js Show response js.hs-scripts.com/	2 KB 1 KB	365ms 311ms	Script application/javascript	2606:4700::6810:8cd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-scripts.com/8776530.js Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/esxi-ransomware-attacks/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8cd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 747f023885a0420e0719e54abd43ec5d881e0097275c53c0e5101d4d366850a1 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT content-encoding br x-content-type-options nosniff cf-cache-status EXPIRED x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 8079b140-a721-4f7a-8704-034571ebb6d9 x-envoy-upstream-service-time 14 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 8079b140-a721-4f7a-8704-034571ebb6d9 last-modified Fri, 24 May 2024 02:09:34 GMT server cloudflare vary origin, Accept-Encoding access-control-max-age 3600 content-type application/javascript;charset=utf-8 access-control-allow-origin https://www.sygnia.co x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-5d47c8d44f-bz48r access-control-allow-credentials true cache-control public, max-age=90 cf-ray 8889c6cf1c36921a-FRA expires Fri, 24 May 2024 02:16:42 GMT
GET H3	200	main_logo.svg www.sygnia.co/wp-content/uploads/2024/01/	2 KB 1 KB	30ms 30ms	Image image/svg+xml	141.193.213.11 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sygnia.co/wp-content/uploads/2024/01/main_logo.svg Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/esxi-ransomware-attacks/ Protocol H3 Security QUIC, , AES_128_GCM Server 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6d635cb5df71d3b41ecf01e08f469d63957b1f4eaa39944e9787e0a267ae22c9 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/blog/esxi-ransomware-attacks/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT content-encoding br cf-cache-status HIT last-modified Tue, 21 May 2024 16:10:19 GMT server cloudflare age 208335 etag W/"664cc76b-6c1" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 8889c6cdbe499bf2-FRA alt-svc h3=":443"; ma=86400
GET H3	200	icon_info.svg www.sygnia.co/wp-content/uploads/2024/01/	274 B 405 B	31ms 30ms	Image image/svg+xml	141.193.213.11 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sygnia.co/wp-content/uploads/2024/01/icon_info.svg Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/esxi-ransomware-attacks/ Protocol H3 Security QUIC, , AES_128_GCM Server 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 482bfcc25fc36b5ca7cfdbb76380da0a6df7000a0c238edfaa82b1dfaa0d8526 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/blog/esxi-ransomware-attacks/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT content-encoding br cf-cache-status HIT last-modified Tue, 21 May 2024 16:10:19 GMT server cloudflare age 208335 etag W/"664cc76b-112" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 8889c6ceeefe9bf2-FRA alt-svc h3=":443"; ma=86400
GET H3	200	share_item_facebook.svg www.sygnia.co/wp-content/themes/sygnia-theme/images/	284 B 435 B	33ms 32ms	Image image/svg+xml	141.193.213.11 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sygnia.co/wp-content/themes/sygnia-theme/images/share_item_facebook.svg Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/esxi-ransomware-attacks/ Protocol H3 Security QUIC, , AES_128_GCM Server 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash ab45f33a794552f8e14ae66eaf6af4ba0bd9f1cc02896012ff4968fad5a9713b Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/blog/esxi-ransomware-attacks/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT content-encoding br cf-cache-status HIT last-modified Tue, 21 May 2024 16:10:20 GMT server cloudflare age 208273 etag W/"664cc76c-11c" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 8889c6ceeeff9bf2-FRA alt-svc h3=":443"; ma=86400
GET H3	200	share_item_x.svg www.sygnia.co/wp-content/themes/sygnia-theme/images/	321 B 452 B	29ms 28ms	Image image/svg+xml	141.193.213.11 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sygnia.co/wp-content/themes/sygnia-theme/images/share_item_x.svg Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/esxi-ransomware-attacks/ Protocol H3 Security QUIC, , AES_128_GCM Server 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 5bf0b35b5dce9e77690dafd5e5ea233b31e02101cc6a73f5d0416ac114792e35 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/blog/esxi-ransomware-attacks/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT content-encoding br cf-cache-status HIT last-modified Tue, 21 May 2024 16:10:20 GMT server cloudflare age 208273 etag W/"664cc76c-141" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 8889c6ceef009bf2-FRA alt-svc h3=":443"; ma=86400
GET H3	200	share_item_linkedin.svg www.sygnia.co/wp-content/themes/sygnia-theme/images/	516 B 540 B	32ms 31ms	Image image/svg+xml	141.193.213.11 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sygnia.co/wp-content/themes/sygnia-theme/images/share_item_linkedin.svg Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/esxi-ransomware-attacks/ Protocol H3 Security QUIC, , AES_128_GCM Server 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 88934ea7e6d53babd8bae2f0d386a9a8f40104b1fdd9c52e7a62cfe15bb47b63 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/blog/esxi-ransomware-attacks/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT content-encoding br cf-cache-status HIT last-modified Tue, 21 May 2024 16:10:21 GMT server cloudflare age 208273 etag W/"664cc76d-204" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 8889c6ceef019bf2-FRA alt-svc h3=":443"; ma=86400
GET H3	200	share_item_mail.svg www.sygnia.co/wp-content/themes/sygnia-theme/images/	319 B 438 B	33ms 32ms	Image image/svg+xml	141.193.213.11 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sygnia.co/wp-content/themes/sygnia-theme/images/share_item_mail.svg Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/esxi-ransomware-attacks/ Protocol H3 Security QUIC, , AES_128_GCM Server 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash da53520a115493051abcf091908a7515afea76d2c9a707a0493f2021cafd20a3 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/blog/esxi-ransomware-attacks/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT content-encoding br cf-cache-status HIT last-modified Tue, 21 May 2024 16:10:20 GMT server cloudflare age 208273 etag W/"664cc76c-13f" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 8889c6ceef039bf2-FRA alt-svc h3=":443"; ma=86400
GET H3	200	article_card_lines_decor.svg www.sygnia.co/wp-content/themes/sygnia-theme/images/	5 KB 902 B	30ms 30ms	Image image/svg+xml	141.193.213.11 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sygnia.co/wp-content/themes/sygnia-theme/images/article_card_lines_decor.svg Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/esxi-ransomware-attacks/ Protocol H3 Security QUIC, , AES_128_GCM Server 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 03f49a978258eb1f89518f68f6ece0bdf3dde0344349569ee8817b36e7189876 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/blog/esxi-ransomware-attacks/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT content-encoding br cf-cache-status HIT last-modified Tue, 21 May 2024 16:10:20 GMT server cloudflare age 208327 etag W/"664cc76c-12a6" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 8889c6ce1e7f9bf2-FRA alt-svc h3=":443"; ma=86400
GET H3	200	social_linkedin_white.svg www.sygnia.co/wp-content/uploads/2024/05/	530 B 549 B	34ms 33ms	Image image/svg+xml	141.193.213.11 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sygnia.co/wp-content/uploads/2024/05/social_linkedin_white.svg Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/esxi-ransomware-attacks/ Protocol H3 Security QUIC, , AES_128_GCM Server 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash fb6783e593b49bb9261e7639dea5b37b3bbe225c4b3827310940ce752b3b6add Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/blog/esxi-ransomware-attacks/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT content-encoding br cf-cache-status HIT last-modified Tue, 21 May 2024 16:10:14 GMT server cloudflare age 208335 etag W/"664cc766-212" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 8889c6ceef069bf2-FRA alt-svc h3=":443"; ma=86400
GET H3	200	social_x_white.svg www.sygnia.co/wp-content/uploads/2024/05/	346 B 466 B	35ms 34ms	Image image/svg+xml	141.193.213.11 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sygnia.co/wp-content/uploads/2024/05/social_x_white.svg Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/esxi-ransomware-attacks/ Protocol H3 Security QUIC, , AES_128_GCM Server 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 60951d4152b680cf26897b16cf061939b15b33e76066bdaea8a8398703ee5d19 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/blog/esxi-ransomware-attacks/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT content-encoding br cf-cache-status HIT last-modified Tue, 21 May 2024 16:10:15 GMT server cloudflare age 208335 etag W/"664cc767-15a" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 8889c6ceef089bf2-FRA alt-svc h3=":443"; ma=86400
GET H2	200	jquery.selectric.min.js Show response sygnia.b-cdn.net/wp-content/themes/sygnia-theme/scripts/	14 KB 5 KB	23ms 22ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://sygnia.b-cdn.net/wp-content/themes/sygnia-theme/scripts/jquery.selectric.min.js?ver=1.0.89 Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/esxi-ransomware-attacks/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 570131c06e2b9e41ab9917ab39ecb6bbb063c2433abbaff89ea3335c7bd7d5ee Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT content-encoding br cf-cache-status HIT cdn-edgestorageid 1079 age 1910 cdn-cachedat 05/21/2024 10:34:38 cdn-pullzone 2091526 alt-svc h3=":443" last-modified Tue, 21 May 2024 09:50:18 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"664c6e5a-384b" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid c737fb98-f208-4fd9-aceb-be987d849faa cache-control public, max-age=31536000 cdn-requestid 3f755ea587f89ecbbeaf9723c4d46627 cf-ray 8873ea458e6237fb-FRA cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	jquery.mCustomScrollbar.concat.min.js Show response sygnia.b-cdn.net/wp-content/themes/sygnia-theme/scripts/	39 KB 12 KB	21ms 19ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://sygnia.b-cdn.net/wp-content/themes/sygnia-theme/scripts/jquery.mCustomScrollbar.concat.min.js?ver=1.0.89 Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/esxi-ransomware-attacks/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 3ac859f905d1e38eed93ebb76953499f9078693adfeb41668915a47e4acebb1e Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT content-encoding br cf-cache-status HIT cdn-edgestorageid 1079 age 1910 cdn-cachedat 05/21/2024 10:34:38 cdn-pullzone 2091526 alt-svc h3=":443" last-modified Tue, 21 May 2024 09:50:18 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"664c6e5a-9cae" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid c737fb98-f208-4fd9-aceb-be987d849faa cache-control public, max-age=31536000 cdn-requestid eff3222105a48afcc04a01e20a7b899b cf-ray 8873ea458c2d71a9-FRA cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	lazyload.min.js Show response sygnia.b-cdn.net/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/	9 KB 4 KB	22ms 21ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://sygnia.b-cdn.net/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/esxi-ransomware-attacks/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT content-encoding br cf-cache-status HIT cdn-edgestorageid 1081 age 1910 cdn-cachedat 05/21/2024 10:34:38 cdn-pullzone 2091526 alt-svc h3=":443" last-modified Tue, 21 May 2024 09:50:19 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"664c6e5b-22bc" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid c737fb98-f208-4fd9-aceb-be987d849faa cache-control public, max-age=31536000 cdn-requestid 1fa158cbd1dbeabd833fdab11ca1a48e cf-ray 8873ea457fec9bfb-FRA cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	js Show response www.googletagmanager.com/gtag/	329 KB 106 KB	133ms 50ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-3XBPCMRFD6 Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/esxi-ransomware-attacks/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a7c219cecc17cce6d701757382adb30e8a41b1a7b95d05175f6516256b4584e5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 108461 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 24 May 2024 02:15:12 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	326 KB 107 KB	128ms 45ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5L47WTV Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/esxi-ransomware-attacks/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 24f947b895ea25ed9463190a05767fad8a92fa846d53f804e47208d919e957dd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 108703 x-xss-protection 0 last-modified Fri, 24 May 2024 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 24 May 2024 02:15:12 GMT
GET DATA	200 OK	truncated /	70 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f29b60626c07fcb69221ab566d762fb024cc2d9dabb92ff5014a837a2b901b8f Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	70 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e75133915cdcdaa1a96a596d3253abef177fd0d7f9011b1a09f3b09f527f363b Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	69 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7aa22f1345830677872990b5c195b73f0c11cb69ec8d50481fb5f51a486775dc Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	70 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash acfaaf62bff0119246c65258ed4eddfff3758441c562b3726627e377d6939118 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	64 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	253 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8746996314732452443328c9005778a65f59fb3ce23886256f4ce5cc826f36cf Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	685 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6363e009d5233d3a07b75315cea4838f87d86cedef07bc9e7b2fe80b4b6707f3 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	248 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a6d94bba3091f01e612c8a679efbb3eb688b7d20da216fa254a92cecd6572865 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	250 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 04ecc921a16e8836f1479f6b04e16114c1273410eda3be11428581d344afbfdd Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	article_card_lines_decor_huge.svg sygnia.b-cdn.net/wp-content/themes/sygnia-theme/images/	5 KB 1 KB	20ms 20ms	Image image/svg+xml	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://sygnia.b-cdn.net/wp-content/themes/sygnia-theme/images/article_card_lines_decor_huge.svg Requested by Host: sygnia.b-cdn.net URL: https://sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/main.css?ver=1716454873 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash b9859c9773072556f0e8de582865e66fc2ee3a01853385e9b44c3e3a1fa652ef Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/main.css?ver=1716454873 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT content-encoding br cf-cache-status MISS cdn-edgestorageid 1080 cdn-cachedat 05/21/2024 10:35:35 cdn-pullzone 2091526 alt-svc h3=":443" last-modified Tue, 21 May 2024 09:50:18 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"664c6e5a-1268" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cdn-cache HIT cdn-uid c737fb98-f208-4fd9-aceb-be987d849faa cache-control public, max-age=31536000 cdn-requestid 648be12a357d2c23133c73eed04c1cc2 cf-ray 8873eba92cafa01c-FRA cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET DATA	200 OK	truncated /	250 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7ea5fb260d4b5370cf7050e2e921c6a1bd6117d4ae54058649b803177fb6bcd9 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	255 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 65f8b1c674f201983d6930f4670a451f2677db1f2352921ea3ec16d2a00c5d7e Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	250 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash aefdd073a5a00a2b6959db7818278d0fdef8f0ef5d65312542de0d5bd32ca0f7 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	243 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0c9d2afbb789c07d465dddd42752f23d3c74c414f2baa27bc5193bbfdd6f6596 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	ATFFranklinGothic-Medium.otf sygnia.b-cdn.net/wp-content/themes/sygnia-theme/fonts/	97 KB 98 KB	79ms 39ms	Font application/octet-stream	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://sygnia.b-cdn.net/wp-content/themes/sygnia-theme/fonts/ATFFranklinGothic-Medium.otf Requested by Host: sygnia.b-cdn.net URL: https://sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/main.css?ver=1716454873 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 5d47d588556711a601728fc8a6d02c6b4fe8069210b411d2408359fee9a2ed6f Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/main.css?ver=1716454873 Origin https://www.sygnia.co Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT cf-cache-status HIT cdn-edgestorageid 1080 age 530 cdn-cachedat 05/21/2024 10:34:38 cdn-pullzone 2091526 alt-svc h3=":443" content-length 99492 last-modified Tue, 21 May 2024 09:50:18 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 etag "664c6e5a-184a4" content-type application/octet-stream access-control-allow-origin * cdn-cache HIT cdn-uid c737fb98-f208-4fd9-aceb-be987d849faa cache-control public, max-age=31536000 cdn-requestid 982262dc22ae634cddf2c72168a5ae82 accept-ranges bytes cf-ray 8873ea488dac2be2-FRA cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	ATFAlternateGothic-Medium.otf sygnia.b-cdn.net/wp-content/themes/sygnia-theme/fonts/	132 KB 133 KB	102ms 63ms	Font application/octet-stream	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://sygnia.b-cdn.net/wp-content/themes/sygnia-theme/fonts/ATFAlternateGothic-Medium.otf Requested by Host: sygnia.b-cdn.net URL: https://sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/main.css?ver=1716454873 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 7d3d1b5a7db60fd338b0765356fd2813d0d6d9600639845d645c49e2c61e5bf8 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/main.css?ver=1716454873 Origin https://www.sygnia.co Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT cf-cache-status MISS cdn-edgestorageid 1081 cdn-cachedat 05/21/2024 10:35:35 cdn-pullzone 2091526 alt-svc h3=":443" content-length 135264 last-modified Tue, 21 May 2024 09:50:18 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 etag "664c6e5a-21060" content-type application/octet-stream access-control-allow-origin * cdn-cache HIT cdn-uid c737fb98-f208-4fd9-aceb-be987d849faa cache-control public, max-age=31536000 cdn-requestid f871e08e8993985b20e14356f9233d72 accept-ranges bytes cf-ray 8873eba93f619a17-FRA cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	ATFFranklinGothic-Regular.otf sygnia.b-cdn.net/wp-content/themes/sygnia-theme/fonts/	94 KB 94 KB	102ms 63ms	Font application/octet-stream	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://sygnia.b-cdn.net/wp-content/themes/sygnia-theme/fonts/ATFFranklinGothic-Regular.otf Requested by Host: sygnia.b-cdn.net URL: https://sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/main.css?ver=1716454873 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash d893fa560a64242185cfccd40f02e2267432daab306ca89dc8e4176b62d9cf3d Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/main.css?ver=1716454873 Origin https://www.sygnia.co Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT cf-cache-status HIT cdn-edgestorageid 1082 age 530 cdn-cachedat 05/21/2024 10:34:38 cdn-pullzone 2091526 alt-svc h3=":443" content-length 96116 last-modified Tue, 21 May 2024 09:50:18 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 etag "664c6e5a-17774" content-type application/octet-stream access-control-allow-origin * cdn-cache HIT cdn-uid c737fb98-f208-4fd9-aceb-be987d849faa cache-control public, max-age=31536000 cdn-requestid 8da37f7d95eecddb318505a9c29a1482 accept-ranges bytes cf-ray 8873ea48adf6373a-FRA cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	ATFFranklinGothic-Light.otf sygnia.b-cdn.net/wp-content/themes/sygnia-theme/fonts/	94 KB 94 KB	101ms 62ms	Font application/octet-stream	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://sygnia.b-cdn.net/wp-content/themes/sygnia-theme/fonts/ATFFranklinGothic-Light.otf Requested by Host: sygnia.b-cdn.net URL: https://sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/main.css?ver=1716454873 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 6db159af02a213a7d4058f5ffe508392ca8d46478f1ded5a446ef9a0226fe52f Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/main.css?ver=1716454873 Origin https://www.sygnia.co Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT cf-cache-status HIT cdn-edgestorageid 1080 age 530 cdn-cachedat 05/21/2024 10:34:38 cdn-pullzone 2091526 alt-svc h3=":443" content-length 96140 last-modified Tue, 21 May 2024 09:50:18 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 etag "664c6e5a-1778c" content-type application/octet-stream access-control-allow-origin * cdn-cache HIT cdn-uid c737fb98-f208-4fd9-aceb-be987d849faa cache-control public, max-age=31536000 cdn-requestid 2fc8bccc53d60b960de62735e51df28a accept-ranges bytes cf-ray 8873ea488ba618b3-FRA cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	ATFFranklinGothic-Heavy.otf sygnia.b-cdn.net/wp-content/themes/sygnia-theme/fonts/	102 KB 103 KB	101ms 63ms	Font application/octet-stream	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://sygnia.b-cdn.net/wp-content/themes/sygnia-theme/fonts/ATFFranklinGothic-Heavy.otf Requested by Host: sygnia.b-cdn.net URL: https://sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/main.css?ver=1716454873 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash cc2b240009df1ede0c3884229e7e7d14a04752dca62910c215f871188b1c91f0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/main.css?ver=1716454873 Origin https://www.sygnia.co Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT cf-cache-status HIT cdn-edgestorageid 1080 age 530 cdn-cachedat 05/21/2024 10:34:38 cdn-pullzone 2091526 alt-svc h3=":443" content-length 104484 last-modified Tue, 21 May 2024 09:50:18 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 etag "664c6e5a-19824" content-type application/octet-stream access-control-allow-origin * cdn-cache HIT cdn-uid c737fb98-f208-4fd9-aceb-be987d849faa cache-control public, max-age=31536000 cdn-requestid e526b88f53f2ae1a2babc84a80a38dda accept-ranges bytes cf-ray 8873ea489994a01c-FRA cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	ATFFranklinGothic-Bold.otf sygnia.b-cdn.net/wp-content/themes/sygnia-theme/fonts/	100 KB 100 KB	101ms 63ms	Font application/octet-stream	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://sygnia.b-cdn.net/wp-content/themes/sygnia-theme/fonts/ATFFranklinGothic-Bold.otf Requested by Host: sygnia.b-cdn.net URL: https://sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/main.css?ver=1716454873 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 9d205ce526929a67b4b7f36717fd842e28b560d1837d46a552a55988f13fe898 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://sygnia.b-cdn.net/wp-content/cache/min/1/wp-content/themes/sygnia-theme/styles/main.css?ver=1716454873 Origin https://www.sygnia.co Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT cf-cache-status HIT cdn-edgestorageid 1080 age 530 cdn-cachedat 05/21/2024 10:34:38 cdn-pullzone 2091526 alt-svc h3=":443" content-length 102192 last-modified Tue, 21 May 2024 09:50:18 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 etag "664c6e5a-18f30" content-type application/octet-stream access-control-allow-origin * cdn-cache HIT cdn-uid c737fb98-f208-4fd9-aceb-be987d849faa cache-control public, max-age=31536000 cdn-requestid 67736b915b52672e946e65c64f1ad917 accept-ranges bytes cf-ray 8873ea4898481d96-FRA cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H3	200	jquery.mousewheel.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/	3 KB 2 KB	65ms 30ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js Requested by Host: sygnia.b-cdn.net URL: https://sygnia.b-cdn.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 114283 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1046 last-modified Mon, 04 May 2020 16:11:46 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec2-ad3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nMfm9MzHAVoxyUpmb7yYj43aDTCsRO2z0aCFyfwTtuX6UMV1Bu1xyxzn1vkC6uFWQ1kQfR8Mh2sGM%2Bkhp2oJGrzRa8ZTMkVtxVs3hz79AOrJ0NvI481C3hM%2Fr5x4mrDi%2BK%2FDT4Fl3Eo2CpUX9oMYemRC"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 8889c6cf98976937-FRA expires Wed, 14 May 2025 02:15:12 GMT
GET H3	200	json Show response forms.hsforms.com/embed/v3/form/8776530/1ad9c304-415a-4d9d-ba10-a5145c1db1c3/	2 KB 2 KB	167ms 133ms	XHR application/json	2606:4700::6813:afbc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.hsforms.com/embed/v3/form/8776530/1ad9c304-415a-4d9d-ba10-a5145c1db1c3/json?hs_static_app=forms-embed&hs_static_app_version=1.5064&X-HubSpot-Static-App-Info=forms-embed-1.5064 Requested by Host: js.hsforms.net URL: https://js.hsforms.net/forms/embed/v2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6813:afbc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 74a8488d805d4f630d7fddf22962bd05d20655d637a5f1e24fe6a08a1c6350d5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept application/json, text/plain, */* Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-origin-hublet na1 date Fri, 24 May 2024 02:15:12 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC strict-transport-security max-age=31536000; includeSubDomains; preload x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 24eb2362-1549-4e90-974b-916652ed21d2 x-envoy-upstream-service-time 11 alt-svc h3=":443"; ma=86400 content-length 1127 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 24eb2362-1549-4e90-974b-916652ed21d2 server cloudflare vary origin access-control-allow-methods OPTIONS, GET content-type application/json;charset=utf-8 access-control-allow-origin https://www.sygnia.co x-evy-trace-virtual-host all access-control-expose-headers X-Origin-Hublet access-control-max-age 180 access-control-allow-credentials false cache-control max-age=0, no-cache, no-store x-robots-tag none access-control-allow-headers * cf-ray 8889c6cf9b353614-FRA x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-9fd6b4b-kkb7j
GET H3	200	json Show response forms.hsforms.com/embed/v3/form/8776530/1ad9c304-415a-4d9d-ba10-a5145c1db1c3/	2 KB 2 KB	301ms 133ms	XHR application/json	2606:4700::6813:afbc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.hsforms.com/embed/v3/form/8776530/1ad9c304-415a-4d9d-ba10-a5145c1db1c3/json?hs_static_app=forms-embed&hs_static_app_version=1.5064&X-HubSpot-Static-App-Info=forms-embed-1.5064 Requested by Host: js.hsforms.net URL: https://js.hsforms.net/forms/embed/v2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6813:afbc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 55834c3fce24246207399ec307c36f854c23c5419332d8e50e294f7cca83f5d8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept application/json, text/plain, */* Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-origin-hublet na1 date Fri, 24 May 2024 02:15:12 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC strict-transport-security max-age=31536000; includeSubDomains; preload x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 0f13cfde-2528-4f29-acb2-bb54234509eb x-envoy-upstream-service-time 13 alt-svc h3=":443"; ma=86400 content-length 1128 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 0f13cfde-2528-4f29-acb2-bb54234509eb server cloudflare vary origin access-control-allow-methods OPTIONS, GET content-type application/json;charset=utf-8 access-control-allow-origin https://www.sygnia.co x-evy-trace-virtual-host all access-control-expose-headers X-Origin-Hublet access-control-max-age 180 access-control-allow-credentials false cache-control max-age=0, no-cache, no-store x-robots-tag none access-control-allow-headers * cf-ray 8889c6d07b8e3614-FRA x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-9fd6b4b-v96x8
GET H3	200	PPT-images9-2048x1151.jpg.webp www.sygnia.co/wp-content/uploads/2024/05/	70 KB 71 KB	31ms 30ms	Image image/webp	141.193.213.11 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sygnia.co/wp-content/uploads/2024/05/PPT-images9-2048x1151.jpg.webp Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/esxi-ransomware-attacks/ Protocol H3 Security QUIC, , AES_128_GCM Server 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 548860302d8d89f8ecc7346a6add029d29aa3f43e28c5b3e627acc3b619ea268 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/blog/esxi-ransomware-attacks/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT cf-cache-status HIT last-modified Tue, 21 May 2024 17:18:50 GMT server cloudflare age 19036 etag "664cd77a-1196a" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 8889c6cf7f4f9bf2-FRA alt-svc h3=":443"; ma=86400 content-length 72042
GET H2	200	destination Show response www.googletagmanager.com/gtag/	230 KB 82 KB	39ms 37ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-10796050850&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L47WTV Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c48680292dad1740691c4d4b07f84fbee4e1866264ef4677a74562751b803f39 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 84221 x-xss-protection 0 last-modified Fri, 24 May 2024 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 24 May 2024 02:15:12 GMT
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	47 KB 17 KB	125ms 37ms	Script application/javascript	2a02:26f0:3500:16::215:149b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L47WTV Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 06 May 2024 17:20:18 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=63217 accept-ranges bytes content-length 16683
GET H2	200	uwt.js Show response static.ads-twitter.com/	56 KB 15 KB	129ms 40ms	Script application/javascript	146.75.120.157 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.ads-twitter.com/uwt.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L47WTV Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT content-encoding gzip last-modified Fri, 22 Mar 2024 21:07:24 GMT x-amz-server-side-encryption AES256 etag "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip" vary Accept-Encoding,Host x-cache HIT, HIT content-type application/javascript; charset=utf-8 p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" x-tw-cdn FT cache-control no-cache accept-ranges bytes content-length 15412 x-served-by cache-iad-kiad7000168-IAD, cache-fra-etou8220050-FRA
GET H/1.1	200 OK	obtp.js Show response amplify.outbrain.com/cp/	28 KB 9 KB	94ms 29ms	Script application/x-javascript	184.30.17.67 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://amplify.outbrain.com/cp/obtp.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L47WTV Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-17-67.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 3fce4a2d785567f0a8dd59648036d665bb645e438ce6eb2adf164ecce19b3575 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 24 May 2024 02:15:12 GMT Content-Encoding gzip Last-Modified Wed, 22 May 2024 14:18:11 GMT Server AkamaiNetStorage ETag "c8c436ce448d743b9d2866a06b789b64:1716388255.52096" Vary Accept-Encoding Content-Type application/x-javascript X-RG EU Cache-Control max-age=1200 X-CC DE Connection keep-alive Accept-Ranges bytes Content-Length 8559 Expires Fri, 24 May 2024 02:35:12 GMT
GET H2	200	bat.js Show response bat.bing.com/	45 KB 13 KB	103ms 49ms	Script application/javascript	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L47WTV Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Fri, 24 May 2024 02:15:12 GMT last-modified Thu, 29 Feb 2024 19:58:06 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: EB6904BFEF2A453C8EAF97D8FAAE389A Ref B: DUS30EDGE0820 Ref C: 2024-05-24T02:15:12Z etag "01b4e9c496bda1:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 13280
GET H2	200	tags.js Show response tag.clearbitscripts.com/v1/pk_b4fb7f423bd8c1db206dc4c6bf3a9e56/	2 KB 1 KB	300ms 234ms	Script application/javascript	2600:9000:20ae:1000:7:d7d6:3c40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tag.clearbitscripts.com/v1/pk_b4fb7f423bd8c1db206dc4c6bf3a9e56/tags.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L47WTV Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20ae:1000:7:d7d6:3c40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Clearbit / Resource Hash 26289e926f95ac9932d88178c690daf5df8af203ffa3b982657e35b3f72d71ab Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT content-encoding gzip x-content-type-options nosniff x-envoy-response-flags - via 1.1 86f0f41c4d8083f2bfc3d1c3d9719bbc.cloudfront.net (CloudFront) server Clearbit strict-transport-security max-age=63072000; includeSubDomains; preload x-amz-cf-pop MUC50-P5 etag W/"9a419a5608a8efc4f0736c99a790fcb8" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript;charset=utf-8 cache-control private, max-age=600 x-amz-cf-id IwiWl5tmabCHLwFAPfjaW5gyHHaZO5jApZCt_x0nsqydkeFIr4L1aA==
POST H2	204	collect region1.analytics.google.com/g/	0 253 B	83ms 32ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-3XBPCMRFD6&gtm=45je45m0v9100139776z8852649347za200&_p=1716516912452&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1826239302.1716516913&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1716516912&sct=1&seg=0&dl=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fesxi-ransomware-attacks%2F&dt=ESXi%20Ransomware%20Attack%3A%20Evolution%2C%20Impact%2C%20and%20Defense&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1100 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-3XBPCMRFD6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 24 May 2024 02:15:12 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.sygnia.co cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 253 B	93ms 32ms	Ping text/plain	2a00:1450:400c:c00::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3XBPCMRFD6&cid=1826239302.1716516913&gtm=45je45m0v9100139776z8852649347za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-3XBPCMRFD6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 24 May 2024 02:15:12 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.sygnia.co cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	68ms 36ms	Image image/gif	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3XBPCMRFD6&cid=1826239302.1716516913&gtm=45je45m0v9100139776z8852649347za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1886941238 Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/esxi-ransomware-attacks/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 24 May 2024 02:15:12 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	counters.gif forms.hsforms.com/embed/v3/	35 B 882 B	164ms 135ms	Image image/gif	2606:4700::6813:afbc CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1 Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/esxi-ransomware-attacks/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6813:afbc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 8dd0860e-f91b-46eb-9d13-b60afdc4ea1d x-envoy-upstream-service-time 7 alt-svc h3=":443"; ma=86400 content-length 35 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 8dd0860e-f91b-46eb-9d13-b60afdc4ea1d server cloudflare vary origin content-type image/gif x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-9fd6b4b-rbtjd access-control-expose-headers X-Origin-Hublet cache-control max-age=0, no-cache, no-store access-control-allow-credentials false x-robots-tag none cf-ray 8889c6d0ede23659-FRA
GET DATA	200 OK	truncated /	246 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d7780e9c2bb62d651ef56f3d7800e3ef686e424c0c27d9cead2e15b075d28174 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	counters.gif forms-na1.hsforms.com/embed/v3/	35 B 884 B	159ms 129ms	Image image/gif	2606:4700::6813:afbc CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1 Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/esxi-ransomware-attacks/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6813:afbc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 013df97a-8f29-45e5-baf3-4dc96ab5bcf3 x-envoy-upstream-service-time 4 alt-svc h3=":443"; ma=86400 content-length 35 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 013df97a-8f29-45e5-baf3-4dc96ab5bcf3 server cloudflare vary origin content-type image/gif x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-9fd6b4b-v96x8 access-control-expose-headers X-Origin-Hublet cache-control max-age=0, no-cache, no-store access-control-allow-credentials false x-robots-tag none cf-ray 8889c6d1084371a9-FRA
POST H/1.1	200 OK	unifiedPixel tr.outbrain.com/	53 B 513 B	455ms 111ms	Ping image/gif	70.42.32.191 AS-OUTBRAIN
General Check archive.org Show headers Download Go to Full URL https://tr.outbrain.com/unifiedPixel?optOut=false&bust=0749414017624566&referrer=&cht=gtm&marketerId=0022184d276f78b50ef9abadeb48eabd8c&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fesxi-ransomware-attacks%2F&g=1&obApiVersion=2.0-gtm&obtpVersion=2.0.5 Requested by Host: amplify.outbrain.com URL: https://amplify.outbrain.com/cp/obtp.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US), Reverse DNS ny.outbrain.com Software / Resource Hash b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 24 May 2024 02:15:13 GMT content-encoding br Strict-Transport-Security max-age=31536000; includeSubDomains; preload Access-Control-Allow-Methods GET, POST Content-Type image/gif; Access-Control-Allow-Origin https://www.sygnia.co Cache-Control no-cache Access-Control-Allow-Credentials true X-TraceId ecce20edb34a471bc02812436d9650c4 Access-Control-Allow-Headers Content-Type, Authorization Content-Length 54
GET H/1.1	200 OK	cachedClickId Show response tr.outbrain.com/	35 B 293 B	434ms 112ms	Script application/javascript	70.42.32.191 AS-OUTBRAIN
General Check archive.org Show headers Download Go to Full URL https://tr.outbrain.com/cachedClickId?marketerId=0022184d276f78b50ef9abadeb48eabd8c Requested by Host: amplify.outbrain.com URL: https://amplify.outbrain.com/cp/obtp.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US), Reverse DNS ny.outbrain.com Software / Resource Hash 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 24 May 2024 02:15:13 GMT content-encoding br Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-TraceId b7b19eaf319464bcb5cfd60da8ee2166 Content-Length 39 Content-Type application/javascript
GET H/1.1	200 OK	0022184d276f78b50ef9abadeb48eabd8c Show response wave.outbrain.com/mtWavesBundler/handler/	2 B 516 B	90ms 39ms	Script text/html	184.30.17.67 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://wave.outbrain.com/mtWavesBundler/handler/0022184d276f78b50ef9abadeb48eabd8c Requested by Host: amplify.outbrain.com URL: https://amplify.outbrain.com/cp/obtp.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-17-67.deploy.static.akamaitechnologies.com Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Strict-Transport-Security max-age=31536000; includeSubDomains; preload Content-Encoding gzip Date Fri, 24 May 2024 02:15:12 GMT ob-sent-time 1716505184865 ETag W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8" Vary Accept-Encoding Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * X-RG EU Cache-Control max-age=60 X-CC DE Connection keep-alive X-TraceId 9ee6f2164d7845da41d5784793027484 Content-Length 22 Expires Fri, 24 May 2024 02:16:12 GMT
GET H2	200	187039095.js Show response bat.bing.com/p/action/	4 KB 2 KB	46ms 45ms	Script application/javascript	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/187039095.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 213f888fdda0335db8ba19d530207cfff84a89b4efb1e8dba6b436dccc8db309 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br date Fri, 24 May 2024 02:15:12 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 95179F64814D4F4DBA27638774AA65B8 Ref B: DUS30EDGE0820 Ref C: 2024-05-24T02:15:12Z vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript; charset=utf-8 cache-control private,max-age=60
GET H2	204	0 bat.bing.com/action/	0 286 B	67ms 66ms	Image text/plain	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=187039095&Ver=2&mid=5aef86cd-4f56-4a64-9638-7051d279073a&sid=73e26740197311ef83f17d7a8583e79c&vid=73e29870197311efa7e2ab0f5f951c0c&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=ESXi%20Ransomware%20Attack%3A%20Evolution,%20Impact,%20and%20Defense&p=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fesxi-ransomware-attacks%2F&r=&lt=927&evt=pageLoad&sv=1&rn=136106 Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/esxi-ransomware-attacks/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 24 May 2024 02:15:12 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: AC91A5DEF76346509D3560040350A3F5 Ref B: DUS30EDGE0820 Ref C: 2024-05-24T02:15:12Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	8776530.js Show response js.hs-banner.com/	62 KB 17 KB	356ms 304ms	Script text/javascript	2606:4700:4400::ac40:991b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/8776530.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/8776530.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8357f29649e84f900e905ba8f2252a9fb850c60c0315cdcb73a290e04da1694c Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:13 GMT x-amz-version-id h7UXK9G3961jr51Gv.YVsM9cqruvDzBT content-encoding br cf-cache-status REVALIDATED x-amz-request-id ZYZRCNDYS1XB2GN5 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id b90f2df5-26a7-4bc0-9a81-5764359e870a x-envoy-upstream-service-time 18 x-amz-id-2 17Sl8iTPMfE3WdXjT6ZrdaDeaCXwRNV0o9lmF+71lq4HP7d5axZHqiFVDyjz0ZgYtk+XEcibOVvim0IH4Dk5kJ/AYxRa7i5O x-evy-trace-listener listener_https x-request-id b90f2df5-26a7-4bc0-9a81-5764359e870a x-evy-trace-route-configuration listener_https/all last-modified Thu, 16 May 2024 10:06:09 GMT server cloudflare etag W/"68e98560e2517f505f3e87e008a44ce2" access-control-max-age 604800 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type text/javascript; charset=UTF-8 access-control-allow-origin https://www.sygnia.co x-evy-trace-virtual-host all access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300,public access-control-allow-credentials true x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-qr8zh vary origin, Accept-Encoding timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id cf-ray 8889c6d15ee69c12-FRA expires Fri, 24 May 2024 02:20:13 GMT
GET H2	200	web-interactives-embed.js Show response js.hubspot.com/	83 KB 24 KB	188ms 135ms	Script application/javascript	2606:4700::6810:7574 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hubspot.com/web-interactives-embed.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/8776530.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c0b030f67ee6ae82b0593fd142a7c686d47be9fbbcc51e01339a617e1e409870 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Origin https://www.sygnia.co Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-encoding gzip x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1137/bundles/project.js&cfRay=8889c6d16fe4383e-FRA x-amz-replication-status COMPLETED x-evy-trace-listener listener_https etag W/"c42bd937c8222091ef2e0743109bb3ad" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all cache-control max-age=600 x-hs-target-asset web-interactives-embed/static-2.1137/bundles/project.js date Fri, 24 May 2024 02:15:12 GMT x-amz-version-id DtzKic3TQtvOFIwvNcfjwqMuyZIQBGTD x-content-type-options nosniff cf-cache-status EXPIRED via 1.1 68a3b1d5c75429221abc685a453afb60.cloudfront.net (CloudFront) nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop IAD12-P3 x-hubspot-correlation-id 1453ab25-b73a-402e-beac-87c6d7b86a68 x-cache Hit from cloudfront cache-tag staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod x-envoy-upstream-service-time 3 x-evy-trace-route-configuration listener_https/all x-request-id 1453ab25-b73a-402e-beac-87c6d7b86a68 last-modified Tue, 21 May 2024 17:06:05 UTC server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f3%2Bmp9INUNVCgra%2BaEdz%2FMUo9Ysw8iPSS0TBg1xXVQ8owy2z8M6%2BemHYL%2BYIA9yLQXrufgPb3mywqXT3cpC1EcndcntTcvdzxTVq6r%2B6rK8dQrC7ZckIPv%2F126ao3AZo0yFssDxQMegz2Kz2"}],"group":"cf-nel","max_age":604800} x-hs-cache-status HIT x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-68b7f7fbff-qbnbs cf-ray 8889c6d16fe4383e-FRA x-amz-cf-id ebbMgGzIwcCQMdJvDNe7JdCMF62odIy4bAVDfBBP0kYnNQ5Fc_Yweg==
GET H2	200	fb.js Show response js.hsadspixel.net/	6 KB 4 KB	78ms 27ms	Script application/javascript	2606:4700::6811:df98 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hsadspixel.net/fb.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/8776530.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:df98 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 081cf70b8e6c0d1d978f810f4537e84501c1940d54cd19aee0b065fb8fea3c5b Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT x-amz-version-id 3uRfq0xkxtJ5qmNotyFivu_Hfg8U.PRS via 1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status HIT x-amz-cf-pop IAD12-P3 age 516 x-amz-server-side-encryption AES256 x-evy-trace-route-service-name envoyset-translator content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.562/bundles/pixels-release.js&cfRay=8889ba33a9bc921a-FRA x-cache Hit from cloudfront x-hubspot-correlation-id e7afc962-66ed-49f4-9f7d-2247895231b6 cache-tag staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod content-encoding br x-envoy-upstream-service-time 1 x-amz-replication-status COMPLETED x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id e7afc962-66ed-49f4-9f7d-2247895231b6 last-modified Thu, 23 May 2024 14:45:23 UTC server cloudflare etag W/"8c40e1f5f100c96c8a0884459629fdec" vary Accept-Encoding content-type application/javascript; charset=utf-8 x-hs-cache-status HIT x-evy-trace-virtual-host all cache-control max-age=600 x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-68b7f7fbff-tk5t7 cf-ray 8889c6d1682465af-FRA x-amz-cf-id beuPjNrt6LQmK4M2gJRrhdxIk61c4FClOO3VU_M5J5Ni3NGpy0Kf2Q== x-hs-target-asset adsscriptloaderstatic/static-1.562/bundles/pixels-release.js
GET H2	200	8776530.js Show response js.hs-analytics.net/analytics/1716516900000/	67 KB 21 KB	217ms 158ms	Script text/javascript	2606:4700::6811:afc9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-analytics.net/analytics/1716516900000/8776530.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/8776530.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:afc9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7b280545b6ce9ef2e93b3b764f390bf8804e8b37564ea43513d3650b145b40ca Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:13 GMT x-amz-version-id null content-encoding br cf-cache-status MISS x-amz-request-id GCXJZ9T5091ZNJYG x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 5da2931c-b187-4676-88a3-bd6030ecf1aa x-envoy-upstream-service-time 28 x-amz-id-2 stWzof6mA+Mu/hZUX60PhMsBWQINS7jDKc0Ev73iczz26WtXJJQs8nQvMWDdyQGi9MSUKBR3bgo92PBhqcmmrQbFJmwBcUdM x-evy-trace-listener listener_https x-request-id 5da2931c-b187-4676-88a3-bd6030ecf1aa x-evy-trace-route-configuration listener_https/all last-modified Wed, 24 Apr 2024 18:31:30 GMT server cloudflare etag W/"befcb8e0104b6371f17bffb9e8f97913" vary origin, Accept-Encoding content-type text/javascript x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-9fld2 cache-control max-age=300,public access-control-allow-credentials false cf-ray 8889c6d18ea71c20-FRA expires Fri, 24 May 2024 02:20:12 GMT
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 696 B	260ms 197ms	XHR text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Accept * Referer https://www.sygnia.co/ sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: CD2CEEEC167A4484BADD6375A061DC44 Ref B: FRAEDGE1713 Ref C: 2024-05-24T02:15:12Z linkedin-action 1 vary Origin x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 access-control-allow-origin https://www.sygnia.co x-li-proto http/2 access-control-allow-credentials true x-li-uuid AAYZKbzZWDTCssrS46mrRw==
GET H2	200	attribution_trigger Show response px.ads.linkedin.com/	2 B 815 B	284ms 210ms	XHR application/json	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/attribution_trigger?pid=4003889&time=1716516912819&url=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fesxi-ransomware-attacks%2F&tm=gtmv2 Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept * Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:13 GMT content-encoding gzip x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: D532763CB81D411384D69F523A93BBFF Ref B: DUS30EDGE0320 Ref C: 2024-05-24T02:15:12Z access-control-allow-methods GET, OPTIONS x-li-fabric prod-lor1 access-control-allow-origin * x-cache CONFIG_NOCACHE content-type application/json x-li-proto http/2 x-restli-protocol-version 1.0.0 access-control-allow-headers * x-li-uuid AAYZKbzZouDWCgm7I4AYVQ== x-fs-uuid 00061929bcd9a2e0d60a09bb23801855
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4003889&time=1716516912819&url=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fesxi-ransomware-attacks%2F&tm=gtmv2 https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4003889&time=1716516912819&url=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fesxi-ransomware-attacks%2F&tm=gtmv2&cookiesTest=true https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4003889&time=1716516912819&url=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fesxi-ransomware-attacks%2F&tm=gtmv2&cookiesTest=true&e_ipv6=AQIZUBQ6MxpvbgAAA...	0 267 B	319ms 216ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4003889&time=1716516912819&url=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fesxi-ransomware-attacks%2F&tm=gtmv2&cookiesTest=true&e_ipv6=AQIZUBQ6MxpvbgAAAY-oYYA1fAkjBbq4AIEv9bCKIireIvlkwdER1osQgok0vodUdtEF8kXC2J0qeyeoIJhDbqyc-ST1ng Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/esxi-ransomware-attacks/ Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.sygnia.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers date Fri, 24 May 2024 02:15:13 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 23EC81BE09FE4D748480DA1E7DC296E7 Ref B: DUS30EDGE0314 Ref C: 2024-05-24T02:15:13Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-lor1 x-li-proto http/2 content-length 0 x-li-uuid AAYZKbzhjRKxA1U8jFi/rA== Redirect headers date Fri, 24 May 2024 02:15:12 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 805DDCD536594B12AE9E52BD3F86E066 Ref B: FRAEDGE1713 Ref C: 2024-05-24T02:15:13Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4003889&time=1716516912819&url=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fesxi-ransomware-attacks%2F&tm=gtmv2&cookiesTest=true&e_ipv6=AQIZUBQ6MxpvbgAAAY-oYYA1fAkjBbq4AIEv9bCKIireIvlkwdER1osQgok0vodUdtEF8kXC2J0qeyeoIJhDbqyc-ST1ng x-li-proto http/2 content-length 0 x-li-uuid AAYZKbzctuwkvFbWOCALHg==
GET H2	200	adsct t.co/1/i/	43 B 376 B	253ms 203ms	Image image/gif	104.244.42.69 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=d57f9a35-dda0-4cc5-98a6-80d3ecbe658f&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=6c3eea51-dc16-4ee5-97bf-64b3e6936a3b&tw_document_href=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fesxi-ransomware-attacks%2F&tw_iframe_status=0&txn_id=o706g&type=javascript&version=2.3.30 Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/esxi-ransomware-attacks/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.69 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-response-time 179 date Fri, 24 May 2024 02:15:12 GMT strict-transport-security max-age=0 server tsa_o content-type image/gif;charset=utf-8 x-transaction-id 742c2e011a8e1ca3 cache-control no-cache, no-store, max-age=0 perf 7402827104 x-connection-hash 9f83e05f5bbfc20eebd13208b465b64fae9f4b9116e14c1c47edef6e69d7aa98 content-length 43
GET H2	200	adsct analytics.twitter.com/1/i/	43 B 723 B	255ms 200ms	Image image/gif	104.244.42.195 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=d57f9a35-dda0-4cc5-98a6-80d3ecbe658f&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=6c3eea51-dc16-4ee5-97bf-64b3e6936a3b&tw_document_href=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fesxi-ransomware-attacks%2F&tw_iframe_status=0&txn_id=o706g&type=javascript&version=2.3.30 Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/esxi-ransomware-attacks/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.195 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-response-time 180 date Fri, 24 May 2024 02:15:12 GMT strict-transport-security max-age=631138519 server tsa_o content-type image/gif;charset=utf-8 x-transaction-id 6d3622c9681b7374 cache-control no-cache, no-store, max-age=0 perf 7402827104 x-connection-hash 864c7e6ba6fff136c94fe534c2268564a2c48f5e04f9683be1e9209f6af3b6ea content-length 43
GET H2	200	187039095 Show response www.clarity.ms/tag/uet/	828 B 1 KB	214ms 129ms	Script application/x-javascript	2620:1ec:bdf::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/tag/uet/187039095?insights=1 Requested by Host: bat.bing.com URL: https://bat.bing.com/p/action/187039095.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 517e6e9073b2c309d8b300a5746eefb60711adb6dd4f0b1a7dcb40f6dfbf2ea5 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires -1 date Fri, 24 May 2024 02:15:13 GMT x-azure-ref 20240524T021513Z-17c66ffcdbcd4bslhuwq11r35c0000000eeg00000000swms x-cache CONFIG_NOCACHE content-type application/x-javascript cache-control no-cache, no-store accept-ranges bytes content-length 828 request-context appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
GET H2	200	combinedConfigs Show response cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/	433 B 1 KB	144ms 135ms	Fetch application/json	2606:4700::6810:7574 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=8776530&currentUrl=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fesxi-ransomware-attacks%2F Requested by Host: js.hubspot.com URL: https://js.hubspot.com/web-interactives-embed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b4bf8910a202b24bd61be26e28eaa8c5f83a48d78999b2693a9cbdf4c9910cf1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:13 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id b5ee190c-1049-49a8-b61c-442eafffcd85 x-envoy-upstream-service-time 13 content-length 215 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id b5ee190c-1049-49a8-b61c-442eafffcd85 server cloudflare vary origin access-control-allow-methods OPTIONS, GET content-type application/json;charset=utf-8 access-control-allow-origin https://www.sygnia.co x-evy-trace-virtual-host all access-control-max-age 180 access-control-allow-credentials true cache-control max-age=0, no-cache, no-store report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tKsg7WDx7d8N3ycTHNW5icSApjWtCbI0dsYgIgot%2FEHn69TYoJuU5xO0eNAOqa9UFUn7vnneq5jh74ZmJQCwn%2FuQDDm4ed5yc%2FSrgqwyfV4TV7RwfcAAGJYqlR3vXipN%2Bsa7qrgeszTbeXw6TAnBN10HJmvlh%2FNODFo%3D"}],"group":"cf-nel","max_age":604800} x-robots-tag noindex, follow access-control-allow-headers Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent cf-ray 8889c6d25858383e-FRA x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-9fd6b4b-wkkww
GET H2	200	destinations.min.js Show response x.clearbitjs.com/v2/pk_b4fb7f423bd8c1db206dc4c6bf3a9e56/	0 21 B	278ms 215ms	Script application/javascript	3.127.196.46 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://x.clearbitjs.com/v2/pk_b4fb7f423bd8c1db206dc4c6bf3a9e56/destinations.min.js Requested by Host: tag.clearbitscripts.com URL: https://tag.clearbitscripts.com/v1/pk_b4fb7f423bd8c1db206dc4c6bf3a9e56/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.196.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-196-46.eu-central-1.compute.amazonaws.com Software Clearbit / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-envoy-response-flags - server Clearbit content-type application/javascript;charset=utf-8 cache-control private, max-age=600 content-length 0
GET H2	200	tracking.min.js Show response x.clearbitjs.com/v2/pk_b4fb7f423bd8c1db206dc4c6bf3a9e56/	168 KB 45 KB	256ms 194ms	Script application/javascript	3.127.196.46 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://x.clearbitjs.com/v2/pk_b4fb7f423bd8c1db206dc4c6bf3a9e56/tracking.min.js Requested by Host: tag.clearbitscripts.com URL: https://tag.clearbitscripts.com/v1/pk_b4fb7f423bd8c1db206dc4c6bf3a9e56/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.196.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-196-46.eu-central-1.compute.amazonaws.com Software Clearbit / Resource Hash 70ab4589cd875991dcba608ed58a37c165dda5645b767690b14587c7444a38d5 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT content-encoding gzip x-content-type-options nosniff x-envoy-response-flags - server Clearbit strict-transport-security max-age=63072000; includeSubDomains; preload vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control private, max-age=600
GET H2	200	clarity.js Show response www.clarity.ms/s/0.7.32/	61 KB 26 KB	52ms 50ms	Script application/javascript	2620:1ec:bdf::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/s/0.7.32/clarity.js Requested by Host: www.clarity.ms URL: https://www.clarity.ms/tag/uet/187039095?insights=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:13 GMT content-encoding br last-modified Fri, 10 May 2024 17:30:20 GMT etag W/"0x8DC7116DE09E645" vary Accept-Encoding x-azure-ref 20240524T021513Z-17c66ffcdbcd4bslhuwq11r35c0000000eeg00000000swmy content-type application/javascript;charset=utf-8 access-control-allow-origin * x-ms-request-id a195999b-701e-0001-4508-a77107000000 cache-control public, max-age=86400 x-cache TCP_HIT x-ms-version 2018-03-28 x-fd-int-roxy-purgeid 51562430
GET H3	200	counters.gif perf-na1.hsforms.com/embed/v3/	35 B 576 B	140ms 131ms	Image image/gif	2606:4700::6813:afbc CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1 Requested by Host: www.sygnia.co URL: https://www.sygnia.co/blog/esxi-ransomware-attacks/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6813:afbc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:13 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 0a564018-8dc5-42e0-b2e0-6ee6570806a0 x-envoy-upstream-service-time 5 alt-svc h3=":443"; ma=86400 content-length 35 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 0a564018-8dc5-42e0-b2e0-6ee6570806a0 last-modified Fri, 24 May 2024 02:15:13 GMT server cloudflare vary origin, Accept-Encoding content-type image/gif x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-9fd6b4b-nr4kt access-control-expose-headers X-Origin-Hublet cache-control max-age=0, no-cache, no-store access-control-allow-credentials false accept-ranges bytes x-robots-tag none cf-ray 8889c6d3497e71a9-FRA
GET H2	200	json Show response api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/	114 B 1 KB	206ms 136ms	XHR application/json	2606:4700::6812:f16c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=8776530 Requested by Host: js.hsadspixel.net URL: https://js.hsadspixel.net/fb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:f16c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f95beea21004e6e9ebb0833f42a3f497c4b38e06351270eaa32abff79dc94495 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:13 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id c0188853-1c99-4a0f-a3d8-f6b233100b68 content-encoding br x-envoy-upstream-service-time 5 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id c0188853-1c99-4a0f-a3d8-f6b233100b68 server cloudflare vary origin, Accept-Encoding access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type application/json;charset=utf-8 access-control-allow-origin https://www.sygnia.co x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-5d47c8d44f-vpzdp access-control-max-age 180 access-control-allow-credentials false x-evy-trace-virtual-host all report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5z%2BxvpvzqOk%2F9CcsUMCi6ASF0QiTKfRHWtocQaXg%2B8Dy6nR%2Bh2CXr%2BEtyLGP4TevJyUNKAqtcuvVQgWvf0yf%2BW9GuXTRYA3h0uqrmLSHMhfkg1UznYcfa8OUSWjjSPoX%2BunRARxoiWh22FYG"}],"group":"cf-nel","max_age":604800} cf-ray 8889c6d3b8832c16-FRA access-control-allow-headers *
POST H2	200	p Show response app.clearbit.com/v1/	16 B 1 KB	244ms 184ms	XHR application/json	3.127.196.46 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.clearbit.com/v1/p Requested by Host: x.clearbitjs.com URL: https://x.clearbitjs.com/v2/pk_b4fb7f423bd8c1db206dc4c6bf3a9e56/tracking.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.196.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-196-46.eu-central-1.compute.amazonaws.com Software Clearbit / Resource Hash c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain Response headers date Fri, 24 May 2024 02:15:12 GMT content-encoding gzip x-content-type-options nosniff x-envoy-response-flags - server Clearbit strict-transport-security max-age=63072000; includeSubDomains; preload vary Accept-Encoding, Origin access-control-max-age 7200 access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://www.sygnia.co access-control-expose-headers content-security-policy-report-only default-src 'self'; script-src 'unsafe-inline' 'report-sample' 'self' https://browser.sentry-cdn.com https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js https://cdn.clearbit.com https://cdn.segment.com/analytics.js/v1/auzWlbWIBrAsKnGQIiT0X3IjfZyepgW5/analytics.min.js https://checkout.stripe.com https://connect.facebook.net https://edge.fullstory.com/s/fs.js https://fast.appcues.com https://www.google-analytics.com/analytics.js https://x.clearbitjs.com https://cdn.clearbit.com https://*.commandbar.com; style-src 'unsafe-inline' 'report-sample' 'self' https://cdn.clearbit.com https://*.commandbar.com https://fast.appcues.com https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://api.amplitude.com https://*.commandbar.com https://api.segment.io https://checkout.stripe.com https://rs.fullstory.com https://www.google-analytics.com wss://api.appcues.net https://stats.g.doubleclick.net https://sentry.io https://logo.clearbit.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*.commandbar.com https://checkout.stripe.com; img-src 'self' https://*.commandbar.com https://*.stripe.com data: https://cdn.clearbit.com https://images.ctfassets.net https://logo.clearbit.com https://www.facebook.com https://connect.facebook.net https://www.google.com https://unpkg.com/react-flag-kit https://cloudfront.net/v1/avatars https://*.googleusercontent.com; manifest-src 'self'; media-src 'self'; worker-src 'none'; access-control-allow-credentials true content-type application/json
POST H/1.1	204 No Content	collect Show response k.clarity.ms/	0 293 B	612ms 361ms	XHR text/plain	20.96.88.162 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://k.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.32/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept application/x-clarity-gzip Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Access-Control-Allow-Origin https://www.sygnia.co Date Fri, 24 May 2024 02:15:13 GMT Access-Control-Allow-Credentials true Server nginx/1.18.0 (Ubuntu) Connection keep-alive Vary Origin Request-Context appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	47 KB 0	0ms 0ms	Script application/javascript	2a02:26f0:3500:16::215:149b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: js.hsadspixel.net URL: https://js.hsadspixel.net/fb.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:12 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 06 May 2024 17:20:18 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=63217 accept-ranges bytes content-length 16683
GET H2	200	__ptq.gif track.hubspot.com/	45 B 753 B	197ms 145ms	Image image/gif	2606:4700::6810:7574 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=1608735010&v=1.1&a=8776530&rcu=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fesxi-ransomware-attacks%2F&pu=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fesxi-ransomware-attacks%2F&t=ESXi+Ransomware+Attack%3A+Evolution%2C+Impact%2C+and+Defense&cts=1716516913628&vi=285e4196e4daea79244e839b3979243d&nc=true&u=147695848.285e4196e4daea79244e839b3979243d.1716516913626.1716516913626.1716516913626.1&b=147695848.1.1716516913626&pt=0&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:13 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id fbb9a399-d809-41f6-820c-181b8a3bd549 p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 19 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id fbb9a399-d809-41f6-820c-181b8a3bd549 server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4mMT4%2BCq%2BcFxzhnWD0V75WH%2F%2BkYvgLvPlkOcZGInQVLWk2WWgZ5wfT2AUnIcWrf990BQV1LWT%2FFjhKnabsDxkgzFb4V%2FveabNOviv2wYoeP1lgzLQbFubUuhz8ywswPu374WFf2mryK2vlxQnwXs"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-qz296 x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false cf-ray 8889c6d69c646aec-FRA x-robots-tag none
GET H2	200	__ptq.gif track.hubspot.com/	45 B 756 B	201ms 152ms	Image image/gif	2606:4700::6810:7574 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=15&fi=1ad9c304-415a-4d9d-ba10-a5145c1db1c3&fci=afc7eaa0-d2e7-430d-8980-e3422ae14f03&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=1608735010&v=1.1&a=8776530&rcu=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fesxi-ransomware-attacks%2F&pu=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fesxi-ransomware-attacks%2F&t=ESXi+Ransomware+Attack%3A+Evolution%2C+Impact%2C+and+Defense&cts=1716516913628&vi=285e4196e4daea79244e839b3979243d&nc=true&u=147695848.285e4196e4daea79244e839b3979243d.1716516913626.1716516913626.1716516913626.1&b=147695848.1.1716516913626&pt=0&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:13 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 76bb84e4-81df-48e8-8f65-4efd03887c8f p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 16 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 76bb84e4-81df-48e8-8f65-4efd03887c8f server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VGVDkx%2BAhQuAHdoY6CUWLpDshyWp0xy7U5QadLqS1tZkYh7weVm%2Fau%2FWACVSO1sBJ9U0tRPvq0Z1mG2v7kIUNwjI50cJXrgNcHeeauLfGaCcKhd9mNEgTTjJGYJ6boG4%2Fh%2Fd2XQknDFOFImF3FNj"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-d8gbc x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false cf-ray 8889c6d69c626aec-FRA x-robots-tag none
GET H2	200	__ptq.gif track.hubspot.com/	45 B 1 KB	182ms 134ms	Image image/gif	2606:4700::6810:7574 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=15&fi=1ad9c304-415a-4d9d-ba10-a5145c1db1c3&fci=b7fbd6b0-cb43-412a-a94f-880a5c2e0e0b&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=1608735010&v=1.1&a=8776530&rcu=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fesxi-ransomware-attacks%2F&pu=https%3A%2F%2Fwww.sygnia.co%2Fblog%2Fesxi-ransomware-attacks%2F&t=ESXi+Ransomware+Attack%3A+Evolution%2C+Impact%2C+and+Defense&cts=1716516913628&vi=285e4196e4daea79244e839b3979243d&nc=true&u=147695848.285e4196e4daea79244e839b3979243d.1716516913626.1716516913626.1716516913626.1&b=147695848.1.1716516913626&pt=0&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:13 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id d01f394e-a405-40b6-812f-3cba20d34c22 p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 7 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id d01f394e-a405-40b6-812f-3cba20d34c22 server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o9XsQN%2FXbR67kPfqQUqZYxQjXn2A51K4q%2FXV3eS%2FRu%2BLNlGAZqqa9CTU%2Fqa2ayzemWyQYJaestsfhX0afCxndmvdsgkpBRJXlEmMYVbHs%2B32RMEyHPExu6%2FUFUdFRoZM4QgAzo93F%2FdiusdG7DvG"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-djmcg x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false cf-ray 8889c6d69c636aec-FRA x-robots-tag none
GET H2	200	c.gif c.clarity.ms/ Redirect Chain https://c.clarity.ms/c.gif https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D3DDAC66D6FD4BFC8BCB699BBB98047C&RedC=c.clarity.ms&MXFR=1F2BB9F0D2D469340725AD79D6D4673F https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D3DDAC66D6FD4BFC8BCB699BBB98047C&MUID=017625763DB16C1117F231FF3C1B6D71	42 B 441 B	49ms 48ms	Image image/gif	68.219.88.97 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D3DDAC66D6FD4BFC8BCB699BBB98047C&MUID=017625763DB16C1117F231FF3C1B6D71 Protocol H2 Server 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.sygnia.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers pragma no-cache date Fri, 24 May 2024 02:15:13 GMT last-modified Fri, 01 Mar 2024 22:54:48 GMT server Microsoft-IIS/10.0 etag "3e26b762b6cda1:0" x-powered-by ASP.NET content-type image/gif p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control private, no-cache, proxy-revalidate, no-store accept-ranges bytes content-length 42 Redirect headers pragma no-cache date Fri, 24 May 2024 02:15:13 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 66487C3863BA432C91E23943194B821F Ref B: DUS30EDGE0820 Ref C: 2024-05-24T02:15:13Z x-powered-by ASP.NET x-cache CONFIG_NOCACHE p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" location https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D3DDAC66D6FD4BFC8BCB699BBB98047C&MUID=017625763DB16C1117F231FF3C1B6D71 cache-control private, no-cache, proxy-revalidate, no-store content-length 0
GET H3	200	favicon.png www.sygnia.co/wp-content/uploads/2023/12/	436 B 682 B	29ms 29ms	Other image/webp	141.193.213.11 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Full URL https://www.sygnia.co/wp-content/uploads/2023/12/favicon.png Protocol H3 Security QUIC, , AES_128_GCM Server 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash df445b82b8f1b521ce3fd100a095e0325d352c8b7becbc6f01b224e6094ebe09 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/blog/esxi-ransomware-attacks/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:13 GMT cf-cache-status HIT age 208334 cf-polished origFmt=png, origSize=551 content-disposition inline; filename="favicon.webp" alt-svc h3=":443"; ma=86400 content-length 436 cf-bgj imgq:100,h2pri last-modified Tue, 21 May 2024 16:10:20 GMT server cloudflare etag "664cc76c-227" vary Accept content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 8889c6d65b5f9bf2-FRA
GET H3	200	favicon-32x32.png www.sygnia.co/	486 B 737 B	30ms 30ms	Other image/webp	141.193.213.11 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Full URL https://www.sygnia.co/favicon-32x32.png Protocol H3 Security QUIC, , AES_128_GCM Server 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash b3765ce25bc41a6c1daed0c1f6157ea03e37ed4094bff0a008a9437c1442cfdf Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.sygnia.co/blog/esxi-ransomware-attacks/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:15:13 GMT cf-cache-status HIT age 208328 cf-polished origFmt=png, origSize=1121 content-disposition inline; filename="favicon-32x32.webp" alt-svc h3=":443"; ma=86400 content-length 486 cf-bgj imgq:100,h2pri last-modified Tue, 21 May 2024 16:10:11 GMT server cloudflare etag "664cc763-461" vary Accept content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 8889c6d68b859bf2-FRA
POST H/1.1	204 No Content	collect Show response k.clarity.ms/	0 293 B	118ms 118ms	XHR text/plain	20.96.88.162 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://k.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.32/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept application/x-clarity-gzip Referer https://www.sygnia.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Access-Control-Allow-Origin https://www.sygnia.co Date Fri, 24 May 2024 02:15:14 GMT Access-Control-Allow-Credentials true Server nginx/1.18.0 (Ubuntu) Connection keep-alive Vary Origin Request-Context appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78